- DL manuals
- TANDBERG
- Recording Equipment
- D13691.03
- User Manual
TANDBERG D13691.03 User Manual
Summary of D13691.03
Page 1
Tandberg border controller user manual software version q3.0 d13691.03 this document is not to be reproduced in whole or in part without permission in writing from:.
Page 2
Tandberg border controller user manual trademarks and copyright copyright 1993-2006 tandberg asa. All rights reserved. This document contains information that is proprietary to tandberg asa. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form, or ...
Page 3
Tandberg border controller user manual environmental issues thank you for buying a product which contributes to a reduction in pollution, and thereby helps save the environment. Our products reduce the need for travel and transport and thereby reduce pollution. Our products have either none or few c...
Page 4
Tandberg border controller user manual operator safety summary for your protection, please read these safety instructions completely before operating the equipment and keep this manual for future reference. The information in this summary is intended for operators. Carefully observe all warnings, pr...
Page 5
Tandberg border controller user manual – if the apparatus has been subjected to excessive shock by being dropped, or the cabinet has been damaged – if the apparatus fails to operate in accordance with the operating instructions. Iv.
Page 6
Tandberg border controller user manual contents 1 introduction 1 1.1 tandberg border controller overview . . . . . . . . . . . . . . . . . . . . . . . 2 2 installation 3 2.1 precautions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.2 unpacking . . . . . . . . . . ...
Page 7
Tandberg border controller user manual 9.4 logged events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 9.5 remote logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 10 software upgrade 40 10.1 upgrading using http(s) . . . . . . . . . . ...
Page 8
Tandberg border controller user manual 1 introduction this user manual is provided to help you make the best use of your tandberg border controller. A border controller is a key component of tandberg’s expressway tm firewall traversal solution. Used in conjunction with a tandberg gatekeeper or tandb...
Page 9
Tandberg border controller user manual 1.1 tandberg border controller overview on the front of the border controller there are three lan interfaces, a serial port (data 1) and an led showing the power status of the system. The lan 1 interface is used for connecting the system to your network, lan in...
Page 10
Tandberg border controller user manual 2 installation 2.1 precautions • never install communication equipment during a lightning storm. • never install jacks for communication cables in wet locations unless the jack is specifically designed for wet locations. • never touch uninstalled communication ...
Page 11
Tandberg border controller user manual 2.2.1 installation site preparations • make sure that the border controller is accessible and that all cables can be easily connected. • for ventilation: leave a space of at least 10cm (4 inches) behind the border controller’s rear and 5cm (2 inches) on the sid...
Page 12
Tandberg border controller user manual then switch the power switch button on the back of the unit to ‘1’. On the front of the chassis you will see the power led being lit. 2.6 border controller initial configuration the tandberg border controller requires some configuration before it can be used. T...
Page 13
Tandberg border controller user manual welcome to tandberg border controller release q3.0 sw release date: 2006-01-02 ok 10. Login with username admin and your password. 11. Review other system settings. You may want to set the following: (a) the name of the border controller. This is used to identi...
Page 14
Tandberg border controller user manual 3 getting started 3.1 system administration to configure and monitor the tandberg border controller you can either use the web interface or a command line interface. The command line interface is available over ssh and telnet, or through the serial port. The in...
Page 15
Tandberg border controller user manual 3.1.2 root account the border controller provides a root account with the same password as the admin account. This account should not be used in normal operation, and in particular system configuration should not be conducted using this account: use the admin a...
Page 16
Tandberg border controller user manual location request to all the other gatekeepers and border controllers on the system. Whilst conceptually simple, this sort of flat dial plan does not scale very well: adding or moving a gatekeeper requires changing the configuration of every gatekeeper and borde...
Page 17
Tandberg border controller user manual figure 1: adding a new zone 3.4 alternate border controllers alternate border controller support is provided to increase the reliability of your deployment. If one border controller becomes unavailable, perhaps due to a network or power outage, another will be ...
Page 18
Tandberg border controller user manual figure 2: alternate border controller configuration 3.5 call control when an endpoint wants to call another endpoint it presents the address it wants to call to the border controller using a protocol knows as ras. The border controller tries to resolve this add...
