INSTALLATION 26/1531-ANF 22 01 2014 E10 901INSTRUCTIONS 14 Aastra 6700i SIP Terminals for MX-ONE Arne Miler Amiler amiler INSTALLATION INSTRUCTIONS
AASTRA 6700I SIP TERMINALS FOR MX-ONE Copyright © Copyright Aastra Technologies Limited, 2014. All rights reserved. Disclaimer No part of this document may be reproduced in any form without the written permission of the copyright owner. The contents of this document are subject to revision without notice due to continued progress in methodology, design and manufacturing. Aastra shall have no liability for any error or damage of any kind resulting from the use of this document.
GENERAL 1 General This document is valid for Aastra 6730i, 6731i, 6735i, 6737i, 6739i, 6753i, 6755i and 6757i SIP phones, when installing these telephones in a MX-ONE environment. 1.1 Scope This document describes how to install and configure for the Aastra 6700i terminals in a MX-ONE Telephony Server (TSE) environment. For general installation information that is not unique for a MX-ONE environment, there is a reference to the Administrator Guide for Aastra Models 6700i and 9000i Series IP SIP Phones.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 1.3 Environmental Requirements See Administrator Guide for Aastra Models 6700i and 9000i Series IP SIP Phones.
CABLING 2 Cabling See Administrator Guide for Aastra Models 6700i and 9000i Series IP SIP Phones.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 3 Power Equipment These telephones can be powered from any of the following methods: • 6730i is powered from an AC adapter 5V. No PoE support. • 6731i, 6735i, 6737i, 6739i, 6753i, 6755i, 6757i are powered using PoE according to IEEE 802.3af or from an AC/DC adapter 48 V. • Power over Ethernet power injector, which supplies 48 V power through the Ethernet cable on pins 4&5 and 7&8. The power injector is available as an optional accessory.
EARTHING AND GROUNDING 4 Earthing and Grounding See Administrator Guide for Aastra Models 6700i and 9000i Series IP SIP Phones.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 5 Setting up the Software Server The software and the configuration files used by the IP phones shall be stored on a server where the IP phones can fetch them. The server is called IP Phone SW Server.
SETTING UP THE SOFTWARE SERVER 5.1 • Reconfigure Microsoft IIS web server, if it exists. • Creating a directory structure on the IP Phone SW Server. • Copy the IP phone application and language files to the IP Phone SW Server. The configuration files shall not be copied, these are created by MTS. For information about the files, see section 8.1 Phone software and configuration files on the software server on page 24.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 3. Click OK. The window Welcome to the IPPhone SW Server Setup Wizard is displayed. 4. Click Next. The step Licence Agreement is displayed. 5. Click Agree. The step Tomcat Port Number is displayed. 6. Type the port number in the field, default port is 80. 7. Click Next. The step Tomcat Administrator is displayed. 8. Click Next. 9. The message window, Do you want to continue without configuring a Tomcat administrator? is displayed. 10. Click Yes.
SETTING UP THE SOFTWARE SERVER The reason that you need to have the Tomcat web server running instead of just using the IIS web server is that the IP Phone SW Server Configuration Management Application is developed in Java and IIS can only host web applications developed in the Microsoft environment. Perform the following steps to resolve the port conflict. • Keep IIS running on port 80. • Reconfigure the IP Phone Configuration Management Application to run on port 82 instead.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 12 – Open C:\WINDOWS\system32\inetsrv\inetmgr.exe, navigate to Default Web Site. – Right click on Default Web Site and select New Virtual Directory. A wizard will start. – Enter the directory name to where the telephone firmware shall be stored as Alias, example: aastra67xxi. – Enter the path to the folder under Tomcat, example: C:\jakarta-tomcat-4.1.31\webapps\ROOT\aastra67xxi. – Enable the Read option and finish the wizard.
