Professional Documents
Culture Documents
Server
Installation & Configuration
Manual
Release 4.2
April 2010
The CE mark indicates that this product conforms to the following Council
Directives:
- 2004/108/EC (concerning electro-magnetic compatibility)
- 2006/95/EC (concerning electrical safety)
- 1999/5/EC (R&TTE)
Chapter 1
Overview
Chapter 2
Installing and Starting Up
!
0-1
"# ## !
Chapter 3
Unlocking the Software Pack
Chapter 4
Network Configuration
Chapter 5
Registration, Activation and Updates
Chapter 6
User Management
Chapter 7
Security Management
!
0-3
"# ## !
Chapter 8
Voice and Data Convergence
Chapter 9
Messaging Management
Chapter 10
Instant Messaging
Chapter 11
Fax Server Management
!
0-5
"# ## !
Chapter 12
Web Hosting
Chapter 13
SIP Telephony over the Internet
Chapter 14
Push Mobile
Chapter 15
Backup and Restore
!
0-7
"# ## !
Chapter 16
Appendixes
How to Quote .......................................................................................... 16.1
How to Order ........................................................................................... 16.1
Chapter 17
Migration from Release 4.1 to Release 4.2
1
!
1-1
Chapter 1 $%#%
#&
!
1-3
Chapter 1 $%#%
#&
- Some delegated administrators, who are users that have a limited set of administration
rights. A delegated administrator can access both the Virtual Desktop and the graphical
administration interface limited to some menus.
The administrator and the users access the graphical administration interface or the Virtual
desktop in the same way, using a Web browser. When the user logs on, the Extended
Communication Server serves whether the graphical administration interface or the Virtual
Desktop according to the user identity and password that have been typed in. A delegated
administrator can swap from the Virtual Desktop to the graphical administration interface, or
vice versa, by the means of graphical buttons only available to delegated-administrator profile
users.
Note:
The administrator is not exactly a user as he is not registered in the user database. The administrator
must create a user account for himself if he needs to access the Virtual Desktop.
!
1-5
Chapter 1 $%#%
#&
When the Virtual Desktop session is open, the user can manage his services: Web mails,
calendar, contacts, favorite sites, and so on.
!
1-7
Chapter 1 $%#%
#&
2
After reading this chapter, you will be able to start up the Extended Communication Server and
access the graphical administration interface.
2.1 Introduction
Two modes are provided for accessing the administration interface for the first time:
- A direct access, the server being equipped with a screen, a keyboard and a mouse
- From a local PC connected to the server
!
2-1
Chapter 2
!
2-3
Chapter 2
After reading this chapter, you will be able to unlock the administration-interface software pack.
You will then have a full access to the administration menus.
3.1 Principles
The full license activation consists of two steps:
1. Software pack unlocking. This is the aim of this chapter. When this task is completed,
the software pack is unlocked for 31 days. During this limited period of time, also called the
trial period, all features and services are available.
2. License activation. You can perform this task immediately after software pack unlocking
or later, within the 31-day trial period.
. It is easier to perform this task after the Internet access has been installed. The license
can be then activated online, by a simple click. Otherwise, the license activation key must
be entered manually. After license has been activated, all features and services remain
available for an unlimited duration.
2. Once you have obtained the software key, open the administration interface and select the
Appliance management > Licences & Releases > Packs & licences menu.
3. Select the New pack tab.
4. In the Activation Key or Licence number field, enter the software key.
5. Click OK.
!
3-1
Chapter 3 '(
)# &# *'(
After the software pack has been unlocked, the panel foot displays information about the
licence including the number of days that are remaining before the trial period will end.
Remember that you will have to activate the product license within this trial period.
4
After reading this chapter, you will be able to insert the Extended Communication Server in the
customer network and access the Internet from the administration interface.
4.1 Principles
The three network interfaces and the comprehensive set of available configuration parameters
the Extended Communication Server provides allow you to insert it in any network
architecture.
However, this document does not intend to consider all possible architectures. It aims at
explaining you the basics, while giving you some useful examples corresponding to most usual
situations.
Below is an example of the way a Extended Communication Server can be inserted in a
standard network topology:
- The LAN (Local Area Network) is connected to interface eth0 (LAN1).
- The Internet access is connected to interface eth1.
- The DMZ (Demilitarized Zone) is connected to interface eth2. A DMZ is a LAN subnetwork
that contains the external services accessible from the Internet, such as a Web server or
an FTP server. Using a DMZ for external services, facilitates the security management.
!
4-1
Chapter 4 +#&(
!
4-3
Chapter 4 +#&(
!
4-5
Chapter 4 +#&(
1. Select the Service management > Network service management > Network
connections menu. This opens the connection list.
2. If you are creating a new connection:
a. Click Add.
b. Select the Ethernet LAN option
c. Click OK.
Otherwise, if you are modifying an existing Ethernet LAN connection:
a. Select the Ethernet LAN connection in the list.
b. Click the modification button .
