- DL manuals
- RADVision
- Gateway
- Scopia TIP Gateway
- Deployment Manual
RADVision Scopia TIP Gateway Deployment Manual
Summary of Scopia TIP Gateway
Page 1
Scopia tip gateway deployment guide version 8.2 for solution 8.2 8 .2.
Page 2
© 2000-2013 radvision ltd. All intellectual property rights in this publication are owned by radvision ltd and are protected by united states copyright laws, other applicable copyright laws and international treaty provisions. Radvision ltd retains all rights not expressly granted. All product and c...
Page 3: Table Of Contents
Table of contents chapter 1: about scopia tip gateway technical specifications ................................................................................................................................... 7 chapter 2: planning your tip gateway deployment planning your topology for the tip gate...
Page 4
Chapter 5: configuring your scopia solution for interoperability with cisco telepresence verifying the cucm settings for scopia management .................................................................................. 30 configuring ports on the scopia tip gateway ..................................
Page 5
Downgrading your scopia tip gateway ........................................................................................................ 78 changing the ip address of your gateway .................................................................................................... 78 deployment g...
Page 7: Technical Specifications
Technical specifications this section lists important information about the device you purchased. Refer to this information when preparing system setup and afterwards to verify that the environment still complies with these requirements. • system power requirements: – 100-240v ac input, 50/60hz auto...
Page 8
The tip gateway supports up to 36 segments (or ports): – each cts-500/cts-1000 (cisco telepresence system) has one segment. – each cts-3000 has three segments. • scalability – unlimited scalability with multiple tip gateways • security – tls support – h.235 aes encryption – no media encryption on th...
Page 10
Figure 2: deploying the tip gateway in the enterprise creating dial plans for cisco telepresence all telepresence calls are made through the scopia elite mcu. Users of telepresence deployments do not need to choose a specific mcu. The powerful functionality of virtual rooms enables you to dial the s...
Page 11
For example, an endpoint would dial 227-5678, where the dial prefix '227' routes the call to the cisco telepresence and '5678' is the relevant service on the ctms as allocated by the cisco network administrator. Ports to open on the scopia tip gateway the scopia tip gateway is typically deployed in ...
Page 12
Port range protocol destination functionality result of blocking port required 3338 xml (tcp) scopia management, or any third-party configuration applications enables you to configure the gateway via the xml api cannot use the xml api to configure the gateway mandatory 5060 sip (tcp/ udp) any sip de...
Page 14: Inspecting For Damage
Figure 3: this side up symbol caution: the accessories kit is situated on top of the device inside the shipping box and can be damaged if the box is placed upside down. Pay attention to the this side up symbol on the shipping box to handle the box correctly at all times. Caution: to prevent injury a...
Page 15: Verifying Rack Suitability
Important: before proceeding with the installation, verify that all of the ordered parts are present and in good condition. Keep a record of the parts and serial numbers. If any parts are missing or damaged, contact your sales representative. Verifying rack suitability there are some critical requir...
Page 16
• install the device in an open rack whenever possible. If installation in an enclosed rack is unavoidable, ensure that the rack has adequate ventilation. • avoid placing the device in an overly congested rack or directly next to another equipment rack. Otherwise, the heated exhaust air from other e...
Page 17
Figure 6: width between inner sides of posts deployment guide for scopia tip gateway version 8.2 preparing the scopia tip gateway setup
Page 19
Procedure 1. Read verifying rack suitability on page 15, which contains important positioning and spacing information. 2. Prepare masking tape or a felt-tip pen to mark the location of the device-fixing cage nuts. If the holes on the rack are marked with numbers, write down the numbers on a piece of...
Page 20
Important: make sure you have a ruler, an allen wrench (4 mm diameter), and a screwdriver (nr. 1 tip) ready to hand before you start the setup. Figure 8: accessories required for mounting attaching brackets to the scopia tip gateway about this task the brackets serve to secure the device to the rack...
Page 21
Figure 9: removing the phillips screws on the side panel 3. Attach the brackets on each side of the device side panel with the phillips screws. See figure 10: aligning the bracket with the scopia tip gateway front panel on page 21. Figure 10: aligning the bracket with the scopia tip gateway front pa...
Page 22
Before attaching the cage nuts to the rack, mark where you plan to attach them, so you can be sure they are level and properly placed. Procedure 1. From inside the front-facing rack post, mark the location of the device-fixing cage nut measured at 0.75 inches (2 cm) above the shelf. See figure 11: m...
