Bystack 470
Uploaded by
mivaleria200Bystack 470
Uploaded by
mivaleria200Title page
Nortel Application Gateway 2000
Nortel Application Gateway Release 6.3
Administration Guide
Configuration and Operation
Document Number: NN42360-600
Document Release: Standard 04.03
Date: February 2009
Year Publish FCC TM
Copyright © 2006—2009 Nortel Networks. All Rights Reserved.
Sourced in Canada
LEGAL NOTICE
While the information in this document is believed to be accurate and reliable, except as otherwise expressly
agreed to in writing NORTEL PROVIDES THIS DOCUMENT "AS IS" WITHOUT WARRANTY OR CONDITION
OF ANY KIND, EITHER EXPRESS OR IMPLIED. The information and/or products described in this document
are subject to change without notice.
Nortel, the Nortel logo, the Globemark, SL-1, Meridian 1, and Succession are trademarks of Nortel Networks.
All other trademarks are the property of their respective owners.
Contents
Preface ix
CHAPTER 1 Application Gateway Overview 1
Introduction to Voice Applications 1
Licensing 2
The Licensing Process 3
Changes that Impact Licensing 4
Licensing and Clusters 5
Security 5
Capacity 6
Application Gateway 2000 Cluster Capacity Guidelines 6
Application Gateway 2000 Single System Capacity Guidelines 7
Other Capacity Guidelines 7
Implementation Workflow 8
CHAPTER 2 Basic Administration 9
Using the Administration Tool 9
Downloading Product Documentation 11
Setting the System Date and Time 11
Changing the Root Administrator Password 13
Using the Serial Console 13
Managing Licenses 14
Prerequisites for Obtaining a License 15
Guidelines 15
Uploading License Files 16
Viewing License Information 17
Changing the License Status of an IP Phone 19
Generating a Secure Certificate 20
Overview of the Certificate Signing Request 21
Installing the Cygwin UNIX Environment for Windows 22
Generating a CSR 23
Unencrypting the Private Key 24
Application Gateway Administration Guide iii
Contents
Converting to a PEM-Formatted Certificate 25
Combining the Private Key with the Signed Certificate 26
Generating Trusted Certificates for Multiple Levels 26
Uploading a Certificate to the Application Gateway 28
Upgrading the Application Gateway Software 28
Reinstalling the Application Gateway Software 29
Saving and Restoring the Configuration 30
Restarting the Application Gateway 31
Shutting Down the Application Gateway 31
CHAPTER 3 Network Connection Configuration 33
Prerequisites 33
Configuring Network Interface Settings 34
Configuring Ports 35
Specifying DNS Settings 36
Adding Host Aliases 36
Configuring Routes 37
Configuring Dynamic Routing 37
Adding, Testing, and Removing a Static Route 39
Static Route Example 40
Creating an Application Gateway Cluster 42
Cluster Prerequisites 43
Creating a Cluster 44
Maintaining a Cluster 45
CHAPTER 4 Voice Office Configuration Requirements 47
Voice Office Application Prerequisites 47
Configuring the Voice Office Menu 48
Setting the Language of the Voice Office User Interface 49
Configuring Communication between the Phones and Application
Gateway 49
iv Application Gateway Administration Guide
Contents
Configuring the Application Gateway Port for Phone
Communication 49
Configuring a DHCP Server 50
Configuring Individual Phones 51
Configuring GXAS Phone Failover to a Redundant Application
Gateway 52
Configuring Secure Communications and Full Screen Operation for
IP Phone 2007 53
Setting Up SIP Speakers with the Application Gateway 54
Configuring Atlas Sound SIP Speakers 55
Requirements 55
DHCP Setup 56
Configuration File Setup 56
How SIP Speakers Register with the Application Gateway 58
Enabling Automatic Dialing 59
Specifying a Source for Phone IP-to-DN Mappings 59
Deployment Notes 60
Configuring Phone IP Address Mapping 61
CSV File Format Specifications 63
Displaying Screensavers on Nortel IP Phones 2007, 1120E, and 1140E 64
Enabling Multicasting for Zone Pages 66
CHAPTER 5 LDAP/CSV Directory Configuration 69
Express Directory Overview 70
Express Directory Features 71
Configuring the Application Gateway to Use LDAP Directories 72
Specifying LDAP Attributes for Voice Office Operations 76
Looking Up Attributes in Your LDAP Directory 79
Configuring the Application Gateway to Use Directory Files in CSV
Format 82
CSV File Format Specifications 85
Adding Dialing Rules 86
Synchronizing the Application Gateway with Your Directories 89
Application Gateway Administration Guide v
Contents
CHAPTER 6 Broadcast Server Installation 91
Overview of Broadcast Server 92
Network Deployment 92
Subscriber and Distribution List Source 93
Broadcast Server Operation with Clusters 94
Hardware and Software Overview 95
Software Server Requirements 95
Installing Broadcast Server Software 96
Microsoft IIS Configuration 96
Broadcast Server Software Installation 98
Connecting the Application Gateway and Broadcast Server 99
Synchronizing the Broadcast Server and Application Gateway
Clocks 100
Confirming Installation and Configuration 100
CHAPTER 7 Zone Paging Configuration 103
Overview of Zone Paging 104
Network Deployment 105
Zone List Source 105
Paging Setup and Operation with Clusters 106
Managing Paging Zones 107
Viewing Extensions in an Imported Zone 107
Adding and Changing Custom Zones 108
CHAPTER 8 Configuring Access Services 113
Planning Access Services 113
Deployment Workflow 114
Configuring Access Services 115
Web Services Specifications and Testing 118
Web Pages and Images 119
Supported HTML Tags 120
Supported HTTP 1.1 Features 121
CSS Properties Supported 123
URL Syntax for Telephony Operations 124
vi Application Gateway Administration Guide
Contents
Card Reader Data Retrieval Calls 125
Web Application Emulator for Access Services 125
Example Web Application 126
Home Page 127
Room Service Order 128
Concierge Service Request 131
Flight Status 134
Daily Bulletin 137
RSS News Feed 139
CHAPTER 8 Logging and Monitoring Application Gateway Operations 145
Configuring and Working with System Logs 145
Interpreting the System Log 147
Broadcast Server 148
Call Server synchronization for IP/DN mapping 148
CSV synchronization for IP/DN mapping 150
LDAP 150
Licensing 151
Socket listeners 152
Enabling and Viewing SNMP and Health Logs 152
Viewing the W3C-Formatted HTTP Request Log 152
Enabling and Viewing SNMP Logs 153
Enabling and Viewing Health Logs 154
Monitoring Application Gateway Operations 155
CHAPTER 9 Troubleshooting 159
General Issues (Hardware, Licenses, Certificates) 159
Connectivity Issues 161
Express Directory 162
Broadcast Server 163
Zone Paging 167
INDEX 169
Application Gateway Administration Guide vii
Contents
viii Application Gateway Administration Guide
Preface
This preface describes who should read the Application Gateway
Administration Guide, how it is organized, and related documentation.
Audience
This guide is intended for system administrators responsible for
connecting the Application Gateway to a network and configuring its
operation for voice applications as well as for connected devices (call
server, directory servers, and so on).
This document assumes that the Application Gateway has been installed
according to the Application Gateway Quick Start Guide and that the
administrator has experience configuring networks and an understanding
of call servers and their protocols.
Organization
This guide is organized as follows:
Chapter Title Description
Chapter 1 Overview Provides a conceptual background to Application
Gateway operation with voice applications.
Chapter 2 Basic Administration Describes general Application Gateway
administration tasks and describes how to use the
Administration Tool interface and serial console.
Chapter 3 Network Connection Describes how to connect Application Gateways to
Configuration your network and specify network settings such as
ports, DNS servers, and dynamic or static routes.
Application Gateway Administration Guide ix
Chapter Title Description
Chapter 4 Voice Office Explains the configuration requirements that apply
Configuration to all or multiple Voice Office applications. Also
Requirements describes how to customize the Voice Office menu.
Chapter 5 LDAP/CSV Directory Describes how to the configure LDAP and/or CSV
Configuration directory sources used for voice applications.
Chapter 6 Broadcast Server Unlike other Voice Office applications, Broadcast
Installation Server runs on a separate Windows server,
connected to the Application Gateway. This
chapter describes how to install and test Broadcast
Server. For configuration and usage information,
refer to the Broadcast Server User Guide.
Chapter 7 Zone Paging Describes how to configure and manage paging
Configuration zones.
Chapter 8 Configuring Access Describes how to plan and configure Access
Services Services operation through the Application
Gateway Administration Tool. Also includes code
samples for example web applications.
Chapter 9 Logging and Describes how to configure and view system,
Monitoring health, and SNMP logs, and work with a variety of
Application Gateway network monitoring applications.
Operations
Chapter 10 Troubleshooting Describes how to recover from a crash and
troubleshoot common issues.
Related Documentation
For additional information about the Application Gateway, refer to the
following guides:
• Application Gateway Quick Start Guide
• Application Gateway Network Integration Guide
• Application Gateway Hardware Installation Guide
• Application Gateway Release Notes
x Application Gateway Administration Guide
You can download all Application Gateway and Voice Office application
documentation from the Application Gateway Administration Tool
(Administration > Downloads). The Administration Tool also includes
online Help.
Application Gateway Administration Guide xi
xii Application Gateway Administration Guide
Chapter 1
Application Gateway Overview
The Application Gateway 2000 is a network appliance that delivers
enhanced voice applications to IP telephones. The following topics
provide an overview to the Application Gateway and the applications that
it delivers:
Introduction to Voice Applications, page 1
Licensing, page 2
Security, page 5
Capacity, page 6
Implementation Workflow, page 8
Introduction to Voice Applications
The Voice Office Applications Suite is a set of packaged telephony
applications. The Voice Office applications enable enterprises to leverage
their IP telephony investments and increase workforce productivity by
delivering converged applications to the screens and speakers of Nortel IP
phones.
Voice Office applications include:
Access Services enables a site to deliver custom Web-based applications
to the IP Phone 2007 screen.
• Broadcast Server delivers alerts, such as emergency, IT, and weather
messages, to IP phones.
• Express Directory provides an LDAP-based, organization-wide
directory with high speed, real time pruning.
• Zone Paging enables users to page to groups of IP phones and SIP
speakers in specific zones without the expense of installing an
overhead paging system.
The general network architecture for Voice Office applications follows.
Application Gateway Administration Guide 1
Chapter 1 Application Gateway Overview
Licensing
Licensing
Note: Refer to the Application Gateway Release Notes for additional information
on licensing.
Application Gateway Software is enabled by user licenses which allow use
of the Server Software in increments defined by a license. A minimum of
two licenses are needed to license an Application Gateway, a server
license and the user licenses.
A server license enables the Application Gateway to deliver applications
to a user. Each IP phone or SIP speaker must have a user license. A license
is assigned to an IP phone’s MAC address the first time that the phone
contacts the Application Gateway. When a phone registers with the
Application Gateway, the number of available licenses decreases by one.
Thus, if you purchase 100 IP phone licenses, 100 of your phones can
register with the Application Gateway. Once all allowed licenses are
associated with a phone, additional connection attempts are denied.
The Application Gateway administrator can free a license by changing the
status of a phone or SIP speaker to unlicensed. The device’s status can be
later changed back to licensed, if needed.
2 Application Gateway Administration Guide
Chapter 1 Application Gateway Overview
Licensing
For more information, see the following topics:
The Licensing Process, page 3
Changes that Impact Licensing, page 4
Licensing and Clusters, page 5
Managing Licenses, page 14
Changing the License Status of an IP Phone, page 19
The Licensing Process
IP Phones: An IP phone obtains a license as follows:
1 An IP phone connects to the Application Gateway.
2 The Application Gateway obtains the phone’s extension by either:
– retrieving the phone’s IP address and DN directly from the phone,
or
– using the phone’s IP address to verify that it is in the IP/DN map
and then verifying that there is a corresponding DN.
3 The Application Gateway registers the phone, adding the phone’s MAC
address, primary DN, and IP address to the Device Registry. After a phone
has registered with the Application Gateway, its DN becomes available for
inclusion in zones and alert lists. That DN stays available until the
administrator uses the License Monitor to manually release the license
(thereby unregistering the phone).
4 The Application Gateway issues a license to the phone.
SIP Speakers: A SIP speaker obtains a license as follows:
1 When a SIP speakers comes online, it connects to the Application
Gateway.
2 The Application Gateway uses the speaker’s SIP ID as the device extension
and device name. Therefore each SIP speakers must have unique DN.
3 The Application Gateway registers the speaker and issues a license to it.
In the License Monitor, a SIP speaker is identified as “sip” under the
Module column. The Device Name is the SIP ID of the IP Speaker.
Application Gateway Administration Guide 3
Chapter 1 Application Gateway Overview
Licensing
A licensed and registered speaker appears as an extension in the extension
lists on the Operation > Voice Office > Zone Paging page. The speaker is
managed just like an IP phone.
Changes that Impact Licensing
• Once a phone or SIP speaker is licensed, it holds the license, even
when it is idle or disconnected.
– When the IP/DN is obtained directly from the device, the
Application Gateway will de-license the device when the device
reports that it no longer has a DN assigned to it.
– When IP/DN mapping is obtain through the call server, a license
is removed from a phone only through the administrator’s use of
the License Monitor to manually release the license.
• If a device’s IP address changes (perhaps based on a DHCP lease
expiration):
– When the IP/DN is obtained directly from the device, the
Application Gateway will be notified of the change and will
update the device registry.
– When IP/DN mapping is obtain through the call server, the
Application Gateway changes the phone’s IP address in the Device
Registry the next time the phone reconnects with the Application
Gateway.
• If a device’s DN changes (perhaps through the use of Virtual Office or
by the administrator) and the system is configured to obtain the
mapping from a call server, the Application Gateway does not have a
way to update the Device Registry, thus the phone continues to
function as if its DN was unchanged until the next IP-to-DN
synchronization with the Nortel Communication Server. If the system
is configured to retrieve the DN directly from the device, this
condition does not occur. See “Configuring Phone IP Address
Mapping,” page 50.
• If a device has registered with the Application Gateway and is
replaced by a new device (a device with a new MAC address registers
with the Application Gateway with the same IP address as another
device), the device will register with the Application Gateway and will
4 Application Gateway Administration Guide
Chapter 1 Application Gateway Overview
Security
consume a second license. The original device will remain licensed
until the administrator manually removes the license using the
License Monitor.
• If all allowed licenses are consumed and new devices attempt to
register with the Application Gateway, they will be shown in the
License Monitor as unlicensed. You can the use the License Monitor to
deny a license to an already licensed device and to request a license for
an unlicensed or denied device. When a phone is unlicensed or denied
a license, the phone will display a message indicated that it is
unlicensed when the expand key is pressed.
• If the Application Gateway is restarted, it must be resynchronized
with the datasource if that’s how it obtains the IP/DN map
information.
Licensing and Clusters
If the Application Gateways are arranged in a cluster:
• Devices that are licensed on one member of the cluster will be shown
as unlicensed on the other members of the cluster.
• Devices that are denied a license, will be shown as Denied on all of the
members of the cluster.
• The administrator can synchronize the cluster to propagate changes
across the cluster. If the Application Gateway obtains IP/DN
information from a call server, changes are propagated across the
cluster each time the Application Gateway synchronizes with the data
source.
Security
The Application Gateway is fully protected against worms, viruses, and
other Internet attacks. The Application Gateway is built on proprietary
software, not a traditional operating system such as Windows, and the
Application Gateway contains no API that a worm or virus could run on.
As a result, the Application Gateway is not vulnerable to worms and
viruses that are compiled for traditional operating systems. In this respect,
the Application Gateway appliance is more like a closed router rather than
a server.
Application Gateway Administration Guide 5
Chapter 1 Application Gateway Overview
Capacity
In addition, the Application Gateway has few open ports and those ports
send packets directly to Application Gateway processes.
The Application Gateway has been tested to ensure that no high- or
medium-risk security vulnerabilities exist. The Application Gateway can
be installed in any network with confidence that it introduces no
additional security risks.
Many microbrowser devices, including IP phones, lack security and
encryption features. The Application Gateway, when used with secure
web and application servers, can reduce the potential security issues
associated with using such equipment.
The connection between IP Phones and the Application Gateway is
secured through a required digital certificate.
Capacity
The following capacity figures assume normal usage patterns and that the
host network can handle the traffic. For larger installations, pre-testing is
required to ensure that the network capacity is adequate and to determine
the required number of Application Gateways.
• Application Gateway 2000 Cluster Capacity Guidelines, page 6
• Application Gateway 2000 Single System Capacity Guidelines, page 7
• Other Capacity Guidelines, page 7
Application Gateway 2000 Cluster Capacity Guidelines
Feature GXAS Phones XAS Phones Combination
Access Voice Office features up to 500 per AG in up to 1000 per Up to 500 GXAS plus
on a cluster of up to four a cluster; 2000 total AG 2000 in a 500 XAS on each AG
Application Gateway 2000 on four AG 2000s cluster; 4000 2000 in a cluster
in a cluster total on four AG
2000s
Simultaneous paging per up to 500 up to 200 up to 300 GXAS phone
Application Gateway across or 200 XAS phones
a cluster
6 Application Gateway Administration Guide
Chapter 1 Application Gateway Overview
Capacity
Feature GXAS Phones XAS Phones Combination
Sending a broadcast alert per up to 500 up to 100 Up to 500 GXAS plus
Application Gateway across 100 XAS
a cluster
Guest Services features Not applicable
Application Gateway 2000 Single System Capacity Guidelines
Feature GXAS Phones XAS Phones Combination
Access Voice Office features up to 500 up to 1000 Up to 500 GXAS plus
on a single Application 500 XAS
Gateway 2000
Simultaneous paging per up to 500 up to 200 up to 300 GXAS phone
Application Gateway or 200 XAS phones
Sending a broadcast alert per up to 500 up to 100 Up to 500 GXAS plus
Application Gateway 100 XAS
Guest Services features Up to 500 for
Nortel IP Phone
2007 only
Other Capacity Guidelines
• An Application Gateway supports a maximum of 256 broadcast zones.
• An Application Gateway supports 32 concurrent buffered audio
streams for broadcast alerts.
• An alert sent from Broadcast Server occupies one buffered audio
stream per Application Gateway, regardless of the size of the
distribution list.
• Zone pages do not require audio to be buffered and are therefore not
subject to the limitation of 32 simultaneous buffered audio streams.
Note For a list of the Nortel software requirements, please refer to the
Application Gateway Pre-Installation Checklist for Nortel Communication
Server.
Application Gateway Administration Guide 7
Chapter 1 Application Gateway Overview
Implementation Workflow
Implementation Workflow
The following general steps provide a suggested workflow for
implementing Voice Office applications.
1. Determine which applications are to be deployed and to which
phones.
2. Specify the language in which the application interface should display
on the phones, as described in “Setting the Language of the Voice
Office User Interface,” page 49.
3. For the purposes of initial testing, point a few phones to the
Application Gateway, as described in “Configuring Communication
between the Phones and Application Gateway,” page 49.
4. Enable automatic dialing, as described in “Enabling Automatic
Dialing,” page 59.
5. Complete the configuration required to supply the Application
Gateway with a mapping of phone IP addresses to extensions (DNs),
as described in “Specifying a Source for Phone IP-to-DN Mappings,”
page 59.
6. Configure the applications that you want to deploy. If you are
deploying Express Directory, Zone Paging, or Broadcast Server,
complete the directory configuration as described in “LDAP/CSV
Directory Configuration,” page 69.
7. Verify your implementation on the test phones.
8. Deploy the applications to users by pointing their phones to the
Application Gateway.
8 Application Gateway Administration Guide
Chapter 2
Basic Administration
The following topics describe how to administer your Application
Gateway:
Using the Administration Tool, page 9
Using the Serial Console, page 13
Managing Licenses, page 14
Generating a Secure Certificate, page 20
Upgrading the Application Gateway Software, page 28
Reinstalling the Application Gateway Software, page 29
Saving and Restoring the Configuration, page 30
Restarting the Application Gateway, page 31
Shutting Down the Application Gateway, page 31
Using the Administration Tool
This topic describes how to open and log out of the Administration Tool,
plus it provides information on the following tasks:
Downloading Product Documentation, page 11
Setting the System Date and Time, page 11
Changing the Root Administrator Password, page 13
The Administration Tool contains the full set of network and operation
configuration commands. When you license additional applications, your
Administration Tool might include commands not shown in this guide’s
sample screens. The Administration Tool also provides access to a variety
of standard network monitoring tools, including Ethereal Network
Monitor, xNetTools, Traceroute, fnetload, and System Monitor.
Application Gateway Administration Guide 9
Chapter 2 Basic Administration
Using the Administration Tool
To open the Administration Tool:
1 Make sure that the Application Gateway is running.
2 From a web browser, connect to the Application Gateway by entering the
URL:
https://ipAddress:adminPort
where:
- ipAddress is the IP address of your Application Gateway (the default IP
address is 10.20.30.40 with a netmask of 255.255.0.0)
- adminPort is the administration port of your Application Gateway (9001)
3 If a Security Alert dialog box appears, click Yes.
The Administration > Downloads page appears.
You can download documentation from this page without logging in.
4 Click the tab for the settings that you want to configure.
The Administration Tool login dialog appears.
5 Enter your administrative username and password.
Note: When working with the Administration Tool, click Submit or Commit
Changes to save changes.
The Administration Tool times out after 10 minutes of inactivity and
requires that you log in to continue working.
To log out of the Administration Tool:
• Click Administration > Logout.
10 Application Gateway Administration Guide
Chapter 2 Basic Administration
Using the Administration Tool
Downloading Product Documentation
The Application Gateway includes all server and voice application
documentation.
To download documentation from the Application Gateway:
• Go to Administration > Downloads and click Download
Documentation.
An HTML page with links to all documentation components appears.
Setting the System Date and Time
By default, the Application Gateway uses the time.nist.gov NTP server.
You can choose a different time server and a synchronization schedule. Or,
if the Application Gateway cannot reach a time server, you must manually
set the date and time.
The Application Gateway and Broadcast Server clocks must be
synchronized, as described in “Synchronizing the Broadcast Server and
Application Gateway Clocks,” page 100.
To specify a time server:
1 In the Administration Tool, go to the Administration > Date page.
Application Gateway Administration Guide 11
Chapter 2 Basic Administration
Using the Administration Tool
2 Select a time zone.
3 Enter the fully qualified domain name of an NTP server.
For a list of time servers, see
http://ntp.isc.org/bin/view/Servers/WebHome. This field is initialized
to the time.nist.gov time server.
4 Select an Update Schedule.
5 Click Update.
To manually set the date and time:
1 In the Administration Tool, go to the Administration > Date page.
2 Select a time zone.
3 Enter the date and time, using the format shown on the screen.
4 Click Update.
12 Application Gateway Administration Guide
Chapter 2 Basic Administration
Using the Serial Console
Changing the Root Administrator Password
Note: In order to reset the administrative password to its default, you must
reinstall the Application Gateway server software.
The Application Gateway is pre-configured with a default username and
password (root/rootadmin). We recommend that you change the root
password.
To change an administrator password:
1 In the Administration Tool, go to the Administration > Users page.
2 In the Administrator Password area, enter the new password and click
Change Password.
Using the Serial Console
The serial console contains the minimal prompts required to connect the
Application Gateway Interface 0 to your network. You can use the serial
console (as an alternate to the Web-based interface) to change the IP
address and netmask of the Application Gateway Interface 0, as well as to
set the IP address of the default gateway device. All other configuration
must be done through the Administration Tool. You can also use the serial
console to test a connection with the ping command.
To open the serial console:
1 Connect a PC to the Application Gateway serial port.
2 Make sure that the Application Gateway is running.
3 Start a terminal emulation application and open a TCP/IP connection to
the Application Gateway using its IP address and administration port
number (9001).
If the serial console does not open, check the settings in the terminal
emulation application. Set the serial connection to 9600 bits per second, 8
data bits, no parity, and 1 stop bit.
4 Enter the administrative username (defaults to root) and password
(defaults to rootadmin) when prompted.
The serial console menu appears.
Application Gateway Administration Guide 13
Chapter 2 Basic Administration
Managing Licenses
Managing Licenses
Note: For a description of license handling, see “Licensing,” page 2.
When you purchase licenses, you will receive instructions on how to
obtain the license files. License information is saved when you back up the
Application Gateway configuration.
If you do not have a valid license for a device type, a user who attempts to
access an application will receive the following message: “License Not
Available.”
The Application Gateway log file also displays the following messages:
httpd: session denied. check for sufficient capacity and device type
licenses.
httpd: HTTP 403 (Please check with your administrator to verify that
the AG has licenses for your device.)
The following topics describe how to work with licenses:
Prerequisites for Obtaining a License, page 15
Guidelines, page 15
Uploading License Files, page 16
Viewing License Information, page 17
Changing the License Status of an IP Phone, page 19
14 Application Gateway Administration Guide
Chapter 2 Basic Administration
Managing Licenses
Prerequisites for Obtaining a License
If the Application Gateway obtains the IP/DN directly from the phone:
• The call server must support Cookie Registration.
• The phone cookie must present the DN.
If the Application Gateway obtains the IP/DN map from the call server:
• The IP/DN map must exist.
• The Application Gateway must be synchronized with the
Communication Server or configured for direct access to the phone,
see Configuring Phone IP Address Mapping, page 50.
• A phone’s IP address and primary DN must be in the IP/DN map.
Guidelines
You must renew software maintenance to continue to be eligible to install
new releases of software.
When managing licenses, be aware of the following:
• A license is specific to the Application Gateway for which it was
issued.
• We recommend that you retain a local copy of all license files. If you
need to reinstall the Application Gateway server software, you will
need to upload all license files to it.
• Do not overwrite any files in your local license directory. If another file
in that directory has the same name, you should rename the newly
received file. The Application Gateway software calculates your
licensed features based on all license files that are uploaded to the
Application Gateway.
• If you edit a license file, the Application Gateway software will ignore
any features associated with that license.
• The contents of license files are encrypted and must remain intact.
Should you copy, rename, or insert a license file multiple times, the
Application Gateway will use only the original file and will ignore any
duplicate files.
Application Gateway Administration Guide 15
Chapter 2 Basic Administration
Managing Licenses
To obtain license files, you will need to know the host ID of the
Application Gateway which you are licensing.
To view the host ID:
• In the Administration Tool, go to the Administration > Licenses page.
Uploading License Files
To upload license files to the Application Gateway:
1 In the Administration Tool, go to the Administration > Licenses page.
2 Across from Upload License File, click Browse and locate the license file
that you want to upload.
3 Click Open and then click Upload.
You will be prompted to reboot. You do not have to reboot until you have
uploaded all license files.
Note: When you save the Application Gateway configuration (Administration >
Maintenance), license information is included in the backup file.
16 Application Gateway Administration Guide
Chapter 2 Basic Administration
Managing Licenses
Viewing License Information
To view license information:
1 In the Administration Tool, go to the Administration > Licenses page.
The number of active licenses is noted on that page.