3. In the displayed form, enter the connection name. You can give any name that clearly
identifies the connection.
4. Select whether the network connection IP address is static or assigned by a DHCP server.
If the network connection IP address is assigned by an external DHCP server, skip next
step.
5. Enter the network connection settings:
• Network connection IP address.
• Network mask or equivalent prefix.
• If there is an external gateway (case of a default gateway to the Internet only), enter
the gateway address.
Note:
This field does not concern a router used to access an internal subnetwork. If there is no extern-
al gateway, let the gateway field empty.
6. If several network interfaces are available, select the Ethernet interface (ethx). This field is
read-only in all other cases.
7. Activate the interface by selecting Yes.
8. Validate the settings by clicking OK.
!
4-7
Chapter 4 +#&(
Note:
After you have configured the DHCP service, you must activate it by selecting the Active option.
!
4-9
Chapter 4 +#&(
3. Specify the duration of a DHCP lease, i.e. the length of time for which the IP address
allocation is valid.
4. Specify the IP address range reserved for DHCP (start of range, end of range).
5. Enter the gateway IP address (generally, the address of the concerned network interface).
6. Enter the DNS server IP addresses:
• If the DNS service is activated, enter here the address of the concerned network
interface.
• If the DNS service is not activated, enter here the DNS server addresses provided by
the ISP.
7. Enter the WINS server IP addresses (optional). WINS stands for Windows Internet Name
Service, which is used for Windows network sharing.
• If the DNS service is activated, enter here the address of the concerned network
interface.
• If the DNS service is not activated, enter here the DNS server addresses provided by
the ISP.
8. Click OK.
Some large organizations use their own proxies (not hosted on the Extended Communication
Server) to control access to the Internet. If this is the case, you must configure the remote
proxy access in order to allow the server to reach the Internet, which is mandatory for the
automatic update feature.
To access the Internet through a remote proxy:
1. Select the Service management > Network service management > Remote proxy
menu.
This displays the remote-proxy access configuration-form.
2. Select the following option: The Internet connection goes through the following remote
proxy.
3. Enter the access parameters that fit the remote proxy configuration:
• Remote-proxy IP address
• Listening port
• Authentication by login and password, if any
4. Click OK.
!
4-11
Chapter 4 +#&(
5
After reading this chapter, you will be able to access the Extended Communication Server
online technical-support, to activate the full license and to update the software packs.
!
5-1
Chapter 5 "#
, '
%
#
!
5-3
Chapter 5 "#
, '
%
#
6 "#
After reading this chapter, you will have an overview of user group and user account
management. Please refer to online help for details.
!
6-1
Chapter 6 # #-#
- If it is a virtual group , you can add already existing user accounts in it. In a virtual
group, users are considered as guests that are invited into the group.
6.2.1.2 Creating User Accounts
Note 1:
You must have first created a standard group or subgroup before you can add a user account to it.
To create a user account:
1. In the left-hand side of the form, select the standard group or subgroup to which the user
will belong.
2. In the right-hand side of the form, click Add.
3. Enter the user description (name, first name, and so on). A star * comes before fields that
are mandatory.
4. Select whether the user account is active or not. A user account is active by default. This
option makes it possible to deactivate a user account instead of deleting it.
5. Assign disk space quotas to the user account if necessary.
6. Specify FTP service access and Web access authorizations.
7. Specify the user privileges, if any. User privileges are further discussed in next section.
8. Assign e-mail addresses to the user.
9. If necessary, allow the user to send and receive emails that are managed by a remote
server (remote messaging).
10. Click OK.
Note 2:
The administration interface also offers you the possibility to import user accounts using the CSV
(Comma-separated Values) format. To do this, select the Directory > Users Import/Export > Users im-
port (CSV format) menu and follow the online help instructions. Among other explanations, the online
help fully describes the CSV format.
!
6-3
Chapter 6 # #-#
- One News administrator for the group is responsible for the news distribution to the
users of the group
6.3.2 Configuration
6.3.2.1 External Directory Configuration
To configure the external directory:
1. Navigate to Directory > Synchronization with an external directory (Active Directory)
2. Select the Configuration tab. The External directory connection configuration page is
displayed:
___change-begin___
___change-end___
Figure 6.4: External Directory Configuration Page
3. Fill in the fields:
• IP address or name of the external directory: enter the IP address or the name of
the external directory
• DN of the link account: enter the DN (Distinguished Name) of the link account. This
account must "Read" enable to access the information contained in the directory.
Example of DN: cn=link link,cn=user,dc=domain,dc=loc
!
6-5
Chapter 6 # #-#
• Link account password: enter the user password as defined in DN of the link
account
• Directory domain: this field is automatically completed from the domain defined in
DN of the link account. It can be modified.
This field represents the domain to which the external directory belongs.
• Base from which the synchronization will be done: enter the field specifying the
sub-tree of the directory from where the synchronization is performed.
