Cisco Meeting Server. Cisco Meeting Server Release 2.3. H.323 Gateway Deployment Guide. December 20, Cisco Systems, Inc.

Similar documents
Acano solution. Acano Server & VM Release R1.8 H.323 Gateway Deployment Guide. September B

Cisco Expressway with Jabber Guest

Cisco Meeting Server. Cisco Meeting Server Release 2.0+ Multi-tenancy considerations. December 20, Cisco Systems, Inc.

Microsoft OCS 2007, Lync 2010, Cisco VCS and Cisco AM GW

Cisco TelePresence Management Suite Extension for Microsoft Exchange 5.2

Cisco Expressway Web Proxy for Cisco Meeting Server

Cisco TelePresence Microsoft Lync 2010, Cisco VCS and Cisco AM GW

Cisco Meeting Management

Cisco Meeting Management

Cisco Meeting App. Cisco Meeting App (Windows) Release Notes. March 08, Cisco Systems, Inc.

Cisco Meeting App. Cisco Meeting App (OS X) Release Notes. July 21, 2017

Cisco TelePresence Management Suite Extension for Microsoft Exchange 5.5

Cisco TelePresence Management Suite Extension for Microsoft Exchange 5.6

Cisco Meeting Server. Load Balancing Calls Across Cisco Meeting Servers. White Paper. 22 January Cisco Systems, Inc.

Cisco Expressway ENUM Dialing

Cisco TelePresence Video Communication Server Basic Configuration (Single VCS Control)

Cisco Meeting App. Cisco Meeting App (ios) Release Notes. October 06, 2017

Cisco Meeting App. Release Notes. WebRTC. Version number September 27, Cisco Systems, Inc.

Cisco TelePresence Management Suite 15.4

Cisco Meeting App. Cisco Meeting App (Windows) Release Notes. March 08, Cisco Systems, Inc.

Cisco TelePresence Management Suite 15.5

Cisco TelePresence Server 4.2(3.72)

Cisco Meeting App. What's new in Cisco Meeting App Version December 17

Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at

Cisco Jabber for Android 10.5 Quick Start Guide

Flow Sensor and Load Balancer Integration Guide. (for Stealthwatch System v6.9.2)

Creating and Installing SSL Certificates (for Stealthwatch System v6.10)

Interdomain Federation for the IM and Presence Service, Release 10.x

Cisco Meeting App. Cisco Meeting App (OS X) Release Notes. October 24, Cisco Systems, Inc.

FindMe. Cisco TelePresence Deployment Guide Cisco VCS X6 D

Cisco Single VCS Control - Basic Configuration

Validating Service Provisioning

Interdomain Federation for IM and Presence Service on Cisco Unified Communications Manager, Release 10.5(1)

TechNote on Handling TLS Support with UCCX

Acano solution. Acano Server & VM Release Release Notes. December Aa

Cisco TelePresence Video Communication Server Basic Configuration (Single VCS Control)

Cisco TelePresence Management Suite

Cisco VCS Expressway Starter Pack

Cisco TelePresence Management Suite Extension for Microsoft Exchange Software version 5.7. User Guide July 2018

External Lookup (for Stealthwatch System v6.10.0)

Cisco CSPC 2.7x. Configure CSPC Appliance via CLI. Feb 2018

Acano solution. Acano Server & VM Release Release Notes. June Az

Cisco TelePresence Video Communication Server. Getting started

SAML SSO Okta Identity Provider 2

ENUM Dialing on Cisco Expressway

Authenticating Devices

Cisco Unified Communications Self Care Portal User Guide, Release

Cisco Meeting Management

Authenticating Cisco VCS accounts using LDAP

Method of Procedure for HNB Gateway Configuration on Redundant Serving Nodes

Cisco TelePresence Video Communication Server. Getting started

Cisco FindIT Plugin for Kaseya Quick Start Guide

Cisco TelePresence FindMe Cisco TMSPE version 1.2

Cisco TelePresence Management Suite Extension for Microsoft Exchange Software version 5.0

Cisco Meeting Management

Cisco Expressway Authenticating Accounts Using LDAP

Cisco Meeting App. User Guide. Version December Cisco Systems, Inc.

Cisco Meeting Server. Administrator Quick Reference Guide. Screen Layouts and Pane Placement. October 02, Cisco Systems, Inc.

Cisco Meeting Management

Migration and Upgrade: Frequently Asked Questions

Cisco Jabber Video for ipad Frequently Asked Questions

Cisco TelePresence Management Suite Provisioning Extension 1.6

Recovery Guide for Cisco Digital Media Suite 5.4 Appliances

Direct Upgrade Procedure for Cisco Unified Communications Manager Releases 6.1(2) 9.0(1) to 9.1(x)

Cisco Unified Contact Center Express Historical Reporting Guide, Release 10.6(1)

Cisco TelePresence Management Suite Extension for Microsoft Exchange Software version 3.1

Cisco TelePresence Authenticating Cisco VCS Accounts Using LDAP

Cisco Jabber IM for iphone Frequently Asked Questions

Compatibility Matrix for Cisco Unified Communications Manager and IM & Presence Service, Release 11.x

Cisco Expressway Registrar

Cisco Proximity Desktop

CPS UDC MoP for Session Migration, Release

Proxy Log Configuration

Cisco Unified Communications Self Care Portal User Guide, Release 11.5(1)

Cisco Meeting App. User Guide. Version December Cisco Systems, Inc.