2 To view a summary of license information, click View Active License
Summary.
• One Application Gateway license is required to enable the server.
• One Voice Office user license per IP phone is required to enable
applications for an IP phone.
3 To view license details, click View License Detail.
• Customer, or retail, licenses are for a purchased Application Gateway.
These licenses never expire, therefore they have no License Expiration
Date.
• Expired development, evaluation, and “Not For Resell” licenses do
not appear in the licenses list.
• If the maintenance agreement subscription date is less than the server
build date and less than the calendar date, the license status is
“Expired.” The license, however, is still valid for that server build or
any server build date that is prior to the maintenance subscription
date.
• If the maintenance subscription date has expired, the license status is
“Invalid.”
Application Gateway Administration Guide 17
Chapter 2 Basic Administration
Managing Licenses
• If an installed license is for a feature not supported by the Application
Gateway (such as Citrix Presentation Server), the license status is
“Invalid.”
To view number of licenses available:
1 In the Administration Tool, go to the Logging > System Log page.
2 Click View Log in separate window and then click the right-arrow button
to turn on Auto-Refresh.
3 Press Ctrl-f and search for the word license.
The number of licenses available for each phone type and Voice Office
application is listed.
Note: If the word “license” is not found, those entries are no longer
available to the system log viewer. Restart the Application
Gateway so that the licenses are reloaded and then view the system
log.
18 Application Gateway Administration Guide
Chapter 2 Basic Administration
Managing Licenses
Changing the License Status of an IP Phone
When the Application Gateway accepts a connection from an IP phone, it
records the MAC address of the phone. Once the maximum allowed
licenses are associated with phones, additional connection attempts result
in an error message.
Be aware that replacing an XAS IP phone with a GXAS phone results in
both phones using a license, with different MAC addresses, although the
DN of the two phones is the same. In this case, you should free the license
of the XAS IP phone.
You can free licenses for IP phones by changing the status of an obsolete
phone to unlicensed.
To change a phone’s license status:
1 In the Administration Tool, go to the Operation > Advanced page.
2 Click Gateway Monitoring link to open the File Download screen.
3 Click Save and provide the directory location for the CitrixAGMonitor.exe
file.
4 Click Run from the popup or double-click the file.
You will be prompted to log in to the Application Gateway Monitor.
5 Enter your administrative user credentials.
A VNC-like window appears, with the License Monitor window open.
Extensions are sorted in ascending order.
6 To change the status of a phone, right-click the phone and then click
Toggle Status.
Application Gateway Administration Guide 19
Chapter 2 Basic Administration
Generating a Secure Certificate
If you have not installed a license that includes support for IP phones, no
phones will be listed in the License Monitor.
Generating a Secure Certificate
You must install on the Application Gateway a digital X.509 certificate that
belongs to your company. This will ensure that all SSL transactions will
pass with no error warnings to phone users. Certificates from Verisign and
Thawte are supported.
The Application Gateway accepts a Privacy Enhanced Mail (PEM) format
certificate file. PEM is a text format that is the Base-64 encoding of the
Distinguished Encoding Rules (DER) binary format. The PEM format
specifies the use of text BEGIN and END lines that indicate the type of
content that is being encoded.
Before you can upload a certificate to the Application Gateway, you will
need to generate a Certificate Signing Request (CSR) and private key. We
recommend using Linux OpenSSL to administer any certificate tasks. If
Linux is not available, we recommend the Cygwin UNIX environment for
Windows, which includes an OpenSSL module. Instructions for
downloading, installing, and using the Cygwin UNIX environment to
generate a CSR are included in this topic.
If you are familiar with certificate manipulation, you can use other tools to
create a PEM-formatted file. The certificate that you upload to the
Application Gateway must have the following characteristics:
• It must be in PEM format and must include a private key.
• The signed certificate and private key must be unencrypted.
The following topics describe how to perform the tasks associated with
generating a CSR:
Overview of the Certificate Signing Request, page 21
Installing the Cygwin UNIX Environment for Windows, page 22
20 Application Gateway Administration Guide
Chapter 2 Basic Administration
Generating a Secure Certificate
Generating a CSR, page 23
Unencrypting the Private Key, page 24
Converting to a PEM-Formatted Certificate, page 25
Combining the Private Key with the Signed Certificate, page 26
Generating Trusted Certificates for Multiple Levels, page 26
Uploading a Certificate to the Application Gateway, page 28
Overview of the Certificate Signing Request
If you are unfamiliar with generating a CSR, review this topic for
background information.
The general process for generating a CSR and handling the signed
certificate is as follows:
1. Generate a CSR (public.csr) and private key (private.key) as described
in “Generating a CSR,” page 23.
2. Send the public.csr file to an authorized certificate provider.
3. If you used a tool other than the Cygwin UNIX environment to
generate the CSR, check the format of the private key. If it is in DER
format or is encrypted, convert it to PEM format as described in
“Unencrypting the Private Key,” page 24.
4. When you receive the signed certificate file from your SSL certification
company, check the file format. If it is not in PEM format, convert it as
described in “Converting to a PEM-Formatted Certificate,” page 25.
5. Combine the PEM-formatted signed certificate with the
PEM-formatted private key (private.key) as described in “Combining
the Private Key with the Signed Certificate,” page 26.
6. If your certificate has more than one level, handle the intermediate
certificates as described in “Generating Trusted Certificates for
Multiple Levels,” page 26.
7. Upload the certificate to the Application Gateway as described in
“Uploading a Certificate to the Application Gateway,” page 28.
Application Gateway Administration Guide 21
Chapter 2 Basic Administration
Generating a Secure Certificate
Installing the Cygwin UNIX Environment for Windows
If Linux OpenSSL is not available, install the Cygwin UNIX environment
for Windows. When you install Cygwin, you must choose the OpenSSL
modules as described in the following steps.
To install Cygwin:
1 Use a web browser to navigate to www.cygwin.com and click Install
Cygwin Now.
2 Follow the on-screen instructions to open the setup installer.
3 In the Cygwin Setup dialog box, click Next.
4 Click Install from Internet and then click Next.
5 Accept the default root installation directory settings and then click Next.
6 Accept the default local package directory setting and then click Next.
7 In the Internet Connection screen, click Use IE5 Settings and then click
Next.
8 In the list of Available Download Sites, click a site and then click Next.
9 In the Select Packages screen, click the View button (upper-right corner).
10 Scroll the packages list to locate in the Package column openssl: The
OpenSSL runtime environment and openssl-devel: The OpenSSL
development environment.
11 In the New column for those two entries, click Skip.
The current version number of Cygwin appears.
12 Click Next to start the installation.
After Cygwin installs, you can generate the CSR.
22 Application Gateway Administration Guide
Chapter 2 Basic Administration
Generating a Secure Certificate
Generating a CSR
These instructions to generate a CSR assume that you are using the
Cygwin UNIX environment installed as described in “Installing the
Cygwin UNIX Environment for Windows,” page 22.
To generate a CSR using the Cygwin UNIX environment:
1 Double-click the Cygwin icon on the desktop.
A command window opens with a UNIX bash environment.
2 To change to a particular drive, use the command: cd driveLetter:
3 At the $ prompt, type the following to generate a CSR:
openssl req -new -nodes -keyout privateKeyFilename -out
certRequestFilename
For example:
openssl req -new -nodes -keyout private.key -out public.csr
Status messages about the private key generation appear. You will be
prompted for information such as country name.
4 When prompted for the Common name, enter the DNS name of the
Application Gateway.
The name that you enter will appear in the certificate and must match the
name expected by PCs that connect to the Application Gateway. Thus, if
you alias DNS names, you will need to use the alias name instead.
5 Submit your CSR (public.csr) to an authorized certificate provider such as
Verisign. When asked for the type of server that the certificate will be used
with, indicate “Apache”. (If you indicate “Microsoft”, the certificate might
be in PKCS7 format and you will need to follow the procedure in
“Converting to a PEM-Formatted Certificate,” page 25 to convert the
certificate to a PEM format.)
The certificate provider will return a Signed Certificate to you by e-mail
within several days.
Application Gateway Administration Guide 23
Chapter 2 Basic Administration
Generating a Secure Certificate
Unencrypting the Private Key
The following procedure is not needed if you use the Cygwin UNIX
environment to generate the CSR and private key. Follow this procedure
only if the method you use to generate the private key results in an
encrypted key.
To unencrypt the private key:
1 At the $ prompt enter the command: openssl rsa
If you enter this command without arguments, you will be prompted as
follows:
read RSA key
2 Enter the name of the password to be encrypted.
You can enter the openssl rsa command with arguments if you know the
name of the private key and the unencrypted PEM file.
For example, if the private key filename is my_keytag_key.pvk, and the
unencrypted filename is keyout.pem, you would enter openssl rsa -in
my_keytag_key.pvk -out keyout.pem.
For more information, refer to the following URL:
http://www.openssl.org/docs/apps/rsa.html#EXAMPLES
For information on downloading OpenSSL for Windows, refer to the
following URL:
http://sourceforge.net/project/showfiles.php?group_id=23617&release
_id=48801
24 Application Gateway Administration Guide
Chapter 2 Basic Administration
Generating a Secure Certificate
Converting to a PEM-Formatted Certificate
The signed certificate file that you receive from your certificate provider
might not be in a PEM format. If the file is in binary format (DER), convert
it to PEM format as follows:
openssl x509 -in certFile -inform DER -outform PEM -out
convertedCertFile
If the certificate is already in a text format, it may be in PKCS format. (You
will receive a PKCS formatted certificate if you specified that the
certificate will be used with a Microsoft rather than Apache operating
system.) The following command will result in an error message if the
certificate is not in PEM format. The certFile should not contain the private
key when you run this command.
openssl verify -verbose -CApath /tmp certFile
If that command results in the following error message, the file is not in
PEM format.
certFile: unable to load certificate file
4840:error:0906D064:PEM routines:PEM_read_bio:bad base64
decode:pem_lib.c:781:
To convert the certificate from PKCS7 to PEM format:
1 Run the command:
openssl pkcs7 -in ./certFile -print_certs
The output will look like this:
subject=...
...
-----BEGIN CERTIFICATE-----
... Server Certificate ...
-----END CERTIFICATE-----
subject=...
...
-----BEGIN CERTIFICATE-----
... Intermediate Cert ...
-----END CERTIFICATE-----
2 Combine the server certificate data and the intermediate certificate data (if
it exists) from the output with the private key as specified in “Combining
the Private Key with the Signed Certificate,” page 26 and “Generating
Trusted Certificates for Multiple Levels,” page 26.
Application Gateway Administration Guide 25
Chapter 2 Basic Administration
Generating a Secure Certificate
Combining the Private Key with the Signed Certificate
You must combine the signed certificate with the private key before you
can upload it to the Application Gateway.
To combine the Private Key with the Signed Certificate:
1 Use a text editor to combine the unencrypted private key with the signed
certificate in the PEM file format.
The file contents should look similar to the following:
-----BEGIN RSA PRIVATE KEY-----
<Unencrypted Private Key>
-----END RSA Private KEY-----
-----BEGIN CERTIFICATE-----
<Signed Certificate>
-----END CERTIFICATE-----
2 Save and name the PEM file. For example, server.pem.
Generating Trusted Certificates for Multiple Levels
Caution Any certificate that has more than one level must include all intermediate
certificates, or the system may become unusable.
You must determine whether your certificate has more than one level and,
if it does, handle the intermediate certificates properly.
To generate trusted certificates for multiple levels:
1 Open Internet Explorer, and access a page through the Application
Gateway. For example, enter a URL similar to the following:
https://ipAddress:httpPort//www.mypage.com
where:
- ipAddress is the IP address of your Application Gateway
- httpPort is the Application Gateway HTTP port number
2 Double-click the Lock symbol in the bottom right corner of the browser.
3 Switch to the Certificate Path window pane at the top of the screen.
26 Application Gateway Administration Guide
Chapter 2 Basic Administration
Generating a Secure Certificate
4 Double-click the first path level to bring up the Certificate information for
the first level and then go to the Details screen.
5 Click the Copy to File button at the bottom.
6 After the Certificate Export Wizard appears, click Next.
7 Click the format Base-64 encoded and then click Next.
8 Enter a filename. For example, G:\tmp\root.cer.
9 Review the information and note the complete filename. Click Finish.
10 Click OK to close the Certificate information window for the first level.
11 Repeat Steps 5–11 for all levels except the last level.
12 Insert all certificates into one file, and make sure that any intermediate
certificates are part of any certificate file you upload.
The file to be uploaded should be in the following format:
private key
Server Certificate
Intermediate Certificate 0
Intermediate Certificate 1
Intermediate Certificate 2
Application Gateway Administration Guide 27
Chapter 2 Basic Administration
Upgrading the Application Gateway Software
Uploading a Certificate to the Application Gateway
After you have completed the steps to obtain and assemble a properly
formatted, signed certificate and private key, you can upload it to the
Application Gateway.
Note: When you save the Application Gateway configuration, the uploaded
certificates are included in the backup.
To upload a certificate file:
1 In the Administration Tool, go to the Administration > Maintenance
page.
2 Across from Upload Certificate, click Browse.
3 Locate the file you want to upload and click Open.
4 Click Upload to upload the file.
5 After the upload is complete, go to the Network > Interfaces page.
6 Set Interface 0 External Public Address to the DNS name for which the
certificate was registered.
Upgrading the Application Gateway Software
You will be notified when server software upgrades are available. For the
latest information about upgrading, refer to the Release Notes provided
with the upgrade.
Before you upgrade an Application Gateway, you might need to look up
your current Application Gateway version.
To display the version of your installed Application Gateway:
• In the Administration Tool, go to the Logging > Version page.
To upgrade your Application Gateway:
• Refer to the instructions in the Application Gateway Release Notes.
28 Application Gateway Administration Guide
Chapter 2 Basic Administration
Reinstalling the Application Gateway Software
Reinstalling the Application Gateway Software
Reinstalling the software returns the Application Gateway to its
pre-configured state. It is important that you always have a current copy
of the Application Gateway configuration files, as described in “Saving
and Restoring the Configuration,” page 30.
If files on the Application Gateway become corrupted or if the server
crashes, you will need to reinstall the Application Gateway server
software from the CD provided with the server. Reinstalling the server
software is also referred to as re-imaging the server.
Reinstalling the server software takes about 20 minutes.
To reinstall the server software:
1 Make sure that a PC capable of hosting terminal emulation software is
connected to the Application Gateway; power on both systems.
2 Press Enter a few times on the PC to establish a console connection with
the Application Gateway.
3 Insert the Application Gateway CD into the CD-ROM drive of the
Application Gateway
4 Press the Reset button on the front of the Application Gateway.
After the Application Gateway restarts, the console display indicates that
the reinstallation has started. The status bar moves in large increments, so
at first it might appear that the reinstall has not started.
When the installation has completed, the serial console displays the
message “Installation successful.”
5 Eject the CD and press the Reset button on the Application Gateway.
6 Restore the configuration settings as described in “Saving and Restoring
the Configuration,” page 30.
Application Gateway Administration Guide 29
Chapter 2 Basic Administration
Saving and Restoring the Configuration
Saving and Restoring the Configuration
When you upgrade the Application Gateway, all of your configuration
settings, including uploaded certificates and licenses, are automatically
restored.
If you reinstall the Application Gateway software, you must manually
restore your configuration settings.
Before using the CD to reinstall the Application Gateway software, save
your configuration. Reinstalling the Application Gateway software
returns the Application Gateway to its pre-configured state.
If you have saved your configuration settings, as described in this topic,
you can easily restore them.
To save the Application Gateway configuration:
1 In the Administration Tool, go to the Administration > Maintenance
page.
2 Click Save Config.
The entire Application Gateway configuration, including system files and
certificates, are saved to your computer in a file named config.restore.
To restore a saved configuration:
1 In the Administration Tool, go to the Administration > Maintenance
page.
2 Across from Upload Server Upgrade or Saved Config., click Browse.
3 Locate the file named config.restore and click Open.
4 Click Upload.
After the configuration file is uploaded, the Application Gateway restarts.
30 Application Gateway Administration Guide
Chapter 2 Basic Administration
Restarting the Application Gateway
Restarting the Application Gateway
To restart the Application Gateway:
1 In the Administration Tool, go to the Administration > Maintenance
page.
2 Click Restart.
Shutting Down the Application Gateway
Never shut down the Application Gateway by powering it off. Use the
Administration Tool to shut down the device. Use the power switch only
to power on the device.
You can also use the Reset button on the front of the Application Gateway
to perform a soft reboot.
To shut down the Application Gateway:
1 In the Administration Tool, go to the Administration > Maintenance
page.
2 Click Shut Down.
Application Gateway Administration Guide 31
Chapter 2 Basic Administration
Shutting Down the Application Gateway
32 Application Gateway Administration Guide
Chapter 3
Network Connection Configuration
The following topics describe how to configure Application Gateway
network connections:
Prerequisites, page 33
Configuring Network Interface Settings, page 34
Configuring Ports, page 35
Specifying DNS Settings, page 36
Adding Host Aliases, page 36
Configuring Routes, page 37
Creating an Application Gateway Cluster, page 42
Prerequisites
The configuration instructions in this guide assume the following setup:
• The devices to which you are connecting the Application Gateway,
such as a router, are already part of a working configuration. This
guide does not, for example, cover the steps for configuring
application or web servers. For information on integrating the
Application Gateway into your network, refer to the Application
Gateway Network Integration Guide.
• The Application Gateway is installed and connected to a second
computer through a serial port. For information, refer to the
Application Gateway Quick Start Guide.
• The Application Gateway Pre-Installation Checklist for your site has been
completed. It contains much of the information that you will need to
configure the Application Gateway and related applications.
Application Gateway Administration Guide 33
Chapter 3 Network Connection Configuration
Configuring Network Interface Settings
Configuring Network Interface Settings
The first time that you start the Application Gateway, the serial console
prompts you for the IP address and subnet mask for interface 0 (P1) and
the IP address of the default gateway device. You can later use the
Administration Tool to change those settings.
The network interface settings are as follows:
• IP address and subnet mask for interfaces 0 and 1
The Application Gateway is typically connected to a router through
the Application Gateway Interface 0 port. If the Application Gateway
straddles networks, you will need to use both Interfaces 0 and 1 to
connect the Application Gateway to the networks. If your call server
and/or LDAP server are on different network segments from the
signaling servers, you will need to use both interfaces.
The IP address for Interface 0 is preconfigured to 10.20.30.40.
• Duplex mode for each interface
Duplex mode is either auto, full duplex, or half duplex. Use the default
setting, auto, unless you need to change it.
• Maximum transmission unit (MTU) for each interface
The MTU defines the maximum size of each transmitted packet. The
default is 1500. Use the default setting unless you need to change it.
• The interface (0 or 1) and IP address of the default gateway device,
such as the main router or firewall. This should be the same as the
Default Gateway setting that you would find on computers on the
same subnet.
To change the network interfaces settings, go to the Network > Interfaces
page of the Application Gateway Administration Tool.
34 Application Gateway Administration Guide
Chapter 3 Network Connection Configuration
Configuring Ports
Configuring Ports
The following ports are required for general operation of the Application
Gateway.
• Incoming HTTP port. Defaults to 80.
• Administration ports 9001 and 3001. These ports are not configurable.
• Application Gateway clusters communicate over ports 9014 and 9025.
• Voice Office applications use additional ports, as described in the
Pre-Installation Checklist.
Application Gateway Administration Guide 35
Chapter 3 Network Connection Configuration
Specifying DNS Settings
Specifying DNS Settings
The first time that you start the Application Gateway, the serial console
prompts you for DNS settings. You can use the Administration Tool to
change the following settings:
• IP address of the first, second, and third DNS servers. A DNS server
needs to be specified only if you use name resolution.
• Default domain name. Do not precede the domain name with a dot
(“.”). For example, specify “site.com”, not “.site.com”.
• WINS server address.
To configure DNS settings, go to the Network > DNS page of the
Application Gateway Administration Tool.
Adding Host Aliases
When the Application Gateway attempts to translate an FQDN to an IP
address, it checks its HOSTS file before connecting to DNS to perform the
address translation. If the Application Gateway can translate the FQDN to
an IP address using the information in the HOSTS file, it does not use DNS
to perform the address translation.
Note: Adding entries to the HOSTS file can optimize performance because the
EasyCall Gateway does not have to connect to a different server to
perform the address translations.
You can map Application Gateway host names to IP addresses through the
Administration Tool. The host aliases that you define override DNS
settings.
To add, review, or remove host aliases, go to the Network > Hosts page of
the Application Gateway Administration Tool.
Note: To clear a host alias, select the host and click Clear Host.
36 Application Gateway Administration Guide
Chapter 3 Network Connection Configuration
Configuring Routes
Configuring Routes
You can configure the Application Gateway to listen for the routes
published by your routing server(s) or to use static routes that you specify.
The Application Gateway supports the Routing Information Protocol
(RIP 2).
If you use both network interface cards for separate network numbers on
the Application Gateway, you must define a static route so that the
Application Gateway can appropriately handle the traffic destined for the
network segment connected to the second Ethernet port.
The Default Gateway field on the Network > Interfaces page is relevant to
both dynamic and static routing.
• If you enable the Dynamic Gateway option (when configuring
dynamic routing), the default gateway will be based on the routing
table, not on the value entered in that field.
• If you add a static route, choose the Application Gateway interface not
being used by the default gateway.
The following topics describe how to work with routes:
“Configuring Dynamic Routing,” page 37
“Adding, Testing, and Removing a Static Route,” page 39
“Static Route Example,” page 40
Configuring Dynamic Routing
When you choose dynamic routing, the Application Gateway operates as
follows:
• It listens for route information published through RIP and
automatically populates its routing table.
• If the Dynamic Gateway option is enabled, the Application Gateway
uses the default gateway providing by dynamic routing, rather than
the value specified on the Network > Interfaces page.
• It disables any static routes created for the Application Gateway. If
you later choose to disable dynamic routing, any previously created
static routes will redisplay in the Application Gateway routing table.
Application Gateway Administration Guide 37
Chapter 3 Network Connection Configuration
Configuring Routes
To configure dynamic routing:
1 In the Application Gateway Administration Tool, go to the Network >
Routes page.
2 Select the Dynamic Routing check box.
Selecting that option disables the static routes area. If there are static
routes defined, they no longer display in the routing table although they
are still available should you wish to switch back to static routing.
3 If you want to use the default gateway provided by the routing server(s),
rather than the one specified in the Network > Interfaces page, select the
Dynamic Gateway check box.
Note: The use of a dynamic gateway is reflected on the Network >
Interfaces page as shown below:
4 The Routing Protocol defaults to RIP.
38 Application Gateway Administration Guide
Chapter 3 Network Connection Configuration
Configuring Routes
5 Choose the Application Gateway interface(s) to be used for dynamic
routing. Typically, your routing server(s) are inside your firewall, so you
would choose an internal-facing interface for this setting.
6 Click Add Route Info.
Dynamic routes are not displayed in the Application Gateway routing
table.
Adding, Testing, and Removing a Static Route
If your site is not using a routing server, you will need to add a static route
from the Application Gateway to any subnet that is not automatically
available through your default gateway.
Set up static routes on the Application Gateway interface not being used
by the default gateway. The default gateway is specified on the Network
> Interfaces page.
For an example static route setup, see “Static Route Example,” page 40.
To add a static route:
1 In the Application Gateway Administration Tool, go to the Network >
Routes page.
2 Enter the IP address of the destination LAN (that is, to the network to
which the Application Gateway will route traffic). For example, if the IP
address of that network is 10.60.0.20 and the subnet mask of that network
is 255.255.0.0, enter 10.60.0.0 for the destination LAN.
3 Enter the subnet mask for the destination network.
4 Enter the IP address for the default gateway of the destination network. If
you do not specify a gateway, the Application Gateway can access content
only on the local network.
5 Select the Interface for the static route (that is, the interface over which the
traffic will be sent out). Typically you will set this to eth1.
6 Click Add Route Info.
To test a static route:
1 From the Application Gateway serial console, type 1 (Ping).
2 Enter the host IP address for the device you want to ping and press Enter.
Application Gateway Administration Guide 39
Chapter 3 Network Connection Configuration
Configuring Routes
If you are successfully communicating with the other machine, messages
will appear saying that the same number of packets were transmitted and
received, and zero packets were lost.
If you are not communicating with the other machine, the status messages
indicate that zero packets were received and all the packets were lost.
Return to Step 1 and recreate the static route.
To remove a static route:
1 In the Application Gateway Administration Tool, go to the Network >
Routes page.
2 In the Static Route Table, select the check box for each route that you want
to delete.
3 Click Remove Static Route.
Static Route Example
Suppose the IP address of the interface 0 port on your Application
Gateway is 10.0.16.20 and there has been a request to access information
at 129.6.0.20, to which you currently have no path. You can create a static
route through the Ethernet port that is not set as your Application
Gateway default gateway, and out to the requested network address, as
shown.
40 Application Gateway Administration Guide
Chapter 3 Network Connection Configuration
Configuring Routes
The figure shows the following connections:
• The interface 0 port (IP address 10.0.16.20) leads to the default
gateway (IP address 10.0.16.1), which connects to the rest of the
10.0.0.0 network.
• The interface 1 port (IP address 192.168.0.20) is set to communicate
with the 192.168.0.0 network and its gateway (IP address 192.168.0.1).
Through this gateway, the interface 1 port can communicate with the
129.6.0.0 network, and the server at IP address 129.6.0.20.
To set up this static route, you need to establish the path between the
interface 1 port and IP address 129.6.0.20.
To set up the example static route:
1 Go to the Network > Routes page.
2 Set the IP address of the destination LAN to 129.6.0.0.
3 Set the subnet mask for the gateway device.
4 Set the IP address of the default gateway to 192.168.0.1.
5 Choose eth1 as the gateway device interface.
6 Click Add Route Info.
Application Gateway Administration Guide 41
Chapter 3 Network Connection Configuration
Creating an Application Gateway Cluster
Creating an Application Gateway Cluster
To use voice applications across IP phones that are associated with
multiple Application Gateways, you must group the Application
Gateways into a cluster. An Application Gateway cluster enables IP
phones to send alerts and pages to distribution lists and zones that include
phones from all Application Gateways in the cluster.
Note: If you have multiple Application Gateways and do not group them in a
cluster, IP phones can send alerts and pages only to the phones associated
with the same Application Gateway.
An Application Gateway processes requests only for the IP phones that are
registered to it. However, all Application Gateways in a cluster share a
cluster-wide device registry so that alerts and pages can be sent to
distribution lists or zones comprised of the phones registered to any
Application Gateway in the cluster. When you add an Application
Gateway to a cluster, the cluster-wide distribution lists and zones take
precedence over those previously created on that Application Gateway.
42 Application Gateway Administration Guide
Chapter 3 Network Connection Configuration
Creating an Application Gateway Cluster
An Application Gateway sends device registry changes to the cluster thus
resulting in each cluster member having a complete list of devices
managed by the cluster. The Application Gateway that is a device’s owner
is synchronized first and then the rest of the cluster is updated. The device
registry is always synchronized across the entire cluster whenever a new
device is created or when a device’s attributes change (such as IP address,
DN, license state).