For example: dc=domain,dc=loc
• Base group in which the users will be retrieved: enter the target group name where
the users are to be placed
• Time when the automatic synchronization will start: select the time of the daily
synchronization
• Encrypt the connection with the Active Directory server: validate the check box to
encrypt information between the remote directory and Extended Communication
Server.
To do this, you can import the public part of the authority certificate used on the Active
Directory in ASCII(Base64) format. This option can be used without importing the
authority certificate.
4. Click OK
This operation generates an LDAP (port 389) or LDAPS (port 636) connection to the Active
Directory server according to the security option.
Note:
In the case of LDAPS synchronization with the Active Directory server, the Extended Communication
Server server asks the superadmin to authenticate again.
If parameters sent by the Extended Communication Server are correct, the Active Directory
server returns the user list.
The administrator can exclude some users from the synchronization (See the Exclusion tab).
6.3.2.2 How-to Retrieve the Link Account Information in the Windows® Server
The link account is an Active Directory user with admin rights. It must be created in the
windows server with the Active Directory users and computers administrative tool. See below
an example of link account link link is created in the group Domain Admin.
___change-begin___
6-6
!
# #-#
___change-end___
Figure 6.5: User Properties Example
The DN of the link account has the following form :
cn=name,cn=Users,dc=domain,dc=domain_extension.
Example with an Active Directory domain named domain.loc :
cn=link link,cn=Users,dc=domain,dc=loc
The base from which the synchronization is performed has the following form:
dc=domain,dc=domain_extension
Important:
When the connection from the Extended Communication Server to the Active Directory fails, it is
recommended to perform some connection tests from a LDAP browser installed on a client PC.
The connection from the Extended Communication Server does not work as long as the connec-
tion from the LDAP browser does not work. In this case, check the Windows® server configura-
tion and parameters.
6.3.2.3 Synchronization
Once the user list is retrieved from the Active Directory server, the administrator can change
the service status to On in order to activate the service.
Click the Synchronize button at the bottom of the frame in order to launch the first
!
6-9
Chapter 6 # #-#
synchronization.
This operation will retrieve the user information from Active Directory and create the users in
the Extended Communication Server base group. The retrieved information are:
- User login
- User first name
- User last name
- Phone number
- Mobile phone number
- Email addresses
Once the first synchronization is done, you can activate the daily synchronization process
which will repeat the operation described above.
6.3.2.4 Deactivated Account
This list presents user accounts deleted or deactivated in the external directory. They have
been deactivated on the Extended Communication Server server. They will be activated again
if the account is reactivated or recreated in the external directory. They are available in this
interface so that they can be deleted by the administrator.
Replacement
a e i o u A E I O U
Characters
Special
ä ë ï ö ü ÿ Ä Ë Ï Ö Ü
Characters
Replacement
a e i o u y A E I O U
Characters
Special
â ê î ô û Â Ê î Ô Û
Characters
Replacement
a e i o u A E I O U
Characters
Special
å Å # Ø ß ç Ç ã ñ õ Ã Ñ Õ
Characters
Replacement
a A o O s c C a n o A N O
Characters
6.3.3.4 Restrictions
The number of users which can be imported cannot exceed the maximum number of licensed
users.
For imported users, the following information cannot be modified:
- Password
- Phone information
6.3.4 LOGS
!
6-11
Chapter 6 # #-#
This chapter introduces you to the different possibilities the Extended Communication Server
offers for managing information security and for monitoring traffic. After reading it, you will be
able to plan the organization information security and implement it.
7.1 Overview
For managing security, the Extended Communication Server is equipped with:
- An internal proxy server
- An internal firewall
By default, the firewall is active but the proxy server is not active.
Note:
We recommend you to configure and activate proxy and firewall services.
Moreover, for a better network security, we recommend you to use the Extended Communication Server
options: Kaspersky, for an efficient antivirus protection.
!
7-1
Chapter 7 #'
. #-#
The system handles a preexisting list of services that you can consult thanks to the Service
management > Security > Firewall > Services and service groups menu, selecting the
Services tab. You can also add new services to this list for specific needs.
main flows. Use this menu to have an overview on firewall rules or for basic needs.
- The Advanced settings menu displays all available flows and associated rules. Use this
menu if you have specific needs.
By default, all services are forbidden.
___change-begin___
___change-end___
Figure 7.3: The Basic Settings Tabbed-panel
!
7-3
Chapter 7 #'
. #-#
a. In this form, select a service or a service group (in our example, the MAIL service
group). It is also possible to create new services from this form if necessary.
b. Click Add.
c. Click OK.
The rule is now displayed in the rule list.
___change-begin___
!
7-5
Chapter 7 #'
. #-#
___change-end___
Select the Order level of the new rule.
The firewall scans messages from the lowest order rule to the highest order rule. The first
rule which matches decides if a message is allowed or refused.
que se passe t il quand aucune regle ne match?????
The three service protocols of the MAIL service group (i.e. SMTP, POP, IMAP) are authorized
for this flow.
Note:
After you have created the firewall rules, we recommend you to save them via the Service management
> Security > Firewall > Back up and restore rules menu.
individually.