Proxy Log Configuration

Cisco UCS Director F5 BIG-IP Management Guide, Release 5.0

Considerations for Deploying Cisco Expressway Solutions on a Business Edition Server

Cisco Nexus 1000V for KVM Interface Configuration Guide, Release 5.x

Cisco UC Integration for Microsoft Lync 9.7(4) User Guide

Acano solution. Acano Server & VM Release Release Notes. September P

Cisco Unified Contact Center Express Historical Reporting Guide, Release 10.5(1)

User Guide for Cisco Jabber for Mac 11.6

Acano solution. Third Party Call Control Guide. December F

Cisco CSPC 2.7.x. Quick Start Guide. Feb CSPC Quick Start Guide

Cisco TelePresence IP GW MSE 8350

Compatibility Matrix for Cisco Unified Communications Manager and IM & Presence Service, Release 10.x

Cisco Meeting Management

VCS BSS/OSS Adaptor (BOA) 17.2 Release Notes

Videoscape Distribution Suite Software Installation Guide

Media Services Proxy Command Reference

Application Launcher User Guide

Cisco Unified Communications Manager Device Package 10.5(1)( ) Release Notes

Cisco UCS C-Series IMC Emulator Quick Start Guide. Cisco IMC Emulator 2 Overview 2 Setting up Cisco IMC Emulator 3 Using Cisco IMC Emulator 9

Installation and Configuration Guide for Visual Voic Release 8.5

Cisco Single VCS Control - Basic Configuration

This document was written and prepared by Dale Ritchie in Cisco s Collaboration Infrastructure Business Unit (CIBU), Oslo, Norway.

Cisco Unified Communications Manager Device Package 8.6(2)( ) Release Notes

Cisco UCS Performance Manager Release Notes

Acano solution. Third Party Call Control Guide. 07 June G

Transcription:

Cisco Meeting Server Cisco Meeting Server Release 2.3 H.323 Gateway Deployment Guide December 20, 2017 Cisco Systems, Inc. www.cisco.com

Contents 1 Introduction 4 1.1 How to Use this Guide 5 1.1.1 Commands 8 2 H.323 Gateway Configuration 9 2.1 Overview 9 2.1.1 Prerequisites 10 2.2 H.323 Gateway configuration 12 2.3 Call Bridge outbound dial plan rule configuration 14 2.4 Configuring IP dialing 16 3 Call Testing 17 3.1 Inbound call from an H.323 endpoint registered to an H.323 Gateway 17 3.2 Inbound call from an unregistered H.323 endpoint by dialing an IP address 19 3.3 Inbound call from an unregistered H.323 endpoint by dialing <space_uri>@ip address 20 3.4 Outbound call to a registered H.323 endpoint 22 3.5 Outbound call to an unregistered H323 endpoint by dialing an IP address (call routed with H.323 Gatekeeper) 23 3.6 Outbound call to an unregistered H323 endpoint by dialing an IP address (call routed without H.323 Gatekeeper) 26 3.7 Calling non Cisco Meeting App users from H.323 endpoint 27 4 Troubleshooting Tips 30 Appendix A SIP Call Control Configuration 31 Appendix B Assigning a certificate/private key pair to the H.323 Gateway 34 Appendix C H.323 Gateway address handling for older gatekeepers 35 Appendix D H.323 Gateway MMP commands 37 Cisco Legal Information 39 Cisco Trademark 40 Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 2

Figures: Figure 1: Single combined Cisco Meeting Server deployment with H.323 Gateway. 5 Figure 2: Cisco Meeting Server documentation set 7 Figure 3: Incoming and outgoing H.323 calls with H.323 Gateway 9 Figure 4: H.323 Gateway with H.323 Gatekeeper 10 Figure 5: Configuration for H.323 Gateway with H.323 Gatekeeper 12 Figure 6: Output from h323_gateway command 14 Figure 7: Web Admin Interface showing Outbound dial plan with match all domains 15 Figure 8: Web Admin Interface showing Outbound dial plan with match domain @h323.- com 15 Figure 9: Call Flow for Inbound Call from Registered H.323 Endpoint 18 Figure 10: Web Admin Interface showing active call 18 Figure 11: Cisco VCS showing call status 19 Figure 12: Call flow for inbound call from unregistered H.323 endpoint 20 Figure 13: Web Admin Interface showing active call 20 Figure 14: Creating a Call matching rule 21 Figure 15: Web Admin Interface showing active call 21 Figure 16: Call flow for outbound call to a registered H.323 endpoint 22 Figure 17: Web Admin Interface showing active call 23 Figure 18: Cisco VCS showing call status 23 Figure 19: Cisco VCS Dial plan configuration page 24 Figure 20: Call flow for outbound call to an unregistered H.323 endpoint by dialing an IP address 24 Figure 21: Web Admin Interface showing active call 25 Figure 22: Cisco VCS showing call status 25 Figure 23: Call Flow for Outbound Call to a Unregistered H.323 Endpoint 26 Figure 24: Web Admin Interface showing active call 27 Figure 25: Call flow from H.323 endpoint to a non Cisco Meeting App user 28 Figure 26: Web Admin Interface showing active call 29 Figure 27: Cisco VCS showing Call Status 29 Figure 28: Adding the domain to the source address 35 Figure 29: Removing the domain for call back 35 Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 3