SETTING UP THE SOFTWARE SERVER 5.3 Start of the Tomcat Web Server During the installation of IP Phone SW Server Configuration Management Application for Windows®, Tomcat will start automatically on port 80. In case Tomcat is not up and running, it can be started manually with Windows® Services Jakarta Tomcat 4 (see instruction below) or by restarting the Tomcat web server PC. If the Tomcat web server starts on another port number than 80, the port number can be set manually in the file jakarta-tomcat-4.1.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 6 Manage the Configuration Files in Manager Telephony System MX-ONE Manager Telephony System (MTS) shall be used when creating or changing the aastra.cfg and the model specific configuration files. The information regarding parameters is available in the online help for MX-ONE Manager Telephony System.
MANAGE THE CONFIGURATION FILES IN MANAGER TELEPHONY SYSTEM 6.1 Create a Configuration File The procedure to create a new configuration file is: • Log in to MX-ONE Manager Telephony System. • Go to Telephony > IP Phone > Configuration file. Press Add new to open the new configuration file. Make sure that Aastra 67xxi family is selected and enter the data into the configuration file which is automatically stored under the correct directory in the IP Phone Software Server when pressing Apply. • 6.
AASTRA 6700I SIP TERMINALS FOR MX-ONE configuration file. For the not registered telephones, see section 6.1 Create a Configuration File on page 15. 6.3 Scratch Pad when Creating the Configuration file If a new parameter has to be added into the aastra.cfg file but there is no support for this new parameter in Manager Telephone System, the scratch pad can be used. Another usage is if MTS creates a parameter value, but another value is requested.
MANAGE THE CONFIGURATION FILES IN MANAGER TELEPHONY SYSTEM 6.5 Retrieve the Back-up Copy If any problem is discovered when a new configuration file has been loaded into the phones and there is a need to go back to the previous version, the following procedure shall be used: 1. Log on to MX-ONE Manager Telephony System. 2. Go to Telephony > IP Phone > Configuration File. 3. Use the back-up retrieve icon. 4.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 7 How to Start a New Phone The phone is delivered with default settings for an IP network. These settings must be adapted to the local network using phone configuration files. If Manager Telephony Server (MTS) is used and chapter 5.1 Install IP Phone SW Server on page 9 has been followed, the phone configuration files are generated and stored on the Software Web Server.
HOW TO START A NEW PHONE 7.1 Boot flow chart Power up To get access to the LAN 802.1x To get Voice VLAN LLDP :Configuration of: -IP address, mask W -DNS servers -Time server -Time zone ofst -Software server URI (opt 66,43) DHCP SW-server configured? N ? Manually configuration Y Connect to SW-server Reboot Get security.tuz No File exists? Recommended protocols: http or https This file contains the encrypted site key. Use the anacrypt tool to create security.tuz and encrypt the config files.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 7.2 Connecting the Phone to a Network To be able to connect the phone to a network, the following parameters must be configured: 7.3 • The phone's IP address, subnet mask, and default gateway. When using DHCP, these parameters are configured automatically. • The IP address of the software server. This address is configured automatically using DHCP, or manually from the phone.
HOW TO START A NEW PHONE • Web UI. The extension number and the PIN code (if used) are defined via the web user interface. The telephone will always be logged on. The user cannot log off the telephone. To set the extension number and PIN via the web UI: Advanced Settings > Line 1 > Basic SIP Authentication Settings Fill in the Phone Number and Password (PIN code if this shall be used) • Telephone UI. The extension number and the PIN code (if used) are defined in the telephone user interface.
AASTRA 6700I SIP TERMINALS FOR MX-ONE softkey5 states: idle softkey5 line: 1 7.3.2 Log on with procedure This method can be useful in a home office scenario when the registration towards MX-ONE is done via a firewall that only allows SIP signaling but not http signaling. The procedure to register the telephone is: • Enter *11*PIN*extension number#. The PIN code must be entered if the PIN code is initiated in TSE.