- Web filtering. Web filtering is done through black and white lists of URLs or keywords that
forbid or authorize access to certain Web sites. Filters apply to all users or to specific user
groups.
Note:
These services need that the client Web browser is configured so that the Web traffic is sent to the proxy
server.
Important:
If the proxy server is used for Web traffic control and filtering, the firewall should block http and
https traffic. Blocking direct Web access forces Web traffic to pass through the proxy server,
which is essential to an efficient control and filtering service.
!
7-7
Chapter 7 #'
. #-#
Note:
The proxy cache service must be active for the Web filtering to be effective.
!
7-9
Chapter 7 #'
. #-#
c. Click OK.
8. Come back to the Lists by group menu.
9. Enable the Black and White lists by group filtering by clicking On.
7.4.1 Overview
A certificate is an electronic document which incorporates a digital signature to bind together a
key with an identity. The signature is delivered by a CA (Certification Authority).
Among other information, a certificate includes:
- the organization name
- a validity period
- The digital signature.
The Extended Communication Server hosts its own certification authority. This CA signs the
certificates delivered by the server for all secured services.
!
7-11
Chapter 7 #'
. #-#
!
7-13
Chapter 7 #'
. #-#
2. Select whether you wish the certificates to be automatically regenerated when the host
name is changed. Click yes or no.
3. Select the services on which the new certificates are to apply.
!
7-15
Chapter 7 #'
. #-#
Read this chapter if your Extended Communication Server works together with an OmniPCX
Office. After reading it, you will be able to carry out Internet and telephone services
convergence.
!
8-1
Chapter 8 /
'# 0
%##'#
___change-end___
Figure 8.3: Voice and Data Convergence Service Activation
!
8-3
Chapter 8 /
'# 0
%##'#
After reading this chapter, you will be able to manage internal and external email messaging.
!
9-1
Chapter 9 #
#-#
Note 1:
You must verify that the MX (Mail eXchange) DNS record point the server public IP address. Contact
the registrar that manages the domain name to verify this particular point.
!
9-3
Chapter 9 #
#-#
you declared in the General network parameters form. If the organization has several
domain names, declare them to the system to optimize email processing. Email addresses that
belong to domains declared to the system do not need external DNS queries.
To declare a domain name to the system:
1. Select the Service management > Email > SMTP > Domain names menu.
2. Click Add.
This opens a Declaration of the domain names managed by the appliance form.
!
9-5
Chapter 9 #
#-#
Note:
Remote users email-client must be configured to authenticate when accessing the service.
4. To authorize the relay to the Internet by name or IP address:
• Click the Name or IP address tab.
• Click Add.
• Enter the desired name or IP address.
• Click OK.
The other tabs (HELO/EHLO and Remote blacklist) can also be used to restrict the
authorizations and filter the email addresses.
!
9-7
Chapter 9 #
#-#
10
"
10.1 Overview
The Instant Messaging application allows a user to:
- Exchange instant messages with one or several users
- Know the status of other users
10.2.3 Options
___change-begin___
!
10-1
Chapter 10 #
___change-end___
Figure 10.2: Option Section
- By default, allow connection server to server:
• On: all instant messaging servers are allowed to connect to Extended Communication
Server except servers belonging to the black list
• Off: all instant messaging servers are not allowed to connect to Extended
Communication Server except servers belonging to the white list
- Authorize creation and use of chat rooms: users can create and/or use chat rooms
(chat room is for heavy clients only)
- Pre-fill of the buddy list:
• None: user's buddy list are not pre-filled
• With members of groups: buddy lists of users are automatically filled with members
of their groups
• With members of virtual groups: buddy lists of users are automatically filled with
members of their virtual groups
• With members of groups and virtual groups: buddy lists of users are automatically
filled with members of their groups and virtual groups
- Number of simultaneous sessions by user: enter the number of simultaneous chats per
user
___change-end___
Figure 10.3: Web Gateway Section
- Activate the web gateways:
• On: users can use some features only available through the web and to connect to the
instant messaging without firewall restrictions.
In addition, the Presence feature can be hosted on a remote server
• Off: no web access is available
- Website name: select the domain name used by Extended Communication Server users
to access the web features
- Listening interface for the web gateways: select the network interface used for FTP
transfer. Only heavy client use FTP to transfer.
- Authorize the web presence: this feature allows your users to display their availability on
a website.
- Activate web presence by default for all users: by activating this option, all the users
can use the feature, otherwise they have to activate it through their instant messaging
client.
- Activate the http-polling:
• On: specific clients can connect to the instant messaging application via a URL. For
example: http://xmpp.domain.loc/http-poll/
Note 1:
All clients do not support this protocol
• Off: all clients must use the 5222 port
- Activate the files transfer proxy:
• On: file transfers to users outside the Extended Communication Server domain are
allowed
!
10-3
Chapter 10 #
Note 2:
The use of a proxy is not available on all instant messaging clients.