Page 23
Mounting the device-fixing cage nuts about this task after you have marked the location of these cage nuts on the front-facing posts, you can mount them into the rack. Insert each cage nut on each of the posts where you have placed marks on the rack. Procedure 1. Rotate the bottom cage nut so that i...
Page 24
Figure 13: sliding the scopia tip gateway onto the shelf 3. Insert the two long rack screws provided with the product through the bracket holes into the cage nuts in the rack. Using the allen wrench tighten the screws to secure the device to the front posts. See figure 14: securing the scopia tip ga...
Page 25
Connecting cables to the device about this task follow the safety guidelines described in the safety guide during this procedure, and follow this procedure to connect the power and serial cables supplied with the accessories kit. Procedure 1. On the rear side of the device, connect the power cable t...
Page 26
• a pc with an available serial port. It should have a terminal emulator software installed like securecrt or putty. • power, network, and serial cables supplied with the device accessories kit. Procedure 1. Connect the power cable but do not switch on the device. 2. Connect the device serial port t...
Page 27
The terminal displays the following message: configure network port values 1: show current network configuration 2: change network configuration 0: return to main menu select: 8. Enter 2 to change the network configuration. 9. Enter the new settings at each prompt ( table 4: configuring network sett...
Page 28
Figure 17: configuring the mcu throughput important: to access the web interface, you need an ip address as explained in configuring the device ip addresses on page 25. Verifying the scopia tip gateway installation about this task after you installed the device and performed its initial configuratio...
Page 29
Figure 18: locating the front panel leds 2. Verify that the status led is lit green. 3. Check the network connection by verifying that the ethernet activity led is lit green. Deployment guide for scopia tip gateway version 8.2 setting up the scopia tip gateway
Page 31
Procedure 1. Make sure the scopia management ip address and port number are configured in the sip trunk. A. Select the relevant trunk in the device > trunk tab. B. In the trunk configuration page, make sure that the scopia management ip address is configured in the destination address field. Figure ...
Page 32
Navigation • limiting tcp port range for h.245 on the scopia tip gateway on page 32 • configuring rtp/rtcp/srtp ports on the scopia tip gateway on page 33 • configuring udp port for ras on the scopia tip gateway on page 34 • configuring tcp port for q.931 on the scopia tip gateway on page 35 limitin...
Page 33
Figure 22: configuring a gateway from scopia management 5. Select advanced parameters. The advanced parameters dialog box appears (see figure 22: configuring a gateway from scopia management on page 33). 6. To set the base port for the h.245 control channel protocol, do the following: a. Clear the v...
Page 34
Configuring rtp/rtcp/srtp ports on the scopia tip gateway about this task the scopia tip gateway designates ports 16384-17584 for udp audio media, and 12000-13200 for udp video media. Procedure 1. Log in to the scopia management administrator portal. 2. Select devices. 3. Select gateways in the side...
Page 35
Configuring udp port for ras on the scopia tip gateway about this task the scopia tip gateway designates port 1719 for ras, the protocol for signaling messages. You can configure a different port for ras (if, for example, port 1719 is busy). Procedure 1. Log in to the scopia management administrator...
Page 36
5. Select the configure tab (see figure 22: configuring a gateway from scopia management on page 33). 6. Select advanced parameters settings. The advanced parameters dialog box appears (see figure 22: configuring a gateway from scopia management on page 33). A. Select h323sigport from the command id...
Page 37
Figure 23: adding a new video network device • to modify the basic attributes of the device, select the link of the device in the name column, and select the configure tab if present. 5. Enter or modify the basic settings for your device, as described in table 5: configuring your device's basic sett...
Page 38
Field name description model this field is only necessary when adding gatekeepers and gateways: • if adding a gatekeeper profile, select the gatekeeper's vendor and model from the list. • if adding a gateway profile, select the gateway type from the list. Registered gk select the gatekeeper to which...
Page 39
Figure 25: configuring the gateway 5. Configure the scopia gateway settings as described in table 6: configuring settings for the scopia gateway on page 39. Table 6: configuring settings for the scopia gateway field names description name you can modify the name that identifies the scopia gateway in...
Page 40
Field names description required gatekeeper the gatekeeper to which you want to register the scopia gateway. Current gatekeeper this (read-only) field displays the management ip address of the gatekeeper this scopia gateway is currently registered to. In most cases, this is the same gatekeeper selec...
