HP VCX Software manual Table of Contents

Page 5

Table of Contents


Part I. Introduction to 3Com VCX IP Telecommuting Module			i
1.	Introduction to 3Com VCX IP Telecommuting Module		1
2.	Installing 3Com VCX IP Telecommuting Module		7
3. Conﬁguring 3Com VCX IP Telecommuting Module			17
Part II. How To			27
4. How To Conﬁgure SIP			29
5. How To Conﬁgure Advanced SIP			55
Part III. Description of 3Com VCX IP Telecommuting Module Settings			73
6.	Basic Conﬁguration		75
7.	Administration		103
8.	Network Conﬁguration		119
9.	Logging		137
10.		SIP Services	159
11.		SIP Trafﬁc	185
12.		Tools	217
13.		Firewall and Client Conﬁguration	223
Part IV. 3Com VCX IP Telecommuting Module Serial Console			227
14.		Basic Administration	229
15.		Command Line Reference	237
Part V. Appendices			319
A. More About SIP			321
B. Troubleshooting			329
C. Lists of Reserved Ports, ICMP Types and Codes, and Internet Protocols			335
D. Deﬁnitions of terms			347
E. License Conditions			359
F. Obtaining Support for Your 3Com Products			431
Index			435

i

Image 5

Contents Version 3Com Telecommuting ModulePage United States Government Legend Page Table of Contents Page Part I. Introduction to 3Com VCX IP Telecommuting Module Page Conﬁguration alternatives What is a Telecommuting Module?Introduction to 3Com VCX IP Telecommuting Module DMZ/LAN Conﬁguration DMZ ConﬁgurationStandalone Conﬁguration Quick guide to 3Com VCX IP Telecommuting Module installationIntroduction to 3Com VCX IP Telecommuting Module About settings in 3Com VCX IP Telecommuting Module Introduction to 3Com VCX IP Telecommuting Module Installation Installing 3Com VCX IP Telecommuting ModuleInstallation with magic ping Installation with a serial cablePage Page Page Page Installation with a diskette Page Page Remember to lock up the Telecommuting Module Turning off a Telecommuting ModuleInstalling 3Com VCX IP Telecommuting Module Log on again Conﬁguring 3Com VCX IP Telecommuting ModuleLogging on Site Map NavigationLog out SIP Services AdministrationBasic Conﬁguration Network ConﬁgurationOverview of conﬁguration Quality of ServiceFailover Virtual Private NetworksPreliminary and permanent conﬁguration Page Mask/Bits IP addressNo. of computers Mask Bits Name queries in 3Com VCX IP Telecommuting ModulePage Conﬁguring 3Com VCX IP Telecommuting Module Part II. How To Page Networks and Computers How To Conﬁgure SIPDMZ Telecommuting Module, SIP server on the WAN Surroundings Interoperability Basic SettingsRouting FilteringSave/Load Conﬁguration DMZ Telecommuting Module, SIP server on the LANNetworks and Computers Basic Settings Routing Standalone Telecommuting Module, SIP server on the WAN Basic Settings Filtering Standalone Telecommuting Module, SIP server on the LAN Client SettingsBasic Settings Interoperability DMZ/LAN Telecommuting Module, SIP server on the WAN Basic Settings Filtering DMZ/LAN Telecommuting Module, SIP server on the LAN Interoperability Filtering LAN Telecommuting Module Surroundings Filtering Remote SIP Connectivity Firewall How To Conﬁgure SIP Outgoing Calls How To Conﬁgure Advanced SIPShow One Number When Calling Show Different Numbers When Calling Incoming Calls Page Authentication by Accounts a.k.a SIP Trunk via SIP accounts Page Page Page Incoming Calls Page Multiple Operators Least Cost Routing Page Multiple PBXs How To Conﬁgure Advanced SIP How To Conﬁgure Advanced SIP Page Page Page Page Basic Conﬁguration Basic ConﬁgurationGeneral Name of this Telecommuting ModulePolicy For Ping To Your 3Com VCX IP Telecommuting Module Default domain IP PolicyDNS Servers Cancel Access ControlSave Look up all IP addresses againConﬁguration Transport User Authentication For Web Interface