• Off: no file transfer outside the Extended Communication Server domain
10.2.5 Gateways
___change-begin___
___change-end___
Figure 10.4: Gateways Section
Activate IRC gateway:
You can allow your users to connect to some IRC servers
- On: users, declared on this Extended Communication Server, can connect to a remote IRC
(Internet Relay Chat) server
- Off:
___change-end___
Figure 10.7: Configuration Example with Users in the Same Domain and Same LAN
Instant Messaging configuration:
- Domain of identifiers: mydomain.com
- By default allow connection server to server: off
- Authorize creation and use of chat rooms: off
- Pref-fill of the buddy list: None
- Number of simultaneous session by user: 1
Firewall configuration:
- Traffic LAN -> ECS on port 5222 (or 5223) must be allowed
___change-end___
Figure 10.8: Configuration Example with Users in the Same Domain and Different LAN
Instant Messaging configuration:
- Domain of identifiers: mydomain.com
- By default allow connection server to server: off
- Authorize creation and use of chat rooms: off
- Pref-fill of the buddy list: None
- Number of simultaneous session by user: 1
Firewall configuration:
- Traffic from LAN to ECS on port 5222 (or 5223) must be allowed
- Traffic from WAN to ECS on port 5222 (or 5223) must be allowed
___change-end___
Figure 10.9: Configuration Example with Users in the Different Domain and Different LAN
Instant Messaging configuration:
- Domain of identifiers: mydomain.com
- By default allow connection server to server: on
(or add the remote server name in the white list)
- Authorize creation and use of chat rooms: off
- Pref-fill of the buddy list: None
- Number of simultaneous session by user: 1
Firewall configuration:
- Traffic LAN -> ECS on port 5222 (or 5223) must be allowed
- Traffic WAN -> ECS on port 5269
___change-end___
Figure 10.10: Configuration Example with Users in the Different Domain and Same LAN
Instant Messaging configuration:
- Domain of identifiers: mydomain.com
- By default allow connection server to server: on
(or add the remote server name in the white list)
- Authorize creation and use of chat rooms: off
- Pref-fill of the buddy list: None
- Number of simultaneous session by user: 1
Firewall configuration:
- Traffic LAN -> ECS on port 5222 (or 5223) must be allowed
- Traffic WAN <-> ECS on port 5269 must be allowed
!
10-9
Chapter 10 #
This document explains how to configure the fax server on the Extended Communication
Server and OmniPCX Office.
11.1 Overview
The Extended Communication Server can host a fax server.
The main technical characteristics of the fax server are:
- The connections to OmniPCX Office uses SIP protocol
- Communications from Extended Communication Server to the OmniPCX Office use the
port number 5060
- Communications from OmniPCX Office to the Extended Communication Server use the
port number 5059
- Protocols RTP and SRTP are supported
- Connections from OmniPCX Office to the public network must be performed via ISDN or
analogic lines. Public SIP providers are not supported.
11.2 Configuration
___change-end___
Figure 11.2: VOIP Parameters Settings 1
- Number of VoIP-Trunk Channels: select a value # 2
- VoIP Protocol: select SIP (a warm reset is required)
___change-begin___
11-2
!
12 #%# #-#
___change-end___
Figure 11.3: VOIP Parameters Setting 2
- H323 End of Dialing Timeout: select 5.0. By default, the OmniPCX Office uses a timer for
outgoing calls on VoIP trunk (SIP / H.323)
- End of Dialing table used: validate the check box and configure the associated table
(Numbering - EoD Table)
11.2.1.2 Traffic Sharing and Barring
To allow Fax reception/transmission between the public network and the Extended
Communication Server through Alcatel-Lucent OmniPCX Office Communication Server, do not
forget to manage the traffic sharing & barring tables for the transit calls:
Public trunk <=> VoIP link
11.2.1.3 Numbering Plan Configuration
Configure the installation number:
___change-begin___
!
11-3
Chapter 11 12 #%# #-#
___change-end___
Figure 11.4: Installation Numbers Settings
In the public numbering plan, the Fax DDI number is sent to the ARS table:
___change-begin___
___change-end___
Figure 11.5: Public Numbering Plans Settings
VoIP trunk is a private trunks: in the Private Numbering Plan, configure the prefix for outgoing
calls to enable Fax transmission from Extended Communication Server to the public network
(on Extended Communication Server, the prefix for public calls is configured with the value 0).
___change-begin___
___change-end___
Figure 11.6: Private Numbering Plans Settings
!
11-5
Chapter 11 12 #%# #-#
(91330 4000). If the Installation number is empty, then the prefix in the ARS table must be the
DDI part only (prefix = 4000). In this case, the CLI send to the public exchange for outgoing
calls will be the DDI part only and not the public number.
___change-end___
Figure 11.10: ISDN Services
Enable external forwarding for the virtual terminals:
___change-begin___
___change-end___
Figure 11.11: Feature Rights Part 1
!
