Avaya Branch Gateways 6.3.6 (build 36.7.0) Release Notes Issue 1 June 02, 2014
2014 Avaya Inc. All Rights Reserved. Notice While reasonable efforts were made to ensure that the information in this document was complete and accurate at the time of printing, Avaya Inc. can assume no liability for any errors. Changes and corrections to the information in this document may be incorporated in future releases. Documentation disclaimer "Documentation" means information published by Avaya in varying mediums which may include product information, operating instructions and performance specifications that Avaya generally makes available to users of its products. Documentation does not include marketing materials. Avaya Inc. is not responsible for any modifications, additions, or deletions to the original published version of this documentation unless such modifications, additions, or deletions were performed by Avaya. Customer and/or End User agree to indemnify and hold harmless Avaya, Avaya's agents, servants and employees against all claims, lawsuits, demands and judgments arising out of, or in connection with, subsequent modifications, additions or deletions to this documentation to the extent made by the Customer or End User. Link disclaimer Avaya Inc. is not responsible for the contents or reliability of any linked Web sites referenced elsewhere within this documentation, and Avaya does not necessarily endorse the products, services, or information described or offered within them. We cannot guarantee that these links will work all of the time and we have no control over the availability of the linked pages. Warranty Avaya Inc. provides a limited warranty on this product. Refer to your sales agreement to establish the terms of the limited warranty. In addition, Avaya s standard warranty language, as well as information regarding support for this product, while under warranty, is available through the following Web site: http://www.avaya.com/support Please note that if you acquired the Product(s) from an authorized Avaya reseller outside of the United States and Canada, the warranty is provided to you by said Avaya reseller and not by Avaya. Copyright Except where expressly stated otherwise, no use should be made of materials on this site, the Documentation, Software, or Hardware provided by Avaya. All content on this site, the documentation and the Product provided by Avaya including the selection, arrangement and design of the content is owned either by Avaya or its licensors and is protected by copyright and other intellectual property laws including the sui generis rights relating to the protection of databases. You may not modify, copy, reproduce, republish, upload, post, transmit or distribute in any way any content, in whole or in part, including any code and software unless expressly authorized by Avaya. Unauthorized reproduction, transmission, dissemination, storage, and or use without the express written consent of Avaya can be a criminal, as well as a civil offense under the applicable law. Avaya support Avaya provides a telephone number for you to use to report problems or to ask questions about your product. The support telephone number is 1-800-242-2121 in the United States. For additional support telephone numbers, see the Avaya Web site: http://www.avaya.com/support Third Party Components Certain software programs or portions thereof included in the Product may contain software distributed under third party agreements ("Third Party Components"), which may contain terms that expand or limit rights to use certain portions of the Product ("Third Party Terms"). Information regarding distributed Linux OS source code (for those Products that have distributed the Linux OS source code), and identifying the copyright holders of the Third Party Components and the Third Party Terms that apply to them is available on the Avaya Support Web site: http://support.avaya.com/copyright. Preventing Toll Fraud "Toll Fraud" is the unauthorized use of your telecommunications system by an unauthorized party (for example, a person who is not a corporate employee, agent, subcontractor, or is not working on your company's behalf). Be aware that there can be a risk of Toll Fraud associated with your system and that, if Toll Fraud occurs, it can result in substantial additional charges for your telecommunications services. Avaya Toll Fraud Intervention If you suspect that you are being victimized by Toll Fraud and you need technical assistance or support, call Technical Service Center Toll Fraud Intervention Hotline at +1-800-643-2353 for the United States and Canada. For additional support telephone numbers, see the Avaya Support Web site: http://support.avaya.com Suspected security vulnerabilities with Avaya products should be reported to Avaya by sending mail to: securityalerts@avaya.com. Trademarks The trademarks, logos and service marks ("Marks") displayed in this site, the Documentation and Product(s) provided by Avaya are the registered or unregistered Marks of Avaya, its affiliates, or other third parties. Users are not permitted to use such Marks without prior written consent from Avaya or such third party which may own the Mark. Nothing contained in this site, the Documentation and Product(s) should be construed as granting, by implication, estoppel, or otherwise, any license or right in and to the Marks without the express written permission of Avaya or the applicable third party. Avaya is a registered trademark of Avaya Inc. All non-avaya trademarks are the property of their respective owners. Downloading Documentation For the most current versions of Documentation, see the Avaya Support Web site: http:// support.avaya.com. Contact Avaya Support Avaya provides a telephone number for you to use to report problems or to ask questions about your Product. The support telephone number is 1-800-242-2121 in the United States. For additional support telephone numbers, see the Avaya Web site: http://support.avaya.com.