Application Gateway clusters are intended as a site solution and not a
cross-geographical solution. The Application Gateways must be
connected through a high-bandwidth connection. You can include up four
Application Gateways per cluster. The time required for initial start-up
will increase as the size of the cluster-wide device list that is broadcast
across the cluster increases.
For more information about push operations with a cluster, see “Broadcast
Server Operation with Clusters,” page 94 and “Paging Setup and
Operation with Clusters,” page 106.
The following topics describe how to work with clusters:
Cluster Prerequisites, page 43
Creating a Cluster, page 44
Maintaining a Cluster, page 45
Cluster Prerequisites
Before you create a cluster, verify that the following tasks are complete:
• Install and configure each Application Gateway that is to be a member
of the cluster.
The Application Gateways in a cluster can straddle networks (be on
different subnets).
• Configure the IP/DN map source for each Application Gateway.
Cluster setup is the same regardless of the IP/DN map source (phone,
call server, or CSV file).
• Complete the Voice Office configuration for each Application
Gateway. You must configure each Application Gateway with the
Broadcast Server URL.
Application Gateway Administration Guide 43
Chapter 3 Network Connection Configuration
Creating an Application Gateway Cluster
Creating a Cluster
To create a cluster, you add Application Gateway IP addresses to the
Network > Cluster page. Because there are no primary or secondary
Application Gateways in a cluster, you can configure the cluster from any
Application Gateway.
When you add an Application Gateway to a cluster, the Application
Gateway that is processing the request broadcasts the cluster
configuration file to all other cluster members. Thus, each Application
Gateway becomes aware of the new cluster member.
Note: The administration password on the Application Gateway used to
synchronize a cluster must match the password on the Application
Gateway used to create the cluster.
To add an Application Gateway to a cluster:
1 In the Administration Tool, go to the Network > Cluster page.
2 Enter the IP address of the Application Gateway to be added to the cluster.
Note: Be sure to also add the IP address of the Application Gateway from
which you are creating the cluster.
3 Click Add Member.
4 When you have completed adding members, click Sync Cluster. Repeat
this step on each Application Gateway in the cluster.
When you synchronize a cluster, the Application Gateway broadcasts the
cluster information to all cluster members.
5 Synchronize each Application Gateway with the call servers (Operation >
Voice Office > IP Phone page).
44 Application Gateway Administration Guide
Chapter 3 Network Connection Configuration
Creating an Application Gateway Cluster
Maintaining a Cluster
You must update or synchronize a cluster as follows:
• If the IP address of an Application Gateway changes, you must update
the Network > Cluster page to reflect the change.
• When you add a member to an existing cluster, you must
re-synchronize the cluster so that each Application Gateway will be
aware of the new member.
• When you make IP/DN mapping changes, add phones, or remove
phones, you must re-synchronize the cluster so that each Application
Gateway will have the updated information.
Application Gateway Administration Guide 45
Chapter 3 Network Connection Configuration
Creating an Application Gateway Cluster
46 Application Gateway Administration Guide
Chapter 4
Voice Office Configuration
Requirements
The following topics describe the configuration requirements and options
applicable to Voice Office applications:
Voice Office Application Prerequisites, page 47
Configuring the Voice Office Menu, page 48
Setting the Language of the Voice Office User Interface, page 49
Configuring Communication between the Phones and Application
Gateway, page 49
Setting Up SIP Speakers with the Application Gateway, page 54
Enabling Automatic Dialing, page 59
Specifying a Source for Phone IP-to-DN Mappings, page 59
Displaying Screensavers on Nortel IP Phones 2007, 1120E, and 1140E,
page 64
Voice Office Application Prerequisites
Before configuring the Voice Office applications, complete the following
tasks:
• Refer to the Nortel support site for the latest firmware releases.
• Complete the Application Gateway Pre-Installation Checklist.
• Install and complete the initial configuration of the Application
Gateway as described in the Application Gateway Quick Start Guide.
Application Gateway Administration Guide 47
Chapter 4 Voice Office Configuration Requirements
Configuring the Voice Office Menu
Note: If a Network Address Translation (NAT) device is between the
Application Gateway and the phones, you must enter the NAT IP
address on the Network > Interfaces page. The Application
Gateway advertises the NAT IP address in messages relating to
setting up audio streams, as required by UNIStim. NAT is
supported for Express Directory.
• If you have license files that have not been uploaded to the
Application Gateway, use the Application Gateway Administration
Tool to upload them, as described in “Managing Licenses,” page 14.
Configuring the Voice Office Menu
The Voice Office Menu displays on the screens of Nortel IP Phone
2002/2004 when the phone user presses the Expand key. The Voice Office
Menu displays on the screens of Nortel IP Phone 2007 when the phone
user taps the Prime GXAS key.
By default, the Voice Office Menu lists all applications that are licensed. If
you do not want an application to appear on the Voice Office Menu, you
can remove it.
If only one application is selected for the Voice Office Menu, the main
screen for that application appears instead of the Voice Office Menu when
the user presses the Expand key. For example, if only Zone Paging is
selected, the zone list appears when the user presses the Expand key. If
Access Services is the only application selected, the URL specified in the
Access Services tab appears when the user presses the Expand key.
To configure the Voice Office Menu:
1 Open the Application Gateway Administration Tool: From a web browser,
enter the URL https://AG_ipAddress:AG_adminPort.
2 Go to the Operation > Voice Office > Menu page.
3 To change the applications shown in the Voice Office Menu, clear the
checkbox for an application.
4 Click Submit.
48 Application Gateway Administration Guide
Chapter 4 Voice Office Configuration Requirements
Setting the Language of the Voice Office User Interface
The Application Gateway restarts and will be inaccessible to the phones
until the phone attempts to reconnect to the Application Gateway.
Connection attempts occur automatically according to the Watchdog
timer interval. A phone user can also force a reconnection by restarting the
phone.
Setting the Language of the Voice Office User
Interface
By default, Voice Office screens display in English on IP phones. To
change the user interface language used for Voice Office, go to the
Operation > General page and choose a language from the IP Phone UI
Language menu.
Configuring Communication between the Phones
and Application Gateway
The following topics describe how to configure communication between
IP phones and the Application Gateway:
Configuring the Application Gateway Port for Phone Communication,
page 49
Configuring GXAS Phone Failover to a Redundant Application Gateway,
page 52
Configuring Secure Communications and Full Screen Operation for IP
Phone 2007, page 53
Configuring the Application Gateway Port for Phone
Communication
To support Nortel IP Phone 2007, you must specify the port over which the
Application Gateway and phones will communicate. The port specified in
the Application Gateway Administration Tool must match the port
entered in the phone's Network Configuration settings.
Application Gateway Administration Guide 49
Chapter 4 Voice Office Configuration Requirements
Configuring Communication between the Phones and Application Gateway
To configure a port for communication with IP Phone 2007:
1 Open the Application Gateway Administration Tool: From a web browser,
enter the URL https://AG_ipAddress:AG_adminPort.
2 Go to the Operation > General page.
3 Specify a port number for communication with Nortel IP Phone 2007.
4 Click Submit.
You must point all phones to the Application Gateway by configuring
DHCP or by configuring each phone. This one-time setup applies to all
Application Gateway Voice Office applications:
Configuring a DHCP Server, page 50
Configuring Individual Phones, page 51
Configuring a DHCP Server
To configure your DHCP server:
1 Append the Application Gateway IP address (shown in bold below) to the
Nortel DHCP option that is currently used to specify the primary server
(S1) and secondary server (S2) information:
Nortel-i2004-A,S1IP:S1Port,S1ActionCode,S1RetryCount;
S2IP:S2Port,S2ActionCode,S2RetryCount;
AGIP:AGPort,AGActionCode,AGRetryCount
where AGActionCode is "1" for GXAS (the preferred mode for IP Phone
1100 series and IP Phone 2007). IP Phone 2000 series phones ignore
AGActionCode and register with XAS. To set IP Phone 1100 series or IP
Phone 2007 to XAS mode (not recommended), specify "0".
2 If the DHCP setting on the Nortel IP phones is set to "0" (No), instruct your
IP phone users to change the setting to "1" (Yes).
50 Application Gateway Administration Guide
Chapter 4 Voice Office Configuration Requirements
Configuring Communication between the Phones and Application Gateway
Configuring Individual Phones
To configure individual phones to communicate with the Application
Gateway:
• For IP Phone 2002/2004:
a Power cycle the phone, wait for “Nortel Networks” to flash, and then
press the four keys below the display in order from left to right (OK -
BkSpace - Clear - Cancel).
The phone is now in manual configuration mode.
b Press OK until the prompt "Cfg XAS?" displays.
XAS is the eXternal Application Server. You will configure the
Application Gateway as the XAS.
c Press 1 and then press OK. The next prompt is for the XAS IP address.
Enter the IP address of your Application Gateway and then press OK.
• For IP Phone 2007:
a Tap the Tools Menu icon and then select Network Configuration.
b Scroll down to the XAS option and enter the IP address of the
Application Gateway.
c Select the GXAS checkbox and enter a port for communication with
the Application Gateway. (This port must match the GXAS port
configured on the Operation > General page of the Application
Gateway Administration Tool as described in “Configuring Secure
Communications and Full Screen Operation for IP Phone 2007,”
page 53.) GXAS is the recommended mode of operation with the
Application Gateway.
Note: If you do not select the GXAS option, the IP Phone 2007 will operate
like the IP Phone 2004. GXAS mode is the preferred method of
communicating with the Application Gateway.
d Tap Apply & Reset.
Note: If you change an IP Phone 2007 from GXAS to XAS mode, the
phone will not be included on the Broadcast Server distribution
list. Add the phone to the Broadcast Server distribution list, using
the name “nortel-i2004” and the phone’s DN.
Application Gateway Administration Guide 51
Chapter 4 Voice Office Configuration Requirements
Configuring Communication between the Phones and Application Gateway
Configuring GXAS Phone Failover to a Redundant Application
Gateway
GXAS phone failover to a redundant Application Gateway is available to
Voice Office applications, Guest Services, and Access Services.
A GXAS phone is configured with the primary Application Gateway IP
address. Once the phone registers with the Application Gateway, the
Application Gateway sends the secondary IP address to the phone.
If A is the primary Application Gateway and B is the secondary gateway,
GXAS phone failover is handled as follows:
• When the connection to A is broken, the phone immediately attempts
to connect to B.
• If the phone cannot reach B, it waits 10 seconds and then retries A and
then B.
• Each time that the phone cannot reach both A and B, it waits an
additional 10 seconds (10, 20, 30, ...) before retrying A.
• When the phone connects to B, it remains connected to B until B fails.
• When B fails, the phone attempts to connect to the secondary
Application Gateway configured for B. That secondary gateway might
be A or another Application Gateway.
Failover to an Application Gateway has no impact on IP/DN
synchronization, provided that the two gateways are configured the same.
Keep in mind, though, if a signaling server goes offline and a phone gets
a new IP when it fails over to an alternate signaling server, the phone’s
next IP/DN synchronization will fail.
When you restart the primary Application Gateway (for example after you
make a change in the Administration Tool), the phones lose connection to
it and immediately connect to the secondary Application Gateway.
Note: The phone stores the secondary Application Gateway address in its flash
memory. To clear the secondary Application Gateway address from a
phone, set the XAS IP of the phone to 0.0.0.0 and its port to 0.
Specify the secondary Application Gateway on the Operation > General
page.
52 Application Gateway Administration Guide
Chapter 4 Voice Office Configuration Requirements
Configuring Communication between the Phones and Application Gateway
Configuring Secure Communications and Full Screen Operation
for IP Phone 2007
TLS-secured communication between IP Phones 2007 and the Application
Gateway is available to Voice Office applications, Guest Services, and
Access Services. The digital certificate required for the communications is
DES-encrypted and is built into the Application Gateway.
Communications are secured with TLS only when a “Secured” GXAS
Mode option is chosen on the Operation > General page.
Application Gateway Administration Guide 53
Chapter 4 Voice Office Configuration Requirements
Setting Up SIP Speakers with the Application Gateway
The GXAS Mode options are as follows:
• Normal GXAS Mode: The IP Phone 2007 operates in GXAS mode and
includes the built-in Home key at the bottom of the screen.
• Full Screen GXAS Mode: The IP Phone 2007 operates in GXAS mode
and the full screen is available to custom applications (no Home key is
provided).
Note that the GXAS Ports for non-secure modes are set to 44443.
• Secured GXAS Mode: IP Phone 2007 communications with the
Application Gateway are TLS-secured. The built-in Home key appears
at the bottom of the screen.
• Secured Full Screen GXAS Mode: IP Phone 2007 communications
with the Application Gateway are TLS-secured. The full screen is
available to custom applications, except for an area at the bottom of
the screen used for a security icon displayed when TLS is securing
communications.
Note that the GXAS Ports for secured modes are set to 443.
Setting Up SIP Speakers with the Application
Gateway
The Application Gateway supports zone paging to SIP-compatible
speakers from Digital Design Corporation. A SIP speaker can be thought
of as an auto-answer phone: Turning a speaker on/off is equivalent to
connecting and disconnecting a call.
SIP speakers have a configuration file that has the Application Gateway
specified as its SIP proxy/registrar server. Each SIP speaker must have a
unique DN.
When a SIP speaker connects to the Application Gateway, the server
registers and licenses the speaker as if it were an IP Phone device (either
GXAS or XAS). You then add the SIP speaker to paging zones using the
same procedure as an IP phone. (SIP speakers are “Receive only” devices.)
SIP speaker communication requirements are documented in the
Application Gateway Pre-Installation Checklist.
54 Application Gateway Administration Guide
Chapter 4 Voice Office Configuration Requirements
Setting Up SIP Speakers with the Application Gateway
The following topics describe SIP speaker operation and setup:
“Configuring Atlas Sound SIP Speakers,” page 55
“How SIP Speakers Register with the Application Gateway,” page 58
Configuring Atlas Sound SIP Speakers
Atlas Sound SIP speakers read configuration files from a tftp server. The
configuration file includes speaker specific information and proxy
address, userid/password, etc.
The following topics describe how to configure DHCP and the various
configuration files:
“Requirements,” page 55
“DHCP Setup,” page 56
“Configuration File Setup,” page 56
Requirements
The following components are required for SIP speaker integration:
1 Atlas Sound Speakers running the firmware documented in the
Application Gateway Pre-Installation Checklist.
To determine the firmware version running on your speakers, go to the
speaker’s information page by browsing to http://IP_of_speaker.
If you do not have the required speaker firmware, download it from:
site: ftp.IPSpeaker.com
username: IPSpeaker
password: SpeakerFiles
2 The following two configuration files:
• Main Configuration File (IPSpeaker.cfg)
• Aggregate Configuration File(AllSpeakers.cfg)
3 A TFTP Server (to host the configuration files and firmware).
4 A DHCP server (option 150 must point to your tftp IP address).
Application Gateway Administration Guide 55
Chapter 4 Voice Office Configuration Requirements
Setting Up SIP Speakers with the Application Gateway
DHCP Setup
A supported SIP speaker receives its IP address via DHCP.
• Option 150 on your DHCP Server must be modified to reflect the
TFTP IP address(es) that the configuration and other necessary files
will be stored. DHCP must supply the IP address of one or more TFTP
servers via option 150.
Configuration File Setup
During startup, a SIP speaker attempts to obtain two configuration files
from the TFTP server. The Main Configuration File (IPSpeaker.cfg) and the
Aggregate Configuration File (AllSpeakers.cfg). The speaker will
download the IPSpeaker file and then download the file named in it as the
AggregateSpeakerConfigFile file.
IPSpeaker.cfg:
<IPSpeakerConfiguration>
<AggregateSpeakerConfigFile file="AllSpeakers.cfg"/>
<SIPConfig
SIP_server_addr = "10.217.116.176"
registration_interval = "60"
/>
<NTPConfig
server_addr = "130.126.24.53"
timezone_delta = "-7"
/>
<Firmware file="ipse_E286p29.bin"/>
<BootFirmware file="ipsl_EL011.bin"/>
<FPGAFirmware file="fpga1072.bin"/>
</IPSpeakerConfiguration>
AllSpeakers.cfg:
<AllSpeakers>
<Speaker mac="001190003019" >
<SIPConfig descr="Hall" id="9117" volume="14" />
</Speaker>
<Speaker mac="001190003018" >
<SIPConfig descr="Office" id="9116" volume="10"/>
</Speaker>
</AllSpeakers>
56 Application Gateway Administration Guide
Chapter 4 Voice Office Configuration Requirements
Setting Up SIP Speakers with the Application Gateway
You must host those two configuration files on your tftp server. Be sure to
change the following fields according to your environment.
1 Speaker mac must be the MAC address of your speaker.
Initially there may be no entries in AllSpeakers.cfg because at installation
time the MAC address may not be known. You may be able to see the MAC
address on a sticker on the speaker. If you do not know the MAC address,
browse to the SIP speaker’s information page (http://IP_of_Speaker) or
check your TFTP logs.
If the speaker's specific MAC is not found, it will boot but will not register
with the system. The speaker must be rebooted (after the config file is
updated) to register it with the system. You can reboot the speaker by
opening a command window in Windows and typing:
ping -l 77 IP_of_speaker.
2 SIPConfig descr should describe the location of the speaker, such as Hall.
3 SIPConfig id is the DN of your speaker. This id is used to add the speaker
to zones in the Application Gateway.
4 SIPConfig volume is the volume level, which ranges from 0 through 13,
where:
0 is silent
10 is the maximum volume naturally supported by the speaker
11 through 13 represent alterations of the mu-law decoding tables to
artificially boost the volume level
5 SIP_server_addr is the IP address of your Application Gateway.
6 server_addr is the IP address of your ntp server.
7 timezone_delta is for your timezone. The following chart lists the delts for
timezones.
Time zone Normal Daylight Savings
Eastern -5 -4
Central -6 -5
Mountain -7 -6
Pacific -8 -7
8 All the *.bin files should match the files noted in the Application Gateway
Pre-Installation Checklist.
Application Gateway Administration Guide 57
Chapter 4 Voice Office Configuration Requirements
Setting Up SIP Speakers with the Application Gateway
Once the files are downloaded, you can verify the setup by watching the
activity in your tftp site. To do that, browse to the information page of the
speaker and click the SIP Status link. You should see information about the
Application Gateway as follows:
Behavior mode: paging
Status: registered 43 secs ago
SIP server: 10.217.94.142
Confirm that the speaker is registered with the Application Gateway by
viewing the license monitor in the Application Gateway administration
tool. The speaker's DN, IP should be noted as licensed. You can now begin
paging to your speaker as if it were a receive-only phone in the system.
How SIP Speakers Register with the Application Gateway
The following steps detail the Application Gateway interaction with a SIP
IP speaker as the speaker initially comes online and registers with the
Application Gateway:
1 A SIP speaker is added to the network.
Either the speaker is pre-configured or a configuration file on a TFTP
server specifies information about the speaker, such as its DN, the
Application Gateway that it is to contact after initializing, volume, as so
on.
The SIP speaker initializes and, based on its settings, contacts an
Application Gateway (which to the speaker looks like a SIP Registrar
Server and a SIP Proxy Server).
2 Once the SIP speaker registers with the SIP Registrar Server (the
Application Gateway), the Application Gateway calls the SIP API that
supports turning speakers on/off and the Application Gateway
designates a Voice Office phone license for the speaker.
3 The Application Gateway uses the SIP speaker’s SIP ID as the device
extension and device name. The Application Gateway will compare the
speaker’s extension against other registered DNs/extensions to ensure
uniqueness.
4 At this point, the SIP speaker logically become just another phone device
with an callable extension. The SIP speakers can be managed,
licensed/de-licensed and added to paging zones just like an IP phone.
58 Application Gateway Administration Guide
Chapter 4 Voice Office Configuration Requirements
Enabling Automatic Dialing
SIP specific log messages will appear in the server.log pre-pended with
either “sip:” or “sip_driver:”.
Enabling Automatic Dialing
Express Directory supports the automatic dialing of directory numbers
(DNs). The automatic dialing will not work unless Hands Free Activation
(HFA) is enabled as part of the Class of Service (CLS) options during set
provisioning on the Communication Server 1000.
If HFA is not enabled, the telephone user must pick up the handset or
press a Line out button to initiate the call.
Specifying a Source for Phone IP-to-DN Mappings
Voice Office operation requires a mapping of phone IP addresses and their
DNs, or extension. When a phone connects to the Application Gateway,
the Application Gateway uses the phone’s MAC address to look up the
extension in the map. A phone cannot obtain a license unless the phone’s
extension appears in the IP/DN map. Once a phone is licensed, it holds the
license, even when it is idle.
You must specify a source for the Application Gateway to obtain a
mapping of IP addresses to extensions (DNs). The available sources are:
• Phone — For sites using Communication Server 1000, release 5.0 or
Communication Server 2100, release 10.0 and above, the DN can be
retrieved directly from the phone (via cookies). Selecting this option
enables the phone to provide and update its own IP and DN
information. This is the recommended configuration.
• Call Server — For Nortel Communication Server, the information for
the mapping can be obtained from the signaling and call servers. You
can configure a connection between Application Gateway and the
signaling server(s), which provides Application Gateway with
information from all connected call servers. Refer to the Application
Gateway Release Notes section “When Using a Call Server for IP/DN
Mapping” for more information.
• CSV File — You can also specify a CSV file as the IP address to DN
mapping source. In creating CSV files, an administrator manually
balances the phone load across the Application Gateways.
Application Gateway Administration Guide 59
Chapter 4 Voice Office Configuration Requirements
Specifying a Source for Phone IP-to-DN Mappings
Instructions for configuring those sources are in “Configuring Phone IP
Address Mapping,” page 61.
The Application Gateway and its companion voice applications support
multiple phones that share a DN. Each phone sharing a DN appears in the
License Monitor (by MAC address) and can be managed independently.
Note: A licensed phone occupies one session.
Deployment Notes
• When user traffic reaches the concurrent session capacity, you can
increase capacity by installing additional Application Gateways, all
pointing to the same Nortel Messaging server. Because a load balancer
can handle only HTTP signaling, you will need to configure groups of
phones to use a particular Application Gateway by pointing their
application server setting to the IP address of the Application
Gateway.
• If you obtain IP/DN information from a call server and want a
separate administrator account on the PBX for log ins from the
Application Gateway, the administrator account requires overlay 81
and 117 access only. You must also enable multi-user login on the call
server and signaling server. This ensures a speedy and complete
synchronization. Port speed can also impact the integrity of the data
received during synchronization.
• Refer to the Application Gateway Release Notes for additional
information about deployment and operation.
60 Application Gateway Administration Guide
Chapter 4 Voice Office Configuration Requirements
Specifying a Source for Phone IP-to-DN Mappings
Configuring Phone IP Address Mapping
The following one-time setup applies to all Voice Office applications.
To specify the IP address-to-DN mapping source:
1 Open the Administration Tool: From a web browser, enter the URL
https://AG_ipAddress:AG_adminPort.
2 Go to the Operation > Voice Office > IP Phone page.
3 If your phone firmware supports cookies, click the checkbox for Retrieve
DN directly from the Phone. This is the preferred configuration. Click
Submit and then continue with the server configuration, as described in
“Displaying Screensavers on Nortel IP Phones 2007, 1120E, and 1140E,”
page 64 and “Adding Dialing Rules,” page 86.
Note: You can configure the retrieval directly from the phone only if your
firmware supports cookies. See “Specifying a Source for Phone
IP-to-DN Mappings,” page 59 for details. If your IP Phone
firmware does not support cookies, select the source to be used to
map extensions (DNs) to IP addresses from the Type scroll down.
Application Gateway Administration Guide 61
Chapter 4 Voice Office Configuration Requirements
Specifying a Source for Phone IP-to-DN Mappings
4 If your phone firmware does not support cookies, select the version of
Succession that you use, complete the requested information for signaling
servers. If you selected a Succession value other than 3, only one set of
signaling server parameters fields will be available.
Note: Typical sites have one signaling server deployed. However, larger
sites might have a primary and secondary signaling server or two
signaling servers that are load balanced.
To configure the call server, enter:
– The signaling server IP address and Telnet port.
– The customer number (used by the call server if it is configured for
more than one customer). Customer Number defaults to “0”.
– The credentials for the call server and signaling server.
5 If you need to provide IP/DN mapping information in a CSV file, select CSV
and complete these fields:
Note: For CSV file requirements, see “CSV File Format Specifications,”
page 63.
62 Application Gateway Administration Guide
Chapter 4 Voice Office Configuration Requirements
Specifying a Source for Phone IP-to-DN Mappings
– The URL of the Web server where the CSV file resides (http://url).
– The credentials required to access the URL, if required.
6 If you completed step 4 or 5, you must choose a schedule for
synchronizing the Application Gateway with the signaling/call servers or
a CSV file. (When DNs are obtained from the Phones, the phones do not
need to be synchronized with the Application Gateway.) When you are
done, click Submit.
Note: If a signaling or call server is unavailable during a scheduled
update, the last available mapping is used.
If you use a CSV file, you must ensure that an updated CSV file is
available for the Application Gateway synchronizations.
The Application Gateway system log (Logging > System Log)
contains status information, as described in “Interpreting the
System Log,” page 147.
CSV File Format Specifications
The CSV-formatted file that you make available to the Application
Gateway for IP-to-DN mapping must follow these requirements:
• Comma-delimited text file with an extension of .csv, hosted in the root
directory of a web server.
• Field order must be Extension,IP Address
For example:
5017,10.0.10.160
5018,10.0.10.149
5019,10.0.16.160
• The file must not contain any spaces or blank lines.
• A record is one line. Records must be separated by a line feed
(ASCII/LF=0x0A) or carriage return and line feed pair
(ASCII/CRLF=0x0D 0x0A). Fields may contain embedded line breaks,
therefore, a record can occupy more than one line. Embedded line
breaks must be surrounded by double quotation marks.
Application Gateway Administration Guide 63
Chapter 4 Voice Office Configuration Requirements
Displaying Screensavers on Nortel IP Phones 2007, 1120E, and 1140E
Displaying Screensavers on Nortel IP Phones 2007,
1120E, and 1140E
By default, IP Phones 2007, 1120E, and 1140E display the TPS screen until
the user presses the Services (or Expand) button to open the Voice Office
menu. You can change that behavior as follows:
• You can configure the GXAS Foreground Timer so that the Voice
Office menu automatically opens after TPS has displayed for a
specified number of seconds.
• You can configure the Application Gateway to display screensaver
images. The screensaver appears after the Voice Office menu has
displayed for the duration that you configure. If you also configure the
GXAS Foreground Timer, the Voice Office menu automatically
displays and then times out to the screensaver. Incoming alerts and
pages override the screensaver.
Below the screensaver image are two soft keys: Services and Exit. The
Services key (and the Expand button) return the user to the Voice
Office menu. The Exit key on GXAS phones returns the user to TPS.
The Exit key on XAS phones goes to the URL specified for that key.