11-9
Chapter 11 12 #%# #-#
___change-begin___
___change-end___
Figure 11.12: Feature Rights Part 2
Configure immediate call forwarding to the Extended Communication Server Fax extension
(for example: 301 for USER A):
___change-begin___
___change-end___
Figure 11.13: Forwarding Definition
___change-begin___
___change-end___
Figure 11.14: Public Numbering Plan Definition
In the internal numbering plan, the Extended Communication Server fax numbers (301-302)
are routed to the ARS table:
___change-begin___
___change-end___
Figure 11.15: Internal Numbering Plan Definition
!
11-11
Chapter 11 12 #%# #-#
ARS table configuration: configure the Extended Communication Server as the destination
___change-begin___
___change-end___
Figure 11.16: ARS Destination for Extended Communication Server
Note:
The other ARS parameters are the same as for the fax server in the previous paragraph.
11.2.2.4 Miscellaneous
If USER A wants to send a fax to USER B, the public number is used by the Extended
Communication Server and the call is routed through the public network. It is possible to
re-route the call directly to the Extended Communication Server using the ARS table.
Private numbering plan: route the outgoing calls from the Extended Communication Server
through the ARS table (in the Extended Communication Server, the prefix for public calls is
configured with the value 0).
___change-begin___
___change-end___
Figure 11.17: Private Numbering Plan
___change-begin___
___change-end___
Figure 11.18: ARS Table Configuration
1. When the Extended Communication Server dials the public number of USER B, the
number -913304002- is replaced by 302 and re-routed to the Extended Communication
Server (note: 2 SIP channels are used)
!
11-13
Chapter 11 12 #%# #-#
Note:
The channels not dedicated to sending or reception are mixed by default.
11.2.3.3 Profile and Coversheet Configuration
11.2.3.3.1 Define a New Profile Tab
___change-begin___
___change-end___
Figure 11.20: Coversheet Profile Definition
In the Define a new profile tab you can create new profiles:
- Enter the new profile name in the field Profile description
- Select the profile language in the field Profile language
- Select the user group associated with this new profile in the field Associate the profile to
the group (optional)
- Click OK
Note:
The number of profiles is not limited.
___change-begin___
___change-end___
Figure 11.21: Fax Server Coversheet Definition
In the Add coversheets tab, you can:
- Download the coversheet editor to create or modify coversheets
- Upload and configure a new coversheet:
• Select the language in the field Profile language
• Select your new coversheet: click Browse... and navigate on your machine to select
the new coversheet
• Click OK
Note:
The number of coversheets is not limited.
!
11-15
Chapter 11 12 #%# #-#
___change-begin___
___change-end___
Figure 11.22: Fax Server Coversheets and Profiles Definition
In the Coversheets and profiles tab, you can associate a coversheet to a profile:
1. Select the Profile language
The drop down list includes the default profiles (language profiles) and your specific
profiles.
2. Click OK
All coversheets associated with the selected profile are displayed.
3. Select a coversheet
The coversheet list includes the default coversheets and you specific coversheets.
4. Click OK
11.2.3.4 Fax Server Enabling
Activate the fax server:
- At the bottom of the Fax server page
- Fax server status: click On to enable the fax server (or Off to disable)
11.2.3.5 Fax User Configuration
To set fax parameter for a user:
- Navigate to Directory > Users accounts
- Select the a group and a user
- Click Modify
The user definition page is displayed:
___change-begin___
11-16
!
12 #%# #-#
___change-end___
Figure 11.23: User Fax Number Definition
In the Fax Service section:
- FaxServer Profile: select the fax user profile. This parameter defines the coversheet and
the language of faxes sent by the user.
The default profile is set to the profile associated to the user group if it exists. Otherwise
the default profile is set to the profile associated to the user language.
For this parameter, the choice includes all language profiles and new profiles created in
the Define a new porfile tab.
If you want to associate a specific coversheet to a user:
• In the Define a new profile tab, create a new profile with no associated group
• In the Add coversheets tab, upload the new coversheet created with the coversheet
editor
• In the Coversheets and profiles tab, associate the new coversheet to the new profile
• In the user settings, associate the new profile to the user
- Internal Fax Number: enter the internal phone number associate to the fax of the user.
- External Fax Number: enter the number on which the user will receive his faxes
11.3.1 Configuration 1
___change-begin___
!
11-17
Chapter 11 12 #%# #-#
___change-end___
Figure 11.24: VoIP SIP Service on the Extended Communication Server WAN
This is the recommended configuration because it allows the home worker configuration.
11.3.2 Configuration 2
___change-begin___
___change-end___
Figure 11.25: VoIP SIP service on the Extended Communication Server LAN2
11.3.3 Configuration 3
___change-begin___
___change-end___
Figure 11.26: VoIP SIP service on an Ethernet alias
!
11-19
Chapter 11 12 #%# #-#
!
11-37
Chapter 11 12 #%# #-#
12 )* +
After reading this chapter, you will have an overview of the Web hosting service the Extended
Communication Server offers and you will be able to create an Extended Communication
Server hosted website.