HOW TO START A NEW PHONE The terminal can be logged of via command extension_unregistration --forced. Then it will prompt for logon after the reboot: Write protect the logoff keyset. Example: Change the logoff key to be a speedial to call the operator and write protect it by prefixing with “!”. !softkey9 type:speeddial !softkey9 label:Operator !softkey9 value:09 The Diversion key kan also be write protected in the similar way.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 8 Managing IP Phone SW 8.1 Phone software and configuration files on the software server If any configuration file or firmware is changed on the software server, the phones are updated when restarted. The following files need to be stored on the software server: .st The application firmware (software) for the phones. The names of the application files are: • 6730i.st, 6731i.st, 6735i.st 6737i.st and 6739i.st • 53i.st, 55i.st and 57i.
MANAGING IP PHONE SW .tuz This is the encrypted model specific configuration file. The configuration file has to be adapted for each installation and then it has to be encrypted, see 19.1 Encrypted Configuration Files on page 77. .cfg When this file is used, it is possible to get unique parameter settings per telephone. This file is optional and the file looks similar to the aastra.cfg file. represents the mac address of the phone. Example: 00085D1B5D8.cfg The settings in .
AASTRA 6700I SIP TERMINALS FOR MX-ONE Web UI • 8.3 Log in to the web interface. Click on Operation > Reset > Restart Phone Firmware upgrade Firmware upgrade can be done in one of the following ways: • Web UI: Advanced settings > Firmware Update • The phone will automatically look for firmware update and configuration files during the boot process. • Define in the configuration file aastra.cfg if and when phones shall check for new firmware and changed configuration file.
RESTART / RESTORE 9 Restart / Restore There are three options: 9.1 • Restart the phone. Can be used when settings shall be applied. • Remove local configuration settings. The settings that are done from the phone UI and web UI are lost. • Restore to factory default. The phone gets the same data as when leaving the factory and removes any saved directory files. Restart Phone UI • Press the Options key • Scroll down and select Restart Phone Web UI • 9.2 Log in to the web interface.
AASTRA 6700I SIP TERMINALS FOR MX-ONE extension_unregistration with parameter forced 9.3 Restore to Factory Default Factory default reset will force the phone to go back to the initial setting. If configuration server is not set via dhcp options, you will need to set it again. If the configuration server shall be accessed via https, only the commercial root CAs (Verisign etc) are preloaded.
ENTERING ADMINISTRATOR MODE 10 Entering Administrator Mode Phone UI • Press (options) key • Scroll down and select Admin Menu 6739i; select Advanced. • Enter the administrator password: 22222 (which is the default password but can be changed) Web UI • Find the IP address of the telephone by selecting Options > Phone Status > IP & MAC Addresses • Enter the IP address to the telephone into the address field in the web browser in the PC and press enter.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 11 Configuring the Phone This chapter describes how to configure the phone from the phone menus as an administrator. This chapter also covers the configuration via the configuration files, aastra.cfg, .cfg or .cfg. The parameters can be set in any of these configuration files, but in this section it is the recommended placing that is described.
CONFIGURING THE PHONE ! directed call pickup prefix: Pickup ! collapsed context user softkey screen:1 softkey selection list: "none,speeddial,line,xml,speeddialxfer,speeddialconf,phonelock,empty" *) *) the options for the softkeys that are working with MX-ONE and is presented in the web UI. 11.3 Automatic LAN Access Control, IEEE802.1x The IEEE802.1x standard is used for port access control authentication. The LAN switch must support IEEE802.
AASTRA 6700I SIP TERMINALS FOR MX-ONE eap type: 1 identity: Phone1 md5 password: Anypass LAN switch Below is an example how to configure a Cisco switch to enable IEEE802.1x: aaa authentication dot1x default group radius dot1x system-auth-control radius-server host X.X.X.
CONFIGURING THE PHONE 11.4 LLDP-MED The telephones have support for Link Layer Discovery Protocol for Media Endpoint Devices (LLDP-MED), which can for example be used to get the VLAN identity or the emergency location identification number (ELIN). In this section it is only the VLAN identity that is described. For information about ELIN, see Administrator Guide for Aastra Models 6700i and 9000i Series IP SIP Phones. Note: If LLDP is not used in the network, LLDP can be disabled in the aastra.