Page 19
Tandberg border controller user manual figure 3: location decision flow diagram 12.
Page 20
Tandberg border controller user manual 3.6 firewall traversal the border controller works with the tandberg gatekeeper, tandberg expressway end- points and other endpoints which support the itu h.460.18 and h.460.19 standards. In order to successfully traverse a firewall, the firewall is required to...
Page 21
Tandberg border controller user manual 4 bandwidth control the tandberg border controller allows you to control endpoints’ use of bandwidth on your network. Figure 4 shows a typical deployment: a broadband lan, where high bandwidth calls are acceptable, a pipe to the internet with restricted bandwid...
Page 22
Tandberg border controller user manual figure 5: configuring a subzone links may be configured through the web interface on the border controller configuration → links page, or through the command line using the following commands: xconfiguration links link [1..100] name xconfiguration links link [1...
Page 23
Tandberg border controller user manual xconfiguration pipes pipe [1..100] bandwidth percall mode xconfiguration pipes pipe [1..100] bandwidth percall limit pipes may be shared between one or more links. This is used to model the situation where a site communicates with several other sites over the s...
Page 24
Tandberg border controller user manual 4.2 bandwidth control examples one possible configuration for the deployment in figure 4 is shown in figure 8. Each of the offices is represented as a separate subzone, with bandwidth configured according to local policy. The enterprise’s leased line connection...
Page 25
Tandberg border controller user manual figure 9: network deployment with firewalls figure 10: border controller example configuration the traversal subzone in figure 10 may be used to control the amount of traffic flowing through the border controller itself. Because the gatekeeper is only managing ...
Page 26
Tandberg border controller user manual figure 11: gatekeeper example configuration network. The default links may be restored by running the command: xcommand defaultlinksadd 19.
Page 27
Tandberg border controller user manual 5 registration control the tandberg border controller can control which endpoints are allowed to register with it. Two separate mechanisms are provided: a simple registration restriction policy and an authentication process based on user names and passwords. It...
Page 28
Tandberg border controller user manual 5.2 authentication the tandberg border controller can use a user name and password based challenge-response scheme to permit registrations. For details of how to configure your endpoint with the appropriate information, please consult your endpoint manual. The ...
Page 29
Tandberg border controller user manual to configure the border controller to use the ldap server directory during authentication issue the following commands: xconfiguration authentication mode: on xconfiguration authentication database: ldapdatabase the border controller needs to be configured with...
Page 30
Tandberg border controller user manual 6 uri dialing if an alias is not located in the border controller’s list of registrations, it may attempt to find an authoritative gatekeeper through the dns system. Uri dialing makes it easier for endpoints registered with different gatekeepers or border con- ...
Page 31
Tandberg border controller user manual figure 14: configuring ip interface in our case service is defined by the h.323 protocol suite to be h323ls and proto is udp . Name corresponds to the host part of the h.323 uri. How you add the srv record depends on the type of dns server you are using. Instru...
Page 32
Tandberg border controller user manual 7 example traversal deployments 7.1 simple enterprise deployment figure 15: simple enterprise deployment figure 15 shows a typical enterprise deployment. Endpoints 1001, 1002 and a gatekeeper are deployed on a private network, separated from the public network ...
Page 33
Tandberg border controller user manual • set example.Com as the domain name you are using on both the gatekeeper and border controller. • update the dns entry for example.Com with an a record representing the border controller and an srv record which returns the border controller’s a record as descr...
Page 34
Tandberg border controller user manual figure 17: dialing a public ip address in order to achieve this: • within the gatekeeper configuration — set ”calls to unknown ip addresses” to indirect. This setting will force the gatekeeper to forward calls to any ip address it does not have locally register...
Page 35
Tandberg border controller user manual • from an endpoint in enterprise a, dial the full h.323 uri. For example, ben@enterpriseb.Com. Border controller b is registered in dns as responsible for enterprise b and will receive the incoming call and route it accordingly. Uri dialing will send all querie...
Page 36
Tandberg border controller user manual 8 call policy your tandberg border controller allows you to set up policy to control which calls are allowed and even redirect selected calls to different destinations. You specify this policy by uploading a script written in the call processing language (cpl)....