1 Introduction 1 Introduction Note about a single Edge solution for Cisco collaboration products: In line with Cisco s goal of a single Edge solution across the Cisco Meeting Server and Cisco Expressway, Cisco plans to end of life the Cisco Meeting Server H.323 Gateway component. From version 2.3 of the Meeting Server software, there will be no further development or feature releases related to the H.323 Gateway component, and in version 2.5 the component will be removed from the Meeting Server software. Customers are encouraged to start evaluation of the more mature H.323 Gateway component in the Cisco Expressway, and plan their migration over. Any H.323 endpoints registered to Expressway-E or Expressway-C will not consume Rich Media Session (RMS) licenses when calling into the Cisco Meeting Server from Expressway version X8.10 onwards. The Cisco Meeting Server was formerly called the Acano Server. The Cisco Meeting Server can be hosted on: the Cisco Meeting Server 2000, based on Cisco UCS technology running Cisco Meeting Server software as a physical deployment. the Cisco Meeting Server 1000, a Cisco UCS server preconfigured with VMware and the Cisco Meeting Server installed as a VM deployment. the Acano X-Series hardware. or on a specification based VM server. The Cisco Meeting Server software is referred to as the Meeting Server throughout the remainder of this guide. The Meeting Server includes an H.323 Gateway component. This gateway is designed to be used only with the Call Bridge of the Meeting Server, as shown below. Once the call reaches the Call Bridge it is processed according to the normal dial plan rules. Outgoing calls from the Call Bridge devices can also be made to H.323 devices. If the call is into a space on the Meeting Server then it stops at the Call Bridge. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 4

1 Introduction Figure 1: Single combined Cisco Meeting Server deployment with H.323 Gateway. This guide covers one of the recommended deployments (a single combined server with the H.323 Gateway enabled on the same Meeting Server as the Call Bridge) as shown above. In a split deployment we recommend deploying the H.323 Gateway as a core component, to ensure there is no firewall between the H.323 Gateway and the Call Bridge. Typically, the H.323 Gateway will be deployed on the same Meeting Server as the Call Bridge. However, the H.323 Gateway may be deployed on a separate Core server to the Call Bridge, which is useful for test purposes. In a scalable & resilient deployment you can enable one H.323 Gateway per Call Bridge, again either on the same or separate Meeting Servers. The commands to configure and enable the H.323 Gateway are the same in all deployments, although the IP address for the H.323 Gateway to connect differs if the Call Bridge and the H.323 Gateway are on the same host, compared to them being on different hosts, see section 2.2, step 6. Some old H.323 gatekeepers do not provide the domain in the destination addresses for outgoing calls, and cannot handle a domain for incoming calls. Appendix C explains how to setup the H.323 Gateway in deployments with these H.323 gatekeepers. Note: A certificate is required on each H.323 Gateway. The certificate can be signed by an internal CA. Follow the steps in Appendix B to assign a certificate/private key pair to the H.323 Gateway. 1.1 How to Use this Guide This guide follows on from the appropriate Deployment Guide (see Figure 2 ). It assumes that you have already completed the instructions within the deployment guide. Only use this guide if Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 5

1 Introduction you want the Meeting Server to accept calls from H.323 endpoints and be able to call out to them. This H.323 Gateway deployment guide is intended to be read and acted upon in the order provided. A full list of H.323 commands is provided in the MMP Command Reference guide. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 6

1 Introduction Figure 2: Cisco Meeting Server documentation set Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 7

1 Introduction 1.1.1 Commands In this document, commands are shown in black and must be entered as given replacing any parameters in <> brackets with your appropriate values. Examples are shown in blue and must be adapted to your deployment. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 8

2 H.323 Gateway Configuration 2 H.323 Gateway Configuration 2.1 Overview The H.323 Gateway is a core component and the recommended deployment is to deploy it on the same server as the Call Bridge. However, the H.323 Gateway can be enabled on a separate Core server. The H.323 Gateway listens on a minimum of two ports: For H.323 incoming calls to be interworked to SIP for forwarding to the Call Bridge For SIP incoming calls from the Call Bridge to be interworked to H.323 before being forwarded We recommend that the H.323 Gateway listens on the same interface as the Call Bridge (but on different port numbers) and is used to listen for both SIP and H.323 calls, see Figure 3 Figure 3: Incoming and outgoing H.323 calls with H.323 Gateway For external outgoing calls from the gateway, we recommend that the H.323 calls are forwarded to a H.323 Gatekeeper (see Figure 4) that deals with routing e.g. using dial plan rules. Note: the H.323 Gateway supports a single next hop. Use the H.323 Gatekeeper s neighboring feature to allow the H.323 Gateway to reach multiple gatekeepers. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 9