AccessConﬁguration Allowed Via Interface Conﬁguration via Https Conﬁguration via HttpDNS Name Or Network Address Conﬁguration ComputersConﬁguration via SSH Netmask/Bits Network addressRange Via IPsec PeerRadius Radius server Radius ServersPort SecretStatus for Radius Servers IdentiﬁerContact IP Address Sent requests ScoreReceived replies Consecutive sendsValue Conﬁguration of a Radius serverTelecommuting Module IP address to respond to Snmp requests Snmp v1 and v2cContact person Node locationAccess via SNMPv3 Access via SNMPv1 and SNMPv2cSnmp CommunityAuthentication PasswordSnmp Traps UserTrap sending function Resource MonitoringTrap receiver VersionSIP Sessions Trap Levels Download the 3Com MIBSIP User Registrations Trap Levels CPU Load Trap LevelsDynDNS service Dynamic DNS updateDynDNS General Conﬁguration Use DynDNSUser, Smtp Server IP address for updatesWildcard hostnames Ofﬂine URL redirection UsernameSmtp server is backup DNS Names to Update at DynDNSSmtp server DNS NamePrivate Certiﬁcates CertiﬁcatesName CertiﬁcateCreate certiﬁcate or certiﬁcate request CA Certiﬁcates CA Certiﬁcate TimeoutsAdvanced Timeout for two-way UDP connections Timeout for one-way UDP connectionsTimeout for established TCP connections Timeout for Icmp connectionsDMZ/LAN Conﬁguration Change Telecommuting Module Type to Telecommuting Module Type conﬁgurationCurrent Telecommuting Module Type Change type Duration of limited test mode AdministrationSave/Load Conﬁguration Test Preliminary ConﬁgurationApply conﬁguration BackupShow Message About Unapplied Changes Save/Load CLI Command File Revert to Old Conﬁgurations Show ConﬁgurationAbort All Edits Reload Factory ConﬁgurationOld password User AdministrationPassword For the ’admin’ Account Change administration password New password, Conﬁrm passwordOther Accounts Account TypeCurrently Logged In Administrators Upgrade UpgradeLog Out StepAccept upgrade Try the upgradeAbort upgrade Table LookEdit Column Change Time Zone Date and TimeDate Change Date and Time ManuallyTime Set date and time manuallySynchronize time with NTP NTP Servers To Use If NTP Is EnabledChange Date and Time With NTP Restart Reboot Your 3Com VCX IP Telecommuting ModuleRestart the SIP Module Automatic Restart of the SIP ModuleAdministration Administration 118 Networks and Computers Network ConﬁgurationLower Limit NameSubgroup Interface/VLAN Upper LimitDelete Row CreateMain Default Gateways Default GatewayPriority InterfaceGateway Reference Hosts Policy For Packets From Unused GatewaysInterface name Interface Network Interface 1Physical device Obtain IP Address Dynamically Directly Connected NetworksBroadcast address AliasVlan Id Vlan NameStatic Routing Router Routed networkNamed VLANs VlanInterface Status Interface StatusPPPoE Client Status Dhcp Client StatusKeep Alive AuthenticationPPPoE Log class for PPPoE negotiations SurroundingsLCP echo-request interval Additional Negotiators Data InterfacesNetwork Select a data interface here Network Conﬁguration 136 Display Log LoggingSearch the Log Display logPacket Selection Support ReportIP Address Selection Packet Type SelectionProtocol/Port Selection All IP protocolsIcmp Call-ID SIP Packet SelectionSIP Methods IP addressesTime Limits Show newest at top Show ThisExport the Log Clear form LogRST Display LoadTime Period Packet LoadDirection UnitValue Diagram Size DiagramDiagram Heading View diagramLog class for non-SIP packets Inbound TrafﬁcLog class for spoofed packets Log class for broadcast packetsLog class for Radius errors Log class for email errorsLog class for Snmp errors Log class for Dhcp requestsLog class for IPsec key negotiations VPN EventsLog class for IPsec key negotiation