Page 37
Tandberg border controller user manual subfield the following table gives the definition of subfields for each alias type, if a subfield is not specified for the alias type being matched then the not-present action will be taken. Address-type for all alias types the address-type subfield is the stri...
Page 38
Tandberg border controller user manual the not-present node is executed when the address specified in the address-switch was not present in the call setup message. This form is most useful when authentication is being used. With authentication enabled the border controller will only use authenticate...
Page 39
Tandberg border controller user manual 8.3 unsupported cpl elements the border controller does not currently support the following elements that are described in the cpl rfc. If an attempt is made to upload a script containing any of the following elements an error message will be generated and the ...
Page 40
Tandberg border controller user manual 8.4.3 call redirection redirect all calls to user ”barney” to voicemail. 33.
Page 41
Tandberg border controller user manual 9 logging the border controller provides logging for troubleshooting and auditing purposes. The event log may be viewed from the command line by using the eventlog command, specifying the number of lines to display. Alternatively the web page system status → ev...
Page 42
Tandberg border controller user manual 9.3 event levels events are classified by importance as detailed in the table below. Level 1 is considered the most important. The system has a configured logging level. Events of level numerically equal to and lower than the configured logging level are record...
Page 43
Tandberg border controller user manual table 2: level 1 events (continued) event description registration removed a registration has been removed by the gate- keeper/border controller. The reason event parameter specifies the reason why the regis- tration was removed. This is one of: • authenticatio...
Page 44
Tandberg border controller user manual table 3: events logged at level 2 event description incoming message an incoming message has been received outgoing message an outgoing message has been sent 9.4.1 event data each event will have associated data fields. Fields are listed below in the order in w...
Page 45
Tandberg border controller user manual table 4: event data (continued) field description applicable events src-ip specifies the source ip ad- dress (the ip address of the device attempting to estab- lish communications). The source ip is recorded in the dotted decimal format: (num- ber).(number).(nu...
Page 46
Tandberg border controller user manual table 4: event data (continued) field description applicable events dst-alias • if present, the first h.323 alias associated with the recipient of the message • if present, the first e.164 alias associated with the recipient of the message • registration accept...
Page 47
Tandberg border controller user manual 10 software upgrade software upgrade can be done in one of two ways: 1. Using a web browser (http/https). 2. Using secure copy (scp). Note to upgrade the border controller, a valid release key and software file is required. Contact your tandberg representative ...
Page 48
Tandberg border controller user manual • when the upload is completed you should see the following: • press restart. You should see a confirmation window: • the system will then perform a second reboot to restore system parameters. After 3–4 minutes, the border controller is ready for use. 10.2 upgr...
Page 49
Tandberg border controller user manual • enter password when prompted. • wait until the software has installed completely. This should not take more than two minutes. • reboot the system. After about four minutes the system will be ready to use. 42.
Page 50
Tandberg border controller user manual 11 command reference this chapter lists the basic usage of each command. The commands also support more advanced usage, which is outside the scope of this document. 11.1 status the status root command, xstatus , returns status information from the border contro...
Page 51
Tandberg border controller user manual 11.1.3 externalmanager xstatus externalmanager returns information about the external manager. The external manager is the remote system (such as the tandberg management system (tms)) used to manage the endpoints and network infrastructure. Address ip address o...
Page 52
Tandberg border controller user manual 11.1.8 ntp xstatus ntp reports the status of any connection to an ntp server. 11.1.9 pipes xstatus pipes xstatus pipes pipe n reports call and bandwidth information for all pipes on the system. 11.1.10 registrations xstatus registrations xstatus registrations r...
Page 53
Tandberg border controller user manual 11.1.13 systemunit xstatus systemunit reports information about the system as follows: product name uptime software version software name release date number of calls supported number of registered endpoints and services supported hardware serial number 11.1.14...
Page 54
Tandberg border controller user manual xconfiguration authentication credential [1..1000] name: specifies the username of a credential in the local authentication database. Xconfiguration authentication credential [1..1000] password: specifies the password of a credential in the local authentication...
Page 55
Tandberg border controller user manual xconfiguration gatekeeper alternates alternate [1..5] address: set the ip address of an alternate border controller. Up to 5 alternates may be configured. When the border controller receives a location request, all alternates will also be queried. Xconfiguratio...