AASTRA 6700I SIP TERMINALS FOR MX-ONE Options > Admin Menu[6739i; select Advanced] > Network Settings > DHCP Settings > DHCP 11.6 Setting the Phone's IP Address If DHCP is used, the phone's IP address is set automatically, using the DHCP server. To be able to set the phone's IP address manually, DHCP must first be disabled on the phone, see 11.5 Enabling / Disabling DHCP on page 33. Options > Admin Menu [6739i; select Advanced]> Network Settings > IP Address 11.
CONFIGURING THE PHONE 11.9 Setting the IP Address of the SIP proxy / registrar The phone is configured with the IP address of the SIP proxy using one of the following methods: 11.10 1. In the configuration file aastra.cfg in the parameter: sip proxy ip. The necessary settings in the configuration file for this are created automatically when using MTS. 2. In the configuration file .cfg in the parameter: sip proxy ip. 3.
AASTRA 6700I SIP TERMINALS FOR MX-ONE The following configuration alternatives are available: • aastra.cfg file. • Phone UI. Options > Preferences > Time and Date • Web UI: Click on Preferences > Time and Date Settings It is possible to use LIM 1 in MX-ONE as a NTP server. 11.12 Configuring Language Settings The language for the display texts and the language for the input via the key pad can be set. English is always available in the telephone and cannot be removed.
CONFIGURING THE PHONE 11.13 Using Shortcut Keys Shortcut keys can be of two types: 11.13.1 • System keys. Keys that are common on all terminals within a certain model. Example: log on/off, diversion, message waiting, corporate directory, etc. • Individual keys. Keys that are unique for each user. Example: speed dial, monitoring keys, extra directory number etc.
AASTRA 6700I SIP TERMINALS FOR MX-ONE – Speed dial (TNS) key. Can also be programmed from a menu in the telephone or from the web interface in the phone.
CONFIGURING THE PHONE Expansion modules can be added to 6753i, 6735i/55i, 6737i/57i and 6739i. When adding an expansion module to the telephone, the keys for MNS, TNS (defined in the PBX), MCT and PEN are moved from the telephone to the expansion module. 11.13.2 Default key layout This chapter shows the default key layout per model. The following system keys can be changed or removed via Manager TS or via editing the model specific configuration files.
AASTRA 6700I SIP TERMINALS FOR MX-ONE The first individual key index and key base (prgkey,softkey or topsoftkey) is also set via ip_telephony.conf The .cfg can be used for a phone to override the default key layout. You may decide that the a specific phone shall have an extension number which shall not be logged off and not to be used for free seating. See Chapter “Logon/Off Key Not Used”. See also 8.2 Installing the Firmware / Configuration files on page 25.
CONFIGURING THE PHONE Services LocalDir CallList MsgWaiting Diversion Logon /Log off CorpDir Figure 5: Aastra 6735i/55i Save (directory) Delete (directory) Local directory Callers list Transfer Log on /off Figure 6: Aastra 6753i 26/1531-ANF 901 14 Uen E10 2014-01-22 41
AASTRA 6700I SIP TERMINALS FOR MX-ONE Log on/off CorpDir Diversion MsgWaiting Callers list Services Figure 7: Aastra6739i Log on / off Save contacts MsgWaiting Delete contacts Diversion Directory (*) Services Callers list (*) Local or corporate Figure 8: Aastra 6730/31 42 26/1531-ANF 901 14 Uen E10 2014-01-22
CONFIGURING THE PHONE 11.13.3 Flexible IP Function keys in MP For most telephone models, Manager Provisioning makes keys available for individual programming based on the assumption that both ip_telephony.conf and the model specific configuration file has standard definitions. For the 6730i and 6731 models, Manager Provisioning analyzes the actual settings to determine which function keys are available for individual programming.
AASTRA 6700I SIP TERMINALS FOR MX-ONE Note: Each Telephony Server holds a copy of the ip_telephony.conf file. For consistency and simplicity, any change to it should be made consistently on all telephony servers. Settings apply to all telephones of the same model: In the example above, the logon/logoff key is disabled for all 6731i telephones, and all keys are open for programming since the offset value is zero. 2. Restart unit SIPLP, to activate changes. Use command restart -u SIPLP --lim x. 3.