The GXAS Foreground Timer and the screensaver are configured per
Application Gateway. The images that you load for screensavers must be
size and format supported by each phone type.
• The maximum image size for each phone type is noted in the
Administration Tool. The image appears in the center of the phone
screen. If the image is smaller than the maximum size, the phone
background surrounds the image. If the image is larger than the
maximum size, the image is cropped.
• Nortel IP Phones 2007 support GIF, JPG, and PNG images that are up
to 16-bit color.
• Nortel IP Phones 1120E and 1140E support GIF, JPG, and PNG
grayscale images.
To configure screensavers
1 Open the Administration Tool: From a web browser, enter the URL
https://AG_ipAddress:AG_adminPort.
64 Application Gateway Administration Guide
Chapter 4 Voice Office Configuration Requirements
Displaying Screensavers on Nortel IP Phones 2007, 1120E, and 1140E
2 Go to the Operation > Voice Office > IP Phone page and scroll down to
the Screensaver area.
3 Specify the number of seconds that the Voice Office menu should display
before the screensaver appears. Leave this setting to “0” to not use a
screensaver for any phone.
4 Enter the path and filename of each image. If you do not enter a filename,
no screensaver will appear on that phone type.
5 Specify whether the display on the IP phones should automatically return
to the Voice Office menu from TPS:
• To prevent the phones from automatically displaying the Voice Office
menu, use the default setting ("0") for GXAS Foreground Timer. If you
configure a screensaver and set the GXAS Foreground Timer to “0,”
the IP phone user must press the Expand key to display the Voice
Office menu; after the menu displays for the specified time, the
screensaver appears.
• To display the Voice Office menu automatically, specify the number of
seconds the display should remain on TPS before switching to the
Voice Office menu. The minimum display time is 30 seconds. If you
configure a screensaver and specify a GXAS Foreground Timer greater
than 0, an IP phone display automatically goes from TPS to the Voice
Office menu to the screensaver, according to the durations that you
set.
6 Click Submit.
Application Gateway Administration Guide 65
Chapter 4 Voice Office Configuration Requirements
Enabling Multicasting for Zone Pages
Enabling Multicasting for Zone Pages
The Application Gateway can be configured to take advantage of a
multicast environment when sending pages. The following Nortel IP
Phones support multicasting: IP Phones 1120E, 1140E and 1150E version
062xC4M, and IP Phone 2007 version 0621C4U. The supported SIP
speakers also handle multicasting.
You can enable multicasting for the Application Gateway so that it sends
a page as a single packet to a multicast IP address. The packet is then
distributed by the switch to multiple IP addresses. The Application
Gateway enables phones in the receiving zone to receive multicast audio
packets on a specific multicast IP address. For each Zone Page, the
Application Gateway checks out a multicast IP address from the multicast
IP address pool and then checks the address back in after the page is
completed.
To enable and configure multicasting for Zone Paging, go to the
Operation > Voice Office > IP Phone page of the Administration Tool and
scroll to the bottom of the page.
For zone paging across a cluster, multicasting must be enabled on the
router and each Application Gateway must have a different multicast IP
address range specified
The Application Gateway supports a maximum of 128 IP addresses for
multicasting. If the multicast range is too large, multicasting will not be
enabled on the Application Gateway and the system log will include the
following entries:
ippool: unable to initialize IP pool
66 Application Gateway Administration Guide
Chapter 4 Voice Office Configuration Requirements
Enabling Multicasting for Zone Pages
zp: unable to init ip pool.
zp: turning off multicast.
For information about using multicasting with clusters, see “Paging Setup
and Operation with Clusters,” page 106.
Application Gateway Administration Guide 67
Chapter 4 Voice Office Configuration Requirements
Enabling Multicasting for Zone Pages
68 Application Gateway Administration Guide
Chapter 5
LDAP/CSV Directory Configuration
You can configure the Application Gateway to obtain directory
information from one or more LDAP directories and/or CSV directory
files. The Application Gateway uses directory information for the Voice
Office applications as follows:
• Express Directory
The Application Gateway displays directory information in Express
Directory.
• Broadcast Server
The Application Gateway uses directory information to generate
distribution lists in the Broadcast Server. The Application Gateway
uses the telephone attribute(s) to locate the associated department
name in a directory. The Application Gateway sends the Department
attribute information to the Broadcast Server where it is used to
update the distribution list.
• Zone Paging
The Application Gateway uses the directory "department" attribute to
create paging zones. The automatically created zones cannot be
modified or removed.
To configure the Application Gateway to obtain directory information,
you specify the connection information, the attributes to be used by Voice
Office applications, and a synchronization (LDAP) or upload (CSV)
schedule.
The following topics describe the Express Directory application and
explain how to configure the Application Gateway to obtain directory
information:
Express Directory Overview, page 70
Configuring the Application Gateway to Use LDAP Directories, page 72
Looking Up Attributes in Your LDAP Directory, page 79
Application Gateway Administration Guide 69
Chapter 5 LDAP/CSV Directory Configuration
Express Directory Overview
Configuring the Application Gateway to Use Directory Files in CSV
Format, page 82
Adding Dialing Rules, page 86
Synchronizing the Application Gateway with Your Directories, page 89
Express Directory Overview
Express Directory provides users of supported Nortel Internet telephones
with convenient access to LDAP directories and to directories saved in
CSV (Comma-Separated Value) format. You configure the Application
Gateway to obtain directory information from one or more LDAP
directories and/or CSV directory files. The Application Gateway
transcodes directory information for display on Nortel Internet
telephones.
For LDAP directories, the Application Gateway connects to each LDAP
server as shown. The Application Gateway supports LDAP version 3 and
Nortel Messaging LDAP version 2. Supported LDAP directories include
Microsoft Active Directory, OpenLDAP, and SunONE/iPlanet LDAP. The
Application Gateway automatically detects the version in use.
For directories that can be saved in CSV format, you point the Application
Gateway to the location on an FTP server where you have saved each
directory file.
70 Application Gateway Administration Guide
Chapter 5 LDAP/CSV Directory Configuration
Express Directory Overview
Express Directory Features
IP telephone users view directory information by choosing “Express
Directory” from the Voice Office menu. If you have multiple directories,
the Application Gateway can display a submenu of directories under
“Express Directory” in the Voice Office menu. For example, the Express
Directory submenu might contain choices such as Corporate, Customers,
and Vendors.
Alternatively, the Application Gateway can combine all directories so that
the Nortel IP telephone user searches one combined directory. If an
individual has unique entries in more than one of the combined
directories, the Express Directory displays each entry.
Express Directory includes the following features for Nortel IP telephone
users:
• Provides simple access to your company directory. To use Express
Directory, an IP telephone user presses the Expand key, selects
“Express Directory” from the Voice Office menu. If you have
configured the Application Gateway to display several directories
individually (not combined), the user selects a directory name from
the Express Directory submenu before starting a search.
• By default, displays each name as two Directory entries: “First Name
Last Name” and “Last Name, First Name”. For example, Manuel Denz
is listed as “Manuel Denz” and “Denz, Manuel”. You customize
Directory entries through the Application Gateway Administration
Tool, as described in “Configuring the Application Gateway to Use
LDAP Directories,” page 72 and “Configuring the Application
Gateway to Use Directory Files in CSV Format,” page 82.
• Displays for a selected name the associated email address and
telephone numbers, if those attributes are defined in your directory.
• Enables an IP telephone user to call a number by selecting it in Express
Directory. You can configure the prefixes to be dialed with telephone
numbers as follows:
– Each configured directory can have its own prefix, as described in
“Specifying LDAP Attributes for Voice Office Operations,”
page 76.
– A prefix can also be assigned to all directories, as described in
“Adding Dialing Rules,” page 86.
Application Gateway Administration Guide 71
Chapter 5 LDAP/CSV Directory Configuration
Configuring the Application Gateway to Use LDAP Directories
Note: The Application Gateway distribution includes a document, Using Express
Directory on Nortel Internet Telephones, that you can change as needed and
distribute to IP telephone users.
Configuring the Application Gateway to Use LDAP
Directories
Note: These instructions assume that you have completed the configuration
described in“Voice Office Configuration Requirements,” page 47.
To configure the Application Gateway to use one or more LDAP
directories Voice Office applications, you specify the following
information in the Application Gateway Administration Tool:
• The total number of directories (both LDAP and CSV) that you want
to use. IP telephone users can access all directories through Express
Directory.
• Whether you want to combine the directories for the Express Directory
list on the IP telephone. If you keep the directories separate, you will
specify a Directory Title to display as a submenu item under “Express
Directory” in the Voice Office menu.
If you use multiple directory sources, but do not combine them,
Broadcast Server and Zone Paging will use only the first directory
source defined. If you combine directory sources, those applications
will use all directories.
• LDAP server connection information for each directory.
You also specify the LDAP attributes to be displayed in Express Directory
and used to control Voice Office operation, as described in “Specifying
LDAP Attributes for Voice Office Operations,” page 76.
To specify LDAP server connection information:
1 Open the Application Gateway Administration Tool: From a web browser,
enter the URL https://AG_ipAddress:AG_adminPort.
2 Go to the Operation > Voice Office > Directory page.
72 Application Gateway Administration Guide
Chapter 5 LDAP/CSV Directory Configuration
Configuring the Application Gateway to Use LDAP Directories
3 To add a directory source, click New Source. To change an existing source,
choose it from the Configure Source menu.
4 To combine multiple directories into one directory, select the Combine
Sources checkbox. If this checkbox is selected for any source, all sources
will be combined.
Application Gateway Administration Guide 73
Chapter 5 LDAP/CSV Directory Configuration
Configuring the Application Gateway to Use LDAP Directories
If you combine directories, Express Directory users will search one,
combined directory, accessible from the Express Directory menu.
If you do not combine directories, Express Directory users will choose a
directory name from the Express Directory submenu. Users might find it
more convenient to select from a submenu containing entries such as
Departments, Staff, and Services than to search a combined directory.
5 If you are not combining directories, enter a short, descriptive title for the
LDAP directory that you are configuring. This title will display in the
submenu that appears when an IP telephone user selects Express
Directory.
If you leave the title blank, the directory will not include a name when
displayed in the Administration Tool.
6 From Data Source, choose LDAP.
7 Complete the LDAP Server Connection fields as follows.
Field Description
Server and Server The IP address or host name and port for your LDAP server.
Port
The LDAP Server Port defaults to 389. If you are using an indexed
database, such as Microsoft Active Directory with a Global Catalog,
changing the LDAP Server Port to 3268 will significantly speed the
LDAP queries.
Note: If your directory is not indexed, we recommend that you use an
administrative connection, rather than an anonymous
connection, from the Application Gateway to the database.
Download performance improves when you use an
administrative connection.
74 Application Gateway Administration Guide
Chapter 5 LDAP/CSV Directory Configuration
Configuring the Application Gateway to Use LDAP Directories
Field Description
Bind DN and The Administrator Bind DN and password for queries to your LDAP
Password directory. The AG binds to the LDAP server using the administrator
credentials and then searches for the user. After locating the user, the AG
unbinds the administrator credentials and rebinds with the user
credentials.
Example syntax for Bind DN:
"ou=administrator,dc=ace,dc=com"
"[email protected]" (Active Directory User Principal Name, UPN)
"cn=Administrator,cn=Users,dc=ace,dc=com" (Active Directory)
For Active Directory, if you do not use the UPN for the Bind DN, the
group name (specified as "cn=groupname") is required. For other LDAP
directories, the group name either is not required or, if required, is
specified as "ou=groupname".
Note that most directories do not return useful information on
anonymous binds.
Base DN The Base DN to be used as a starting point for directory searches. Base
DN is usually derived from the Bind DN by removing the user name and
specifying the group where users are located.
Example syntax for Base DN:
"ou=Users,dc=ace,dc=com"
"cn=Users,dc=ace,dc=com" (Active Directory)
Authentication The authentication method to use between the Application Gateway and
the LDAP server. The Application Gateway currently supports Simple
authentication.
You do not need to submit your changes or restart the Application
Gateway until after you have finished specifying Directory settings.
Application Gateway Administration Guide 75
Chapter 5 LDAP/CSV Directory Configuration
Configuring the Application Gateway to Use LDAP Directories
Specifying LDAP Attributes for Voice Office Operations
The Operation > Voice Office > Directory page also contains settings that
specify the LDAP attributes to be displayed in Express Directory and used
to control Voice Office application operations.
If you are unfamiliar with the LDAP attributes for your site, see “Looking
Up Attributes in Your LDAP Directory,” page 79 for information on a free
LDAP browser that displays the structure of your LDAP directory and its
attributes.
To specify LDAP attributes:
1 Complete the LDAP Attributes fields as follows.
Field Description
Name The full name (common or display name) to be displayed in Express
Directory or used by other Voice Office applications. Name defaults to
"cn" and is typically set to "cn" or "displayName".
Surname The last name to be used by Voice Office applications. For correct display
the surname (sn) must match the “last name” portion of the cn attribute.
Is displayed in the directory as Surname (last name), followed by the
delimiter ", " and the First Name. For example, Denz, Manuel. Defaults
to "sn".
First Name The first name to be used by Voice Office applications. For correct
display the First Name must match the “first name” portion of the cn
attribute. Defaults to "givenName".
Email The Email address. Defaults to "mail".
76 Application Gateway Administration Guide
Chapter 5 LDAP/CSV Directory Configuration
Configuring the Application Gateway to Use LDAP Directories
Field Description
Telephone Labels You can specify one to three Telephone numbers to be displayed by
and Fields Express Directory. Also, the Application Gateway uses the telephone
attribute(s) to locate the associated department name in a directory for
Broadcast Server distribution lists.
The three fields default to "telephoneNumber", "mobile", and
"extension". The fields can be changed to any other attribute
representing the phone number that you wish to display (such as
"homePhone"). If your directory contains multiple entries for the chosen
attribute, Express Directory displays all of them. The labels that you
enter will display in Express Directory.
By default, the telephone number displayed is the full number, along
with any prefixes configured for each directory (as described in
“Specifying LDAP Attributes for Voice Office Operations,” page 76) and
configured globally (as described in “Adding Dialing Rules,” page 86). If
a telephone number exceeds telephone’s characters per line limit, the
number will not display. To shorten the number, consider removing
spaces or omitting the label.
For some sites the telephone numbers need to be customized, for
example, to display only the last four digits. You can customize the
telephone numbers, as described in “Adding Dialing Rules,” page 86.
Title Title information. Defaults to "title".
Department Department information to be displayed in Express Directory. The
Application Gateway also uses a phone’s extension to look up the
corresponding Department in the directory. Broadcast Server uses the
Department information to update the distribution list. Broadcast Server
truncates distribution list and department names longer than 51
characters. Zone Paging uses the Department information to update the
zone list. Zone Paging truncates zone names longer than 59 characters.
Defaults to "department".
Search Filter The LDAP search filter used to limit the results returned to the
Application Gateway. Defaults to "objectClass=*". You can specify more
than one search filter.
Application Gateway Administration Guide 77
Chapter 5 LDAP/CSV Directory Configuration
Configuring the Application Gateway to Use LDAP Directories
Field Description
Search LDAP The attributes to be used during a search to form the list of names. The
Directory by names list is built according to the selected attributes, as follows.
• Name (first and last name, typically the common name or display
name attribute): Name is typically formatted as First Name, space,
Surname or might be formatted as Surname, comma, space, First
Name. Sometimes, LDAP will include two Name entries to cover
both of those name forms. When the Name checkbox is selected, the
list of names searched includes the values for all Name attributes,
unchanged.
• Surname (last name): When the Surname checkbox is selected, the
list of names includes entries formed by appending the First Name
to the Surname.
• First Name: When the First Name checkbox is selected, the list of
names includes entries formed by appending the Surname to the
First Name.
The structure of your LDAP directory determines which of the attributes
will produce the best search results:
• If there is one Name entry formatted as “FirstName Surname”, select
Name (to include an entry that starts with the first name) and select
Surname (to include an entry that starts with the last name). If a
directory does not use the First Name attribute (or the attribute is
empty), Express Directory infers the first name from the combination
of the Name and Surname.
• If there is one Name entry formatted as “Surname, FirstName”,
select Name (to include an entry that starts with the last name) and
select First Name (to include an entry that starts with the first name).
• If your LDAP directory is inconsistently structured, you might need
to select multiple checkboxes to cover all cases, resulting in some
duplicate entries.
78 Application Gateway Administration Guide
Chapter 5 LDAP/CSV Directory Configuration
Looking Up Attributes in Your LDAP Directory
Field Description
Dial Prefix You can specify a dial prefix with each LDAP directory. When a number
from Telephone Field 1 is dialed, Express Directory will prepend to the
phone number any prefix from the dialing rules specified on the IP
Phone page followed by this directory-specific dial prefix. (This prefix
does not apply to Telephone Fields 2 or 3.)
For example, suppose that you have two directories, A and B. A call to
directory A requires the prefix “5” and a call to directory B requires the
prefix “6”. The dialing rule specified on the IP Phone page is “9”. Thus,
the number for a call to directory A would be “95number” and the
number for a call to directory B would be “96number”.
If the same dial prefix is used for all directories, you can specify it on the
IP Phone page for all directories.
For information on the schedule settings, see “Synchronizing the
Application Gateway with Your Directories,” page 89.
2 Click Submit.
3 Continue as follows:
• If you have completed configuring all directories, go to “Adding
Dialing Rules,” page 86.
• To configure another LDAP directory, select the source number from
Configure Source and specify the connection and attribute
information for that source.
• To configure a directory in CSV format, select the source number from
Configure Source and go to “Configuring the Application Gateway to
Use Directory Files in CSV Format,” page 82.
Looking Up Attributes in Your LDAP Directory
With the exception of the LDAP Base DN syntax, which is site-specific, the
attributes provided on the Operation > Voice Office > Directory page are
defaults common to more widely used LDAP directory applications. If a
default attribute does not work for your site, you can easily look up the
correct attribute with the free LDAP Browser from Softerra.
Application Gateway Administration Guide 79
Chapter 5 LDAP/CSV Directory Configuration
Looking Up Attributes in Your LDAP Directory
This topic describes how to use LDAP Browser to look up the information
requested on the Directory page.
To install and set up LDAP Browser:
1 Download the free LDAP Browser application from
www.ldapbrowser.com.
2 Install LDAP Browser and open it.
3 From the LDAP Browser window, choose File > New Profile and specify
the following settings:
– Host: Host name or IP address of your LDAP server.
– Port: Defaults to 389.
– Base DN: You can leave this field blank. (The information
provided by the LDAP Browser will help you determine the Base
DN needed for the Express Directory page.)
– Anonymous Bind: Select the checkbox if the LDAP server does not
require credentials to connect to it. If the LDAP server requires
credentials, leave the checkbox cleared, click Next, and enter the
credentials.
4 Click Finish.
The LDAP Browser displays the profile name that you just created in the
left pane of the LDAP Browser window and connects to the LDAP server.
To look up LDAP attributes:
1 In left pane of the LDAP Browser, select the profile name that you created.
2 To look up the Base DN, locate in the right pane the namingContexts
attribute. The value of that attribute is the Base DN for your site. The Base
DN is typically "dc=myDomain,dc=com" (if your directory tree is based on
Internet domain names) or "ou=domain,o=myOrg,c=country".
3 Note the objectClass entries. The LDAP Search Filter on the Express
Directory page defaults to "objectClass=*" which will search all classes
listed. You do not need to change that default unless you need to narrow
the search.
4 To look up the attributes associated with people, such as name and phone
numbers:
a. Double-click the folder at the top of the right pane.
80 Application Gateway Administration Guide
Chapter 5 LDAP/CSV Directory Configuration
Looking Up Attributes in Your LDAP Directory
In the following example, the directory contains only one "dc" folder.
Your site might have more than one "dc" or "ou" folders.
The right pane displays the structure for the attribute that you clicked.
For example, you might see a "cn" entry for each individual in the
LDAP directory or "ou" entries under which you will find individuals
or groups. Click through the structure until you locate a list of
individuals.
b. Double-click the folder for an individual to view the attribute names
and compare them to the attributes in the Application Gateway
Operation > Voice Office > Directory page.
Application Gateway Administration Guide 81
Chapter 5 LDAP/CSV Directory Configuration
Configuring the Application Gateway to Use Directory Files in CSV Format
Configuring the Application Gateway to Use
Directory Files in CSV Format
If you use one or more directories that can be saved in CSV format, you
configure the Application Gateway to upload the directory files via FTP.
The CSV files must follow the format described in “CSV File Format
Specifications,” page 85.
To configure FTP settings:
1 Open the Application Gateway Administration Tool: From a web browser,
enter the URL https://AG_ipAddress:AG_adminPort.
2 Go to the Operation > Voice Office > Directory page.
82 Application Gateway Administration Guide
Chapter 5 LDAP/CSV Directory Configuration
Configuring the Application Gateway to Use Directory Files in CSV Format
3 To add a directory source, click New Source. To change an existing source,
choose it from the Configure Source menu.
4 To combine multiple directories into one directory, select the Combine
Sources checkbox. If this checkbox is selected for any source, all sources
will be combined.
If you combine directories, Express Directory users will search one,
combined directory, accessible from the Express Directory menu.
If you do not combine directories, Express Directory users will choose a
directory name from the Express Directory submenu. Users might find it
more convenient to select from a submenu containing entries such as
Departments, Staff, and Services than to search a combined directory.
5 If you are not combining directories, enter a short, descriptive title for the
CSV directory file that you are configuring. This title will display in the
submenu that appears when an IP telephone user selects Express
Directory.
6 From Data Source, choose CSV.
7 Complete the CSV Uploads Via FTP fields as follows:
Field Description
FTP Host The IP address or host name of the FTP server where you have placed a
directory file in CSV format.
Note: You must ensure that an updated CSV file is available for
subsequent synchronizations.
FTP Path The path to and filename of the directory file. Most FTP servers are
case-sensitive.
FTP Username Your FTP credentials. If you need to specify a domain with the username,
and Password the correct form is domain\\username (that is, you must include two
backslashes, not just one).
Telephone Labels You can specify one to three Telephone Labels to correspond to the
telephone numbers provided in the CSV file. The labels display with the
phone numbers.
Search Directory The attributes to be used during a search. You can select one or more of
by the following attributes: Surname or First Name. Note: The Name
attribute is not available for CSV sources.
Application Gateway Administration Guide 83
Chapter 5 LDAP/CSV Directory Configuration
Configuring the Application Gateway to Use Directory Files in CSV Format
For information on the schedule settings, see “Synchronizing the
Application Gateway with Your Directories,” page 89.
8 Click Submit.
9 Continue as follows:
• If you have completed configuring all directories, go to “Adding
Dialing Rules,” page 86.
• To configure another directory in CSV format, select the source
number from Configure Source and specify the connection
information.
• To configure an LDAP directory, select the source number from
Configure Source and go to “Configuring the Application Gateway to
Use LDAP Directories,” page 72.
84 Application Gateway Administration Guide
Chapter 5 LDAP/CSV Directory Configuration
Configuring the Application Gateway to Use Directory Files in CSV Format
CSV File Format Specifications
The CSV-formatted files that you upload to the Application Gateway must
follow these requirements:
• Comma-delimited text file with an extension of .csv, hosted in the root
directory of a web server. The file must be saved with UTF-8 encoding
if your directory contains European characters.
• Field order must be as follows:
LastName,FirstName,PhoneNumber1,PhoneNumber2,
PhoneNumber3,PhoneNumber4,PhoneNumber5,PhoneNumber6,
Email,Title,Department
Note: Phone numbers 4 through 6 are for future use.
The following examples illustrate records with one, two, and three
phone numbers:
Abbott,Lorenz,5031,,,,,,[email protected],Analyst,Accounting
Abbott,Lorenz,5031,5551234567,,,,,[email protected],Analyst,Accounting
Abbott,Lorenz,5031,5551234567,8005551010,,,,[email protected],Analyst,Accounting
• A record is one line. Records must be separated by a line feed
(ASCII/LF=0x0A) or carriage return and line feed pair
(ASCII/CRLF=0x0D 0x0A). Fields may contain embedded line breaks,
therefore, a record can occupy more than one line. Embedded line
breaks must be surrounded by double quotation marks.
• If a field contains a comma, the comma must be enclosed in double
quotation marks (“,”). All fields can be enclosed in double quotation
marks.
• Leading and trailing spaces (or tab characters) adjacent to the comma
field separators are ignored. If a field contains leading or trailing
spaces, those spaces must be delimited with double quotation marks.
• Fields that contain double quote characters must be surrounded by
double-quotes, and the embedded double-quotes must each be
represented by a pair of consecutive double quotes. For example:
“Richard ““Mac”” McGregor”.
Application Gateway Administration Guide 85
Chapter 5 LDAP/CSV Directory Configuration
Adding Dialing Rules
Adding Dialing Rules
By default, the full telephone number that is stored in a directory is dialed
when the IP telephone user selects a number in Express Directory.
However, often numbers in Directories are not properly formatted to be
dialed directly or include non-numeric characters such as a plus sign (+)
and parenthesis around local access codes such as (408).
Note Dialing rules apply to all configured directories. You can alternatively
specify a prefix for each directory source, as described in “Specifying
LDAP Attributes for Voice Office Operations,” page 76.
You can define the dialing rules in Application Gateway to automatically
format the telephone numbers in the source directory to dial them as
follows:
• You can specify the number of digits to be dialed based on a specific
series within the telephone number. For example, you can specify that
only the last four digits of numbers beginning with "423500" should be
dialed. In that case, if the number in the directory is 423-500-0987, the
Voice Office application will dial 0987.
• You can specify the prefixes to be dialed with all numbers that are 3 to
5 digits, 6 to 7 digits, and 8 or more digits (as stored in the source
directory).
• You can specify an International Access Code number that will be
dialed before numbers recognized by Express Directory as being a
non- North American international number. As an example, you can
specify a trunk access code such as 9 and then the number 00 or 011.
• You can specify North American Access Code numbers that will be
dialed before numbers recognized by Express Directory as being an
North American telephone number. As an example, you can specify a
trunk access such as 9 or 6 and then the number 1.
• You can specify National Access Code numbers that will be dialed
before numbers recognized by Express Directory as being a National
number. As an example, you can specify a trunk access number such
as 9 and then the number 0.
86 Application Gateway Administration Guide
Chapter 5 LDAP/CSV Directory Configuration
Adding Dialing Rules
• You can specify Local Calling Access Code numbers dialed before
numbers recognized by Express Directory as being North American
seven digit telephone numbers. This can only be configured only for
North American sites. For example, a trunk access number, such as 9 can
be specified to be dialed before the directory number.
Number Directory
Classification Description Example Dial Example
Non North American Any number of +22 (0) 607 123 4567 0226071234567
International digits preceded by a
Number + n where n = 2
through 9
Eleven or more 22 (0) 607 123 4567 0226071234567
digits beginning
with 2 through 9
Non North American Any number of 0022 607 123 4567 0226071234567
00 Number. digits beginning
with a 00 and not
followed a 1.