2 H.323 Gateway Configuration Figure 4: H.323 Gateway with H.323 Gatekeeper In order to accept calls from H.323 endpoints and make calls to them, the Call Bridge must be configured to use the H.323 Gateway as the destination for outgoing calls via the Outbound dial plan, and the H.323 Gateway must be configured to forward SIP calls to a Call Bridge. This section provides example configurations for the recommended deployment that must be adapted to your topology. Note: Some old H.323 gatekeepers do not provide the domain in destination addresses for outgoing calls, and cannot handle a domain for incoming calls. These gatekeepers supply and require an E.164 address or H.323 id for the address.the commands to support these devices, are listed in Appendix C. 2.1.1 Prerequisites The instructions in this section assume that the other components of the Meeting Server have been set and are running. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 10

2 H.323 Gateway Configuration The ports in Table 1 are required by the H.323 Gateway (see Figure 5). Table 1: Ports required by H.323 Gateway Component Connecting to Destination port to open Traffic type Traffic direction with respect to component Link shown in Figure 5 Additional information Call Bridge H.323 Gateway 6061 TCP (SIP) Outgoing 6 Port configurable through MMP H.323 Gateway H.323 Gatekeeper 1720 TCP (H.225) Incoming 2 Port not configurable port on H.323 Gatekeeper for next hop TCP (H.225) Outgoing 3 H.323 Gateway H.323 Gatekeeper 1024-65535 (note 1) TCP (H.245) Incoming 2 Port not configurable port on H.323 Gatekeeper for next hop TCP (H.245) Outgoing 3 H.323 Gateway H.323 registered endpoint 32768-65535 (note 2) UDP media Incoming and outgoing 1 The H.323 Gateway provides no firewall traversal functionality. The H.323 call control device that any of your H.323 endpoints are registered to, must provide firewall traversal functionality, and be configured to forward calls to the H.323 Gateway. See Appendix A for an example using the Cisco VCS. Unregistered H.323 endpoints must use IP dialing to reach the H.323 Gateway. See Section 2. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 11

2 H.323 Gateway Configuration 2.2 H.323 Gateway configuration Figure 5: Configuration for H.323 Gateway with H.323 Gatekeeper Follow these steps to configure and enable the H.323 Gateway component on the appropriate Meeting Server. If your deployment does not use an H.323 Gatekeeper, omit step 5. 1. SSH into the MMP and log in. 2. Configure the interfaces that the H.323 Gateway listens on for incoming H.323 calls (call flow number 2 in Figure 5). The command h323_gateway h323_interfaces <interface whitelist> allows you to configure the interfaces that the H.323 Gateway listens for H.323 traffic on (chosen from A, B, C or D). By default the H.323 Gateway listens on no interfaces. For example, configure the h323_interfaces to listen on interface A, enter: h323_gateway h323_interfaces a 3. Configure the interfaces that the gateway listens on for incoming SIP calls from the Call Bridge (call flow number 6 in Figure 5). The command h323_gateway sip_interfaces <interface whitelist> allows you to configure the listening interfaces (for 1.7.0 this is interface A). By default the sip_interfaces listens on no interfaces. For example, configure the sip interface to listen on interface A h323_gateway sip_interfaces a 4. Configure the ports for the SIP interface to listen on (call flow number 6 in Figure 5). By default the H.323 Gateway uses 6061. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 12

2 H.323 Gateway Configuration h323_gateway sip_port 6061 Note: if you wish to change the default port from 6061, and if the H.323 Gateway and Call Bridge are on the same server, make sure you avoid port 5061 which is used by the Call Bridge. 5. Configure the H.323 Gatekeeper s (call control s) hostname or IP address (call flow number 3 in Figure 5). The H.323 Gateway will connect to this IP address for all outgoing H.323 calls and let the call control device handle the routing. For example, if the gatekeeper in the figure above is at IP address 192.168.1.110 h323_gateway h323_nexthop 192.168.1.110 Note: omit this step, if your deployment does not use an H.323 Gatekeeper. 6. Configure the Call Bridge IP address (call flow number 5 in Figure 5). 7. The H.323 Gateway will connect to this IP address for all outgoing SIP calls and let the Call Bridge handle the routing via its dial plan. From R1.8, if the Call Bridge and the H.323 Gateway are on the same host then you must use IP address 127.0.0.1. If Call Bridge and H.323 Gateway on the same host, use: h323_gateway sip_proxy 127.0.0.1 If the Call Bridge and H.323 Gateway are on the different hosts then set the IP address to be the address of the Call Bridge, which must be reachable from the H.323 Gateway. Example of Call Bridge and H.323 Gateway on the different hosts, the IP address of the Call Bridge being 192.168.6.25 h323_gateway sip_proxy 192.168.6.25 8. Enable the H.323 Gateway component. h323_gateway enable Use the command h323_gateway to check the configuration. A typical output is shown in Figure 6. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 13