CONFIGURING THE PHONE Figure 11:Configuration Server Settings 5. Restart the phone. 6. Open MP, and click Telephony tab. Add a SW server for your configuration files. 7. Restart a unit SIPLP, to activate changes, use command restart -u SIPLP-lim x. Figure 12: SW Server 8. Specify a IP Phone server and a domain folder, if used.
AASTRA 6700I SIP TERMINALS FOR MX-ONE the phone). This is done in the Subsystem task by selecting the IP Phone Server in the dropdown list and selecting one of the available folders in the Domain Folder dropdown list.The admin may also manually type in any IP Server address, at which the MP should read the model specific configuration files.
CONFIGURING THE PHONE Figure 14:MTS settings, in this example keys 2-8 are flexible as key 1 is locked. Note: If you want a different function keys layout on some special extensions even if they are using the same telephone model as the default extension, you can do this by: 1. Define a different model configuration file, e.g. 6731i.cfg, in Configuration File task in MTS, see chapter 6, and store it in another folder (Domain or Subnet) or on a different IP Phone Server. 2.
AASTRA 6700I SIP TERMINALS FOR MX-ONE logs on with another telephone. Speed dial data initiated via MX-ONE follows the user. To program speed dial to a programmable key (hard key) that is empty from the phone UI: 1. Press the key for a couple of seconds until the input field appears in the display. 2. Enter the name and the number (or procedure with * and #).
CONFIGURING THE PHONE call to the associated monitored extension is received. This feature is enabled in the aasta.cfg file: blf activity page switch:3 There are the following options: • 0: Page switching disabled. Default value. • 1: Switch page when the monitored extension receives a call. • 2: Switch page when the monitored extension receives a call or put the call on hold. • 3.
AASTRA 6700I SIP TERMINALS FOR MX-ONE tory numbers are represented on line keys or softkeys. The EDN number has basically the same characteristics as the Line1 except for busy; when there is a call on an EDN line, the line is regarded as busy. When there is a call on Line1 it is still possible to receive another call on Line2. The EDN keys are initiated with Manager Provisioning (or via the MX-ONE command interface). No settings in the aastra.cfg file are needed.
CONFIGURING THE PHONE 11.13.10 Conference key The hard key for conference in A6730i/31i/39i is defined in the aastra.cfg template file, and of course when using MTS to create the configuration file, to send a DTMF digit to the exchange. The possibility to initiate a three part conference locally in the phone is disabled. The conference softkey sends an xml request to the exchange to initiate a conference. 11.14 Initiating Data from Manager Provisioning Manager Provisioning (MP) is used to set data e.g.
AASTRA 6700I SIP TERMINALS FOR MX-ONE Figure 15:Manager Provisioning. Key data for 6757i In the example above the softkeys Log on/off, Services, Corp Dir, Msg Wait, key 9 and More belongs to the first page. Key 10,11, 12, 13, 14 and More to the next page and 15,16,17,18,19 and 20 to the last page. 11.15 Dial Plan The dial plan is defined via the configuration file. In the aastra.
CONFIGURING THE PHONE With this setting the # character will be sent to the PBX in a correct way, even in the middle of a procedure for example *42#B-number#. 11.16 Authentication code shall not be visible When entering a service code procedure containing an authorization and PIN code, it is possible to prevent the authorization or PIN code to be stored in the logs. The configuration for this is done in the aastra.cfg file.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 11.18 Diversion / Call Forward Pressing the Diversion key gives the the following options: • Presence, see 11.21 Configuring Presence Services on page 56. • Follow-me. The user must enter the number of the new answering position. • External follow-me. The user must enter the external number including the external access code. • Do Not Disturb.
CONFIGURING THE PHONE – • 11.19 Call List Deactivation Forbidden (which means that the user is not allowed to deactivate the personal number list) MP: If a number of new extensions shall be created with default personal number list: – Create a new template for an extension with the CSP created above. – Select Personal Number - > Edit. Use the option ODN (own directory number) as first position in the list.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 11.20 Configuring Ring Signals The adaptation of the ring signals for the market is made from the configuration file. The tables below shows values to be set for Europe / Standard and for North America application systems.