Non North American Any number of 0607 123 4567 96071234567
National Number digits beginning 0*607 123 4567
with a 0 or a 0+ or a
011 011 607 123 4567
North American 001 Eleven digits 001302 1234567 913021234567
Number beginning with a
001.
North American + Eleven digits +1(302) 123-4567 913021234567
Number beginning with a +1 1523337704234 91523337704234
North American 1 Eleven digits 1302 1234567 913021234567
Number beginning with a 1
North American Ten digits beginning (607) 123 4567 916071234567
Number with 2 through 9.
North American Seven digits 765-4321 97654321
Local Numbers
Other Numbers Less than ten digits 7654 7654
not preceded by a + 299292929 292929292
and not seven digits.
Application Gateway Administration Guide 87
Chapter 5 LDAP/CSV Directory Configuration
Adding Dialing Rules
Note The above rules do not guarantee that valid numbers will be dialed
correctly.
The prefix specified in a dialing rule will precede the prefix specified for a
directory. For example, suppose that you have two directories, A and B. A
call to directory A requires the prefix “5” and a call to directory B requires
the prefix “6”. All calls require a “9” to be dialed first, so the dialing rule
specified on the IP Phone page is “9”. Thus, the number dialed for a call to
directory A would be “95number” and the number dialed for a call to
directory B would be “96number”.
Dialing rules are used by the Application Gateway when it looks up LDAP
information for Zone Paging and Broadcast Server. The Application
Gateway reconstructs the full number from the extension and the dialing
rules and then looks up the department for Zone Paging and the
department and user name for Broadcast Server.
To add dialing rules:
1 Go to the Operation > Voice Office > IP Phone page.
2 Scroll down to the Dialing Rules section.
3 If your telephone system does not need to dial the full telephone number
that is stored in a directory (perhaps for internal extensions), specify how
the number should be trimmed.
88 Application Gateway Administration Guide
Chapter 5 LDAP/CSV Directory Configuration
Synchronizing the Application Gateway with Your Directories
For example, numbers that are internal to your telephone system might be
stored in a directory as ten digits, yet only the last four digits should be
dialed to reach an internal extension. Enter the unique starting numbers of
those telephone numbers (such as the first six digits) and choose the
number of digits to be dialed (such as the last four digits).
4 Specify the following information:
– Dial Prefixes to use for 3 to 5 digit internal numbers.
– International Access Code
– North America Access Code
– National Access Code
– Local Calling Access Code
Use a comma (,), “p”, or “P” to insert a one-second pause. For example,
"9,1" or “9P1”.
5 Click Submit.
Synchronizing the Application Gateway with Your
Directories
Note This functionality does not apply if you configured the Application
Gateway to retrieve DNs from the IP Phone.
The Application Gateway stores information from your directories in
order to minimize the response time for directory requests. The attributes
stored are determined by the settings that you specify on the Operation >
Voice Office > Directory page.
When you submit changes to a directory source on the Directory page and
then restart the Application Gateway, the Application Gateway
automatically synchronizes with the LDAP server or uploads the specified
directory file in CSV format via FTP.
You should establish a schedule for synchronizing the Application
Gateway with your directories, based on the frequency and level of
changes in the directories. For example, use an update frequency of one
hour for a dynamic environment.
Application Gateway Administration Guide 89
Chapter 5 LDAP/CSV Directory Configuration
Synchronizing the Application Gateway with Your Directories
To schedule directory updates:
1 On the Operation > Voice Office > Directory page, choose a directory
from the Configure Source menu. You specify one directory update
schedule for all configured directories.
2 Choose a frequency from the Update Schedule menu.
3 If you chose Weekly or Monthly, choose the day of the week or month.
4 Choose a time from the Update Time menu.
We recommend that you perform changes to Voice Office application
settings or start synchronizations when use of the applications is at a
minimum, such as overnight.
5 Click Submit.
To synchronize the Application Gateway with a directory source
immediately:
1 Make sure that you have submitted all configuration changes made in the
Application Gateway Administration Tool and restarted the Application
Gateway.
2 Go to the Operation > Voice Office > Directory page and choose a
directory from the Configure Source menu.
3 Click Synchronize Now.
The Application Gateway will synchronize all directory sources.
Note: To check the status of the synchronization, view the Application Gateway
system log (Logging > System Log).
90 Application Gateway Administration Guide
Chapter 6
Broadcast Server Installation
Broadcast Server delivers alerts consisting of text, graphics, audio, and
soft keys to Nortel IP telephones.
Using a web-based interface to create alerts, the Broadcast Server user
targets the alerts for delivery to groups of telephones. The grouping of
subscribers (that is, telephones) is based on user-defined distribution lists.
The following topics describe Broadcast Server and provide installation
instructions:
Overview of Broadcast Server, page 92
Hardware and Software Overview, page 95
Software Server Requirements, page 95
Installing Broadcast Server Software, page 96
The installation instructions assume that you have completed the
configuration described in “Voice Office Configuration Requirements,”
page 47.
Application Gateway Administration Guide 91
Chapter 6 Broadcast Server Installation
Overview of Broadcast Server
Note: The Application Gateway distribution includes a document, Broadcasting
to Nortel Internet Telephones from a PC, that you can change as needed and
distribute to Broadcast Server users. Refer to the Broadcast Server User
Guide for detailed instructions.
Overview of Broadcast Server
The Broadcast Server requires the Application Gateway for operation.
While Broadcast Server provides an interface for creating and scheduling
alert delivery, the Application Gateway manages alerts and transforms
them for delivery to IP telephones using the UNIStim API. The
Application Gateway also provides Broadcast Server with device and
directory information and handles all communication with the IP
telephones, media servers, and directory servers.
Each Application Gateway must have enough licenses installed to
accommodate the phones to be registered to it. Unless there is a one-to-one
mapping between the Application Gateway and call server, the number of
licenses to be installed on each Application Gateway can be derived by
dividing the number of phones by the number of Application Gateways.
Network Deployment
Broadcast Server should be deployed on a standalone computer running
Microsoft Internet Information Services (IIS). While it is possible to install
Broadcast Server on a shared IIS server, that decision should be based on
the expected load of the server.
Note: Other Voice Office applications can be deployed on the Application
Gateway used with Broadcast Server.
If you install Broadcast Server on a web server that supports multiple web
sites, a Broadcast Server virtual directory will be created below the
primary site. For information on addressing this issue, see the
troubleshooting topic on “Broadcast Server,” page 163.
92 Application Gateway Administration Guide
Chapter 6 Broadcast Server Installation
Overview of Broadcast Server
Broadcast Server receives alert requests from PCs on your network.
Broadcast Server sends alert requests to the Application Gateway, which
handles alert scheduling and transmission to IP telephones. There is no
direct interaction between Broadcast Server and your IP telephones.
If you have a cluster of Application Gateways, a single Broadcast Server
broadcasts alerts across the entire cluster. Each Application Gateway in a
cluster is responsible for broadcasting alerts only to the devices registered
to it.
For more information about clusters, see “Broadcast Server Operation
with Clusters,” page 94.
Subscriber and Distribution List Source
When the Application Gateway detects that an IP telephone has come
online, the Application Gateway obtains from the IP telephone its MAC
address and uses that address to look up the phone’s extension in the IP/
DN map. The Application Gateway sends that information to Broadcast
Server where the information is used to update the subscriber list. The
Application Gateway sends the department information to Broadcast
Application Gateway Administration Guide 93
Chapter 6 Broadcast Server Installation
Overview of Broadcast Server
Server where it is used to update the distribution list. The Application
Gateway uses the phone extension to locate the associated department
name obtained from the configured LDAP and/or CSV directory sources.
For information on configuring the Application Gateway for the IP/DN
map, see “Specifying a Source for Phone IP-to-DN Mappings,” page 59.
Broadcast Server Operation with Clusters
Note: In this topic, the term Primary Application Gateway is used to refer to the
last Application Gateway in the cluster that registered with Broadcast
Server. All other Application Gateways in the cluster are referred to as
Secondary Application Gateways. This use of the terms Primary and
Secondary does not imply that clusters support failover for this release.
The Primary Application Gateway (the last server in the cluster that
registers with Broadcast Server) is the one that receives alerts from
Broadcast Server. That Application Gateway then pushes the alert to the
rest of the cluster, the Secondary Application Gateways.
Application Gateway failure impacts Broadcast Server as follows:
• When a Secondary Application Gateway in a cluster fails, the phones
registered to that Application Gateway will not be able to receive
broadcasts.
• When a Primary Application Gateway fails, communication from
Broadcast Server to the cluster is halted until one of the Secondary
Application Gateways re-registers with Broadcast Server. To re-
register an Application Gateway with Broadcast Server, restart the
Application Gateway.
For information on setting up a cluster, see “Creating an Application
Gateway Cluster,” page 42.
94 Application Gateway Administration Guide
Chapter 6 Broadcast Server Installation
Hardware and Software Overview
Hardware and Software Overview
Broadcast Server is a software-only solution requiring installation of the
server software on a computer running Microsoft Internet Information
Services.
Once installed on the IIS server, users may access Broadcast Server to
create and manage content to be distributed, via the Application Gateway,
to IP telephones.
Broadcasts are received in the order in which they are sent. If a phone is
busy, a broadcast is queued.
Software Server Requirements
Broadcast Server is a software component residing inside Microsoft
Internet Information Services. As such, the minimum requirements for
Broadcast Server are:
• 1 GHz Intel Pentium CPU with 256MB RAM and 50MB hard disk
space.
• Windows 2000 Server SP4, Windows XP Service Pack 2, or Windows
2003 Server SP1.
• Microsoft Internet Information Services (IIS) 5.0 for Windows 2000 or
Microsoft IIS 6.0 for Windows 2003 with ASP enabled; Windows XP
(limited).
Note: If your distribution list has 10 or fewer entries and you have a small
number of phones, you can also alternatively install BCS on
Windows XP and use Microsoft IIS 6.0 for Windows XP. A
limitation of Windows XP is that it cannot handle more than 10
concurrent requests. As a result, if this limit is exceeded, IIS will
not receive confirmations from the Application Gateway and thus
will send duplicate alerts to some subscribers. In addition,
Windows XP can subscribe only 10 phones at a time.
• ActiveX controls must be downloadable from the Web server.
• The server must have a static IP address.
• Microsoft Internet Explorer 5.0 or higher.
Application Gateway Administration Guide 95
Chapter 6 Broadcast Server Installation
Installing Broadcast Server Software
• The server must be configured to use the same NTP time server as the
Application Gateway.
Client requirements fall into two categories – users and subscribers
• Users: Microsoft Internet Explorer 5.0 or higher
• Subscribers: Supported Nortel IP telephones (refer to the Pre-
Installation Checklist for information on supported phones)
Installing Broadcast Server Software
No hardware installation is required for Broadcast Server. For information
on installing the Application Gateway, refer to the documentation
accompanying the Application Gateway.
The following topics describe installation:
Microsoft IIS Configuration, page 96
Broadcast Server Software Installation, page 98
Connecting the Application Gateway and Broadcast Server, page 99
Synchronizing the Broadcast Server and Application Gateway Clocks,
page 100
Confirming Installation and Configuration, page 100
Note: For information on upgrading Broadcast Server, refer to the Application
Gateway Release Notes.
Microsoft IIS Configuration
The only IIS services required for Broadcast Server operation are the IIS
Admin service and the World Wide Web Publishing service.
Note: The following items refer to the IIS Snap-in window. Open that window
as follows:
1. From the Windows Start menu, go to Control Panel > Administrative
Tools > Internet Information Services.
96 Application Gateway Administration Guide
Chapter 6 Broadcast Server Installation
Installing Broadcast Server Software
2. In the left frame, expand the entry for the computer where IIS is running
and then expand the Web Sites entry.
• The IIS Default Website must be listening on localhost. This can be
done either through configuring the Default Website to listen on “All
Unassigned” or by using the Advanced tab to add 127.0.0.1 to the
listening IP addresses as follows:
– In the IIS Snap-in window, right-click Default Web Site and
choose Properties.
– In the Properties dialog box, check the IP address setting. It should
be All Unassigned or 127.0.0.1.
• To ensure that Microsoft IIS will correctly handle a broadcast to 100 or
more subscribers, configure IIS to handle the maximum capacity
(more than 100,000 hits per day) as follows:
– In the IIS Snap-in window, right-click Default Web Site and
choose Properties.
– Click the Performance tab. For Performance, choose Unlimited or
1000 (Windows 2003 Server) or more than 100,000 (Windows 2000
Server).
• If you are using Windows 2003 IIS server, you must enable ASP.
(Without ASP enabled, you will receive a 404 error when attempting
to run the Broadcast Server Configuration Wizard.)
– In the IIS Snap-in window, enable ASP on the Performance tab.
• Set the Virtual Directory execute permissions:
– In the IIS Snap-in window, right-click BCS and choose Properties.
In the Virtual Directory tab, set the Execute Permissions to Scripts
and Executables.
– Note: If you later have trouble running the Broadcast Server
Configuration Wizard, you might need to lower the Application
Protection on the Virtual Directory tab.
• To start IIS, right-click Default Web Site and choose Start.
Application Gateway Administration Guide 97
Chapter 6 Broadcast Server Installation
Installing Broadcast Server Software
Broadcast Server Software Installation
The Broadcast Server installer is provided on a CD-ROM. Onscreen
prompts guide you through the required steps. Note that the credentials
requested are for Broadcast Server only.
To install the software:
1 On the device to be used as Broadcast Server, insert the Broadcast Server
CD-ROM in the CD drive.
2 If the installer does not start automatically, run setup.exe.
3 Follow the steps in the Setup Wizard.
Upon completion, the Setup program will open a browser window
displaying the Broadcast Server Configuration Wizard.
4 Follow the steps in the Configuration Wizard.
Use a static IP address for Broadcast Server.
Upon completion, the Configuration Wizard will open the Broadcast
Server administration window.
5 Log in and complete the items listed in the “Outstanding tasks” area on
the Broadcast Server home page. These steps include changing the
administrative password, defining groups and creating users.
98 Application Gateway Administration Guide
Chapter 6 Broadcast Server Installation
Installing Broadcast Server Software
Connecting the Application Gateway and Broadcast Server
To enable the Application Gateway to locate Broadcast Server, you need
to specify the route to Broadcast Server in the Application Gateway
Administration Tool. The Application Gateway communicates with
Broadcast Server server over port 9998.
To specify the Application Gateway route to Broadcast Server:
1 Make sure that the Application Gateway is running.
2 From a web browser, connect to the Application Gateway by entering the
URL:
https://ipAddress:adminPort
where:
- ipAddress is the IP address of your Application Gateway
- adminPort is the administration port of your Application Gateway (9001)
3 If a Security Alert dialog box appears, click Yes.
4 Click the Operation tab.
The Administration Tool login dialog appears.
5 Enter your administrative username and password for the Application
Gateway. The default is root/rootadmin.
6 Go to the Operation > Voice Office > IP Phone page.
7 Enter the following in the Broadcast Server Base URL field: http://
ipAddress/BCS.
That URL is the base URL where Broadcast Server is running.
8 Click Submit.
The Application Gateway registers with Broadcast Server so that the two
servers can communicate.
Note: After you reboot the Application Gateway, its system log indicates
whether the registration was successful:
bcs: AG Successfully Registered with BCS at http://bcs_ip/bcs
bcs: AG Registration Failed at http://bcs_ip/bcs HTTP Code 500
Application Gateway Administration Guide 99
Chapter 6 Broadcast Server Installation
Installing Broadcast Server Software
Synchronizing the Broadcast Server and Application Gateway
Clocks
The clocks on the Broadcast Server and Application Gateway must be
synchronized. If the time on the Broadcast Server is ahead of the time on
the Application Gateway, messages are sent to phones after the time
difference between the two. If the time of the Broadcast Server is behind
the time on the Application Gateway, no messages are sent.
The Application Gateway synchronizes with an NTP time server based on
the Time Zone and Time Server that you specify on the Administration >
Date page. Use an Internet Time Service tool to synchronize the Broadcast
Server with specified time server. For more information, refer to http://
tf.nist.gov/service/its.htm.
Confirming Installation and Configuration
To test your configuration:
1 From a web browser, connect to the Broadcast Server web-based interface
by entering the URL http://BCS_ipAddress/BCS.
2 To send a broadcast, you specify the distribution list(s) to receive the alert.
You work with automatically created distribution lists and custom
distribution lists as follows.
a. The Application Gateway supplies distribution lists to Broadcast
Server from the departments defined in the LDAP and/or CSV
directory sources specified on the Application Gateway
Administration Tool Operation > Voice Office > Directory page. You
can verify the members of a distribution list on the Broadcast Server
Managed Distribution List page.
b. You can use the Manage Distribution List page to create a distribution
list and add subscribers to it.
3 In Broadcast Server interface, click Alerts to create a text alert and send it
to one or more distribution lists. Verify that the alert is retrieved correctly
by the telephone(s).
4 Create a graphic alert and send it to one or more groups. Verify that the
alert is retrieved correctly by the telephone(s).
100 Application Gateway Administration Guide
Chapter 6 Broadcast Server Installation
Installing Broadcast Server Software
5 Delete the test alerts created in the previous steps.
Broadcast Server is now ready for production. You can begin posting
alerts.
Application Gateway Administration Guide 101
Chapter 6 Broadcast Server Installation
Installing Broadcast Server Software
102 Application Gateway Administration Guide
Chapter 7
Zone Paging Configuration
Zone Paging enables organizations to leverage their IP telephony systems
as a conduit for voice paging, without the expense of installing overhead
paging systems. Because Zone Paging uses Nortel IP telephones as
speakers and supports SIP speakers, there is no need for the wiring
required by traditional overhead paging systems.
Zone Paging enables users of supported IP telephones to send and receive
pages.
The following topics describe how to configure the connection and
operation of Zone Paging for Nortel IP telephones:
Overview of Zone Paging, page 104
Network Deployment, page 105
Zone List Source, page 105
Paging Setup and Operation with Clusters, page 106
Managing Paging Zones, page 107
The configuration instructions assume that you have completed the IP
phone and SIP speaker configuration described in “Voice Office
Configuration Requirements,” page 47.
Note: The Application Gateway distribution includes a document, Using
Zone Paging on Nortel Internet Telephones, that you can change as
needed and distribute to IP phone users.
Application Gateway Administration Guide 103
Chapter 7 Zone Paging Configuration
Overview of Zone Paging
Overview of Zone Paging
Zone Paging enables you to improve internal communications through an
easy to configure and use solution. With a few simple button presses, your
IP phone users can quickly make general announcements or emergency
broadcasts. IP phone users are restricted to paging only the phones that
belong to the same zones as the user. Pages are preceded by an alert tone.
The Application Gateway can import paging zones from a directory server
(LDAP or CSV-formatted file). You can supplement those zones by
creating custom zones from the extensions supplied by the phones or by
the call server (when the Application Gateway obtains the IP/DN map
from the call server). If the call server is unavailable during a scheduled
update, the last available mapping is used.
You can specify zone paging permissions for each extension that you add
to a custom zone. You cannot change the default zone paging permission
(Send and Receive) on imported paging zones. An extension can send and
receive pages or can be restricted to sending or receiving only.
Zone Paging operation interacts with the IP telephone as follows:
• A page is blocked if the phone audio is busy. For example, a page is
blocked if the phone user is:
– On a call.
– Sending a page.
If the phone user has placed or received a call and puts the call on
hold, the user will not receive pages until about 40 seconds of hold
time elapse. If a user is placed on hold by another caller, the user will
not receive pages.
• A page is interrupted if the phone user:
– Answers or makes a call.
– Starts listening to an audio-based application.
• To send a page, a phone user selects a zone and then starts the page.
While a zone is selected, it is locked for 10 seconds so that no other
user can page to it. If the phone user does not start recording the page
before ten seconds elapse, the zone is freed and the user will need to
select it again to page.
104 Application Gateway Administration Guide
Chapter 7 Zone Paging Configuration
Network Deployment
If you start a page and then hang up, the page zone is freed after 5
seconds. If you start a page and then cancel it from the menu, the page
zone is immediately freed.
A phone user can put a call on hold to send a page, after about 40
seconds of wait time.
Network Deployment
If you have a cluster of Application Gateways, a zone can consist of
devices registered to any Application Gateway in the cluster. Thus phones
can page across the Application Gateways in a cluster. Each Application
Gateway in a cluster is responsible for paging only the devices registered
to it. For more information on clusters, see “Paging Setup and Operation
with Clusters,” page 106.
Zone List Source
Extensions in the IP/DN map are available to the administrator for the
creation of custom zones. The Application Gateway obtains that
information directly from the phones and SIP speakers, or, in the case of
IP phones using Nortel Communication Server releases older than 5.0,
from the call server.
The Application Gateway also imports departments from the Directory
server to create a zone for each department. The Application Gateway
synchronizes with those servers and manages IP phone requests to send
pages. The Application Gateway does not support special characters in
zone names.
Application Gateway Administration Guide 105
Chapter 7 Zone Paging Configuration
Paging Setup and Operation with Clusters
Paging Setup and Operation with Clusters
When you add an Application Gateway to a cluster, the zones on that
Application Gateway are replaced by the cluster-wide zone list. Therefore,
when you configure Zone Paging for a cluster it is best to follow these
general steps:
1. Configure each Application Gateway to be included in the cluster.
That configuration must include specification of the IP address-to-DN
mapping source, as described in “Configuring Phone IP Address
Mapping,” page 61. The following steps apply to all IP/DN sources.
If you want to use multicasting, be sure to configure it, as described in
“Enabling Multicasting for Zone Pages,” page 66.
2. Add all member Application Gateways to the cluster.
3. Synchronize all Application Gateways in the cluster.
4. If IP/DN mapping is obtained from a call server, synchronize each
Application Gateway with its associated call server.
5. Create the zones to be used by the cluster.
Zone Paging operation with a cluster is the same as with a single
Application Gateway, except as follows:
• For zone paging across a cluster, multicasting must be enabled on the
router and each Application Gateway must have a different multicast
IP address range specified on the Operation > Voice Office > IP Phone
page of the Administration Tool
• The Application Gateway that initiates a page is responsible for
pushing paging requests such as “start page” and “end page” to the
rest of the cluster.
• On receiving a “start page” request, an Application Gateway confirms
whether the zone is available (not in use). If an Application Gateway
does not reply to a “start page” request, the page is not pushed to that
Application Gateway (it is likely offline).
• Once a page starts, each cluster member listens for RTP traffic on the
RTP port. Each cluster member forwards the page to its registered
phones and manages paging operation for its registered phones.
106 Application Gateway Administration Guide
Chapter 7 Zone Paging Configuration
Managing Paging Zones
Managing Paging Zones
When configured to import zones from LDAP, Zone Paging uses the
LDAP settings configured on the Directory page of the Administration
Tool. When the Application Gateway synchronizes with your directory
server, it populates a list of available zones based on the LDAP
"department" attribute. You can view the extensions in these imported
zones, but cannot change them. You can also add custom paging zones,
using the extensions obtained from the IP/DN map. An extension can be
included in multiple zones.
The following topics describe how to manage paging zones:
Viewing Extensions in an Imported Zone, page 107
Adding and Changing Custom Zones, page 108
Viewing Extensions in an Imported Zone
The zones that are imported from LDAP consist of the extensions
associated with each "department" record. You can view, but not change,
the extensions included in an imported zone. Imported zones are updated
when the Application Gateway synchronizes with the LDAP server. If a
device’s license status is changed to Denied in the License Monitor, the
extension remains in the zone so that you do not have to re-add it to the
zone if the license for that device is restored.
To view the extensions in an imported zone:
1 In the Administration Tool, go to Operation > Voice Office > Paging.
2 Click Edit Zone across from a zone name to view details.
Application Gateway Administration Guide 107
Chapter 7 Zone Paging Configuration
Managing Paging Zones
Adding and Changing Custom Zones
When you add a custom zone, you specify each extension that is to be a
member of the zone and specify its paging permissions (Send and Receive,
Send Only, or Receive Only). You can change a custom zone by adding or
deleting its member extensions and changing paging permissions. The list
of available extensions is updated when the Application Gateway(s)
receive information directly from the devices or synchronize with the
signaling and call servers to update the IP/DN map.
If a device’s license status is changed to Denied in the License Monitor, the
extension is removed from the list of available zones. If an extension is no
longer used, it is not automatically removed from zones, as the system has
no way to determine if the extension is temporarily or permanently out of
use. Use Operation > Voice Office > Paging to remove unneeded
extensions from a zone.
To add a paging zone:
1 In the Administration Tool, go to Operation > Voice Office > Paging.
2 Specify the timeout values for paging and then click Set Timeout.
• Max Timeout is the maximum number of seconds that Zone Paging
audio will stay busy. This setting safeguards against the situation in
which a user starts a page and then leaves the phone off-hook.
• Idle Timeout works with a phone speaker’s noise threshold detection.
If a speaker picks up only background noise during a page, the phone
stops sending audio traffic to the Application Gateway. The
Application Gateway waits until the Idle Timeout elapses before
ending the page.
108 Application Gateway Administration Guide
Chapter 7 Zone Paging Configuration
Managing Paging Zones
3 By default, Zone Paging imports zones from LDAP based on the settings
configured on the Operation > Voice Office > Directory page. To import
zones, select the checkbox for Import Zones from LDAP and click Import.
4 To add a custom zone, click Add Zone.
5 To begin adding extensions to a zone, click Start Adding Extensions.
The first screenful of extensions appear in the Extensions in Zone list. To
see more extensions, scroll to the bottom of the list and click a page
number link.
6 To filter the extensions list, enter a filter, using * as a wildcard, in
Extension List Filter. For example, to see only the extensions that start
with 80, enter 80*.
The Extensions in Zone list refreshes to show the filtered extensions.
7 Enter a name for the zone. Limit zone names to 33 characters. The
Application Gateway does not support special characters in zone names.
Note If you create a zone name with unsupported characters, delete that
zone and add a new one with valid characters.
Application Gateway Administration Guide 109
Chapter 7 Zone Paging Configuration
Managing Paging Zones
8 The paging permission for an extension defaults to Send and Receive. To
change the paging permission for extensions, select the checkbox for each
extension and choose a paging permission from Set selected extensions
to.
9 To include the zone in the Voice Office menu, select the checkbox for each
extension to include the zone, and then select Yes from Default Zone.
10 Select the checkbox of all extensions to appear in the zone and then click
Add Selected Extensions.
11 To add more extensions to the zone, change the Extension List Filter,
change the Send/Receive and Default Zone settings as needed, select the
extensions to be included, and click Add Selected Extensions.
12 When you have completed adding members to the zone, click Finished
Adding Extensions.
All extensions that you added to the zone appear.
13 Make further changes as needed and then click Finished Editing Zone.
14 Go to Operation > Voice Office > Paging and click Submit to restart the
server, causing the devices to update.
To change a zone:
1 Go to Operation > Voice Office > Paging.
2 Locate the zone name that you want to change and click Edit Zone.
3 To remove an extension, select the checkbox for the extension and click
Remove Extensions.
4 To add an extension, click Add Extensions to Zone, filter the list as needed
and select the checkbox for each extension to add. Click Add Selected
Extensions.
