ACCELERATOR 8.0 CISCO JABBER INTEGRATION GUIDE April 2017 Tango Networks, Inc. phone: +1 469-920-2100 2801 Network Blvd, Suite 200 fax: +1 469-920-2099 Frisco, TX 75034 USA www.tango-networks.com
2004-2017 Tango Networks, Inc. This software is protected by copyright law and international treaties, and is the confidential and proprietary information of Tango Networks, Inc. Unauthorized reproduction, use, or distribution of this software, or any portion of it, may result in severe civil and criminal penalties, and will be prosecuted to the maximum extent possible under the law. The software described in this document is furnished under license agreement and may only be used in accordance with the terms of the agreement. Tango Networks is a trademark of Tango Networks, Inc. All other trademarks used herein are the property of their respective owners and are used for identification purposes only. 2004-2017 Tango Networks, Inc. Tango Networks is a trademark s or registered trademarks of Tango Networks, Inc. All other trademarks or service marks are the property of their respective owners. Specifications and features are subject to change without notice. April 2017 CONFIDENTIAL Page 2 of 17
TABLE OF CONTENTS ACCELERATOR INTEGRATION PROCESSES... 4 Notes... 4 WORKFLOW... 5 Cisco IM and Presence Provisioning... 5 Accelerator Provisioning... 5 CISCO IM AND PRESENCE PROVISIONING... 6 SIP Federation Inter-Domain to AOL... 6 Static Routes... 7 Incoming ACL... 8 Restart Components... 9 Restart Cisco SIP Proxy... 9 Restart Cisco XCP Router...11 No Other Actions...12 ACCELERATOR PROVISIONING...13 Voice Network: Carrier...13 Voice Network: Service Profile...13 Voice Network: Enterprise Ranges...13 Voice Network: Configure Messaging Server...14 Subscriber: Configure Subscriber...14 JABBER CLIENT CONTACTS...16 April 2017 CONFIDENTIAL Page 3 of 17
Accelerator Integration Processes The Cisco Jabber integration feature extends your existing Cisco IM and Presence solution so that Jabber users can send instant messages from their Jabber client (mobile, PC, or table) to any mobile or SMS enabled DID. Mobile users can send text messages to Jabber users as well. The Business Identity of the Jabber user is preserved by mapping the Jabber userid with their enterprise DID. The Accelerator provides always accepted, always active Presence information for any associated SMS enabled endpoint. This document assumes you have the following already provisioned and running: Cisco Unified Call Manager - The Cisco Call Manager has a Presence server defined with a trunk, End Users with IM and Presence, SIP Profiles, SIP Security Trunk Profile, etc. Cisco Unified CM IM and Presence server The Presence server is defined, configured, and running. Jabber Users Notes Important Note: TLS is supported but not discussed in this document. Due to the nature of generating SSL certificates on the Tango product, please contact Tango 1 st level support for configuration instructions. Chat dialog sessions from the IM and Presence server stay up for 10 minutes for IDLE time. Only plain/text messages are supported. Any XML notifications received via MESSAGE requests are consumed and auto-acknowledged with a 200 OK. If the conversion from Jabber UserID to the subscriber s enterprise DID fails, a 404 NOT FOUND error is sent back to the IM and Presence server. Incoming message dialog creation INVITEs are authenticated via nodal authentication against the provisioned Messaging Server trunk IP address. The Accelerator rejects messages from unknown endpoints with a 403 FORBIDDEN response. April 2017 CONFIDENTIAL Page 4 of 17
Workflow Cisco IM and Presence Provisioning The solution requires that the Cisco Unified CM IM and Presence server is setup with an AOL SIP Federated server, Static Route for TCP, and an Incoming Access Control List (ACL). 1. SIP Federation Inter-Domain to AOL Ensure that an Inter-Domain to AOL exists defining the Accelerator s domain. Page 6. 2. Static Routes Ensure that a TCP static route exists that defines the Accelerator s Messaging domain name. Page 7. 3. Incoming ACL Ensure that an Incoming ACL exists that defines the physical address of the Accelerator(s). Page 8. 4. Restart Components After completing steps 1 through 3, the Cisco SIP Proxy and Cisco XCP Router components need to be restarted. These components are found in the Serviceability area. Page 9. 5. No Other Actions After working in the Serviceability area, verify that no other actions are required. Page 12. Accelerator Provisioning The steps listed here are from the Business Messaging Quick Start section of the Accelerator Provisioning Guide. 1. Add an SMS Carrier Ensure a messaging carrier is defined and active. Page 13. 2. Ensure Service Profile contains Enterprise Messaging Each subscriber will be assigned a Service Profile that must include Enterprise Messaging. Page 13. 3. Configure Enterprise Ranges Although not required for this feature specifically, it is always helpful to have enterprise ranges defined in the system to help translate numbers. Page 13. Note: If you do not define the subscriber s DID on the subscriber record, it must be derived by your Enterprise Ranges. See the Enterprise Ranges section of the Accelerator Provisioning Guide to see how DIDs are derived. April 2017 CONFIDENTIAL Page 5 of 17