CONFIGURING THE PHONE 11.22 Using DNS SRV Resource Records DNS SRV resource records can be used to implement more alternatives for redundancy than just sip proxy and sip backup proxy. This feature can also be used when a local branch office sip proxy shall be used. DNS SRV records can be defined in the DNS server or in the aastra.cfg file. The phone performs an SRV lockup when the IP address of the server is a fully qualified domain name (FQDN) and the corresponding port is set to 0.
AASTRA 6700I SIP TERMINALS FOR MX-ONE The hostfile.txt is used to translate the domain name to IP address. This file shall be available on the sw server together with the aastra.cfg file. The host file is downloaded to the phone at restart. When the telephone is registered towards the backup registrar and when the user initiates a call, the INVITE will be sent to the primary registrar first, which causes a delay of the call with 3-4 seconds.
CONFIGURING THE PHONE 11.26 Selection of Transport Addresses (Port Numbers) The table below shows the default port numbers. The ports are possible to change via the aastra.cfg file. For more information, see Administrator Guide for Aastra Models 6700i and 9000i Series IP SIP Phones. Table 6 UDP/TCP default ports used by the phone Type of signalling 11.27 Minimum Maximum Comment RTP 3000 The first media stream, uses 3000. The second mediastream uses 3002 and so on.
AASTRA 6700I SIP TERMINALS FOR MX-ONE HLR server has reached its limit, an alternative server will be able to accept the registration. When this feature is used, the balancing of the registration load has to be considered already during the deployment of the system, e.g. an even initiation of the generic extensions among the available servers. To activate the registration distribution feature in MX-ONE enter the command: extension_registration_distribution -i 11.
CONFIGURING THE PHONE When the telephone is registered towards the backup registrar and when the user initiates a call, the INVITE will be sent to the primary proxy first and then to the backup proxy, which causes a delay of the call with 3-4 seconds. 11.29 Registration at Branch Offices The branch office scenario means that the telephones are registered to to PBX in the main office and if the connection to the main office fails, the phones shall register to a local SIP server.
AASTRA 6700I SIP TERMINALS FOR MX-ONE To be able to access the directory function some parameters in the aastra.cfg file of the phone have to be set, see the example below: softkey6 label: "Corp Dir" softkey6 type: xml softkey6 value: http:///xml/directory/CorpDir.php softkey6 line: global softkey6 states: idle, connected, incoming, outgoing The phone sends a http request with the search criteria to the directory server and receives a list with the search result. The answer is in xml format.
PASSWORDS AND PIN CODES 12 Passwords and PIN Codes The following passwords or PIN codes are used when working with these phones: • PIN code for registering the phones to MX-ONE. The user can change the PIN code with the procedure: *74*old PIN*new PIN# It is recommended to use PIN code to avoid that an end-user can log on with another end-user’s directory number. 12.1 • Administrator password for accessing the phone using the phones' web interface or the phone menus.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 13 Headset Wireless headsets according to the DHSG protocol as well as headsets with cable can be used with 6735i/37i, 6737/57i, 6739i and 6753i. To connect the phone to a DHSG compatible cordless headset, a special cable from Aastra must be used. The article number is: 62-001134-00.
EXPANSION MODULES 14 Expansion Modules There are two types of expansion modules; M670i and M675i. M670i is a key panel unit with 36 keys. Paper labels are used to label the keys. Maximum 3 modules can be connected to the telephone. The following models has support for the key panel unit: 6753i, 6735i/55i, 6737i/57i and 6739i. M675i is a display panel unit with 60 soft keys, with 20 softkeys on each page which means 3 pages. A LCD display is used to label the keys.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 15 Emergency Calls Even if the telephone is not registered to the PBX, it is possible to make emergency calls. The sip proxy ip parameter in the configuration file, defines where the telephone sends the INVITE with the SOS number. No registrar is required for this. For more information how to set up the sent A-number, see Emergency Calls, SOS calls (5/15431-ANF90143) in the CPI library.