5 To change the paging permission for an extension, select the checkbox for
the extension and choose a paging permission.
110 Application Gateway Administration Guide
Chapter 7 Zone Paging Configuration
Managing Paging Zones
6 When you have completed changing the extensions and zone, click
Finished Adding Extensions and then click Finished Editing Zone.
7 Go to Operation > Voice Office > Paging and click Submit to restart the
server, causing the devices to update.
To delete a paging zone:
1 On Operation > Voice Office > Paging, select the checkbox of each zone
that you want to delete, and then click Delete Selected.
2 Go to Operation > Voice Office > Paging and click Submit to restart the
server, causing the devices to update.
Application Gateway Administration Guide 111
Chapter 7 Zone Paging Configuration
Managing Paging Zones
112 Application Gateway Administration Guide
Chapter 8
Configuring Access Services
You can make Access Services available to Voice Office or Guest
Services users.
The following topics describe considerations for building an
Access Services solution and configuration steps:
Planning Access Services, page 113
Configuring Access Services, page 115
Web Services Specifications and Testing, page 118
Example Web Application, page 126
Planning Access Services
The designers who provide the content to be displayed in Access
Services will need to consider the display size and characteristics of
the Nortel IP Phone 2007. The following information is intended to
help you, designers, and Web application developers to plan
Access Services content:
• Images must be sized appropriately for the phone screen.
Images in PNG format are recommended.
Note: See “Web Services Specifications and Testing,” page 118 for
details. The configuration procedures assume that the
Access Services application is already located on a Web
server than has network access to the Application Gateway.
• Images with dark backgrounds tend to look better on the phone
screen.
• When choosing a color palette for images, keep in mind that the
phone screen supports up to 16-bit color. Be sure to coordinate
the background color with the image color.
Application Gateway Administration Guide 113
Chapter 8
Planning Access Services
• When including text in content, consider your international
customers.
Deployment Workflow
The following general steps describe a deployment workflow for Access
Services.
Workflow Related Documentation
1. Provide information to the designers who “Web Services Specifications and Testing,”
will provide the Web-based application. page 118 and “Example Web Application,”
page 126
2. Complete the Application Gateway Application Gateway Pre-Installation Checklist
Pre-Installation Checklist.
Application Gateway Administration Guide
3. Install the Application Gateway Application Gateway Pre-Installation Checklist
hardware and perform the basic
Application Gateway Quick Start Guide
Application Gateway configuration.
Application Gateway Hardware Installation
Guide
4. Install the Guest Services or Voice Office Application Gateway Administration Guide
license.
5. Configure Access Services. Application Gateway Pre-Installation Checklist
6. Optionally, install and configure Application Gateway Pre-Installation Checklist
Broadcast Server.
Application Gateway Administration Guide
114 Application Gateway Administration Guide
Chapter 8
Configuring Access Services
Configuring Access Services
An Access Services solution requires the following configuration.
Note: These steps assume that the Application Gateway and appropriate
licenses are already installed and that communications between the
Application Gateway and IP phones are configured according to the
Application Gateway Administration Guide.
1 A site’s Web server to be used for Access Services applications should
have a properly signed digital certificate from a well-known Certificate
Authority (CA) such as VeriSign or Thawte. The Application Gateway
does not validate certificates for Web applications, so it is the
responsibility of the administrator to point the Application Gateway to
trusted Web sites.
2 By default, the Application Gateway is configured to deliver Voice Office
applications (including Access Services) to IP phones. To make Access
Services available with Guest Services, go to Operation > General and set
the Default URL to Guest Voice Service.
3 If you are using Access Services with Guest Services, go to the Operation
> Guest Services > Global page and configure the following:
a. Choose Access Services as the Screen type. (You can also link to
Access Services by specifying the Access Services URL for a slide or
button, as described in “Configuring the Slideshow Panel,” page 17
and “Configuring the Button Panel,” page 20.)
b. Specify the FTP server and schedule for the activity reports for Guest
Services and Access Services.
Application Gateway Administration Guide 115
Chapter 8
Configuring Access Services
4 To configure Access Services:
a. Go to the Operation > Access Services page.
b. The Default URL for the Web server running the phone application, in
the form:
http://site.com/path/page
If you are using Access Services with Voice Office, there are two
variables you can use in the URL to enable your application to provide
user-specific information from your LDAP or CSV directory source:
%ext and %name. %ext returns the phone extension and %name
returns the user name from the directory source. If the person is not in
the directory, %ext returns the phone extension and %name returns
the string "User". For example:
http://myapp.com/RoomControls.asp?%ext%name
That URL is converted by the Application Gateway and passed to the
application as:
http://myapp.com/RoomControls.asp?ext=number?name=name
116 Application Gateway Administration Guide
Chapter 8
Configuring Access Services
If you are using Access Services with Guest Services, there are two
variables you can use in the URL to enable your application to provide
room-specific information from a hospitality system: %room and
%guest. If you are using a hospitality system, %room returns the room
number and %guest returns the name of the guest from the hospitality
system. If you are not using a hospitality system, %room returns the
phone extension and %guest returns the string "Guest". For example:
http://myapp.com/RoomControls.asp?%room%guest
That URL is converted by the Application Gateway and passed to the
application as:
http://myapp.com/RoomControls.asp?room=number?guest=name
c. Enter the destination URL for posting card reader data.
d. Use the hidden field name credit_card[creditcard].
e. Enter the inactivity timeout, which is the maximum amount of time
that a page will display (with no activity) before the screen returns to
the Default Access Services URL or the Timeout URL, as follows:
– To disable the timeout feature, so that a screen continues to
display until the user takes action, enter an Inactivity Timeout
value of 0.
– To time out to the Default Access Services URL, enter for
Inactivity Timeout the number of seconds that a page will display
before the screen changes to the Default Access Services URL.
– To time out to the Timeout URL, enter for Inactivity Timeout the
number of seconds that a page will display before the screen
changes to the Timeout URL (which you must also enter).
Application Gateway Administration Guide 117
Chapter 8
Web Services Specifications and Testing
5 To select the screen size and security mode, go to the Operation > General
page and select an option from the GXAS Mode menu.
Secured Full Screen GXAS Mode is recommended for Access Services. It is
also possible to use Full Screen GXAS Mode, which is not secured. The
GXAS Ports must be set to 443 for secured mode or 44443 for non-secured
mode.
Web Services Specifications and Testing
The following information is for Web designers and developers who
create HTML-based applications for Access Services:
118 Application Gateway Administration Guide
Chapter 8
Web Services Specifications and Testing
Web Pages and Images, page 119
Supported HTML Tags, page 120
Supported HTTP 1.1 Features, page 121
CSS Properties Supported, page 123
URL Syntax for Telephony Operations, page 124
Card Reader Data Retrieval Calls, page 125
Web Application Emulator for Access Services, page 125
Web Pages and Images
Note: When you update a Web application, you must restart the Application
Gateway.
• Be sure to follow W3C specifications and best practices for creating
web pages. Useful resources include the following:
http://www.w3.org/Style/CSS/
http://www.w3.org/MarkUp/
http://www.w3.org/Protocols/
• In general, all HTML and ASP features and functions will work in the
IP Phone 2007 web browser.
• For the IP Phone 2007 screen, web pages must be 240 pixels high by 220
pixels wide. If a page is smaller, the phone screen background fills in
the extra space. If a page is larger, the IP Phone 2007 will not display
the portion of the page that is outside of the boundary. Use links (<a>
tags), instead, for navigation.
Note that the IP Phone 2007 screen is slightly larger than the maximum
displayed image size. A small area at the bottom of the screen (14
pixels high) is reserved for display of a security icon when the phone
is secured with TLS.
• Images must be GIF, JPEG, or PNG. PNG is recommended. Follow
these guidelines for optimizing your application:
Application Gateway Administration Guide 119
Chapter 8
Web Services Specifications and Testing
– The ideal maximum image width is 193 pixels. Keeping images as
small as possible reduces the time needed to display a page in the
IP Phone 2007 web browser.
– Size the images to their exact display dimensions. Not doing so
increases the amount of data that the Application Gateway must
cache and load, thus reducing capacity.
– Specify the height and width of all images in the HTML. Not doing
so slows processing, thus reducing capacity.
– If your site includes several individual images used as links,
consider combining the images into one image map. Typically, if
an image map is smaller in size than the sum of the individual
images, the download speed increases.
• If your Web pages contain common design elements (headers, footers,
buttons) across two or more pages, you can reduce the traffic to the
screen by placing those common elements in exactly the same position
on each page. (The Application Gateway only updates the areas of the
screen that change from page to page.)
• Input fields can be a maximum of 26 characters.
• Web pages must use the UTF-8 character set.
• Use CSS styles to set font sizes smaller so that more text fits on the
screen.
• Arabic and Chinese text might not be accurately justified or
word-wrapped. You can improve the formatting by inserting line
breaks (<br />) and non-breaking spaces (&#nbsp;) into the
UNICODE source file.
• Chinese text should not be presented in Bold or Strong fonts. The
resulting characters are difficult to read on the phone.
• The Chinese character for the word “or” (或) must be followed
by a non-breaking space (&#nbsp;).
Supported HTML Tags
All HTML 4.0 tags except BDO, which overrides text direction, are
supported.
120 Application Gateway Administration Guide
Chapter 8
Web Services Specifications and Testing
The use of Microsoft Internet Explorer proprietary extensions can cause
rendering problems. To determine if an HTML document is valid or to
check for Microsoft Internet Explorer proprietary extensions, use a content
verification tool, such as the following:
HTML Tidy (http://www.w3.org/People/Raggett/tidy/)
W3C Markup Validation Service (http://validator.w3.org/)
Supported HTTP 1.1 Features
• Request Methods:
GET
POST
• Status Codes:
RFC 2616 Status
Reference Code Reason Phrase
10.1.1 100 Continue
10.2.1 200 OK
10.3.1 300 Multiple Choices
10.3.2 301 Moved Permanently
10.3.3 302 Found
10.3.4 303 See Other
10.3.5 304 Not Modified
10.3.6 305 Use Proxy
10.4.1 400 Bad Request
10.4.2 401 Unauthorized
10.4.3 402 Payment Required *
10.4.4 403 Forbidden
10.4.5 404 Not Found
10.4.6 405 Method Not Allowed *
10.4.7 406 Not Acceptable *
10.4.8 407 Proxy Authentication Required
Application Gateway Administration Guide 121
Chapter 8
Web Services Specifications and Testing
RFC 2616 Status
Reference Code Reason Phrase
10.4.9 408 Request Timeout *
10.4.10 409 Conflict *
10.4.11 410 Gone *
10.4.12 411 Length Required *
10.4.13 412 Precondition Failed *
10.4.14 413 Request Entity Too Large *
10.4.15 414 Request-URI Too Long *
10.4.16 415 Unsupported Media Type *
10.4.17 416 Request Range Not Satisfiable *
10.4.18 417 Expectation Failed *
10.5.1 500 Internal Server Error *
10.5.2 501 Not Implemented *
10.5.3 502 Bad Gateway *
10.5.4 503 Service Unavailable *
10.5.5 504 Gateway Timeout *
10.5.6 505 HTTP Version Not Supported *
* Erroracknow ledged.
122 Application Gateway Administration Guide
Chapter 8
Web Services Specifications and Testing
CSS Properties Supported
The following CSS properties are supported by the browser used for
Access Services. No other CSS attributes are supported.
background background-attachment background-color
background-image background-position background-repeat
border border-bottom border-bottom-color
border-bottom-style (solid border-bottom-width border-color
border only)
border-left border-left-color border-left-style (solid border
only)
border-left-width border-right border-right-color
border-right-style (solid border-right-width border-spacing
border only)
border-style (solid border border-top border-top-color
only)
border-top-style (solid border border-top-width border-width
only)
bottom clear clip
color content (strings, counters) counter-increment
counter-reset cursor display
float font font-family
font-size font-style font-weight
height left line-height
list-style-type margin margin-bottom
margin-left margin-right margin-top
outline outline-color outline-style (solid, dotted,
dashed)
outline-width padding padding-bottom
padding-left padding-right padding-top
page-break-after page-break-before page-break-inside
Application Gateway Administration Guide 123
Chapter 8
Web Services Specifications and Testing
position right text-align
text-decoration text-indent top
vertical-align visibility white-space (normal,
nowrap)
width z-index
URL Syntax for Telephony Operations
• The URL for opening the telephony screen has the following syntax:
<A name="TPS" href="telephony">linkTextImage</A>
<A name="TPS" onclick="telephony">linkTextImage</A>
where linkTextImage is either the text to display as the link or an image
reference.
• The URL for a dial command has the following syntax:
<a href="dest_page" name="dial:914087908357"
onclick=function_to_execute>Customer Care</a>
The Application Gateway handles that URL as follows:
– It requests from the site’s Web server the Web page specified by
the href attribute.
– It sends to the phone a command to dial the number specified with
the dial attribute.
• The URL for dialing a number in a text box by clicking a button has the
following syntax. The id for the text box must be "phone_number"; the
id for the button must be "call_number".
<input id="phone_number" name="phonenumber" size="10" type="text"
/>
<input id="call_number" name="call" type="submit"
value="buttonLabel" class="style"/>
In this example, when the user clicks the button labeled Call, the
number entered in the text field is sent to the phone for dialing:
<input id="phone_number" name="phone2" size="10" type="text" />
<input id="call_number" name="call" type="submit" value="Call"
class="buttons"/>
124 Application Gateway Administration Guide
Chapter 8
Web Services Specifications and Testing
• To return to the default Access Services URL, Web developers should
use: <a href="dial:Menu"></a>. (That URL returns the usre to the
Guest Services menu if the server is configured for Guest Services.)
Card Reader Data Retrieval Calls
When a user swipes a card, Access Services sends the card data to the Card
Data Post URL defined in the Operation > Guest Services > Access
Services page. Also defined on that page is the Hidden Field Name
credit_card[creditcard] which contains the card data for a particular
transaction.
The card reader data is posted as shown in the following example:
https://10.217.92.35/hsbc/swipe?credit_card%5Bcreditcard%5D=%25B554619
8727915003%5ERAO+RAMJI++++++++++%5E071110119442++++++++++803++++++%3F%
3B5546198727915003%3D07111011944280300000%3F
To retrieve the card reader data, use any of the following calls:
• ASP
Request.QueryString("credit_card[creditcard]")
• PHP
$_GET["credit_card[creditcard]"];
• JSP
request.getParameter("credit_card[creditcard]");
Web Application Emulator for Access Services
Access Services includes a web application emulator that can be used to
validate Application Gateway settings, phone settings, and
communication between phones and the Application Gateway when
deploying web services applications of all kinds. The emulator can also be
used for basic validation of the card reader operation.
The web application emulator can be used with any of the GXAS screen
modes selected on the Operation > General page.
The web application emulator performs these functions:
1. Displays a secure Access Services web site and presents a valid
certificate to clients.
Application Gateway Administration Guide 125
Chapter 8
Example Web Application
All pages in the web site include a link that returns the phone to the
telephony system. All pages include the secure logo that is displayed
by Nortel phones running in TLS mode.
2. Displays a welcome page where the user can select a language
preference.
3. Displays a page, in the selected language, that invites the use to swipe
a card. Although the emulator contains this prompt, it is not necessary
for operation. Access Services listens for card swipes.
4. Validates the card ID entered against a small database of card IDs and
displays data for the swiped card.
5. If the card is valid, the emulator displays a page with links to phone
numbers. A user can place a call by clicking a link.
If the user does not respond to a prompt before the time-out period, the
emulator displays a time-out page and then returns to the welcome page.
The default URL for the emulator is:
https://ag_IP:5005/webemulator
The post URL is:
https://ag_IP:5005/webemulator/swipe
Example Web Application
This topic contains an example hotel/casino web application which you
can use as a general model for building web applications for the IP Phone
2007. The example application includes a home page with links to a variety
of services that a guest could use on the phone. The examples incorporate
ASP components for the following features:
• Text field input
• Checkbox selection
• Form processing
• SMTP messaging
• Display of content from external websites and RSS feeds
• File operations such as read, load, parse, and save
126 Application Gateway Administration Guide
Chapter 8
Example Web Application
The following topics contain the HTML and ASP code needed for each
page of the example web application:
Home Page, page 127
Room Service Order, page 128
Concierge Service Request, page 131
Flight Status, page 134
Daily Bulletin, page 137
RSS News Feed, page 139
Home Page
In the example web application, the following home page appears when
the phone is idle. A guest uses the IP Phone 2007 stylus to select menu
items.
HTML code for the home page
The home page uses simple HTML elements to display the menu
(comprised of images) and link to the ASP page corresponding to each
menu item.
<html>
<body>
<TABLE BORDER>
<TR> <TD WIDTH="200">
<a href="home_demo.asp">
<img border="0" src="versailles.jpg" />
</a>
<br />
<a href="roomservice.asp">
<img border="0" src="roomservice.jpg" />
</a>
<br />
<a href="concierge.asp">
Application Gateway Administration Guide 127
Chapter 8
Example Web Application
<img border="0" src="concierge.jpg" />
</a>
<br />
<a href="flights.asp">
<img border="0" src="flights.jpg" />
</a>
<br />
<a href="dailybulletin.asp">
<img border="0" src="dailybulletin.jpg" />
</a>
<br />
<a href="rss2html.asp">
<img border="0" src="rssfeed.jpg" />
</a>
</TD>
</TR>
</TABLE>
</body>
</html>
Room Service Order
A guest uses the IP Phone 2007 stylus to fill in name and room number and
to select options. After the guest taps the Submit button, the web
application creates an email with the information and sends the email to
room service.
128 Application Gateway Administration Guide
Chapter 8
Example Web Application
HTML/ASP code for the room service order
This page uses the following ASP components: text field input, checkbox
selection, form processing, and SMTP messaging.
<html>
<body>
<TABLE BORDER>
<TR> <TD WIDTH="220">
<FONT SIZE="1" face="Arial Narrow">
<a href="home_demo.asp">
<img border="0" src="versailles.jpg" />
</a> <br />
<form action="roomservice.asp" method="post">
Your name: <input type="text" name="fname" size="26" /><br />
Your room: <input type="text" name="room" size="26" /><br />
<p>Please make your selection:</p>
<input type="checkbox" name="order" value="Shrimp Cocktail"
Application Gateway Administration Guide 129
Chapter 8
Example Web Application
<%if instr(order,"Shrimp Cocktail") then
Response.Write("checked")%> />
Shrimp Cocktail
<br />
<input type="checkbox" name="order" value="New York Steak"
<%if instr(order,"New York Steak") then
Response.Write("checked")%> />
New York Steak
<br />
<input type="checkbox" name="order" value="Lobster Tail"
<%if instr(order,"Lobster Tail") then
Response.Write("checked")%> />
Lobster Tail
<br />
<input type="submit" value="Submit" />
</form>
<hr />
<%
dim fname
fname=Request.Form("fname")
dim room
room=Request.Form("room")
dim order
order=Request.Form("order")
If room<>"" Then
Set myMail=CreateObject("CDO.Message")
myMail.Subject="Room Service Order from Room " + room
myMail.From=" [email protected] "
myMail.To=" [email protected] "
myMail.TextBody=fname + " in room " + room + " would like: " +
order
myMail.Send
set myMail=nothing
Response.Write("Order Placed!")
End If
%>
</FONT>
</TD>
</TR>
130 Application Gateway Administration Guide
Chapter 8
Example Web Application
</TABLE>
</body>
</html>
Concierge Service Request
A guest uses the IP Phone 2007 stylus to fill in name and room number and
to briefly describe the request. After the guest taps the Submit button, the
web application creates an email with the information and sends the email
to the concierge.
Application Gateway Administration Guide 131
Chapter 8
Example Web Application
HTML/ASP code for the concierge service request
This page uses the following ASP components: text field input, form
processing, and SMTP messaging.
<html>
<body>
<TABLE BORDER>
<TR> <TD WIDTH="220">
<FONT SIZE="1" face="Arial Narrow">
<a href="home_demo.asp">
<img border="0" src="versailles.jpg" />
</a> <br />
<form action="concierge.asp" method="post">
Name:<br /> <input type="text" name="fname" size="26" /><br />
Room:<br /> <input type="text" name="room" size="26" /><br />
Request:<br /> <input type="text" name="req" size="26" /><br />
<input type="submit" value="Submit" /><br />
</form>
132 Application Gateway Administration Guide
Chapter 8
Example Web Application
<hr />
<%
dim fname
fname = Request.Form("fname")
dim room
room = Request.Form("room")
dim req
req = Request.Form("req")
If Request.Form("req")<>"" Then
Set myMail=CreateObject("CDO.Message")
myMail.Subject="Concierge Request from room " + room
myMail.From="[email protected]"
myMail.To=" [email protected] "
myMail.TextBody=fname + " in room " + room + " would like: " +
req
myMail.Send
set myMail=nothing
Response.Write("Concierge will fulfill your request shortly")
End if
%>
</FONT>
</TD>
</TR>
</TABLE>
</body>
</html>
Application Gateway Administration Guide 133
Chapter 8
Example Web Application
Flight Status
A guest uses the IP Phone 2007 stylus to fill in the date, airline code, and
flight number. After the guest taps the Submit button, the web application
builds a URL to query the flight status web page. The web application
reports the flight status response (on time, minutes delayed, or does not
exist).
HTML/ASP code for the flight status
This page uses the following ASP components: text field input, form
processing, display of content from an external website, and save, load,
and parse file operations.
<html>
<body>
<TABLE BORDER>
<TR> <TD WIDTH="220">
<FONT SIZE="1" face="Arial Narrow">
<a href="home_demo.asp">
<img border="0" src="versailles.jpg" />
</a>
<br />
<form action="flights.asp" method="post">
Date:<br />
<input type="text" name="date" size="26" value="" />
<br />
Airline Code:
<input type="text" name="airline" size="26" value="" />
<br />
Flight Number:
<input type="text" name="flight" size="26" value="" />
134 Application Gateway Administration Guide
Chapter 8
Example Web Application
<br />
<input type="submit" value="Submit" />
</form>
<%
dim theDate
theDate = Request.Form("date")
dim theCode
theCode = Request.Form("airline")
dim theNum
theNum = Request.Form("flight")
dim theURL
theURL =
"http://www.flightstats.com/go/FlightStatus/flightStatusByFlight.do?ai
rline=" + theCode + "&flightNumber=" + theNum + "&departureDate=" +
theDate + "&x=12&y=13"
if theDate <>"" then
dim fs, f
set fs=Server.CreateObject("Scripting.FileSystemObject")
set
f=fs.CreateTextFile("C:\Inetpub\wwwroot\accessservices\versailles\
flights.txt",true)
' Url of the webpage we want to retrieve
thisURL = + theURL
' Creation of the xmlHTTP object
Set GetConnection = CreateObject("Microsoft.XMLHTTP")
' Connection to the URL
GetConnection.Open "get", thisURL, False
GetConnection.Send
' ResponsePage now have the response of
' the remote web server
ResponsePage = GetConnection.responseText
' We write out now
' the content of the ResponsePage var
' Response.write (ResponsePage)
f.Write(ResponsePage)
Set GetConnection = Nothing
Application Gateway Administration Guide 135
Chapter 8
Example Web Application
f.Close
Set f=Nothing
Set fs=Nothing
Set fs=Server.CreateObject("Scripting.FileSystemObject")
Set f=fs.OpenTextFile(Server.MapPath("flights.txt"), 1)
dim current
current = ""
dim delayed
delayed = ""
do while f.AtEndOfStream = false
current = f.ReadLine
DIM strPosition_ontime
if strPosition_ontime = 0 Then
strPosition_ontime = InStr(1, current,
"/images/ontime.png", 1)
End if
DIM strPosition_delayed
if strPosition_delayed = 0 Then
strPosition_delayed = InStr(1, current, "/images/delayed",
1)
if strPosition_delayed <> 0 Then
f.readLine
delayed = f.ReadLine
End if
End if
loop
if strPosition_ontime <> 0 then
response.write(theCode + " " + theNum + " is on time.")
end if
if strPosition_delayed <> 0 then
response.write(theCode + " " + theNum + " is " + delayed + ".")
end if
if strPosition_onTime = 0 then
136 Application Gateway Administration Guide
Chapter 8
Example Web Application
if strPosition_delayed = 0 then
response.write(theCode + " " + theNum + " was not found.")
End if
End if
f.Close
Set f=Nothing
Set fs=Nothing
End if
%>
</FONT>
</TD>
</TR>
</TABLE>
</body>
</html>
Daily Bulletin
A guest uses the IP Phone 2007 to view the daily bulletin, a page that
requires no input or interaction from the user.
HTML/ASP code for the daily bulletin
This page uses the ASP component for reading a file.
<html>
<body>
<TABLE BORDER>
<TR> <TD WIDTH="220">
<FONT SIZE="1" face="Arial Narrow">
<a href="home_demo.asp">
<img border="0" src="versailles.jpg" />
</a> <br />
Application Gateway Administration Guide 137
Chapter 8
Example Web Application
<p>Here are the daily bulletins:</p>
<%
Set fs=Server.CreateObject("Scripting.FileSystemObject")
Set f=fs.OpenTextFile(Server.MapPath("daily.txt"), 1)
do while f.AtEndOfStream = false
Response.Write(f.ReadLine)
Response.Write("<br />")
loop
f.Close
Set f=Nothing
Set fs=Nothing
%>
</FONT>
</TD>
</TR>
</TABLE>
</body>
</html>
138 Application Gateway Administration Guide
Chapter 8
Example Web Application
RSS News Feed
A guest uses the IP Phone 2007 to view the default RSS feed or to input an
RSS URL to view an alternate RSS feed.
HTML/ASP code for the RSS feed
This page uses the following ASP components: text field input and form
processing. It also displays RSS feed content via an included ASP file from
asp.net.
<html>
<body>
<TABLE BORDER>
<TR> <TD WIDTH="220">
<FONT SIZE="1" face="Arial Narrow">
<a href="home_demo.asp">
<img border="0" src="versailles.jpg" />
</a> <br />
<form action="rss2html.asp" method="post">
Full RSS feed URL:
<input type="text" name="rssfeedurl" size="26" />
<input type="submit" value="Submit" />
<br /> <u>Examples: </u> <br />
http://rss.cnn.com/rss/cnn_topstories.rss
<br />
</form>
Application Gateway Administration Guide 139
Chapter 8
Example Web Application
<%
dim rssfeedurl
rssfeedurl = Request.Form("rssfeedurl")
Response.Expires = -1
' =========== RSS2HTML.ASP for ASP/ASP.NET ==========
' copyright 2005-2008 (c) www.Bytescout.com
' version 1.26, 28 May 2008
' =========== configuration =====================
' ##### URL to RSS Feed to display #########
if rssfeedurl <> "" Then
URLToRSS = rssfeedurl
End if
if rssfeedurl = "" Then
URLToRSS = "http://rss.cnn.com/rss/cnn_topstories.rss"
End if
' ##### max number of displayed items #####
MaxNumberOfItems = 7
' ##### Main template constants
MainTemplateHeader = "<table>"
MainTemplateFooter = "</table>"
' #####
' ######################################
Keyword1 = "" ' Keyword1 = "tech" - set non-empty keyword value to
filter by this keyword
Keyword2 = "" ' Keyword1 = "win" - set non-empty keyword value to
filter by this 2nd keyword too
' #################################
' ##### Item template.