2 H.323 Gateway Configuration Figure 6: Output from h323_gateway command A certificate is required on each H.323 Gateway; the certificate can be signed by an internal CA. Follow the steps in Appendix B to generate the private key and signed certificate, then upload to each H.323 Gateway. 2.3 Call Bridge outbound dial plan rule configuration Follow these steps to divert all outbound calls through the H.323 Gateway. You need to create an Outbound dial plan rule for the Call Bridge. 1. Sign in to the Meeting Server s Web Admin Interface. 2. Complete the following fields: Domain: Match all domains i.e. leave empty (see below). SIP Proxy to Use: The SIP interface of the H.323 Gateway Note: if the H.323 Gateway and Call Bridge are on the same host then use IP address 127.0.0.1:6061. If they are on different hosts, then use one of the external interfaces that the Call Bridge is listening on. Note: The Meeting Server's Outbound dial plan rule defaults to using port 5061, if not specified. You need to change this to match the port used by the SIP interface of the H.323 Gateway, which defaults to 6061. Encryption: Encrypted Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 14

2 H.323 Gateway Configuration Figure 7: Web Admin Interface showing Outbound dial plan with match all domains To divert calls with a specific destination domain through the H.323 Gateway, create an Outbound dial plan rule for the Call Bridge as follows: 1. Sign in to the Meeting Server s Web Admin Interface. 2. Select Configuration>Outbound calls. 3. Complete the following fields: Domain: The destination domain. In the example below, the domain is @h323.com. All calls to <anything>@h323.com will be diverted through the H.323 Gateway. SIP Proxy to Use: Specify the SIP interface of the H.323 Gateway. If the H.323 Gateway and Call Bridge are on the same host then use IP address 127.0.0.1:6061. If they are on different hosts, then use one of the external interfaces that the Call Bridge is listening on. Note: The Outbound dial plan rule defaults to using port 5061, if not specified. You need to change this to match the port used by the SIP interface of the H.323 Gateway, which defaults to 6061. Encryption: Encrypted Figure 8: Web Admin Interface showing Outbound dial plan with match domain @h323.com Note: the H.323 Gateway cannot modify the dialed address. If you require dialed addresses to be modified, then you will need to use an H.323 Gatekeeper in your deployment that is capable of modifying dialed addresses. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 15

2 H.323 Gateway Configuration 2.4 Configuring IP dialing IP dialing is required when there is no H.323 Gatekeeper i.e. H.323 endpoints are not registered to a call control solution, and calls are made by IP address. For IP dialing to work for calls from both internal and external H.323 endpoints, use the H.323 Gateway as a Core component as above but add a second listening interface for the external calls e.g. on interface B. For IP dialing, we assume that incoming calls are in one of the following formats: IP address which needs to be mapped onto a URI by the H.323 Gateway. Therefore configure the default URI for incoming H.323 calls without a destination. This call can be diverted to a space, a Cisco Meeting App user or a Meeting Server IVR. For example, in the MMP, set the default URI to an IVR: h323_gateway default_uri h323ivr@example.com user@ipaddress which is processed by the Call Bridge Incoming dial plan rules; can be a space, a Cisco Meeting App user or even an external user. Note that the Incoming dial plan rules match to the URI not to a callid. user@domain which is processed by the Call Bridge Incoming dial plan rules; can be a space, a Cisco Meeting App user or even an external user. Note: set call matching for <IP address> or the <domain> on the Web Admin Interface. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 16

3 Call Testing 3 Call Testing Depending on the type of call(s) or meetings you intend to have, read and follow the example(s) in the appropriate section(s). Inbound call from an H.323 endpoint registered to an H.323 Gateway Inbound call from an unregistered H.323 endpoint by dialing an IP address Inbound call from an unregistered H.323 endpoint by dialing <space_uri>@ip address Outbound call to a registered H.323 endpoint Outbound call to an unregistered H323 endpoint by dialing an IP address (call routed with H.323 Gatekeeper) Outbound call to an unregistered H323 endpoint by dialing an IP address (call routed without H.323 Gatekeeper) Calling non Cisco Meeting App users from an H.323 endpoint Note: 1) H.323 signaling is unencrypted, so you can use pcap to obtain an H.323 trace. In addition, the MMP command h323_gateway trace_level <level> provides additional logging to aid troubleshooting by Cisco support. You may be asked to provide traces for levels 0, 1 or 2. 2) Support for legacy gatekeepers and endpoints: some old H.323 gatekeepers do not provide the domain in destination addresses for outgoing calls, and cannot handle a domain for incoming calls. These gatekeepers supply and require an E.164 address or H.323 id for the address. There are commands to support these devices, seeappendix C"H.323 Gateway address handling for older gatekeepers " on page 35 for more details. 3.1 Inbound call from an H.323 endpoint registered to an H.323 Gateway Example setup: Calling party s H.323 endpoint alias: h323@h323.com Dialing space URI: example.space@example.com Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 17

3 Call Testing Figure 9: Call Flow for Inbound Call from Registered H.323 Endpoint Where: (1) is an H.323 call to example.space@example.com (2) is an H.323 call to example.space@example.com (3) is a SIP call to example.space@example.com Note: From the Call Bridge's point of view, this is an incoming SIP call from the H.323 Gateway. After the call has connected, check Status>Calls in the Web Admin Interface (see Figure 10) Figure 10: Web Admin Interface showing active call The call status on the H.323 Gatekeeper, which in this example is a Cisco VCS, shows it as a H.323 call (see Figure 11). The Meeting Server's H.323 Gateway performs the interworking. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 18