VOIP RECORDING 16 VoIP Recording It is possible to record voice calls to a central recording equipment. The phones that shall have recording are monitored via the CSTA interface and this means that an Application Link or an Open Application Server (OAS) must be used to provide the CTI interface to the recording system. The call events and the IP address to the phones to be monitored are sent over the CSTA interface.
AASTRA 6700I SIP TERMINALS FOR MX-ONE Below is an example how to set the parameters in the configuration file: recorder address1: 192.168.1.20 recorder address2: 192.168.1.21 #recording destination1: recording destination beep: 0 sip services transport protocol: 1 sip services port: 7300 Recorder addressN specifies the trusted IP addresses corresponding to the recording system.
VOIP RECORDING In the second option, the recording key is defined as a key of the type xml with the url as parameter value. For example with the recording system from the vendor ASC: • Start recording: http://192.105.88.152:8080/XVOIPService?page=START& OPN=$SIPUSERNAME$$ where n is the extension number added by the telephone. The IP address and port number must match the recorder’s listening IP address and port number. • Stop recording: http://192.105.88.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 17 Quality of Service (QoS) It is not possible to view the QoS statistics via MX-ONE.
DHCP SERVER 18 DHCP server 18.1 Data from DHCP The phone has support for DHCP by which the following IP configuration data can be provided: • Own IP address, subnet mask and default gateway, received in the DHCP standard fields (1 and 3). • The VLAN used for the phone can generally be set in option 132 or be part of Option 43. If the phone’s configuration has another value than that of the option value it will configure according to the Option 132 value and making a reboot.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 18.3 DHCP Settings for Option 43 and 60 DHCP option 60 (vendor class identifier) and option 43 (vendor specific information field) can also be used to get the software server address and also to load a unique configuration file dependant on telephone type.
DHCP SERVER 18.3.1 Define Vendor Class Select Define Vendor Class in the drop down list. Figure 16:Define and add the vendor class To enter the Vendor Class ID, click on the right side below ASCII in the large form field. Enter the Identifier Value from table 7 above. Repeat this step for each phone model that should be served by this DHCP server.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 18.3.2 Set Predefined Options Select Set Predefined Options to get the menu to enter the option 43 data. Figure 17:Set Predefined Options Select appropriate option class from the drop down list and press the Add button.
DHCP SERVER Figure 18:Predefined Options and Values The data in the Option Type menu has to be entered manually: Name: Configuration Server URL Data type: String Code: 02 Repeat this for each phone model that should be served by this DHCP server. If VLAN identity shall be provided via option 43, repeat this for code 08 and code 09, see table 9 Options that can be set in option 43.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 18.3.3 Set Scope Options The last step is to set the URL string. Figure 19:Set Scope Options Select appropriate Vendor class and set the User class to Default User Class. Activate option 002 and enter the URL of the software server (configuration server) in the input field String value. Repeat this for each phone model that should be served by this DHCP server.
SECURITY 19 Security This section describes the encrypted configuration files, SIP signaling with TLS and media with SRTP. 19.1 Encrypted Configuration Files The aasta.cfg, .cfg and .cfg files can be encrypted and downloaded to the phone from the software server with the http or https protocol. Aastra provides a tool for Windows and Linux to encrypt the configuration files. This tool is called anacrypt. Use the following procedure: 1. Create the file security.
AASTRA 6700I SIP TERMINALS FOR MX-ONE means that the phone will setup a TLS session which it will keep as long as it is registered (logged on). Both the server and the phone will make use of the session to setup calls. Persistent mutual TLS is referering to the additional mutuality in the TLS handshake where the server requests the the client’s signed certificate. Otherwise only the client requests the servers certificate. 19.