Page 41
C. Select apply. Configuring cisco telepresence in scopia management for general information about telepresence systems, see the administrator guide for scopia management. For information on the telepresence deployment, see planning your topology for the tip gateway on page 9. These procedures descr...
Page 42
Field name description port enter the port used for sip connections. The default port is 5060 for tcp/udp, and 5061 for tls. Transport type select the transport protocol used for connecting to the cucm (sip server), according to the selected port number. If the default port is 5060, select tcp/udp; ...
Page 43
Procedure 1. Access the scopia management administrator portal. 2. Select the endpoints tab. 3. Select add > add manually. The add endpoint window appears. 4. Select the cisco telepresence system in the type list. Figure 26: cisco ctms configuration screen 5. Configure the ctms as described in this ...
Page 44
Once configured, the endpoints tab displays a small icon near the ctms name, indicating that this is a telepresence system, as well as dialing info numbers with relevant prefixes. 7. Repeat the prefix configuration for each service defined in the ctms. 8. You can modify these settings at any time by...
Page 45
Figure 27: locating the ctms directory number retrieving ctms routing information for scopia management about this task configure the ctms route pattern prefix and service numbers in scopia management to route calls to the cisco telepresence devices. For more information, see adding the ctms to scop...
Page 46
Figure 29: the ctms static meetings page adding cisco telepresence systems (cts) in scopia management about this task you must manually add telepresence systems to scopia management. A telepresence system consists of one segment or three segments, depending on the model, to allow participants to see...
Page 47
Figure 30: cisco cts configuration screen 5. Configure your telepresence endpoint as described in this table. Table 9: configuring telepresence endpoints field name description name enter a name used to identify the endpoint. This is the name displayed in the list of endpoints. Description enter any...
Page 48
8. You can modify these settings at any time by selecting the device name link in the all endpoints list. 9. If the endpoints used in your telepresence are defined in the ldap server, import the endpoints into scopia management, as described in the administrator guide for scopia management. Importan...
Page 49
Figure 31: enabling presentation in an mcu service 7. Select h264 in the video codec list so that the service supports the same video codec as the cisco devices. 8. Select ok. Defining allowed bandwidth in the mcu about this task make sure the bandwidth is configured to more than 1mbps, which is the...
Page 50
Selecting the mcu presentation resolution about this task configure the mcu to allow presentation and video clips to be shared with the cisco telepresence components without quality loss. Important: the presentation video resolution must be reconfigured each time the service is changed. Procedure 1....
Page 52
4. Perform uploading scopia management certificates into scopia management on page 60. 5. Perform uploading certificates for the tip gateway on page 65. 6. If the ca used to identify the device is different from the ca which identifies scopia management, perform uploading certificates for other devi...
Page 53
Figure 34: standard tls: component certificates and a ca root certificate upload the following certificates to the scopia management: – a certificate identifying scopia management, signed by the ca. This is sent to the gateway as part of the tls negotiation. – a root certificate verifying the ca’s i...
Page 54
Figure 35: tls connection using certificates signed by different cas when each certificate is signed by a different ca ( figure 35: tls connection using certificates signed by different cas on page 54), upload the following certificates to the scopia management: – a certificate identifying scopia ma...
Page 55
Figure 36: signature of gateway certificate from unknown ca when ca3 is untrusted ( figure 36: signature of gateway certificate from unknown ca on page 55), the certificates to upload to the scopia management are: – a certificate identifying scopia management, signed by trusted ca1. This is sent to ...
Page 56
Figure 37: signature of scopia management certificate from unknown ca when ca3 is untrusted by the gateway ( figure 37: signature of scopia management certificate from unknown ca on page 56), the certificates to upload to the scopia management are: – a certificate identifying scopia management, sign...
Page 57
Figure 38: signature of both certificates are from untrusted cas when ca3 is untrusted by the gateway and ca4 is untrusted by scopia management ( figure 37: signature of scopia management certificate from unknown ca on page 56), the certificates to upload to the scopia management are: – a certificat...
Page 58: Management
Generating the certificate signing request for scopia management about this task this section details how to generate a certificate signing request (csr) for scopia management, which must be signed by a certificate authority (ca). Once properly signed, the certificate would confirm the identity of s...
Page 59
4. If necessary, enter a description of the certificate in the description field. 5. Select create. The generate csr window appears. Figure 40: certificate signing request 6. Enter your organization's details. Important: • common name must be full name of the scopia management/sip server (fqdn): rvc...