Contents Changes Delivered to Branch Gateways 6.3.6 (build 36.7.0).............. 5 Product Support Notices............................... 5 New Features added to Branch Gateways 6.3.6 (build 36.7.0)........... 5 Fixed Issues in Branch Gateways 6.3.6 (build 36.7.0)................ 9 Known Issues in Branch Gateways 6.3.6 (build 36.7.0)............... 11 Technical Support..................................... 13 Branch Gateways 6.3.6 Release Notes For feedback, use document@avaya.com June 02, 2014 3
Contents 4 Branch Gateways 6.3.6 Release Notes For feedback, use document@avaya.com June 02, 2014
Changes Delivered to Branch Gateways 6.3.6 (build 36.7.0) Product Support Notices Some problems are also documented as Product Support Notices (PSN). The PSN number defines the related document and appears in the Problem column in the tables. To read the PSN description online: 1. Go to the Avaya support site at http://support.avaya.com. 2. Click Product Notices. 3. Click Product Support Notices. 4. Type the last four digits of the PSN number into your web browser s Find on Page function to search the page for a link to the PSN. 5. Click the PSN title link to open the PSN. New Features added to Branch Gateways 6.3.6 (build 36.7.0) Branch Gateways 6.3.6 Release Notes For feedback, use document@avaya.com June 02, 2014 5
Changes Delivered to Branch Gateways 6.3.6 (build 36.7.0).w Table 1: New Features added to Branch Gateways 6.3.6 (build 36.7.0) 1 of 4 Platform Feature TLS H.248 Link Encryption to Communication Manager has been added to the media-gateway to support U.S. DoD customers and approved Federal Government customers only. As a result, the "show mgc" command has been updated to display the type of H.248 Link Encryption being used when the media-gateway is registered to Communication Manager (i.e. TLS, PTLS, or None). In addition, a number of CLI commands have been added to support downloading, management and validation of the X.509 Certificates needed to establish a TLS connection. These commands are described further below. Note: TLS for the H.248 Link has been implemented using OpenSSL Release 1.01e with the Heartbeat Extension disabled (to prevent "Heartbleed" security issue). Certificate Management Commands have been added to support the download of X.509 certificates: show root-ca <h248reg sla> [<index>] Show the CA certificates for H.248 Registration or SLA Monitor Agent. copy scp root-ca <h248reg sla> <filename> <ip> Copy a CA certificate file for H.248 registration or SLA Monitor Agent using scp. copy usb root-ca <h248reg sla> <source-usb-device> <source-filename> Copy a CA certificate file for H.248 Registration or SLA Monitor Agent using the USB device. erase root-ca <h248reg sla> [<index>] Erase a CA certificate file for H.248 Registration or SLA Monitor Agent at <index>. show gw-identity-cert <h248reg sla> Show an Identity certificate for H.248 Registration or SLA Monitor Agent. copy scp gw-identity-cert <h248reg sla> <filename> <ip> Copy an Identity certificate for H.248 Registration or SLA Monitor Agent using scp. copy usb gw-identity-cert <h248reg sla> <source-usb-device> <source-filename> Copy an Identity certificate for H.248 Registration or SLA Monitor Agent using the USB device. erase gw-identity-cert <h248reg sla> Erase an Identity certificate for H.248 Registration or SLA Monitor Agent. 6 Branch Gateways 6.3.6 Release Notes For feedback, use document@avaya.com June 02, 2014
New Features added to Branch Gateways 6.3.6 (build 36.7.0) Table 1: New Features added to Branch Gateways 6.3.6 (build 36.7.0) 2 of 4 Platform Feature Ip-address-map commands have been added to support X.509 certificate common-name validation: set ip-address-map <text> <ip-addr> Set an ip-address-map entry. show ip-address-map Show the ip-address-map. erase ip-address-map <entry #> Erase an entry in the ip-address-map. Certificate-option commands have been added to support X.509 Certificate validation: certificate-options New CLI context command to enter the following certificate options: show certificate-options Display the certificate option settings. set crl-http-validation <yes no> Set whether crl-http