!
12-1
Chapter 12 3#4 5
Important:
The site must be created from the webmaster account. The following procedure is intended for
the webmaster.
To create the site:
1. Enter the administration interface:
!
12-3
Chapter 12 3#4 5
• If you are webmaster and server administrator, the administration interface is already
running.
• If you are webmaster and delegated administrator, click the Administration button
located at the right-hand side of the Virtual Desktop.
This opens the administration interface limited to the menus you are authorized to use
and the resources you are authorized to administrate.
2. Select the Service management > Web > Configuring web sites menu.
A tabbed-panel is displayed.
3. Select the tab corresponding to the concerned site type:
• Web sites: by name (http)
• Web sites: by IP (http)
• Secure web sites: by IP (https)
4. Click Add.
5. Depending on the type you selected, enter the full name (e.g. www.business.com) or the
IP address.
6. Select the network interface used to access the website:
• A WAN interface for an Internet or Extranet website.
• A LAN interface for an Intranet site.
7. Click OK.
The new website is now displayed in the list of web servers.
8. Click the Status button to activate the site. The button turns then from orange to green.
!
12-5
Chapter 12 3#4 5
1. Select the Service management > Naming service > DNS naming > DNS zone
management menu.
!
12-7
Chapter 12 3#4 5
13
,$
13.1 Introduction
Extended Communication Server enables to access telephony free of charge over the internet
network:
- Between two users connected to the Virtual Desktop (in or out of company premises). The
user connected on the Virtual Desktop uses a downloaded softphone installed on his
machine. This solution requires Internet Explorer 6 (or higher) and ActiveX must be
enabled.
To implement this solution, see § Basic Configuration for SIP Telephony over the Internet .
!
13-1
Chapter 13 * 6# # ). %# )# ##
plug-in requires Internet Explorer 6 (or higher) and ActiveX must be enabled.
To implement this solution, see § Adding a Click to Call Button on a Web Site .
13.2.1 Prerequisites
- The DNS service must be activated on the Extended Communication Server.
- A certificate must be created for the domain name used for SIP telephony over the
internet. For more information on certificate creation, see module Installing the system -
Security Management § Creating a user certificate .
- The following ports must be authorized for user stations behind a firewall:
• Port 5061 TCP from the computer to internet
• Range 8000:9000 TCP/UDP from the computer to internet
3. In the VOIP - SIP Domain Name field, enter the name of the domain used for SIP
addresses. This domain is managed by the Extended Communication Server DNS. This
domain name can be the same as the Appliance Domain Name.
4. Validate the Automatic creation of the associated DNS zone checkbox so that specific
fields are automatically created in the Extended Communication Server DNS.
5. Select the Server Public IP address in the drop-down list.
6. In the VoIP stations numbering range field, enter a range containing at least 100
numbers.
7. Click OK.
8. Select the SSL certificate tab.
9. Select the certificate to be used for the VOIP - SIP domain name.
10. Activate the Telephony on Internet server.
!
13-3
Chapter 13 * 6# # ). %# )# ##
Note:
By default, VoIP telephony is activated for all users.
3. Click OK.
13.3.1 Prerequisites
- Basic Configuration for SIP Telephony over the internet must be performed.
- Alcatel-Lucent OmniPCX Office Communication Server must be R7.0 or higher and SIP
trunking must be configured.
6. Under OmniPCX Office - VoIP SIP configuration, check the Use this server to do
VoIP-SIP checkbox.
7. In the IP address field, enter the IP address of the VoIP board of the Alcatel-Lucent
OmniPCX Office Communication Server.
8. In the Login and Password fields, enter the login and password of the SIP gateway of the
Alcatel-Lucent OmniPCX Office Communication Server.
9. Click OK.
10. Click the Check the Connection button to check the configuration.
13.4.1 Prerequisites
- Basic configuration for SIP telephony over the internet and configuration for interoperability
with OmniPCX Office must be performed.
- The web site must have been created with an Extended Communication Server version
supporting SIP telephony over the internet: see module Installing the system - Web
Hosting .
!
13-5
Chapter 13 * 6# # ). %# )# ##
To obtain the identification key corresponding to the user to be called by the click to call
button:
1. Select the Service management > Web > Configuring web sites menu.
the Identification key copied at the previous step in the administration interface
</form>
</body>
</html>
2. Transfer the html file to the server: see module Installing the system - Web Hosting §
Loading the Site into the server
3. Go to the web site and test the button
!
13-7
Chapter 13 * 6# # ). %# )# ##
14 "*
After reading this section, you will be able to implement the push mobile service.
14.1 Overview
The push mobile service allows:
- To synchronize e-mails from the Extended Communication Server to a device running
under Windows Mobile 5 or 6. The push mobile service checks periodically (by default
every five minutes) if there are new e-mails in the Extended Communication Server user
account. If this is the case, e-mails received since the last synchronization (or in the last
five days if it is the first synchronization) are "pushed" to the mobile device.