Page 56
Tandberg border controller user manual determines whether or not the cpl policy engine is active. The default is on . Xconfiguration gatekeeper registration allowlist [1..1000] pattern: specifies a pattern in the registration allowed list. If one of an endpoint’s aliases matches one of the patterns ...
Page 57
Tandberg border controller user manual the ipv4 gateway of the system. Xconfiguration ip v6 address: the ipv6 address of the system. Xconfiguration ip v6 gateway: the ipv6 gateway of the system. All the ip commands listed above require a system restart before they take effect. Xconfiguration ip dns ...
Page 58
Tandberg border controller user manual specifies the first node of a link. A node name may be either a zone name or a subzone name. Xconfiguration links link [1..100] node2 name: specifies the second node of a link. A node name may be either a zone name or a subzone name. Xconfiguration links link [...
Page 59
Tandberg border controller user manual whether or not a given pipe is enforcing total bandwidth restrictions. None corresponds to no bandwidth available. Xconfiguration pipes pipe [1..100] bandwidth percall limit: per call bandwidth of a pipe. Xconfiguration pipes pipe [1..100] bandwidth percall mod...
Page 60
Tandberg border controller user manual 11.2.16 subzones xconfiguration subzones defaultsubzone bandwidth percall limit: per call bandwidth of the default subzone. Xconfiguration subzones defaultsubzone bandwidth percall mode: whether or not the default subzone is enforcing total bandwidth restrictio...
Page 61
Tandberg border controller user manual xconfiguration subzones subzone [1..100] bandwidth total mode: whether or not the indexed subzone is enforcing total bandwidth restrictions. None corresponds to no bandwidth available. Xconfiguration subzones subzone [1..100] name: name of the indexed subzone. ...
Page 62
Tandberg border controller user manual xconfiguration traversal udpprobe keepaliveinterval: interval with which a udp channel should be refreshed. Xconfiguration traversal tcpprobe retryinterval: interval with which a failed attempt to establish a tcp channel should be repeated. Xconfiguration trave...
Page 63
Tandberg border controller user manual xconfiguration zones traversalzone [1..100] match [1..5] pattern behaviour: determines whether the matched pattern should be removed from the alias before an lrq is sent to the indicated zone. Xconfiguration zones zone [1..100] name: an administrator specified ...
Page 64
Tandberg border controller user manual xcommand ? To get usage information for a specific command, type xcommand ? 11.3.1 allowlistadd xcommand allowlistadd adds an entry to the allow list, used by the registration restriction policy. 11.3.2 allowlistdelete xcommand allowlistdelete removes the patte...
Page 65
Tandberg border controller user manual 11.3.7 defaultlinksadd xcommand defaultlinksadd restores the factory default links for bandwidth control. 11.3.8 defaultvaluesset xcommand defaultvaluesset level resets system parameters to default values. Level 1 will reset most parameters. There are currently...
Page 66
Tandberg border controller user manual 11.3.12 feedbackregister xcommand feedbackregister registers for notifications on the event or status change described by the expression. Notifica- tions are sent in xml format to the specified url. Up to 15 expressions may be registered for each of 3 feedback ...
Page 67
Tandberg border controller user manual 11.3.17 optionkeyadd xcommand optionkeyadd adds a new option key. 11.3.18 optionkeydelete xcommand optionkeydelete deletes the indexed option key. 11.3.19 pipeadd xcommand pipeadd adds and configures a new pipe. 11.3.20 pipedelete xcommand pipedelete deletes th...
Page 68
Tandberg border controller user manual 11.3.23 subzonedelete xcommand subzonedelete deletes the indexed subzone. 11.3.24 traversalzoneadd xcommand traversalzoneadd creates a new traversal zone, allowing a tandberg gatekeeper to connect to the border controller. Up to 50 such zones may be created. Th...
Page 69
Tandberg border controller user manual to show a specific set of history data, type: xhistory xhistory calls xhistory calls call displays history data for up to the last 255 calls handled by the border controller. Call entries are added to the call history on call completion. Call histories are list...