' ##### {LINK} will be replaced with item link
' ##### {TITLE} will be replaced with item title
' ##### {DESCRIPTION} will be replaced with item description
' ##### {DATE} will be replaced with item date and time
' ##### {COMMENTSLINK} will be replaced with link to comments (if
you use RSS feed from blog)
' ##### {CATEGORY} will be replaced with item category
ItemTemplate =
"<tr><td><strong>{DATE}</strong><br/><strong>{CATEGORY}<br/></stro
ng><a href=" & """{LINK}""" & ">{TITLE}</a><br
/>{DESCRIPTION}</td></tr>"
140 Application Gateway Administration Guide
Chapter 8
Example Web Application
' ##### Error message that will be displayed if not items etc
ErrorMessage = "Error has occured while trying to process "
&URLToRSS & "<br />Please contact web-master"
' ================================================
Set xmlHttp = Server.CreateObject("MSXML2.ServerXMLHTTP.3.0")
xmlHttp.Open "GET", URLToRSS, false
xmlHttp.Send()
RSSXML = xmlHttp.ResponseText
Set xmlDOM = Server.CreateObject("MSXML2.DomDocument.3.0")
xmlDOM.async = False
xmlDOM.validateOnParse = False
xmlDom.resolveExternals = False
If not xmlDOM.LoadXml(RSSXML) Then
ErrorMessage = "Can not load XML:" & vbCRLF &
xmlDOM.parseError.reason & vbCRLF & ErrorMessage
End If
Set xmlHttp = Nothing ' clear HTTP object
Set RSSItems = xmlDOM.getElementsByTagName("item") ' collect all
"items" from downloaded RSS
RSSItemsCount = RSSItems.Length-1
' if not <item>..</item> entries, then try to get
<entry>..</entry>
if RSSItemsCount = -1 Then
Set RSSItems = xmlDOM.getElementsByTagName("entry") ' collect all
"entry" (atom format) from downloaded RSS
RSSItemsCount = RSSItems.Length-1
End If
Set xmlDOM = Nothing ' clear XML
' writing Header
if RSSItemsCount > 0 then
Response.Write MainTemplateHeader
End If
j = -1
Application Gateway Administration Guide 141
Chapter 8
Example Web Application
For i = 0 To RSSItemsCount
Set RSSItem = RSSItems.Item(i)
' fix for the issue when a description from a previous item
' is used if current item description is empty provided by George
Sexton
RSSdescription=" "
RSSCommentsLink=" "
for each child in RSSItem.childNodes
Select case lcase(child.nodeName)
case "title"
RSStitle = child.text
case "link"
If RSSLink = "" Then
If child.Attributes.length>0 Then
RSSLink = child.GetAttribute("href")
if (RSSLink <> "") Then
if child.GetAttribute("rel") <> "alternate" Then
RSSLink = ""
End If
End If
End If ' if has attributes
If RSSLink = "" Then
RSSlink = child.text
End If
End If
case "description"
RSSdescription = child.text
case "content" ' atom format
RSSdescription = child.text
case "published"' atom format
RSSDate = child.text
case "pubdate"
RSSDate = child.text
case "comments"
RSSCommentsLink = child.text
case "category"
Set CategoryItems = RSSItem.getElementsByTagName("category")
RSSCategory = ""
for each categoryitem in CategoryItems
if RSSCategory <> "" Then
RSSCategory = RSSCategory & ", "
End If
RSSCategory = RSSCategory & categoryitem.text
Next
142 Application Gateway Administration Guide
Chapter 8
Example Web Application
End Select
next
' now check filter
If (InStr(RSSTitle,Keyword1)>0) or (InStr(RSSTitle,Keyword2)>0) or
(InStr(RSSDescription,Keyword1)>0) or
(InStr(RSSDescription,Keyword2)>0) then
j = J+1
if J<MaxNumberOfItems then
ItemContent = Replace(ItemTemplate,"{LINK}",RSSlink)
ItemContent = Replace(ItemContent,"{TITLE}",RSSTitle)
ItemContent = Replace(ItemContent,"{DATE}",RSSDate)
ItemContent =
Replace(ItemContent,"{COMMENTSLINK}",RSSCommentsLink)
ItemContent = Replace(ItemContent,"{CATEGORY}",RSSCategory)
Response.Write Replace(ItemContent,"{DESCRIPTION}",RSSDescription)
ItemContent = ""
RSSLink = ""
End if
End If
Next
' writing Footer
if RSSItemsCount > 0 then
Response.Write MainTemplateFooter
else
Response.Write ErrorMessage
End If
' Response.End ' uncomment this for use in on-the-fly output
%>
</FONT>
</TR>
</TABLE>
</body>
</html>
Application Gateway Administration Guide 143
Chapter 8
Example Web Application
144 Application Gateway Administration Guide
Chapter 8
Logging and Monitoring
Application Gateway Operations
The following topics describe how to use Application Gateway logs and
monitoring tools:
Configuring and Working with System Logs, page 145
Interpreting the System Log, page 147
Enabling and Viewing SNMP and Health Logs, page 152
Viewing the W3C-Formatted HTTP Request Log, page 152
Enabling and Viewing SNMP Logs, page 153
Enabling and Viewing Health Logs, page 154
Monitoring Application Gateway Operations, page 155
Configuring and Working with System Logs
System message logs contain information that can help Application
Gateway support personnel assist with troubleshooting. The Application
Gateway uses syslog to generate log files, enabling you to manage and
view the system logs with familiar third-party tools. The log levels
included are warning, error, and critical.
Application Gateway system logging features:
• Rotates system log files so that the log will not exceed disk capacity.
– Log rotation is based on reaching a maximum file size of 1
megabyte.
– The log file to which the syslog daemon is currently writing is in
text format. When the active log file reaches the threshold for log
rotation, the log file is archived on the Application Gateway as a
tar file compressed with gzip.
Application Gateway Administration Guide 145
Chapter 8 Logging and Monitoring Application Gateway Operations
Configuring and Working with System Logs
– The maximum number of log files stored on the Application
Gateway is 24 zipped archives and one active file. When the
maximum is reached, the Application Gateway overwrites the
oldest archive file.
• Supports scheduled archiving of local log files (in gzip format) to a
remote server using FTP.
• Supports real-time, remote logging to a syslog server. The Application
Gateway uses UDP to transfer logs to the remote server.
Be aware that the system log is not saved after a reboot or crash of the
Application Gateway or after the Submit button is pressed in the
Administration Tool.
To configure system logging:
1 In the Administration Tool, go to the Logging > Configuration page.
2 Select the Remote System Log checkbox to have the Application Gateway
send system log messages in real time to a remote syslog server. (The
Application Gateway always produces a local system log.)
3 If you selected Remote System Log, enter the IP address and port of the
remote syslog server where the Application Gateway will write remote
logs in real time. This field must be in dotted IP notation (that is,
192.168.0.1).
If the remote syslog server is unavailable when the Application Gateway
attempts to contact it, the UDP packets are dropped. The Application
Gateway continues sending messages with no interruption.
4 To archive system log files to a remote server, select Enable Log File
Archiving Via FTP.
The Application Gateway will save a log file in gzip format to the specified
FTP server, according to the selected Archive Schedule. The most recently
archived log file is named server.log.1.gz, the second most recently
archived log file is named server.log.2.gz, and so on.
5 If you enabled log file archiving, specify the following:
a. The IP address of the FTP server to which the Application Gateway is
to send archived log files.
b. The path on the FTP server to send archived log files.
c. The username and password required to write to the FTP server.
146 Application Gateway Administration Guide
Chapter 8 Logging and Monitoring Application Gateway Operations
Configuring and Working with System Logs
d. The archiving frequency, which should be based on the expected level
of AG activity and how you wish to track activity.
If the FTP server is unavailable when the Application Gateway
attempts to contact it, the Application Gateway tries every hour from
that point on to send the log. Once the server is contacted and the log
is sent, the Application Gateway returns to the usual archive schedule.
5 Click Submit.
To view the system log:
• In the Administration Tool, go to the Logging > System Log page.
The Application Gateway displays the most recent activity when the entire
log is too large to display. For more information, see “Interpreting the
System Log,” page 147.
Interpreting the System Log
System log entries have the form (date time) thread: message, where
“thread” is used to identify the component source of the message. For
example:
(Jan 30 13:07:04 2006) license: Checking available bcs licenses 110 of 1000
(Jan 26 15:00:07 2006) directory: no license found, will not initialize module
(Jan 26 15:00:09 2006) server: No more licenses available for 00:04:0D:4C:29:2B
(Jan 30 13:07:05 2006) ldap: ldap: unbind successful
Much of the information in the log is informational and can be ignored.
Errors at the beginning of the log do not necessarily indicate problems
with the Application Gateway. However, a log of only a few lines upon
startup of the Application Gateway indicates a possible problem with the
logging service. If the initial log does not include at least 50 or so entries,
restart the server. If that does not correct the problem, contact your
support representative.
Some log entries help with troubleshooting issues, as described in the
following topics:
Broadcast Server, page 148
Call Server synchronization for IP/DN mapping, page 148
CSV synchronization for IP/DN mapping, page 150
Application Gateway Administration Guide 147
Chapter 8 Logging and Monitoring Application Gateway Operations
Configuring and Working with System Logs
LDAP, page 150
Licensing, page 151
Socket listeners, page 152
Broadcast Server
The following messages indicate that the Application Gateway
successfully registered with the Broadcast Server:
(Jan 30 13:07:04 2006) bcs: Registering
http://10.10.0.127/BCS/net6_subscribe.asp?ACTION=REGISTER_AG&Net6AgURL=http://10.60.201.31
:9998/
(Jan 30 13:07:04 2006) bcs: AG Successfully Registered with BCS at http://10.10.0.127/BCS
The following messages indicate that the Application Gateway did not
successfully register with the Broadcast Server:
(Jan 30 13:07:04 2006) bcs: Registering
http://10.10.0.127/BC/subscribe.asp?ACTION=REGISTER_AG&Net6AgURL=http://10.60.201.31:9998/
(Jan 30 13:07:04 2006) bcs: AG Registration Failed at http://10.10.0.127/BC HTTP Code 404
Broadcast Server, a web application, uses HTTP error codes. The most
common error is 404 (shown above), which indicates that the wrong
Broadcast Server URL is entered in the Broadcast Server setting on the
Operation > Voice Office > IP Phone page. Other errors include 403, which
indicates that IIS needs to give permissions to the Internet Guest User for
the Broadcast Server directory, and error 500, which is generally related to
permissions of ASP scripts or an entered IP address of a Broadcast Server
which is not routable.
Call Server synchronization for IP/DN mapping
If IP/DN mapping is not obtained directly from the IP Phones, messages
such as the following appear in the log when call server synchronization
succeeds:
(Jan 30 14:14:55 2006) datasources: created sync thread with id=147465.
(Jan 30 14:14:55 2006) datasources: DN IP populate starting...
(Jan 30 14:15:08 2006) datasources: added mapping: 5030 => 10.0.16.200
(Jan 30 14:15:08 2006) datasources: added mapping: 10.0.16.200 => 5030
(Jan 30 14:15:08 2006) datasources: added mapping: 5031 => 10.10.0.113
(Jan 30 14:15:08 2006) datasources: added mapping: 10.10.0.113 => 5031
...
(Jan 30 14:17:02 2006) datasources: Retrieved mapping from:10.60.0.41:23
148 Application Gateway Administration Guide
Chapter 8 Logging and Monitoring Application Gateway Operations
Configuring and Working with System Logs
(Jan 30 14:17:02 2006) datasources: Next Datasource Synchronization in 3600 seconds
The “3600 seconds” is the schedule provided on the Operation > Voice
Office > IP Phone page.
When the call server synchronization fails, messages such as the following
appear in the log:
(Jan 30 13:07:04 2006) datasources/succession: Opened connection to Succession at
10.60.0.41:23
(Jan 30 13:07:04 2006) datasources/succession: ReadFromSocketUntilPromptSeen: did not see
expected prompt from Succession: 'login:'
(Jan 30 13:07:04 2006) datasources/succession: RespondToPrompt: expected Succession prompt
not detected; intended response was 'admin1'
(Jan 30 13:07:04 2006) datasources/succession: LogIntoSuccessionOAM: no telnet login
prompt from Succession signaling server; maximum number of concurrent Succession telnet
clients may already be connected
(Jan 30 13:07:04 2006) datasources/succession: entering Succession signalling server
(telnet) failed
(Jan 30 13:07:04 2006) datasources/succession: LogIntoSuccessionOAM: no IP address
specified for Succession
(Jan 30 13:07:04 2006) datasources/succession: LogIntoSuccessionOAM: no login username
specified for Succession
(Jan 30 13:07:04 2006) datasources/succession: entering Succession signalling server
(telnet) failed
(Jan 30 13:07:04 2006) No of caches: 0
The message “No of caches: 0” means that the Application Gateway was
unable to log into the Call Server via the Signaling Server. The number of
caches should equal the number of Signaling Servers being used for
synchronization.
The following message indicates that the credentials specified in the
Operation > Voice Office > IP Phone page were not accepted by the
signaling or call server. If the password is incorrect, six asterisks appear,
regardless of the password length.
(Jan 30 13:07:04 2006) datasources/succession: LogIntoSuccessionOAM: No OAM command prompt
from Succession while logging in to signaling server with username / password 'admin1' /
'******'. Verify that the signaling server username and password are correct for this
Succession server.
Application Gateway Administration Guide 149
Chapter 8 Logging and Monitoring Application Gateway Operations
Configuring and Working with System Logs
CSV synchronization for IP/DN mapping
When a CSV file is successfully used for IP/DN mapping, the log includes
the following messages:
(Jan 30 13:07:04 2006) datasources: created sync thread with id=114692.
(Jan 30 13:07:04 2006) datasources: flatfile_populate: starting
(Jan 30 13:07:04 2006) datasources: added mapping: 10.10.201.99 => 5232
(Jan 30 13:07:04 2006) datasources: flatfile populate completed
(Jan 30 13:07:04 2006) datasources: Next Datasource Synchronization in 3600 seconds
If CSV mapping fails, the log includes the following messages:
(Jan 30 13:07:04 2006) datasources: flatfile_populate: starting
(Jan 30 13:07:04 2006) datasources: Could not retrieve mapping
http://10.10.0.127/AGdemo.csv
(Jan 30 13:07:04 2006) datasources: flatfile populate completed
Because the CSV file is hosted on a plain Web server, standard
troubleshooting applies for Web content that is inaccessible. First,
determine whether it is possible to access the content via a personal
computer. If that test fails, conduct Ethereal traces from the Gateway
Monitoring tool of the Application Gateway or call your support
representative.
LDAP
LDAP messages indicate whether the Application Gateway was able to
bind to the LDAP server, perform a synchronization, and then search the
directory. When those events are successful, the system log will contain
messages such as the following:
(Jan 30 13:07:04 2006) ldap_search: created qcd synchronize thread with id=65540.
(Jan 30 13:07:04 2006) ldap_search: synchronizing Express Directory
(Jan 30 13:07:04 2006) ldap: ldap: bind to LDAP server 10.10.0.20 successful, Version 3
(Jan 30 13:07:04 2006) ldap: ldap: unbind successful
(Jan 30 13:07:04 2006) ldap_search: indexing 52842 entries 102824 unique values
When the Application Gateway is unable to successfully perform
operations with the LDAP server, the system log will contain messages
such as the following:
(Jan 30 13:07:04 2006) ldap: ldap: bind to LDAP server 10.10.0.20 unsuccessful, Version 3,
Error 49
(Jan 30 13:07:04 2006) ldap: ldap: unbind successful
(Jan 30 13:07:04 2006) ldap: ldap: could not bind to LDAP server 10.10.0.20 version 2
(Jan 30 13:07:04 2006) ldap: ldap: search failed due to ldap bind failure
150 Application Gateway Administration Guide
Chapter 8 Logging and Monitoring Application Gateway Operations
Configuring and Working with System Logs
(Jan 30 13:07:04 2006) ldap: ldap: not bound to ldap server 10.10.0.20
(Jan 30 13:07:04 2006) ldap: ldap: unbind successful
(Jan 30 13:07:04 2006) ldap_search: search failed... exiting
LDAP bind error messages can indicate a poorly formatted Admin bind
DN (that is, if we are binding with an administrator account), the incorrect
password, or an inaccessible LDAP server. A good tool for diagnosing
LDAP problems is Softerra’s free LDAP Browser software, which can be
found at http://www.ldapadministrator.com/. If the same credentials are
being denied access in the third party tool, then the issues either lie in
miscommunication of credentials or in the configuration of the LDAP
server.
Messages such as the following indicate an anonymous bind over port 389:
(Jan 30 13:07:04 2006) ldap: ldap: searching .... (&(cn=SC*)(objectClass=*))
(Jan 30 13:07:04 2006) ldap: ldap: searching .... (&(cn=SD*)(objectClass=*))
(Jan 30 13:07:04 2006) ldap: ldap: searching .... (&(cn=SE*)(objectClass=*))
Licensing
The license messages indicate the total number of licenses installed and
available. That information, along with the Administration Tool License
Monitor page can help you to track down issues such as uninstalled or
unavailable licenses.
When an IP/DN map is created, this message appears in the log. (Licenses
cannot be granted until there is an IP/DN map.)
<time date> localhost server[861]: datasources: added mapping: <Phone IP => <Phone DN>
Before a phone is granted a license, this message or one similar appears in
the log:
<time date> localhost server[850]: license: Checking available ipPhone licenses 1 of 10
That message indicates the number of available licenses. In the example,
there is one available license. After that license is issued to the phone, no
licenses remain. Note that “phone type” information is no longer relevant
to licensing.
When the Application Gateway is out of licenses, these two messages
appear when phones try to acquire a license:
<time date> localhost server[850]: licensed: No more licenses available
Application Gateway Administration Guide 151
Chapter 8 Logging and Monitoring Application Gateway Operations
Enabling and Viewing SNMP and Health Logs
<time date> localhost server[850]: server: No more licenses available for <MAC address of
phone trying to take a license>
Socket listeners
Socket messages are used to diagnose errors on the Application Gateway
server. Typically, if a socket error appears and is not corrected by a restart,
contact your support representative.
Messages such as the following indicate successful bindings:
(Jan 30 13:07:04 2006) socket: new listener [0.0.0.0:80:PLAIN]
(Jan 30 13:07:04 2006) socket: new listener [0.0.0.0:443:SECURE]
Problem messages might include phrases such as “failed to bind” and
“maximum file descriptors”.
Enabling and Viewing SNMP and Health Logs
You can enable or disable the logging of system performance information
and view the information collected during the logging. By reviewing the
information provided, you can track unusual changes that can affect the
stability and performance of the Application Gateway.
The following topics describe how to enable and view logs provided by
the Application Gateway:
Viewing the W3C-Formatted HTTP Request Log, page 152
Enabling and Viewing SNMP Logs, page 153
Enabling and Viewing Health Logs, page 154
Viewing the W3C-Formatted HTTP Request Log
The Application Gateway logs incoming and outgoing HTTP requests in
the W3C extended log format. You can analyze the log by using a
conventional log file analysis tool.
152 Application Gateway Administration Guide
Chapter 8 Logging and Monitoring Application Gateway Operations
Enabling and Viewing SNMP and Health Logs
The log contains the following fields:
Field Description
date Date of access, specified in GMT and formatted as
YYYY-MM-DD.
time Time of access, specified in GMT and in 24-hour format,
HH:MM:SS.
c-ip Client IP address.
cs-method The client-to-Application Gateway request method, either
GET or POST.
sc-method The Application Gateway-to-client request method, either
GET or POST.
sc-status The Application Gateway-to-client request status code. For a
description of status codes, refer to
http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html.
cs-uri The client-to-Application Gateway request URI.
sc-uri The Application Gateway-to-client request URI.
To view or download the log, go to the Logging > Configuration page and
click Download W3C Log.
Enabling and Viewing SNMP Logs
When SNMP is enabled, the Application Gateway reports the MIB-II
system group (1.3.6.1.2.1.1). The Application Gateway does not support
Application Gateway-specific SNMP data.
To enable the logging of SNMP messages:
1 In the Administration Tool, go to the Logging > Configuration page.
2 For Enable Logging, select the SNMP check box.
3 Enter the SNMP location, contact, community, and port fields. These fields
must match your SNMP agent configuration.
4 Click Submit.
Application Gateway Administration Guide 153
Chapter 8 Logging and Monitoring Application Gateway Operations
Enabling and Viewing SNMP and Health Logs
To view a log of SNMP messages:
• In the Administration Tool, go to the Logging > SNMP page.
Enabling and Viewing Health Logs
The health log includes device-driver, session, and load statistics. The
Application Gateway updates the statistics every five requests. The
Application Gateway produces a health log by default.
The device-driver statistics summarize the number of requests received
from each device type. The values in the device-driver table represents the
number of devices that have connected to an Application Gateway with a
particular protocol device driver.
The session statistics display the number of active sessions that the
Application Gateway is currently maintaining.
The load statistics displayed are as follows:
• Up time—How long the Application Gateway has been running in the
current session; in days, hours, and minutes
• System load average—The average system load; measured for the past
1, 5, and 15 minutes
• Total memory capacity (Gb)
• Used memory (Kb)
• Free memory (Kb)
• Number of connections serviced
• Number of inbound requests to the Application Gateway
• Number of outbound requests from the Application Gateway
• Number of SSL connections
• Number of non-SSL connections
• Number of requests that failed because of DSN lookup failure
• Number of requests that failed because the device type was unknown
• Number of requests that failed because of bad header addresses
154 Application Gateway Administration Guide
Chapter 8 Logging and Monitoring Application Gateway Operations
Monitoring Application Gateway Operations
To enable the logging of system health information:
1 In the Administration Tool, go to the Logging > Configuration page.
2 For Enable Logging, select the Health Log check box.
3 Click Submit.
To view health information:
• In the Administration Tool, go to the Logging > Health Log page.
Monitoring Application Gateway Operations
The Application Gateway includes a variety of standard Linux monitoring
applications so that you can conveniently access the applications from one
location. With the exception of the License Monitor, the applications are
included in the Application Gateway under the GNU public license.
To access the monitoring applications:
1 In the Application Gateway Administration Tool, go to the Operation >
Advanced page.
If you see a Security Warning dialog, click Yes to download the required
ActiveX Helper client.
2 If the download does not start, click Monitoring.
3 In the login dialog, enter the Application Gateway administrator
credentials and then click Connect.
The Monitor window opens. The icons across the bottom left of the screen
provide single-click access to the six monitoring tools.
The monitoring applications are as follows.
Application Gateway Administration Guide 155
Chapter 8 Logging and Monitoring Application Gateway Operations
Monitoring Application Gateway Operations
License Monitor
Provides a list of all IP phone extensions that are in the fixed license pool.
From the list, you can delete phones and toggle their license status.
• To sort the list by a column, click the column heading.
• To select a group of phones, use Shift-click.
• To select multiple, non-adjacent phones, use Control-click.
• To delete all phones, select a phone and choose Delete All.
• For information on toggling the status of an IP phone license, see
“Changing the License Status of an IP Phone,” page 19.
Ethereal Network Analyzer
: Enables you to perform network traces and interactively browse packet
data from a live network or from a previously saved capture file. You can
capture all traffic that passes through either Application Gateway
interface and sort the displayed traffic. Network traces are useful for
synchronization issues.
If you are examining TCP packets, you can right-click a TCP packet and
use the Follow TCP Stream command from the Ethereal window.
Although Zone Paging uses UDP (and thus provides no TCP stream to
follow), the trace can indicate whether the traffic reached its intended
destination.
To save an Application Gateway to your local PC:
1 From the Monitor window (access it as described above), click the Ethereal
icon.
2 Select Capture > Start.
3 Add filters as needed.
4 Click OK.
5 Let the trace run as long as you need it to, then click Stop.
6 Browse to
7 Before closing the Ethereal window in the gateway Monitor, browse to:
https://agIPAddress:9001/traces/ethereal_download.html
8 Download the trace when prompted.
9 Close the Ethereal window.
156 Application Gateway Administration Guide
Chapter 8 Logging and Monitoring Application Gateway Operations
Monitoring Application Gateway Operations
For more information, refer to the Help that is available from the
Ethereal Network Analyzer window.
xNetTools
A multi-threaded network tool that includes a service scanner, port
scanner, ping utility, ping scan, name scan, whois query, and finger query.
My traceroute
Combines the functionality of the 'traceroute' and 'ping' programs in one
network diagnostic tool. As My traceroute (mtr) starts, it investigates the
network connection between the VPN Gateway and the destination host
that you specify. After it determines the address of each network hop
between the machines, it sends a sequence ICMP ECHO requests to each
one to determine the quality of the link to each machine. As it does this, it
prints running statistics about each machine.
fnetload
Provides real-time network interface statistics. It checks the
/proc/net/dev every second and builds a graphical representation of its
values.
System Monitor
Shows information about CPU usage and memory/swap usage. For more
information, refer to the Help available from the System Monitor window.
Application Gateway Administration Guide 157
Chapter 8 Logging and Monitoring Application Gateway Operations
Monitoring Application Gateway Operations
158 Application Gateway Administration Guide
Chapter 9
Troubleshooting
The following topics describe how to troubleshoot issues:
General Issues (Hardware, Licenses, Certificates), page 159
Connectivity Issues, page 161
Express Directory, page 162
Broadcast Server, page 163
Zone Paging, page 167
Note: See “Interpreting the System Log,” page 147 for a description of
important log messages.
General Issues (Hardware, Licenses, Certificates)
The Application Gateway does not start and the Application Gateway serial
console is blank.
Verify that the following are correctly set up:
• The serial console is using the correct port and the physical and logical
ports match.
• The cable is a null-modem cable.
• The COM settings in your serial communication software are set to
9600 bits per second, 8 data bits, no parity, and 1 stop bit.
I tried using Ctrl-Alt-Delete to reboot the Application Gateway, but nothing
happened.
The reboot function on the Application Gateway is disabled. You must use
the Application Gateway serial console to start and stop the device.
Application Gateway Administration Guide 159
Chapter 9 Troubleshooting
General Issues (Hardware, Licenses, Certificates)
After I restarted the Application Gateway, the system log file contains only
5 to 10 lines of entries.
After a reboot, the log file typically contains 50 to 60 lines of entries. An
abbreviated log file might indicate that the logging service did not start
properly or that there is file corruption. If restarting the Application
Gateway again does not clear the problem, reinstall the Application
Gateway software, as described in “Reinstalling the Application Gateway
Software,” page 29.
Application Gateway sessions are not persistent after a restart. The system
log indicates that a URL cannot be found.
Before entering URLs in the Application Gateway Administration Tool,
verify that they can be reached via a browser window.