- To synchronize groupware elements (contacts, calendar events and tasks) between the
Extended Communication Server to a device running under Windows Mobile 5 or 6: the
push mobile service checks periodically (by default every five minutes) if there are new
groupware elements in the Extended Communication Server user account. If this is the
case, the groupware elements created since the last synchronization in the Extended
Communication Server user account are "pushed" to the mobile device and the groupware
elements created on the mobile device are "pushed" to the Extended Communication
Server user account.
Note:
If there are no new groupware elements in the Extended Communication Server user account, there
is no automatic synchronization from the device to the user account: in this case, synchronization
must be triggered manually be the user.
14.2 Prerequisite
Before activating and configuring the push mobile service, you must:
- Install the corresponding service pack.
- Enter the license number.
!
14-1
Chapter 14 *) 4
#
___change-end___
Figure 14.3: Push Mobile Achitecture
The Push Mobile service is based on « outgoing » connections. No network connection from
Internet to the LAN is needed.
All the information shared between the mobile device and the Extended Communication
Server is done through a VPN tunnel. This VPN tunnel is established by the Alcatel-Lucent
Enterprise relay server which also provides the ComID.
The VPN session keeping between the mobile device and the Extended Communication
Server uses approximately 1 MB per month.
Supported architectures:
- Extended Communication Server connected directly to Internet with a public IP
- Extended Communication Server in a LAN “nated” behind a FW or a router
- Extended Communication Server hosted in a DMZ
- Mobile device with data connection to Internet
- Mobile device connected to Internet through WIFI
Not supported architecture : Extended Communication Server behind a proxy.
!
14-3
Chapter 14 *) 4
#
The push mobile service hosts a syncml server compliant with mobile devices under Symbian
OS and running syncml 1.1. The behavior is based on a standard “on demand”
synchronization process from the client device.
The synchronized elements are the user’s personal contacts and calendar. Contrary to the
service for windows mobile, there is no client to be installed and no push feature. The service
is totally based on the standard syncml 1.1 client installed on the device.
Because the synchronization is made through a SSL tunnel, the end user must install his own
user certificate on the Symbian device.
The most serviceable is to install first the Extended Communication Server certification
authority, and then the user certificate signed by the Extended Communication Server
certification authority. Both are available in the Extended Communication Server mobile virtual
desktop (See user guide for more information).
14.8 LOGS
In case of problems, you can:
- Consult logs in the events log of Push Mobile service or in the control panel
- Launch a diagnostic from the user mobile phone
!
14-5
Chapter 14 *) 4
#
15 -
After reading this chapter you will be able to backup the Extended Communication Server
configuration and data so that you can restore all or a part of them if necessary.
15.1.1 Overview
The configuration backup/restore feature is useful for the following purposes:
- Backup and restore an Extended Communication Server configuration on an empty
machine:
• An administrator installs the same configuration on multiple machines
• The technical support gets the customer’s Extended Communication Server
configuration to test it
• The trainer set quickly the Extended Communication Server in a configured state
- Backup and restore an Extended Communication Server configuration on a configured
machine:
• Recovery procedure to restore the configuration and the directory (restart from scratch)
• Recovery procedure to restore only the configuration part of the Services (Users are
not modified)
!
15-1
Chapter 15 7'( "##
15.2 Backup
To perform a configuration backup:
- Navigate to Appliance management > Backup / Restore
15.3 Restore
Important:
The authentication will be requested during the restore procedure. The superadmin password is
set to rv during the restore process.
To perform a configuration restore:
- Navigate to Appliance management > Backup / Restore
- Select the Restore tab
The list of backups are displayed:
___change-begin___
___change-end___
It is possible to display the LDAP database and the patch-list of the backup by clicking the
!
15-3
Chapter 15 7'( "##
lup icon.
- Select the option to restore or not restore the directory (users and groups) and click
Restore
The restore resume is displayed:
___change-begin___
___change-end___
15.4 Restrictions
15.4.1 Software
- Licenses won’t be saved/restored
- The software (and patch) level must be higher on the destination Extended Communication
Server than on the source one
- The restore process cannot restore more users than allowed by the license installed on the
Extended Communication Server. If the backup file contains more users, then the restore
process will stop
15.4.2 Hardware
- The configuration backup/restore is cross compatible between PREMIUM and COMPACT
- There are some exceptions linked to network devices. The restore process includes a
network devices checking. The hardware network devices configuration must be the same
between both source and destination Extended Communication Server.
!
15-5
Chapter 15 7'( "##
16 (
!
16-1
Chapter 16 #
2#
17.2 Rollback
The rollback procedure is used to return to R4.1 when an unfixable error happens during
migration.
Rollback procedure:
- Introduce the Extended Communication Server R4.1 DVD in the driver
- Reboot the Extended Communication Server
The Extended Communication Server boots on DVD and install the R4.1 software.
- Recover the user database from the full backup previously performed
!
17-1
Chapter 17
- "# ## "# ## !