debug messages Log class for ESP packetsSIP Events Other Local Log Log ClassesEmail Address Syslog Log SendingSyslog Servers Smtp ServerStatus for Outbound Email Reverts the ﬁelds to the previous conﬁguration 157 Logging 158 Administration of SIP SIP ServicesBasic Settings SIP ModuleProvisioning Relay Additional SIP Signaling PortsTransport CommentSIP Servers To Monitor SIP Media Port RangePublic IP address for NATed Telecommuting Module Server SIP LoggingLog class for SIP signaling Relaxed Refer-To InteroperabilityLoose Routing Translation Exceptions Remove Via HeadersSIP Server Except this from translationAlways Translate This Expires HeaderForce Translation URI Encoding User Matching Signaling Order of Re-INVITEsLoose Username Check Transmit RTP/AVP With sdescriptions Accept RTP/AVP With sdescriptionsForce Record-Route for Outbound Requests Force Record-Route for All RequestsAccept TCP Marked As TLS Force Remote TLS Connection ReuseRemove Headers in 180 Responses Allow Large UDP PacketsPreserve RFC 2543 Hold Forward Cancel BodyUse Cancel Body In ACK Convert Escaped Whitespaces in URIs Allow RFC 2069 AuthenticationOpen Port 6891 For File Transfer Ports and the maddr Attribute Keep User-Agent Header When Acting as B2BUAStrip ICE Attributes Timeout for SIP over TCP/TLS Session timerSessions and Media Session ConﬁgurationLimitation of sender of media streams Media ConﬁgurationAllowed number of concurrent sessions Limitation of RTP Codecs Type CodecsName This Codec Is AllowedMusic on Hold Redirection Local RingbackLocal Ringback Played at Call Transfer Ring Tone for Local RingbackMaximum timeout for Invite requests Default timeout for Invite requestsRequests SIP blacklist intervalRemote SIP Connectivity Base retransmission timeout for SIP requestsMaximum number of retransmissions for Invite requests Maximum number of retransmissions for non-INVITE requestsStun server Stun ServerStun server IP addresses Stun portsRemote NAT Traversal Remote Clients Signaling ForwardingRemote NAT traversal IP Address for Remote ClientsNAT timeout for TCP NAT timeout for UDPForward Signaling from IP Address NAT keepalive methodSIP Methods SIP TrafﬁcTrafﬁc To MethodAllow AuthSender IP Filter Rules FilteringFrom Network ActionDefault Policy For SIP Requests Content TypesContent Type AllowHeader Filter Rules Local SIP Domains Default Header Filter PolicyLocal Registrar Domain Local SIP User DatabaseRegister From Authentication and AccountingAuthentication Name SIP User Database Authentication settingsUse P-Asserted-Identity Asserted-IdentityTrusted Domains NetworkRadius Accounting Dial PlanUse Dial Plan Emergency NumberReg Expr Matching From HeaderPreﬁx Matching Request-URIHead TailMin. Tail Forward ToSubno Replacement URIDial Plan Forward To Request-URIAdd Preﬁx Enum RootRegister in Dial Plan Methods in Dial PlanMethod Enum Root RoutingDNS Override For SIP Requests SIP Routing Order WeightRelay To PortRouting Function Class 3xx Message ProcessingRequests To User Static RegistrationsAlso Forward To UserAlways handle Refer locally Local Refer HandlingFor clients not supporting Refer Sip/sipsFor dialogs with speciﬁed From URI For clients not supporting replacesFor dialogs with speciﬁed User-Agent header From URIs For Which Refer is Handled LocallyRestrict Incoming Callers User RoutingAlias Action ForwardSend To Voice Mail Voice Mail Server From Domain Outbound ProxyRequest-URI Domain Domain or IP AddressGateway Tel URIsMonitored SIP Servers Registrar and Session StatusActive Sessions Monitored SIP server Registered UsersMonitored SIP server status Registered fromPacket Capture ToolsNetwork Interface Selection IP Address SelectionTools Any Icmp