validation should be performed. Default = yes. set crl-refresh-interval <days> Set how often Certificate Revocation Lists (CRLs) should be updated. Default = 7. set validate-expiration <never initial-connection always> Set when a certificate's expiration date should be checked. Default = initial-connection. set validate-common-name [yes no] Set whether the common-name field in the peer's certificate should be checked against the ip-address-map. Default=no. Certificate Revocation List (CRL) commands have been added to manage X.509 Certificate Revocation Lists: show crl [<index>] List all installed CRLs, or details of the CRL at <index>. erase crl <index> Erase the installed CRL at <index> Branch Gateways 6.3.6 Release Notes For feedback, use document@avaya.com June 02, 2014 7
Changes Delivered to Branch Gateways 6.3.6 (build 36.7.0) Table 1: New Features added to Branch Gateways 6.3.6 (build 36.7.0) 3 of 4 Platform Feature HTTP proxy commands added to support retrieval of Certificate Revocation Lists (CRLs) from an HTTP server: show http Show HTTP options set http proxy <ip-address> <hostname> [<port>] Set to HTTP proxy at <ip-address> or <hostname> and <port>, if specified. Default port = 8080. set http no-proxy Set to no HTTP proxy. New SNMP traps and syslog events have been added for H.248 link certificates that have expired, have been revoked, are near expiration, have failed common-name validation, or cannot be authenticated (e.g. missing Root-CA certificate). SNMP traps and syslog events will also be generated if the gateway is unable to retrieve a certificate authorities' Certificate Revocation List (CRL). SLA Monitor Agent's TLS link to ADS Server has been updated to use OpenSSL Release 1.01e with the Heartbeat Extension disabled (to prevent "Heartbleed" security issue). SLA Monitor Agent has been updated to support user provided TLS certificates using new gateway Certificate Management commands. Backup and Restore CLI commands have been update to include downloaded X.509 certificates. SSH has been updated to support for aes128-ctr, aes128-cbc, hmac-sha1, and Diffie Hellman SHA-1 Group 14. Increased default length of DSA keys from 768 to 1024 bits. G450 The G450 gateway will raise a temperature alarm whenever the temperature is a few degrees below the maximum operating value. The following command has been added to control when a temperature alarm is generated: set temperature < normal-alarm-threshold high-alarm-threshold> Sets thresholds for temperature alarm. Default = normal-alarm-threshold. 8 Branch Gateways 6.3.6 Release Notes For feedback, use document@avaya.com June 02, 2014
Fixed Issues in Branch Gateways 6.3.6 (build 36.7.0) Table 1: New Features added to Branch Gateways 6.3.6 (build 36.7.0) 4 of 4 Platform Feature A new warning will be returned when both Spanning Tree and Port Redundancy are disabled on the 2 LAN ports since the configuration could potentially create Layer 2 network loops. Support of RFC 4040 Clearmode to support U.S. DoD customers. Fixed Issues in Branch Gateways 6.3.6 (build 36.7.0) This release includes the following fixed issues. w Table 2: Fixed Issues in Branch Gateways 6.3.6 (build 36.7.0) 1 of 2 Problem Keywords Workaround The media gateway would not disconnect the H.248 connection if the "disable nr-registration" command was requested from Communication Manager on an interchanged PE Dup system. The media-gateway did not correctly handle RTP streams in which the SSRC value changed. The media-gateway retained sequence number information from the previous SSRC. If the sequence number for the second SSRC differed significantly, the media-gateway would incorrectly consider this to be packet loss. This problem has been fixed so that the media-gateway reinitializes RTCP reception information when it sees that the SSRC value has changed. Fixed a rare race condition that could cause some CLI commands to be always denied because another operation is already in progress. 140051 130169.02 140022.02 Branch Gateways 6.3.6 Release Notes For feedback, use document@avaya.com June 02, 2014 9