3 Call Testing Figure 11: Cisco VCS showing call status 3.2 Inbound call from an unregistered H.323 endpoint by dialing an IP address Prerequisite: Set up an IVR Set up space with call ID 123456 Note: By changing the default URI to an IVR URI, after the incoming call is connected, users can enter a space s Call ID to join a specific space. For IP dialing to work for calls from both internal and external H.323 endpoints, use the H.323 Gateway as a Core component but add a second listening interface for the external calls e.g. on interface B. h323_gateway h323_interfaces a b Note: the H.323 Gateway cannot traverse NAT or firewalls. The second listening interface for external calls must be internet facing with a public IP address. Example setup: Calling party s unregistered H.323 endpoint name: Brian.ex60 Dialing: 192.168.1.91 where 192.168.1.91 is the called party s H.323 Gateway listening interface Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 19

3 Call Testing Figure 12: Call flow for inbound call from unregistered H.323 endpoint Where: (1) is an H.323 call to 192.168.1.91 (2) is a SIP call to h323ivr@example.com (3) is a DTMF entry of ID 123456 After the call has connected, check the call status in the Web Admin Interface (see Figure 13). Figure 13: Web Admin Interface showing active call 3.3 Inbound call from an unregistered H.323 endpoint by dialing <space_ uri>@ip address Prerequisite: Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 20

3 Call Testing Create a call matching rule to match the domain 192.168.1.91. Figure 14: Creating a Call matching rule For IP dialing to work for calls from both internal and external H.323 endpoints, use the H.323 Gateway as a Core component but add a second listening interface for the external calls e.g. on interface B h323_gateway h323_interfaces a b Note: the H.323 Gateway cannot traverse NAT or firewalls. The second listening interface for external calls must be internet facing with a public IP address. Example setup: Calling party s unregistered H.323 endpoint name: example.mxp Dialing: example.space@192.168.1.91 where 192.168.1.91 is the called party s H.323 Gateway listening interface. After the call has connected, check the call status in the Web Admin Interface (see Figure 15). Figure 15: Web Admin Interface showing active call Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 21

3 Call Testing 3.4 Outbound call to a registered H.323 endpoint Prerequisite: Create a dial plan rule Example setup: Calling party s Cisco Meeting App user URI: acanouser1@example.com Dialing: h323@h323.com where h323@h323.com is the called party s H.323 endpoint. Figure 16: Call flow for outbound call to a registered H.323 endpoint Where: (1) is a Cisco Meeting App call to h323@h323.com (2) is a SIP call (3) is an H323 call (4) is an H323 call After the call has connected check the status in the Web Admin Interface (see Figure 17). Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 22

3 Call Testing Figure 17: Web Admin Interface showing active call The call status on the H.323 Gatekeeper shows it as an H.323 call, in this example the H.323 Gatekeeper is a Cisco VCS, (see Figure 18). The Meeting Server's H.323 Gateway performs the interworking. Figure 18: Cisco VCS showing call status 3.5 Outbound call to an unregistered H323 endpoint by dialing an IP address (call routed with H.323 Gatekeeper) Note: in this scenario, the H.323 endpoint is unregistered, but an H.323 Gatekeeper routes the call. Prerequisite: Decide on which dial plan rule to use, default rule or a custom rule On the H.323 Gatekeeper (in this example this is a Cisco VCS), in the Dial plan Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 23

3 Call Testing configuration set the Calls to Unknown IP Addresses to Direct (see Figure 19) and ensure that the H.323 Gatekeeper can reach the endpoint that you are dialing. Figure 19: Cisco VCS Dial plan configuration page For IP dialing to work for calls from both internal and external H.323 endpoints, use the H.323 Gateway as a Core component but add a second listening interface for the external calls e.g. on interface B h323_gateway h323_interfaces a b Example setup: Calling party s Cisco Meeting App user URI: acanouser1@example.com Dialing: 192.168.1.219 where 19.168.1.219 is the called party s H.323 endpoint IP address Figure 20: Call flow for outbound call to an unregistered H.323 endpoint by dialing an IP address Where: (1) Cisco Meeting App call to 192.168.1.219 (2) SIP call (3) H323 call Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 24

3 Call Testing (4) H323 call When the call has connected, check the status in the Web Admin Interface (see Figure 21) Figure 21: Web Admin Interface showing active call If you are using a Cisco VCS as the H.323 Gatekeeper, the call will look similar to Figure 22. Figure 22: Cisco VCS showing call status Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 25

3 Call Testing 3.6 Outbound call to an unregistered H323 endpoint by dialing an IP address (call routed without H.323 Gatekeeper) Note: in this scenario, the H.323 endpoint is unregistered, and there is no H.323 Gatekeeper to route the calls. Prerequisite: The h323_gateway h323_nexthop configuration must be removed if previously set. For example: a. SSH into the MMP and log in. b. Remove the h323_gateway h323_nexthop configuration h323_gateway del h323_nexthop For IP dialing to work for calls from both internal and external H.323 endpoints, use the H.323 Gateway as a Core component but add a second listening interface for the external calls e.g. on interface B h323_gateway h323_interfaces a b Note: the H.323 Gateway cannot traverse NAT or firewalls. The second listening interface for external calls must be internet facing with a public IP address. Example setup: Calling party s Cisco Meeting App user URI: acanouser1@example.com Dialing: 192.168.1.201 where 192.168.1.201 is the IP address of the called party s H.323 endpoint. Figure 23: Call Flow for Outbound Call to a Unregistered H.323 Endpoint Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 26