Collect data Check NetworkCheck Network Test ResultsPage Tools 222 DMZ type Firewall and Client ConﬁgurationSIP over UDP SIP over TCP/TLSSIP clients DMZ/LAN typeStandalone type SIP clients Part IV Com VCX IP Telecommuting Module Serial Console Page Main Menu Basic AdministrationConnecting to the serial console Command line interface Set passwordExit admin Wipe email logsDeactivate other interfaces Physical device nameConﬁgure from multiple computers Conﬁgure from a single computerPassword Wipe email logs Exit admin Set passwordBasic Administration 236 Help and Troubleshooting Command Line ReferenceCommand Reference Modifying Tables Load-factory List-tablesModify-row Revert-editsTable Deﬁnitions Conﬁg.authlogclass Conﬁg.allowconﬁgConﬁg.allowviainterface Conﬁg.httpservers Conﬁg.authenticationConﬁg.httpsservers Conﬁg.mgmtlogclassFent.alwaysfent Failover.ifacerefhostsFentalwaysfentexceptions FentalwaysfentinterfacesField Name Field Type Explanation Enabled OnOffToggle Fent.mapsignaladdressFent.fentkeepalive Fent.mediareleaseﬁrewall.blindroutepolicy ﬁrewall.defaultpolicyﬁrewall.broadcastlogclass ﬁrewall.dhcplogclassﬁrewall.pingpolicy ﬁrewall.networkgroupsﬁrewall.ownlogclass ﬁrewall.policylogclass ﬁrewall.servicesﬁrewall.spooﬁnglogclass ﬁrewall.timeclassesIdsips.predeﬁnedipsrules Idsips.activeIpsec.cryptodef Idsips.ratelimitedipsIpsec.espproposals Ipsec.espahlogclassIpsec.ikeproposals Ipsec.ikelogclassIpsec.ipsecnets Ipsec.nattkeepaliveIpsec.plutoverboselogclass Ipsec.plutologclassIpsec.radiusauthserver Field Name Field TypeIpsec.x509cacerts Ipsec.tunnelednetsIpsec.userauthlogclass Ipsec.x509cert Misc.conntracktimeoutsMisc.dnsservers Misc.dyndnsMisc.fversion Misc.dyndnsnameMisc.ntpservers Field Name Field Type Explanation DomainNameMisc.unitname Monitor.cpuloadlevelalarmMisc.usentp Monitor.emailalertlogclassMonitor.radiuserrorslogclass Monitor.memorylevelalarmMonitor.hardwarelogclass Monitor.logclassesMonitor.snmpagentlogclass Monitor.siplevelalarmsMonitor.snmpagentaddress Monitor.snmpmanagementstations Monitor.snmpcontactpersonMonitor.snmpnodelocation Monitor.snmppacketlogclassMonitor.snmpv3access Monitor.snmpv1v2caccessMonitor.snmptrapsending Monitor.snmpv1v2cauthMonitor.syslogservers Network.extradefaultgatewaysMonitor.watchdogs Network.aliasaddressesNetwork.pppoe Network.interfacesNetwork.localnets Network.routes Network.routetestserversNetwork.vlans Field Name Field Type Explanation Server DnsIpAddressPptp.pptpenable Password.adminusersPptp.grelogclass Pptp.pptplogclassPptp.pptpusers Pptp.pptpserveripPptp.pptpneglogclass Field Name Field Type Explanation PPTPOwnIpReferenceQos.classes Qos.bandwidthsQos.egressqueueing Qos.egressdefaultqueueingQos.ingressdefaultqueueing Qos.sipcac Qos.ingressqueueingQos.status Qos.taggingSip.active Sip.acceleratedtlsSip.addexpireheader Sip.allowedcodecsSip.authmethods Sip.defaultgatewaySip.b2buaofferfromtemplate Sip.codecﬁlteringSip.externradiusdb Sip.emergencySip.externalrelay Field Name Field Type Explanation DnsIpAddressSip.ﬁxﬁletransferport Sip.forwardcancelbodySip.forcemodify Sip.forwardtoheaderSip.headerﬁlterrules Sip.headerﬁlterdefaultSip.ignoreuriportwhenmaddr Field Name Field Type Explanation Action SipﬁlteractionselSip.lcscompanion Sip.largeudpSip.listen Sip.localdomainsSip.looseusernamecheck Sip.looserefertoSip.lrtrue Sip.mediaencryptionpolicySip.mediaencryptionsuite Sip.mediaencryptionsettingsSip.mediaports Field Name Field Type Explanation Portslower PortNumberSip.mediarestriction Sip.mediatimeoutsSip.message Sip.mfullSip.mimetypes Sip.optiontimeoutSip.monitorserver Sip.musiconholdSip.outboundproxy Field Name Field Type Explanation Timeout OptionTimeoutSip.percent20towhitespace