Page 60: Management
Important: the certificate must be signed as a certificate compatible with base-64 ascii code. If other components communicating with scopia management also have their own certificates, we recommend using a common ca for all certificates for a more efficient implementation. Select web server as the ...
Page 61
Figure 41: typical tls communication with a gateway however, if the component certificates are signed by a different ca than scopia management’s certificate, you may need to upload more certificates to establish authenticity, as described in uploading certificates for other devices on page 68. For m...
Page 62
Figure 42: uploading certificates into scopia management 4. Select upload to bring in the ca root certificate, including intermediate and signed certificates, into scopia management by doing the following for each certificate: figure 43: defining the certificates to be uploaded a. Select add to brow...
Page 63: Tip Gateway
• to generate the csr for scopia tip gateway, continue with generating the certificate signing request for the scopia tip gateway on page 63. • to generate the csr for other devices, see the product's administrator guide for details. Generating the certificate signing request for the scopia tip gate...
Page 64
Figure 44: creating a csr for the gateway 4. Select create a new csr. The save certificate request window opens displaying the certificate request. Deployment guide for scopia tip gateway version 8.2 securing your video network using tls
Page 65
Figure 45: the save certificate request 5. Copy the certificate request into a separate text file and save it with the .Csr extension. 6. Select close. 7. Send the text file containing the certificate request to your network administrator for signing using a certificate authority application. Import...
Page 66
Each time a deployment component tries to establish a new tls session with scopia management, it sends its identity certificate to the component to establish a secure connection ( figure 46: typical tls communication with a gateway on page 66). Each time scopia management tries to establish a new tl...
Page 67
4. Select upload a certificate to upload the certificate for the gateway which has been signed by the ca. The upload certificate window opens. 5. Paste the content of the gateway certificate signed by the ca and select ok. The ca signed certificate is uploaded. Figure 47: uploading a signed certific...
Page 68
11. If the device certificates are signed by a different ca than scopia management’s certificate, continue with uploading certificates for other devices on page 68. 12. If the device certificates are signed by the same ca as scopia management’s certificate, continue with enabling encryption with sco...
Page 69
Figure 48: upload certificates for other devices 4. Select import. 5. Select add to browse each root and intermediate certificate required. Figure 49: importing certificates for other devices into scopia management 6. Select upload. 7. Repeat for each root and intermediate certificate of each device...
Page 70
8. Select all certificates you uploaded and select apply. The system prompts for a restart to implement the newly uploaded certificates. 9. Continue with enabling encryption with scopia tip gateway on page 70. Enabling encryption with scopia tip gateway about this task encrypting communications in t...
Page 71
Important: encrypting communications between the gateway and scopia management is typically less common since they are usually both located behind the firewall inside an enterprise. This section details how to encrypt communications between the scopia gateway and the video network. To encrypt contro...
Page 72
Figure 51: enabling h.235 call support e. Select save. F. Select close 7. To encrypt communications with scopia management which acts as the sip server, select tls. For details, see configuring the scopia tip gateway in scopia management on page 38. 8. Continue with enabling the tls connection in sc...
Page 73
Environment, add the fqdn of the public virtual ip address. In a standalone environment, this is automatically added. Figure 52: adding the b2bfqdn element 4. Configure the dns of the b2bua component by setting values in the entire element as shown in figure 53: adding the element on page 73: figure...
Page 75
Before you begin before upgrading your video network devices, including endpoints, do the following: • before upgrading a video device software, back up its configuration by retrieving its configuration file. For more information on remote backups, see the administrator guide for scopia management. ...
Page 76
Figure 55: uploading software update table 11: entering browsing details field description software upgrade file this field is automatically filled when you select the software upgrade file. Save as enter the name of the software upgrade file. Description enter a free text description of the upgrade...
Page 77: Device
Restoring the previous software version of a network device about this task this section explains how to restore a previous software version after you upgrade your network device. You can restore the same software version only once. During this procedure the network device shuts down for a few minut...
Page 78
Figure 56: progress of restoring a software package downgrading your scopia tip gateway if necessary, you can downgrade your network device in one of the following ways: • to downgrade one version back after you upgraded your network device, perform the procedure in restoring the previous software v...
Page 79
About radvision radvision, an avaya company, is a leading provider of videoconferencing and telepresence technologies over ip and wireless networks. We offer end-to-end visual communications that help businesses collaborate more efficiently. Together, radvision and avaya are propelling the unified c...