SECURITY 2. MX-ONE: For certificate handling see operational directions Certificate Management (132/15431-ANF90114) in the CPI library. 3. 6700i phones: The only certificate that is necessary is the root certificate. The key storage for MX-ONE certificates is /etc/opt/eri_sn/certs/. The root CA is called, CA.pem. Copy CA.pem to the configuration server, i.e. the same directory as where aastra.cfg resides. You may set the file name of the root certificate via MTS or directly in the aastra.cfg. 4.
AASTRA 6700I SIP TERMINALS FOR MX-ONE Check the CMG documentation if Corporate directory is to use https (TLS), for example: https://192.20.22.11/xml/directory/CorpDir.php 5. Per default a time server (using NTP as protocol) needs to be enabled via DHCP Option 42 or via configuration parameters. The configuration parameter has precedence over Option 42. The phone must have a valid date and time in order to verify the server certificate’s expiry time. As TLS is a per-hop protocol.
SECURITY The benefit having the SBC server certificate signed by a commercial CA (Verisign, Thawte, GeoTrust, Comodo or CyberTrust) is that these root CAs are pre loaded in the phone firmware. A root CA is required prior to the TLS handshake with the Configuration Server when HTTPS is used as download protocol. The following example shows how to get it working with an SBC that has a self-signed server certificate (meaning that the root CA is the server who has the server certificate).
AASTRA 6700I SIP TERMINALS FOR MX-ONE time server disabled:0 #0-NTP enabled time server1: #skip this setting if DHCP Options 42 is used 3. The atHome directory shall consist of model specific configuration files, aastra.cfg and if you have a selfsigned certificate you should skip the phone FW as an upgrade will remove the certificate loaded. Only changes from the aastra template is described.
SECURITY Ingate Relay setting for port 22223. However, if extension_registration_distribution is active the proxy, registrar will be set according to the extension’s Home Location Register (HLR) (see the lim setting in command extension -p) sip proxy ip: 0.0.0.0 sip proxy port: 0 sip registrar ip: 0.0.0.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 20 Troubleshooting 20.1 Capture logfiles via SYSLOG When log files for troubleshooting purpose shall be retrieved from the telephone, it is possible to use the external syslog feature in Linux for storing or the Kiwi Syslog Server. Setup the SYSLOGD server In the MX-ONE system: Uncomment the following line in /etc/syslog-ng/syslog-ng.conf.in # # uncomment to process log messages from network: # udp(ip("0.0.0.
TROUBLESHOOTING Enter the debug levels according to the table below, into the web UI: Table 10 Debug level Debug level Value Fatal errors 1 (default) Errors 2 Warnings 4 Init 8 Functions 16 Info 32 All debug levels off 0 All debug levels on 65535 The debug levels can be combined. Example: Fatal errors + Errors + Warnings = 1 + 2 + 4 = 7. When fault reporting in TeamTrack, the traces shall normally be with the highest debug level.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 21 Appendix 21.1 Teleworker with persistent mutual TLS (MTLS) Reference http://en.wikipedia.org/wiki/Transport_Layer_Security Any TLS will encrypt the SIP signaling to prevent eavesdropping. However if the simple TLS handshake used in ‘persistent TLS’ is used only the server is authenticated by its certificate (this is the method used in chapter 19.5 “How to enable security for home worker on Aastra 6700i”).
APPENDIX Create a CA >openssl genrsa -aes256 -out private/cakey.pem 1024 [password: test] >openssl req -new -x509 -days 3650 -key private/cakey.pem -out ca.pem -set_serial 1 [answer cert questions accordingly] Keep the shell open. We will use it for openssl commands from time to time in this chapter. Now, generate the TLS cert request on the SBC, which shall be signed by CA on openssl to be the Server certificate, when imported back to the SBC.
AASTRA 6700I SIP TERMINALS FOR MX-ONE 21.1.2 Configure the phones to use persistent MTLS Copy the following certificate related files from the openssl (Enterprise CA) to the phones’ Configuration Management path (the same place as where the aastra.cfg is stored). When following chapter 19.5, the path would be to /atHome. ca.pem - public CA signing phonecert.pem phonecert.pem - signed client certificate private/phonekey.pem - client private key aastra.