4. Configure Messaging Server Add a Messaging Server to define the domain name used by the Accelerator and the IM and Presence server. Page 14. 5. Configure Subscriber With Enterprise Messaging enabled Service Profile, the subscriber record is assigned the Messaging Server, Messaging Carrier, and the Jabber User ID, as well as other fields for the subscriber. Page 14. Cisco IM and Presence Provisioning SIP Federation Inter-Domain to AOL As the admin user in the Cisco Unified Communications Manager IM and Presence application, navigate to Presence ->Inter-Domain Federation ->SIP Federation. Figure 1 Inter-Domain Federation SIP Federation Figure 2 SIP Federated Domain Configuration Domain Name - This is the host portion that Jabber users will use when messaging to an E.164 number (i.e., 12141231234@<Domain Name>. This is the domain name provisioned in the Accelerator's Messaging Server page as described on page 14. April 2017 CONFIDENTIAL Page 6 of 17
IMPORTANT NOTE: You may want to consider using a short domain name here so that your Jabber users will not have to remember (or type) a long domain name each time they add a Contact in their Jabber client. RECOMMENDATION: Create an internally resolvable DNS entry such as text.com -or- sms.com. That way the Jabber client Contact would look something like this: 12145551212@text.com The rest of this document does not use this method. Instead, you will see the long domain name of ftr21acceldom.com. Description A description of the SIP Federation. Integration Type Set to Inter-Domain to AOL. Static Routes Configure a TCP static route to the Accelerator. Navigate to Presence - >Routing ->Static Routes. Figure 3 Presence ->Routing ->Static Routes April 2017 CONFIDENTIAL Page 7 of 17
Figure 4 Static Route Configuration Destination Pattern - This is the pattern for the domain entered on Figure 2, page 6. The domain must be entered in reverse. For example, ftr21acceldom is entered backwards resulting in.com.ftr21acceldom.* Be sure to include the trailing asterisk *. Description Describe the static route. Next Hop - Enter the session conductor address. For a multi- node Accelerator, enter the service IP address of the session conductors. Next Hop port Set to 5060. Route Type - Set to Domain. Protocol Type - Set to TCP. All other fields - Leave at their default values. Incoming ACL Ensure that the physical address of the session conductor is defined in an ACL. For multi-node Accelerators, 2 ACLs are needed. Navigate to System - >Security ->Incoming ACL. Figure 5 System ->Incoming ACL April 2017 CONFIDENTIAL Page 8 of 17
Figure 6 Incoming ACL - Session Conductor Address(es) Address Pattern - Set this to the session conductor IP address. For multi-node Accelerators, 2 ACLs are used each pointing to a session conductor address as shown in Figure 6 for the two ftr21 entries. Description Describe the ACL(s). Restart Components Two components need to be restarted after configuring the SIP Federated server, Static Route, and Incoming ACL. Restart Cisco SIP Proxy 1. To restart the Cisco SIP Proxy, find the Cisco Unified IM and Presence Serviceability option in the Navigation drop down menu. Figure 7 Cisco Unified IM and Presence Serviceability April 2017 CONFIDENTIAL Page 9 of 17
2. Navigate to Tools ->Control Center Feature Services. Figure 8 Tools ->Control Center Feature Services 3. Select the appropriate CUCM IM and Presence server. Figure 9 Select the CUCM IM and Presence server 4. Find and enable the Cisco SIP Proxy component in the IM and Presence Services area. Scroll to the top to find the Restart button. The restart may take several minutes. Figure 10 Restart Cisco SIP Proxy April 2017 CONFIDENTIAL Page 10 of 17
Restart Cisco XCP Router 1. To restart the Cisco XCP Router, navigate to Tools ->Control Center Network Services. Figure 11 Tools ->Control Center Network Services 2. Select the appropriate CUCM IM and Presence server. Figure 12 Select CUCM IM and Presence server 3. Find and enable the Cisco XCP Router component in the IM and Presence Services area. Scroll to the top and click Restart. The restart may take several minutes. Figure 13 Restart Cisco XCP Router April 2017 CONFIDENTIAL Page 11 of 17
No Other Actions It is important to verify that there are no other actions required. The previous steps in the Serviceability area required actions that restarted 2 components. It has been observed that some actions in the Serviceability area may not clear automatically and must by cleared manually. 1. From the Navigation pull down menu, go to Cisco Unified CM IM and Presence Administration. Figure 14 Cisco Unified CM IM and Presence Administration 2. Ensure there are no other actions and the count is 0 (zero). Figure 15 Ensure No Other Actions This completes the Cisco IM and Presence server configuration. Proceed to the next page to begin Accelerator Provisioning. April 2017 CONFIDENTIAL Page 12 of 17