Changes Delivered to Branch Gateways 6.3.6 (build 36.7.0) Table 2: Fixed Issues in Branch Gateways 6.3.6 (build 36.7.0) 2 of 2 Problem Keywords Workaround An issue has been addressed in which a failed V.150 session could occur if the signaling peer asks for a RTP payload type in the range 96-100 range while TTY relay is enabled. SIP trunk has Initial IP-IP direct media enabled. Previously this case might have resulted in no fallback which might cause a failed fax session. The default V.150 SPRT size has been changed to 20ms. In addition, SPRT size of 10, 20, or 30 can be optioned via new voip-parameter 73. An issue has been addressed in which the MP-20 might not properly enter TTY pass-through mode (which could result in a faulty TTY session). The "set terminal recovery password {enable disable}" command is no longer supported on the gateway. The Avaya Converged Network Analyzer (CNA) has been replaced by the Service Level Agreement (SLA) Monitor Agent tool. Therefore, support for CNA has been removed from the gateway. The end of manufacturing support for CNA was November 2012. 130040 130054.02 130142.01 140054.01 140093 140018 10 Branch Gateways 6.3.6 Release Notes For feedback, use document@avaya.com June 02, 2014
Known Issues in Branch Gateways 6.3.6 (build 36.7.0) Known Issues in Branch Gateways 6.3.6 (build 36.7.0) This release includes the following known issues. w Table 3: Known Issues in Branch Gateways 6.3.6 (build 36.7.0) Problem Keywords Workaround G430 The "show system" and "show platform main" CLI commands erroneously display the MP10 DSP as "Not supported". This Branch Gateway version does not support multiple IPv6 VLAN interfaces. Use either the "show faults" and/or the "show voip-parameters" command to verify if there is any issue with installed DSPs. Use single VLAN interface with IPv6. EM_WEB doesn't work via dial in session (usb modem). 090790 Use another network interface, such as the PMI, for connecting to Embedded Web. Branch Gateways 6.3.6 Release Notes For feedback, use document@avaya.com June 02, 2014 11
Changes Delivered to Branch Gateways 6.3.6 (build 36.7.0) 12 Branch Gateways 6.3.6 Release Notes For feedback, use document@avaya.com June 02, 2014
Technical Support Support for Communication Manager is available through Avaya Technical Support. If you encounter trouble with Communication Manager: 1. Retry the action. Carefully follow the instructions in written or online documentation. 2. Check the documentation that came with your hardware for maintenance or hardware-related problems. 3. Note the sequence of events that led to the problem and the exact messages displayed. Have the Avaya documentation available. 4. If you continue to have a problem, contact Avaya Technical Support by: Logging in to the Avaya Technical Support Web site http://www.avaya.com/support Calling or faxing Avaya Technical Support at one of the telephone numbers in the Support Directory listings on the Avaya support Web site. You may be asked to email one or more files to Technical Support for analysis of your application and its environment. Note: Note: If you have difficulty reaching Avaya Technical Support through the above URL or email address, please go to http://www.avaya.com for further information. When you request technical support, provide the following information: Configuration settings, including Communication Manager configuration and browser settings. Tip: Usage scenario, including all steps required to reproduce the issue. Screen shots, if the issue occurs in the Administration Application, one-x Portal, or one-x Portal Extensions. Copies of all logs related to the issue. All other information that you gathered when you attempted to resolve the issue. Tip: Avaya Global Services Escalation Management provides the means to escalate urgent service issues. For more information, see the Escalation Contacts listings on the Avaya Web site. For information about patches and product updates, see the Avaya Technical Support Web site http://www.avaya.com/support. Branch Gateways 6.3.6 Release Notes For feedback, use document@avaya.com June 02, 2014 13
Technical Support 14 Branch Gateways 6.3.6 Release Notes For feedback, use document@avaya.com June 02, 2014