A phone cannot obtain a license from the Application Gateway.
Perhaps all licenses are occupied. If obsolete phones are occupying
licenses, you can disable the license through the License Monitor
(Operation > Advanced). Also, to obtain a license, the phone’s extension
must appear in the IP/DN map. Verify the configuration.
Some phones lost their licenses. The system log includes these messages
“server: device [id] most inactive. removing due to capacity limits.”
A phone attempted to reach the Application Gateway when all licenses
were occupied. To grant the active phone a license, the Application
Gateway revoked the license of an idle phone.
Of the 700 Nortel IP Phones on our network, we want to license and use only
500 of them.
When the Application Gateway synchronizes with the call server, it
downloads information about all of the phones registered with the
Signaling Servers. Therefore, you must use the License Monitor to
manually deactivate the phones that you do not want to use with the
Application Gateway.
After I replace an IP phone, what needs to be done on the Application
Gateway to enable the new phone?
If there is a license available when the new phone comes up, the phone will
obtain that license and there is nothing else that you need to do. However,
you should deactivate the license of the old phone so that it will be
available to other phones.
160 Application Gateway Administration Guide
Chapter 9 Troubleshooting
Connectivity Issues
SSLV2 sessions do not work with a multilevel certificate chain.
If intermediate (multilevel) certificates are part of your secure certificate
upload, you need to make sure that the intermediate certificates are part
of the certificate file you are uploading. SSLV2 does not support certificate
chaining. Any certificate that has more than one level must include all
intermediate certificates, or the system may become unusable. For
information about how to add intermediate certificates to the uploaded
certificate file, see “Generating a Secure Certificate,” page 20.
Connectivity Issues
Note: For many connectivity issues, there is a possibility that the network is not
allowing traffic to pass. Perhaps an Access Control List (ACL) or
something like that is blocking certain ports. Refer to the Pre-Installation
Checklist for a full list of ports required by the Application Gateway.
The Application Gateway is not communicating with IP Phone 2007.
Verify that the port used to communicate between the Application
Gateway and the phones is set up as described in “Configuring
Communication between the Phones and Application Gateway,” page 49.
When the extended services button is pressed, the phone screen flashes
and nothing else happens.
Verify that the XAS server information is properly programmed into the
phone. Verify that the ports listed in the Pre-Installation Checklist are open.
The IP phones are receiving text, but no audio, from the Application
Gateway.
Perhaps ACLs on the central router are blocking all traffic from one VLAN
to another. Verify that the ports listed in the Pre-Installation Checklist are
open.
No IP phones are listed in the License Monitor.
IP phones will not appear in the License Monitor if any of the following
are true:
• The Application Gateway has not successfully synchronized with the
call server to create an IP/DN map. See “Synchronization with the
Call Server Fails,” page 162.
Application Gateway Administration Guide 161
Chapter 9 Troubleshooting
Express Directory
• There is no license loaded on the Application Gateway.
• DHCP options are not set correctly on the DHCP server so the phone
does not know to contact the Application Gateway. See “Configuring
Communication between the Phones and Application Gateway,”
page 49.
Synchronization with the Call Server Fails
Verify that the permissions on the call server are correct. Verify that the
call server URL, username, and password specified in the Application
Gateway Administration Tool Operation > Voice Office > IP Phone page
are correct. Verify that network traffic is not blocked by an ACL.
Express Directory
I cannot connect to the LDAP server. There is a “Bind to LDAP server Failed”
error message in the system log.
Verify that the following is correctly set up in the Administration Tool:
• The Bind DN must be the Fully Qualified name of an LDAP user who
can browse the portions of the LDAP directory that will be
synchronized with the Application Gateway.
• The Bind DN must have read-only access rights to the LDAP directory.
That user must be able to not only view objects within the directory,
but also the attributes of those objects. Some LDAP directory servers,
particularly Novell eDirectory, require the Bind DN user to have
specific access rights assigned so it can see the attributes of the objects
in the directory.
• The Base DN must be the location within the directory that will be
synchronized with the Application Gateway. The Application
Gateway allows 15 separate LDAP synchronizations to be configured
on the system. These 15 separate synchronizations can consist of 15
separate LDAP servers, 15 separate Organizational Units within the
same LDAP directory, or any combination of both.
162 Application Gateway Administration Guide
Chapter 9 Troubleshooting
Broadcast Server
One or more attributes are missing from the Directory display. For example,
names appear, but no phone numbers, or some but not all phone numbers
for each individual appear.
Missing attributes are generally the result of incorrect or missing attribute
names. You can look up the attribute names requested on the
Pre-Installation Checklist by using the free third-party LDAP browser tool
called “Softerra” (http://www.softerra.com/products/
ldapbrowser.php).
If an attribute in the directory is left blank, that attribute will not appear
in the Softerra browser search results. It is suggested that you create a
completely new user, fully populate it with all of the data required for
your Directory display, run the Softerra tool, and then view the resulting
list of attribute names.
When I select Directory from the Voice Office Menu, there are no entries
listed.
Verify that the Bind DN and Bind DN password are correct, that the Base
DN is formatted correctly, and that the search filter does not contain
invalid data.
Automatic dialing of DNs is not working from Express Directory.
Enable Hands Free Activation (HFA) as part of the Class of Service (CLS)
options during set provisioning on the Communication Server 1000.
I’m using a CSV source for IP/DN mapping and the latest information is not
appearing.
Before performing a synchronization, you must update the CSV file.
Broadcast Server
Setup reports that it cannot install on Windows 95, 98, or ME.
Only Windows NT-based operating systems (Windows NT, Windows
2000 and higher, and Windows XP) are supported.
Setup fails, reporting that Administrative privileges are required.
Login using the Administrator account or another account that has
administrative privileges on the machine where Broadcast Server is being
installed.
Application Gateway Administration Guide 163
Chapter 9 Troubleshooting
Broadcast Server
Setup fails when installing using the Terminal Services Client or Windows
XP Remote Desktop Connection.
Those services are not supported. Installation must occur at the system
console or via a console remote control program such as pcAnywhere,
NetOp, or Timbuktu.
Setup completes but reports failure creating the Broadcast Server virtual
directory
Manually create a virtual directory named “BCS” using Internet
Information Services Manager. The physical root of the virtual directory
must point to the “web” folder in the main BCS directory.
The Broadcast Server virtual directory is below the wrong Web site.
This typically occurs on Web servers hosting multiple Web sites. Delete
the virtual directory created by Setup and manually create it under the
correct Web site.
Login attempt succeeds but the home page is not displayed.
Verify that the user’s browser allows per-session cookies. Broadcast
Server requires this setting in order to track a user’s session.
Each page of the Broadcast Server interface includes the message that the
Application Gateway is not registered with Broadcast Server. No
subscribers are listed.
Either the Broadcast Server Base URL is missing from the Operation >
Voice Office > IP Phone page in the Application Gateway Administration
Tool or a Broadcast Server license is not installed on the Application
Gateway.
When an alert is sent, nothing shows up on the phones (no HTML, no audio
alerts).
The Broadcast Server Base URL is missing from the Operation > Voice
Office > IP Phone page in the Application Gateway Administration Tool.
Text alerts appear on the phones, but the audio does not go through and the
audio portion of the Broadcast Server log contains an entry such as
“ip-phone: unable to push”.
The Broadcast Server Base URL is incorrectly entered in the Operation >
Voice Office > IP Phone page in the Application Gateway Administration
Tool. If the same situation occurs, but without the log entry, the phones
might be running an unsupported firmware version.
164 Application Gateway Administration Guide
Chapter 9 Troubleshooting
Broadcast Server
Phone does not appear in Subscriber list.
Either the phone or the Application Gateway is not subscribed to
Broadcast Server.
Cannot broadcast (and have more than 100 subscribers).
Configure IIS to handle the maximum capacity (more than 100,000 hits per
day).
System Alerts indicate that an alert failed to reach an extension.
Verify that the phone is online and in a pushable state. Verify that the
Application Gateway is subscribed to Broadcast Server.
Alerts are sometimes delayed in reaching their destination.
A delay can result from a number of factors: A phone may not be in a
pushable state. The alert might contain a large media file. The Application
Gateway might be busy or not responding. The clocks on the Broadcast
Server and Application Gateway might not be synchronized. Check the
System Alerts for information.
Telephone interface is corrupted, the telephone hangs intermittently, or
HTTP Error [8] is reported by the telephone.
Ensure that the telephone has the latest firmware load installed.
No alert content displayed – only the command line contains text of last
prompt.
Ensure that the telephone has the latest firmware load installed.
Telephone displays “Requesting…” prompt but no response from
Broadcast Server.
Ensure that the telephone has the latest firmware load installed.
Ensure that Broadcast Server is operational by attempting to login using a
browser.
Ensure that the telephone has an IP route to the Application Gateway.
A “Host not found” error is reported on telephone.
Ensure that Broadcast Server is operational by attempting to log in using
a browser.
Ensure that the telephone has an IP route to the Application Gateway.
Application Gateway Administration Guide 165
Chapter 9 Troubleshooting
Broadcast Server
Deinstallation succeeds but Setup reports that the virtual directory could
not be deleted.
Manually delete the BCS virtual directory using Internet Information
Services Manager.
Files left behind in the _temp directory after system removal.
Manually delete the files or wait for the next restart. If the files are still
present after a restart, delete the files manually.
166 Application Gateway Administration Guide
Chapter 9 Troubleshooting
Zone Paging
Zone Paging
In the Administration Tool, the page for creating a zone does not list any
phones or does not list all phones in the Available Extensions list.
First, determine if the Application Gateway system log includes messages
about synchronization problems. If there are no such errors, go to the
Administration > Licenses page and verify that the correct number of
licenses are installed. If that is not the problem, log into the License
Monitor (click Operation > Advanced) verify that all phones have a status
of “active.” If a required phone is not active, right-click it and change its
status.
No phone is receiving a page although everything is configured correctly.
Verify that the version of firmware the phone is using is supported.
Some, but not all, phones receive pages.
Verify that there are no network problems and that the zones have the
correct permissions. If the phones not receiving pages have had an IP
address change since the last IP/DN synchronization, perform a
synchronization. If you use Application Gateway clusters, verify that the
IP phones being paged are associated with an Application Gateway that is
part of the cluster.
An in-progress page is terminated.
Application Gateway maintenance functions that require a server restart
(such as uploading an Application Gateway configuration or changing
network interface settings) terminate a page. It is recommended that you
perform maintenance functions when Voice Office application use is at a
minimum. Note that adding or removing a zone terminates pages.
Application Gateway Administration Guide 167
Chapter 9 Troubleshooting
Zone Paging
168 Application Gateway Administration Guide
Index
A Administration > Licenses page 16
Access Services host ID 16
card reader calls 125 Administration > Maintenance page 30, 31
checkbox selection example 128 certificates 28
configuring 115 Administration > Users page 13
content display example 134 Administration Tool 9
CSS properties 123 opening 10
deployment workflow 114 time-out 10
file operations example 134 administrative user accounts
file reading example 137 changing password 13
form processing example 128, 131, 134, managing 13
139 resetting to default password 13
home page example 127 alerts, removing from Voice Office Menu 48
HTML tags 120 Application Gateway
HTTP features 121 and Watchguard timer 49
image specifications 119 configuration for Broadcast Server 99
planning 113 deployment 114
RSS content display example 139 deployment with call server 59
screen mode 118 implementation workflow 8
SMTP messaging example 128, 131 increasing capacity 60
text field input example 128, 131, 134, 139 licenses 48
URL syntax 124 re-imaging 29
web application emulator 125 reinstalling software 29
web application example 126 synchronizing with directories 89
web page specifications 119 system log 145
Active Directory, Bind DN example troubleshooting 159
syntax 75
Administration > Date page 11, 12
Application Gateway Administration Guide 169
Index
B multi-user login 60
Base DN example syntax 75 synchronization schedule 63
Bind DN example syntax 75 certificate
Broadcast Server 91 multilevel and SSL V2 161
and clusters 93, 94, 105 troubleshooting 159
Base URL 99 Certificate Signing Request (CSR)
department attribute usage 77 generating 23
directory data usage 69 overview 21
distribution list source 93 cHTML
installation 98 device statistics 154
LDAP telephone number usage 77 Clear Hosts Table button 36
log messages 148 cluster
network deployment 92 Broadcast Server operation 94
overview 92 creating 42
specifying AG route to 99 maintaining 45
subscriber list source 93 overview 42
system requirements 95 prerequisites 43
testing configuration 100 Zone Paging operation 106
troubleshooting 163 common name LDAP attribute 76
virtual directory 92, 164 Communication Server
web server supporting multiple sites 92, deployment notes 60
164 Hands Free Activation 59
See also Broadcast Server User Guide configuration
See also Broadcasting to Internet Telephones Administration Tool 9
from a PC
IP phones 47
restoring 30
C serial console 9
CallManager Voice Office 47
synchronization log messages 148 connections
call server statistics 154
configuring connection to 61 CPU usage 157
170 Application Gateway Administration Guide
Index
CSV file DNS
and IP/DN map 59 lookup failure statistics 154
configuring connection to 61 server settings 36
search attributes 83 documentation, downloading 11
specifications for directories 85 Domain setting 36
specifications for IP/DN map 63 Duplex Mode setting 34
synchronization log messages 148 dynamic routes, configuring 37
synchronization schedule 63
E
D email
Default Gateway setting 34 LDAP attribute 76
department LDAP attribute 77 Ethereal Network Analyzer 156
deployment workflow Express Directory 70
Access Services 114 combined directories 71
device traffic custom telephone number display 86
device-driver statistics 154 directory data usage 69
unknown device type statistics 154 directory submenu 71
DHCP configuration for IP phones 50 features 71
dialing LDAP attributes 76
rules 86 removing from Voice Office Menu 48
directories specifying department attribute
AG synchronization 89 displayed 77
combining 72 specifying telephone numbers
displayed 77
configuring 72
troubleshooting 162
CSV format, configuring 82
See also Using Express Directory on Nortel
using more than one 72 Internet Telephones
Voice Office application usage 69
directory numbers (DNs)
F
automatic dialing of 59
finger query 157
IP/DN map 59
FLEXlm licensing 2
Application Gateway Administration Guide 171
Index
fnetload tool 157 licensing 59
log messages 148
IP phone
G
device statistics 154
Gateway Interface setting 34
language setting for Voice Office 49
given name LDAP attribute 76
GXAS/XAS modes for IP Phone 2007 51 removing a license from 19
IP Phone 2004/2002
GXAS phones
AG configuration 51
failover 52
secure mode (2007) 53 configuring DHCP 50
Voice Office Menu 48
IP Phone 2007
H AG configuration 51
health log 155
configuring an AG port for 49
enabling and viewing 154
configuring DHCP 50
host aliases
Voice Office Menu 48
adding or removing 36
XAS and GXAS modes 51
host name resolution 36
Host ID, viewing 16
Host Name setting 36 L
LDAP
HTML
Administrator Bind DN 75
device statistics 154
attributes for voice applications 76
HTTP header, header statistics 154
Base DN 75
Browser 79
I department attribute (paging) 107
implementation workflow 8
log messages 150
inbound request statistics 154
looking up your directory’s attributes 79
Incoming HTTP/HTTPS Port settings 35
search attributes 78
IP/DN map 59
search filter 77
and Broadcast Server 93
server port guidelines 74
and Zone Paging 105
troubleshooting 162
172 Application Gateway Administration Guide
Index
version support 70 Microsoft IIS
See also directories configuration for Broadcast Server 96
License Monitor 156 requirement for Broadcast Server 95
and troubleshooting 161 shared server 92
license monitor 19 monitoring operation 155
licenses 2, 14, 48 MTU setting 34
and clusters 5 multicasting, enabling for Zone Paging 66
and IP/DN map 59 My traceroute tool 157
denied license and Zone Paging 107
denying a phone a license 19
N
impact of changes on 4
name scanner 157
log messages 151 network
prerequisites 15 activity level graph 155
troubleshooting 159
connections overview 33
uploading 16 interface settings 34
load statistics, viewing 154
interface traffic load monitor 157
log, See system log 145
monitoring 155
Logging > Configuration page 155 packet data analyzer 156
download W3C log 153
route tracing 157
SNMP log 153
scanning tools 157
system log 146
troubleshooting 161
Logging > Health Log page 155
Network > DNS page 36
Logging > SNMP page 154 Network > Hosts page 36
Logging > System Log page 18, 147
Network > Interfaces page 34
Logging > Version page 28
Network > Routes page 38, 39
M O
memory statistics 154
Operation > Advanced page 155
memory usage 157 Operation > General page 49
message forwarding
Operation > Voice Office pages
LDAP search filter for 77
Directory 72, 76, 82
Application Gateway Administration Guide 173
Index
IP Phone 61, 88, 99 port scanner 157
Menu 48 prefixes, adding to dialed numbers 79, 86
Paging 107, 108 private key
combining with signed certificate 26
unencrypting 24
P
packet data, browsing 156 process activity level graph 155
paging zones
adding 108 R
changing 108 re-imaging the Application Gateway 29
deleting 111 reinstalling software 29
source of 107 restarting 31
viewing imported zones 107 restoring a configuration 30
password routing configuration 37
administrative user 13
PBX administrator account 60
S
phone applications
secure certificate 20
configuration 47
combining with private key 26
implementation workflow 8
converting to PEM format 25
ping 13
CSR overview 21
in xNetTools 157
generating for multiple levels 26
port requirements
installing Cygwin for 22
See Pre-Installation Checklist
private key, unencrypting 24
ports
uploading 28
administration 35
serial console 13
for IP Phone 2007 communication 49 is blank 159
incoming HTTP/HTTPS 35
service scanner 157
IP Phone 2007 GXAS port setting 51
shutting down 31
settings 35
signaling server
socket listener messages 152 and IP/DN map 59
See also Pre-Installation Checklist
configuring connection to 61
multi-user login 60
174 Application Gateway Administration Guide
Index
SIP speaker 54 system
configuration 55 configuration, restoring 30
registration 58 date and time, changing 11
slides log interpretation 147
text in 114 logs overview 145
SNMP 153 System Monitor 157
logs, enabling and viewing 153
MIB groups reported 153
T
settings 153 telephone number
software CSV label 83
installed version 28
customization 86
reinstalling 29 LDAP attribute 77
restarting 31
title LDAP attribute 77
shutting down 31
troubleshooting 159
upgrades 28 Broadcast Server 163
upgrading from a file 28
certificates 159
SSL
hardware 159
connection statistics 154
licenses 159
static routes
network 161
adding 39
Zone Paging 167
configuring 37
example 40
removing 40 U
Upload Certificate setting 28
testing 39
Upload Server Upgrade setting 28
surname LDAP attribute 76
URL
swap space usage 157
request statistics 154
synchronizing AG with
user accounts
LDAP server 89
administrative 13
signaling server 63
Application Gateway Administration Guide 175
Index
V Z
version of installed software 28 Zone Paging 103
voice applications and clusters 106
architecture illustration 1 custom zones 104
prerequisites 47 custom zones, adding/changing 108
removing from Voice Office Menu 48 department attribute usage 77
Voice Office language setting 49 directory data usage 69
Voice Office Menu 48 enabling multicasting 66
customizing 48 extension paging permissions 104, 110
removing voice applications from 48 imported zones 104
imported zones, viewing 107
interaction with IP phones 104
W
network deployment 105
Watchdog timer 49
whois query 157 overview 104
removing from Voice Office Menu 48
WML
troubleshooting 167
device statistics 154
zone source 105
See also Using Zone Paging on Nortel Internet
X Telephones
XAS/GXAS modes for IP Phone 2007 51
xNetTools 157
176 Application Gateway Administration Guide
Family Product Manual Contacts Copyright FCC notice Trademarks Document number
Product release Document release Date Publish
Nortel Application Gateway 2000
Administration Guide
Configuration and Operation
Copyright © 2006—2009 Nortel Networks. All Rights Reserved.
LEGAL NOTICE
While the information in this document is believed to be accurate
and reliable, except as otherwise expressly agreed to in writing
NORTEL PROVIDES THIS DOCUMENT "AS IS" WITHOUT
WARRANTY OR CONDITION OF ANY KIND, EITHER
EXPRESS OR IMPLIED. The information and/or products
described in this document are subject to change without notice.
Nortel, the Nortel logo, the Globemark, SL-1, Meridian 1, and
Succession are trademarks of Nortel Networks.
All other trademarks are the property of their respective owners.
Publication number: NN42360-600
Document release: Standard 04.03
Date: February 2009
Sourced in Canada
To provide feedback or report a problem in this document, go to
www.nortel.com/documentfeedback.
You might also like
- CCMM and Outbound Installation and Maintenance GuideNo ratings yetCCMM and Outbound Installation and Maintenance Guide1,024 pages
- CCMA Technical Requirements and Operating System Configuration GuideNo ratings yetCCMA Technical Requirements and Operating System Configuration Guide112 pages
- Installing and Administering SIP Enablement ServicesNo ratings yetInstalling and Administering SIP Enablement Services892 pages
- Yealink W70B IP DECT Phone Administrator Guide v85.40No ratings yetYealink W70B IP DECT Phone Administrator Guide v85.40324 pages
- Yealink SIP-T2 Series T4 Series T5 Series CP920 IP Phones Administrator Guide V85.1No ratings yetYealink SIP-T2 Series T4 Series T5 Series CP920 IP Phones Administrator Guide V85.1572 pages
- Avaya IP Telephony Deployment Guide PDFNo ratings yetAvaya IP Telephony Deployment Guide PDF358 pages
- 3com Switch 4200G Family: Configuration GuideNo ratings yet3com Switch 4200G Family: Configuration Guide902 pages
- Iinet BizPhone Admin Reference Guide v2.08No ratings yetIinet BizPhone Admin Reference Guide v2.0899 pages
- LTRT-27162 SmartTAP Administrator Guide Ver. 3.2No ratings yetLTRT-27162 SmartTAP Administrator Guide Ver. 3.2136 pages
- Sample Application Configuration Guide For The Soundpoint Ip/Soundstation Ip FamilyNo ratings yetSample Application Configuration Guide For The Soundpoint Ip/Soundstation Ip Family36 pages
- Officeconnect: Cable/Dsl Gateway Wireless Cable/Dsl Gateway User GuideNo ratings yetOfficeconnect: Cable/Dsl Gateway Wireless Cable/Dsl Gateway User Guide120 pages
- Contact Center, CS1000, M1 and Voice Processing Guide100% (3)Contact Center, CS1000, M1 and Voice Processing Guide432 pages
- Configuration Guide-3Com-Switch 4210 FamilyNo ratings yetConfiguration Guide-3Com-Switch 4210 Family567 pages
- Live Business Gateway: Installation and MaintenanceNo ratings yetLive Business Gateway: Installation and Maintenance63 pages
- Citrix Access Gateway Enterprise EditionNo ratings yetCitrix Access Gateway Enterprise Edition32 pages
- Citrix Access Gateway Enterprise Edition Administrator's GuideNo ratings yetCitrix Access Gateway Enterprise Edition Administrator's Guide308 pages
- Sample Application Configuration Guide For The Soundpoint Ip/Soundstation Ip FamilyNo ratings yetSample Application Configuration Guide For The Soundpoint Ip/Soundstation Ip Family36 pages
- Officeconnect Remote 812 Adsl Router Cli User'S Guide: Release 2.0No ratings yetOfficeconnect Remote 812 Adsl Router Cli User'S Guide: Release 2.0170 pages
- Guia 3com Switch-4500G Configuration-GuideNo ratings yetGuia 3com Switch-4500G Configuration-Guide598 pages
- Avaya 1600 Series IP Desk Phones Administrator GuideNo ratings yetAvaya 1600 Series IP Desk Phones Administrator Guide142 pages
- Smart Traffic Management System: Software Requirement SpecificationNo ratings yetSmart Traffic Management System: Software Requirement Specification22 pages
- Unit-4: - Design Axiom - Designing Classes - Access Layer - Object Storage - Object InteroperabilityNo ratings yetUnit-4: - Design Axiom - Designing Classes - Access Layer - Object Storage - Object Interoperability84 pages
- Chapter 1-Data Processing and InformationNo ratings yetChapter 1-Data Processing and Information34 pages
- How To Install Magento 2.4 With LEMP Stack On Ubuntu 20.04 - RoseHostingNo ratings yetHow To Install Magento 2.4 With LEMP Stack On Ubuntu 20.04 - RoseHosting12 pages
- E-Business Infrastructure: Presented by Ika Novita Dewi, McsNo ratings yetE-Business Infrastructure: Presented by Ika Novita Dewi, Mcs20 pages
- 7 Awesome Things I Saw at Jsconf: Ian Hunter @dcianNo ratings yet7 Awesome Things I Saw at Jsconf: Ian Hunter @dcian45 pages
- Ravikant Maurya: Address: 602 D/19 F, Park ViewNo ratings yetRavikant Maurya: Address: 602 D/19 F, Park View3 pages
- Creating Scalable Cloud Solutions: with Spring Boot and Cloud FoundryFrom EverandCreating Scalable Cloud Solutions: with Spring Boot and Cloud FoundryNo ratings yet
- WildFly Configuration, Deployment, and Administration - Second EditionFrom EverandWildFly Configuration, Deployment, and Administration - Second EditionNo ratings yet
- Mastering Container Orchestration: Advanced Deployment with Docker SwarmFrom EverandMastering Container Orchestration: Advanced Deployment with Docker SwarmNo ratings yet
- MCA Microsoft Certified Associate Azure Network Engineer Study Guide: Exam AZ-700From EverandMCA Microsoft Certified Associate Azure Network Engineer Study Guide: Exam AZ-700No ratings yet
- Hands-On Linux Administration on Azure - Second Edition: Develop, maintain, and automate applications on the Azure cloud platform, 2nd EditionFrom EverandHands-On Linux Administration on Azure - Second Edition: Develop, maintain, and automate applications on the Azure cloud platform, 2nd Edition2/5 (1)
- MCA Windows Server Hybrid Administrator Complete Study Guide with 400 Practice Test Questions: Exam AZ-800 and Exam AZ-801From EverandMCA Windows Server Hybrid Administrator Complete Study Guide with 400 Practice Test Questions: Exam AZ-800 and Exam AZ-801No ratings yet
- MCSA Windows Server 2012 R2 Complete Study Guide: Exams 70-410, 70-411, 70-412, and 70-417From EverandMCSA Windows Server 2012 R2 Complete Study Guide: Exams 70-410, 70-411, 70-412, and 70-417No ratings yet
- MCA Microsoft Certified Associate Azure Administrator Study Guide: Exam AZ-104From EverandMCA Microsoft Certified Associate Azure Administrator Study Guide: Exam AZ-104No ratings yet
- VyOS Configuration and Deployment Guide: Definitive Reference for Developers and EngineersFrom EverandVyOS Configuration and Deployment Guide: Definitive Reference for Developers and EngineersNo ratings yet
- The OpenVPN Handbook: Secure Your Networks with Virtual Private NetworkingFrom EverandThe OpenVPN Handbook: Secure Your Networks with Virtual Private NetworkingNo ratings yet