Sip.preserve2543holdSip.recurseon3xxinb2bua Sip.radiusacctSip.registrarlimits Sip.relayrulesSip.replyconﬁg Sip.removeviaSip.rewritetoforregisterindp Sip.ringbackSip.routingorder Sip.routeusesportSip.rroutealways Sip.rrouteoutboundSip.siperrorslogclass Sip.signaladdressfordestinationSip.sessionlimits Sip.sipaliasSip.siplicenselogclass Sip.sipsignalinglogclassSip.sipmedialogclass Sip.sipmessagelogclassSip.sttype Sip.tcptimeoutSip.stripiceattributes Sip.surroundingsSip.tlscacerts Sip.tlssettingsSip.tlsclientcfg Sip.tlsservercfgSip.trusteddomain Sip.transactionconﬁgSip.uriencoding Field Name Field Type Explanation UriencodingselSipswitch.accounts Sip.usecancelbodyinackSipswitch.b2buatransferenable Sip.uaregisterSipswitch.dialplan Sipswitch.b2buatransferfromuserSipswitch.dialplanenable Field Name Field Type Explanation User AliasAliasSipswitch.enumroot Sipswitch.dialplanmethodsSipswitch.forwardto Field Name Field Type Explanation Enabled FallbackselSipswitch.requestfrom Sipswitch.incomingunauthSipswitch.requestto Field Name Field Type Explanation Url SipWildcardUrlSipswitch.users Sipswitch.userroutingUserdb.radiuslocalendpoint Sipswitch.voicemailUserdb.radiusservers Voipsm.voipsmAdminTypeSel AdminPasswordField Types Voipsm.voipsmdomainsAliasAlias AdminUserAliasIpReference AliasUser AuthDataCertReference CaReferenceCryptoDefReference DepUsableVlanInterface DnsDynIpAddress DnsDynIpNetworkInterface DnsDynIpOtherHostDyndnsServiceSel DyndnsPasswordEnumReference EspCryptoReference FirewallLogclassReferenceInviteRetransmitCount InterfaceSelIpsRuleName IpsecAuthSelLogclassReference IsakmpSALifeMaxMessageSizeInteger MaxRegOnOffButton NonemptyStringOnOffToggle OnOffToggleOnOptComment OptDnsAutoRuntimeReachableHost OptDnsIpAddressOptDSCPInteger OptDepOwnIpReferenceOptIcmpRangeList OptForwardToReferenceOptIpsecNetReference OptIpsecPeerReferenceOptServicesReference OptPasswordOptPercent OptPercentFloatOptSipUserDomain OptionTimeoutOptString OptTimeclassReferenceRegTimeout PptpPasswordPPTPOwnIpReference PercentSipUserDomainDefaultAll SessionTimeoutSipUserPassword SIPRadiusSelTimerAFloat SnmpPasswordSipWildcardUrl SubGroupAccountvoicemailsel AccounttypeselAutonegsel AddexpireheaderselBlindsel BypasstransportselDpactionsel ConﬁgauthselFallbacksel FentkeepaliveselFwtypesel FunctionselHitsnumber MediaencryptionsuiteselPolicysel PingpolicyselPqueuesel QostypeselRegexpwithAt Rfc2782weightRestfuncsel Rfc2782prioritySipﬁlteractionsel SipauthdirselSipfunctionsel SipselSnmpv3authsel SnmptrapversionselSnmpv3privacysel SttypeselTlsservermethods SysloglevelselTlsclientmethods Trusteddomaintransportsel TlsconfselUriencodingsel VoipsmmethodselWindownumber CLI command examplesAdd and change ﬁrewall rules Apply a conﬁguration Part V. Appendices Page SIP Protocol Why use SIP?Appendix A. More About SIP Conﬁguring the 3Com VCX IP Telecommuting Module Managing Your Own SIP DomainSIP and Firewalls Page Conﬁguring the SIP Clients Conﬁguring the PBXConﬁguring the DNS Server Establishing a SIP session SIP SessionsSIP in 3Com VCX IP Telecommuting Module Contact SIP Packet HeadersVia Content-TypeRecord-Route RouteAppendix A. More About SIP 328 Network troubleshooting Appendix B. TroubleshootingNo trafﬁc shown in the log Trafﬁc discarded as spoofedSIP users can’t register on the Telecommuting Module SIP troubleshootingSIP users can’t register through the Telecommuting Module SIP Trunking calls via SIP operatorCall is established, but there is no voice Administration troubleshootingLog Messages SIP errorsSIP send failure -1 on socket -1 event number Destination IP addressport is known bad. SkippingStarting SIP TCP server at port IPsec key negotiationsStarting SIP UDP