Page 70
Tandberg border controller user manual xfeedback register event/ unregistration/bandwidth/resourceusage> registers for feedback on the occurrence of the chosen event, e.G.: xfeedback register event/callattempt to register for all available events, use: xfeedback register event registering for the re...
Page 71
Tandberg border controller user manual 11.6.4 relkey relkey displays the release key that this software has been installed with. 11.6.5 syslog syslog [ipaddr] [ipaddr] enables tracing to the console. Level specifies the detail at which to trace. 0-3, 3 gives most logging. Ipaddr specify up to 10 ip ...
Page 72
Tandberg border controller user manual a appendix: configuring dns servers in the examples below, we set up an srv record to handle h.323 uris of the form user@example.Com these are handled by the system with the fully qualified domain name of gatekeeper1.Example.Com which is listening on port 1719,...
Page 73
Tandberg border controller user manual as expected. Nslookup -querytype=srv h323ls. Udp.Example.Com and check the output. 66.
Page 74
Tandberg border controller user manual b appendix: configuring ldap servers b.1 microsoft active directory b.1.1 prerequisites these comprehensive step by step instructions assume that active directory is installed. For details on installing active directory please consult your windows documentation...
Page 75
Tandberg border controller user manual objectclass: h323identity objectclass: h235identity communiqueid: comm1 h323identityh323-id: meetingroom1 h323identitydialeddigits: 626262 h235identityendpointid: meetingroom1 h235identitypassword: mypassword add the ldif file to the server using the command: l...
Page 76
Tandberg border controller user manual b.2.2 installing the h.350 schemas the following itu specification describes the schemas which are required to be installed on the ldap server: h.350 directory services architecture for multimedia conferencing - an ldap schema to repre- sent endpoints on the ne...
Page 77
Tandberg border controller user manual add the h.350 objects create an ldif file with the following contents: # meetingroom1 endpoint dn: communiqueid=comm1,ou=h350,dc=my-domain,dc=com objectclass: commobject objectclass: h323identity objectclass: h235identity communiqueid: comm1 h323identityh323-id...
Page 78
Tandberg border controller user manual c approvals the product has been approved by various international approval agencies, among others: ul and nemko. According to their follow-up inspection scheme, these agencies also perform production inspections at a regular basis, for all production of tandbe...
Page 79
Tandberg border controller user manual d technical specifications system capacity 500 registered traversal endpoints 100 traversal calls 100 zones option keys may restrict the system to a lower capacity than specified above. Ethernet interfaces 3 x lan/ethernet (rj-45) 10/100 base-tx (2 disabled) sy...
Page 80
Tandberg border controller user manual physical dimensions height: 4.35 cm (1.72 inches) width: 42.6 cm (16.8 inches) depth: 22.86 cm (9 inches) 1u rack mounted chassis power supply 90 264v full range @47 63 hz certification lvd 73/23/ec emc 89/366/ecc 73.
Page 81
Tandberg border controller user manual references [1] itu specification: h.235 security and encryption for h-series (h.323 and other h.245- based) multimedia terminals [2] itu specification: h.350 directory services architecture for multimedia conferencing [3] http://www.Ietf.Org/rfc/rfc2782.Txt [4]...
Page 82
Tandberg border controller user manual e glossary alias the name an endpoint registers with the border controller. Other endpoints can then use this name to call it. Arq, admission request an endpoint ras request to make or answer a call. E.164 an itu standard for structured telephone numbers. Each ...
Page 83
Index about, 63 activedirectory, see ldap servers admission request, 75 alias, 8, 75 allowlist, 20, 49 allowlistadd, 57 allowlistdelete, 57 alternate gatekeeper, 9–10, 48, 56 authentication, 21–22, 32, 47, 51 and cpl, 29 credential, 47 mode, 47 bandwidth control, 14–19 call policy, 29–33, 48 call pr...
Page 84
Tandberg border controller user manual openldap, see ldap servers option key, 51, 75 password, 5, 54 default, 5, 7 recovery, 7 pattern, 61 pipe, 15–17, 51–52 portregistration, 45, 63, 75 prefix, 9 ras, 11, 75 registration restriction policy, 20, 57 time to live, 49 release key, 40 restrictionpolicy,...