3 Call Testing Where: (1) is a Cisco Meeting App call to example@example.com (2) is a SIP call (3) is an H323 call When the call has connected, check the status in the Web Admin Interface (see Figure 24). Figure 24: Web Admin Interface showing active call 3.7 Calling non Cisco Meeting App users from H.323 endpoint It is possible to configure the Call Bridge dial plan to be able to call Lync or SIP users. These calls are transcoded by the Call Bridge. In this example both the H.323 Gateway and Call Bridge act as a gateway. It is assumed that the Call Bridge dial plan already allows forwarding of SIP calls to Lync. The H.323 call is interworked into a SIP call to the Call Bridge which then forwards the call to Lync. In this case the Call Bridge handles all transcoding of media. Example setup: Calling party s registered H323 endpoint alias: h323@h323.com Dialing: lyncuser1.lync@example.demo where lyncuser1.lync@exampledemo is the Lync address for the called Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 27

3 Call Testing Figure 25: Call flow from H.323 endpoint to a non Cisco Meeting App user Where: (1) is an H323 call (2) is an H323 call (3) is a SIP call (4) is a Lync call When the call has connected check the status in the Web Admin Interface (see Figure 26). Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 28

3 Call Testing Figure 26: Web Admin Interface showing active call If you are using a Cisco VCS as the H.323 Gatekeeper, the call will look similar to Figure 27. Figure 27: Cisco VCS showing Call Status Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 29

4 Troubleshooting Tips 4 Troubleshooting Tips After changing the configuration of the H.323 Gateway, the gateway may not work as expected. Reboot the Meeting Server to solve the issue. The Meeting Server's Outbound dial plan rule defaults to using port 5061, if not specified. You need to change this to match the port used by the SIP interface of the H.323 Gateway, which defaults to 6061. There is a bug in the Cisco VCS software. Sometimes the settings in Zone > Custom aren't saved. You may need to delete the zone and start again - remember to update the dial plan search rules to match. The MMP command h323_gateway trace_level <level> provides additional logging to aid troubleshooting by Cisco support. You may be asked to provide traces for levels 0, 1 or 2. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 30

Appendix A SIP Call Control Configuration Appendix A SIP Call Control Configuration In this appendix the Cisco VCS is used as the example H.323 Gatekeeper/call control device. A VCS Zone must be created and configured: 1. In VCS go to the Zones page (see the two figures below). 2. Enable H323 and then disable SIP (if both are enabled the VCS will use SIP). 3. In Location, set the Peer 1 address to the IP address of interface that the H.323 Gateway is listening on. 4. In Advanced: Change the Zone profile to Custom. Turn off Monitor peer Status. Turn on Automatically respond to H.323 searches. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 31

Appendix A SIP Call Control Configuration Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 32

Appendix A SIP Call Control Configuration Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 33

Appendix B Assigning a certificate/private key pair to the H.323 Gateway Appendix B Assigning a certificate/private key pair to the H.323 Gateway A certificate is required on each H.323 Gateway ; the certificate can be signed by an internal CA. Follow these steps: 1. Generate a private key and the Certificate Signing Request (.csr) file for the Meeting Server's H.323 Gateway application. For information on how to generate a private key and.csr file, refer to one of the Certificate Guidelines. Note: the public key is created and held within the.csr file. 2. Submit the.csr file to the CA (public CA or internal CA) for signing You can use the pki command on the Meeting Server to generate the private key and.csr file, and submit the pair to an internal CA such as an Active Directory server with the Active Directory Certificate Services Role installed. 3. SSH into the MMP 4. Upload the signed certificate and intermediate CA bundle (if any) to the Meeting Server using SFTP. 5. Check that the certificate (and certificate bundle) and the private key match pki verify <certicate> <cert bundle/ca cert> [<CA cert>] 6. Assign the certificate (and certificate bundle) and private key pair to the H.323 Gateway. h323_gateway certs <keyfile> <certificatefile> [<cert-bundle>] 7. Restart the H.323 Gateway h323_gateway restart Note: if you perform TLS certificate verification by using the command: tls SIP verify enable then certificate verification will be undertaken against the TLS SIP trust store on the Call Bridge and the SIP service on the H.323 Gateway. Use the tls SIP trust <crt bundle> command to set up the TLS SIP trust store. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 34