server at port Stopped SIP TCP serverConﬁguration server logins Name Port/protocol Description List of the most important reserved portsWWW Cmip Krcmd Kerberos encrypted remote shell -kfall Type Name List of Icmp typesIcmp type Name Code Description Icmp codesType Name Reference Unreachable for Type Protocol number Keyword Internet protocols and their numbersIP intervals Set bits Mask IP address class Class IP in- tervals Reserved IP addressesPage ARP Appendix D. Deﬁnitions of termsDMZ 349 Https NAT Nntp 353 PPP SIP Uucp 357 Appendix D. Deﬁnitions of terms 358 Software developed by Peter Åstrand Appendix E. License ConditionsBSD derived licenses TermsSoftware developed by Carnegie Mellon University Software developed by Cisco Systems Software developed by Gregory M ChristySoftware developed by Digital Equipment Corporation Software developed by Jason Downs Dhcp licenseSoftware developed by Brian Gladman GNU General Public License GPL Software developed by Google, IncVersion 2, June PreambleGNU General Public License 367 368 No Warranty IBM Public License Software developed in the GIE Dyade cooperation Software developed by Ingate SystemsSoftware developed by Tommi Komulainen USA GNU Library General Public License Lgpl v374 GNU Library General Public License 376 377 Page 379 380 Version 2.1, February GNU Lesser General Public License Lgpl v382 GNU Lesser General Public License 384 385 386 Page Glibc Tzdata 2006a 388 Software in the GNU C distribution Appendix E. License Conditions Appendix E. License Conditions 392 More software in the GNU C distribution 394 License exceptions for gcc/libgcc2.c License for lilo License exceptions for libstdc++License DisclaimerSoftware developed by Paul Mackerras Software developed at M I T Software developed by Pedro Roque MarquesPart 1 CMU/UCD copyright notice BSD like License for Net-SNMPPart 4 Sun Microsystems, Inc. copyright notice BSD Part 5 Sparta, Inc copyright notice BSD Part 6 Cisco/BUPTNIC copyright notice BSD License for OpenSSH License for NTP404 Appendix E. License Conditions 406 407 Snprintf replacement Copyright Patrick Powell 409 License for OpenSSL License for OpenSWAN Release Derived Year Owner GPL- compatible? From Python licenseTerms and Conditions for Accessing or Otherwise Using Python Beopen Python Open Source License Agreement Version Cnri License Agreement for Python CWI License Agreement for Python 0.9.0 Through License for Python Imaging LibraryLicense for Rdisc More software developed by RSA Data Security, Inc Software developed by RSA Data Security, IncLicense for SSL Software developed by Sun Microsystems, Inc License for stunnelLicense for Sun RPC More software developed by Sun Microsystems, IncSoftware developed by Trusted Information Systems, Inc License for termcapSoftware developed by Paul Vixie Software developed by Andrew TridgellVovida Software License, Version Vovida Software License vSoftware developed by Rayan S Zachariassen Software developed at University of California License for zlibOpenswan-kernel 427 Appendix E. License Conditions Appendix E. License Conditions Readlink Appendix E. License Conditions 430 Solve Problems Online Register Your Product to Gain Service BeneﬁtsPurchase Extended Warranty Professional Services Appendix F. Obtaining Support for Your 3Com ProductsContact Us Access Software DownloadsTelephone Technical Support and Repair Asia, Paciﬁc Rim Telephone Technical Support and RepairCountry Telephone Number Latin America Telephone Technical Support and RepairUS and Canada Telephone Technical Support and Repair Index For administrationConﬁguration logins From the Telecommuting Module MIBs

Related manuals

Manual 70 pages 30.95 Kb