Accelerator Provisioning As the admin user, complete the steps described in this section using the Accelerator Provisioning interface. Most of the information below is a recap of the Business Messaging Quick Start section found in the Accelerator Provisioning Guide. For clarity, the steps are repeated here. The procedures below frequently refer to the Accelerator Provisioning Guide. If you haven t done so already, keep a 8.0 version of the document handy so you can execute these steps. Voice Network: Carrier 1. First, complete the My Contact Information Menu section first as it is a prerequisite for adding a carrier. Additional details can be found in the Accelerator Provisioning Guide, Carrier Menu section. Add a carrier by enabling the Business Messaging checkbox. Additional details can be found in the Accelerator Provisioning Guide, Carrier Menu section. An activation email containing the security certificate must be sent to the provider. You can use the Accelerator carrier screens to send the email or you can download the files and email them with your own email program. If you use the Accelerator to send the files, ensure that the Email Settings tab in the Tango Management Console is complete before attempting to send the email. Before the carrier can be fully activated, an email response must be received back from the provider containing the provider contact information as well as a security certificate. Once this email is received, the administrator can finish activating the service by modifying the carrier entry and uploading the files received in the email. See Modify Carrier Activation section in the Accelerator Provisioning Guide. Voice Network: Service Profile 2. Service Profiles Ensure that a Service Profile with Enterprise Messaging exists. Refer to the Accelerator Provisioning Guide, Services Menu, Profiles section for details. Voice Network: Enterprise Ranges 3. Enterprise Ranges Menu Enterprise ranges help the Accelerator translate and normalize numbers. It is recommended that you create a Desk/DID range for your subscribers. If you already have a PBX provisioned, set the Assigned To PBX field to that PBX. If you skipped adding a PBX, then set the Assigned To PBX field to <No PBX>. For more details, refer to the Accelerator Provisioning Guide, Voice Network Menu, Enterprise Ranges Menu section. April 2017 CONFIDENTIAL Page 13 of 17
Voice Network: Configure Messaging Server 4. Messaging Servers Menu Messaging Servers are optional but needed for Cisco Jabber IM and Presence integration. Here you will define the Accelerator s Messaging domain name as well as the domain of the Cisco CM IM and Presence server. A SIP trunk is also defined between the Accelerator and the Cisco IM server. For additional details, see the Accelerator Provisioning Guide, Voice Networks, Messaging Servers Menu section. Subscriber: Configure Subscriber 5. Subscriber Dial Plan Menu Subscriber Dial Plans are required when you create the actual subscriber so ensure an appropriate subscriber dial plan exists. For additional details, see the Accelerator Provisioning Guide, Subscriber Menu, Subscriber Dial Plan Provisioning section. 6. Subscribers Menu The subscriber field descriptions below are organized into two categories those that are most relevant to this Cisco Jabber integration effort, and those that are normally required. All of the fields are described in the Accelerator Provisioning Guide, Subscriber Menu, Subscriber Provisioning section. Jabber Integration Specific fields: o Profile that includes Enterprise Messaging (step 2) o Messaging Server (step 4) Messaging Server Username (required when using a Messaging Server) This is the user portion of the Jabber User ID such as: user1@ftr21acceldom.com (where user1 is the user portion) The domain is attached to the user portion based on which Messaging Server you selected. o Messaging Carrier (the Business Messaging Carrier, step 1) o Enterprise Desk Number and/or DID National Number Important Note: For Cisco Jabber IM and Presence integration, it is important that the subscriber is assigned a DID National Number. The DID can be derived from Enterprise Ranges or the DID can be directly assigned here on the subscriber record. Other important Subscriber fields: o o Mobile National Number and Country (required, but not needed for the Jabber integration effort) Mobile Carrier (select appropriate carrier) April 2017 CONFIDENTIAL Page 14 of 17
o Dial Plan (the subscriber dial plan, step 5) o o o o Home PBX Select the appropriate PBX to home your subscribers. If your enterprise elected to not integrate with a PBX, then select <None> as the Home PBX. Alias/SIP Address One of these fields is likely to become required once the Home PBX is selected from the drop down. The information in these fields is used to alert the mobile during an enterprise termination. Mobile Policy Screening/Routing Rulesets Select the rulesets you want to apply for the subscriber. Password fields At the bottom of the subscriber record you will need to provide a subscriber password. This feature does not specifically use the password field but it is a requirement of the subscriber record. This completes the Accelerator Provisioning section. April 2017 CONFIDENTIAL Page 15 of 17
Jabber Client Contacts When adding Jabber client Contacts, be sure the contact is formatted properly. Figure 16 Add a Jabber Contact The Contact format is: Country Code + National SMS enabled Number @ Accelerator Messaging Domain The Accelerator Messaging Domain can be found on page 6, Figure 2. Figure 17 Jabber Contact: E.164@AcceleratorMessagingDomain Note: As first mentioned on page 7, using a long domain as we did in Figure 17 can be troublesome for Jabber users. Remembering the domain name in addition to typing it into a Jabber client Contact is tedious. You may want to consider a short domain name that is internally DNS resolvable. This completes the Cisco CM IM and Presence and Accelerator integration. April 2017 CONFIDENTIAL Page 16 of 17
Tango Networks, Inc. 2801 Network Blvd, Suite 200 Frisco, TX 75034 USA phone: +1 469-920-2100 fax: +1 469-920-2099 www.tango-networks.com April 2017 CONFIDENTIAL Page 17 of 17