Appendix C H.323 Gateway address handling for older gatekeepers Appendix C H.323 Gateway address handling for older gatekeepers Some old H.323 gatekeepers do not provide the domain in the destination addresses for outgoing calls, and cannot handle a domain for incoming calls. These gatekeepers supply and require an E.164 address or H.323 id for the address. There are MMP commands to support these devices, see Appendix D for the syntax of all MMP commands for the H.323 Gateway. Figure 28 illustrates how the destination address for calls from legacy gatekeepers can be accepted by appending a domain to the destination address using MMP command h323_ gateway sip_domain <sip_domain_uri>. The source address can also have a domain added which can aid dial-back of that user. Using command h323_gateway h323_domain <h323_ domain_uri>, appends a domain which enables the Call Bridge to identify where the call originates, and hence support call back. Figure 28: Adding the domain to the source address Figure 29 illustrates how call back can be made to work for calls originating from legacy H.323 gatekeepers. Using command h323_gateway h323_domain_strip yes removes the domain from the destination if it matches h323_domain and using command h323_gateway sip_ domain_strip yes removes the domain from the source address if it matches sip_domain, when making a call to the legacy gatekeeper. Figure 29: Removing the domain for call back Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 35

Appendix C H.323 Gateway address handling for older gatekeepers Note: dialing an IP address does not require removal of the domain, as the Call Bridge recognizes that it is an IP address and does not append the domain. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 36

Appendix D H.323 Gateway MMP commands Appendix D H.323 Gateway MMP commands This appendix lists the MMP commands to configure the H.323 Gateway, they are also provided in the MMP Command Reference Guide. Command/Examples h323_gateway enable/disable/restart h323_gateway certs <keyfile> <certificate file> [<cert-bundle>] Description/Notes The gateway will not start unless it is configured properly. Defines the name of the private key file and.crt file for the H.323 Gateway application and, optionally, a CA certificate bundle as provided by your CA. (See "Assigning a certificate/private key pair to the H.323 Gateway" on page 34.) Removes certificate configuration h323_gateway certs none h323_gateway h323_ nexthop <host/ip> h323_gateway del h323_ nexthop Connect to this IP address for all outgoing H.323 calls and let the device at this IP address handle the routing. If this address is not set, only IP dialing works. Typically this IP address is a Cisco VCS/Polycom DMA, and an H.323 trunk is established between the Meeting Server's H.323 Gateway and the third party device (H.323 Gatekeeper). The H.323 Gateway does not register with the device, just forwards calls to them the device will need to be configured appropriately to accept these calls. h323_gateway default_ uri <uri> h323_gateway del default_uri h323_gateway sip_ domain <sip_domain > Optional. If an incoming H.323 call has no destination (normally only the case when the H.323 Gateway has been dialed by an IP address) the SIP call is made to whatever default_uri is set. The default_uri may point to an IVR, or directly into a space. If it is not set, the call is rejected. Optional. If an incoming H.323 call is made to the gateway without a domain in the destination address, @<sip_domain> will be appended to the destination address before the SIP call to the Call Bridge is made. h323_gateway del sip_ domain h323_gateway sip_ domain_strip <yes/no> If set to "yes" and "h323_gateway sip_domain" is set, when a SIP call is made to the gateway the @<sip_domain> will be stripped from the source address (if present) before making the H.323 call. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 37

Appendix D H.323 Gateway MMP commands Command/Examples h323_gateway h323_ domain <h323_domain> h323_gateway del h323_ domain h323_gateway h323_ domain_strip <yes/no> h323_gateway h323_ interfaces <interface list> h323_gateway sip_ interfaces <interface list> h323_gateway sip_port <port> Description/Notes Optional. If an H.323 call is made to the gateway without including a domain in the source address, @<h323_domain> will be appended to the source address before the SIP call is made. If set to "yes" and "h323_gateway h323_domain" is set, when a SIP call is made to the gateway the <h323_domain> will be stripped from the destination address (if present) before making the H.323 call. Must be configured in order for the gateway to start, but the actual setting is currently ignored. Ports for the SIP side to listen on. The default is 6061. Note: if you wish to change the default port from 6061, and if the H.323 Gateway and Call Bridge are on the same server, make sure you avoid port 5061 which is used by the Call Bridge. Changes do not take place until the gateway is restarted. The H.323 Gateway always expects TLS connections; therefore, "Encrypted" should be selected on outbound dial plan rules on the Call Bridge h323_gateway sip_proxy <uri> h323_gateway restrict_ codecs <yes/no> Set this to the IP address of the Call Bridge, or for multiple Call Bridges use the domain name (through DNS). All incoming H.323 calls will be directed to this uri If set to yes, the H.323 Gateway is limited to a safe set of codecs that are less likely to cause interoperability problems. Currently this set is G.711/G.722/G.728/H.261/H.263/ H.263+/H.264. Codecs disabled by this feature are G.722.1 and AAC. h323_gateway disable_ content <yes/no> h323_gateway trace_ level <level> If set to yes, H.239 content is disabled. Provides additional logging to aid troubleshooting by Cisco support. You may be asked to provide traces for levels 0, 1, 2 or 3. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 38

Cisco Legal Information Cisco Legal Information THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB s public domain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. All printed copies and duplicate soft copies are considered un-controlled copies and the original on-line version should be referred to for latest version. Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices. 2017 Cisco Systems, Inc. All rights reserved. Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 39

Cisco Trademark Cisco Trademark Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this url: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) Cisco Meeting Server Release 2.3 : H.323 Gateway Deployment Guide 40

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback