LCS Gateway Administration Guide

Similar documents
Integrating Avaya Aura Presence Services with Microsoft OCS

Application Notes for Microsoft Office Communicator R2 Client integration with Avaya one-x Portal and Intelligent Presence Server - Issue 1.

Cisco Collaboration with Microsoft Interoperability

Installing and Configuring vcloud Connector

Cisco Expressway Basic Configuration

Configuration Guide. BES12 Cloud

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

DameWare Server. Administrator Guide

IM and Presence Service Network Setup

Barracuda IM Firewall Administrator s Guide

Using DC Agent for Transparent User Identification

Microsoft Dynamics GP Release

MS Skype for Business and Lync. Integration Guide


Unified Communications in RealPresence Access Director System Environments

IM and Presence Service Network Setup

Transparent Identification of Users

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Acronis Backup & Recovery 11.5 Quick Start Guide

RSA Security Analytics

Configuration Guide BES12. Version 12.2

Server Installation Guide ZENworks Patch Management 6.4 SP2

ArcMail Technology Defender Mail Server Configuration Guide for Microsoft Exchange Server 2003 / 2000

LifeSize Transit Deployment Guide June 2011

Content Filtering Client Policy & Reporting Administrator s Guide

KMIP installation Guide. DataSecure and KeySecure Version SafeNet, Inc

Managing the SSL Certificate for the ESRS HTTPS Listener Service Technical Notes P/N REV A01 January 14, 2011

Configuration Guide BES12. Version 12.3

XMPP Instant Messaging and Active Directory

Security certificate management

Configuration Guide BES12. Version 12.1

Contents. Introduction. Prerequisites. Requirements. Components Used

Windows Server Update Services 3.0 SP2 Step By Step Guide

Installing and Configuring vcloud Connector

Using RADIUS Agent for Transparent User Identification

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Administration Guide

Domain Requirements in Spectralink SIP Phones

StreamServe Persuasion SP5 Control Center

Deploying EMC Documentum WDK Applications with IBM WebSEAL as a Reverse Proxy

Installing GFI MailEssentials

Installing GFI MailSecurity

Jabber MomentIM Outlook Add-in Administrator Guide

SWITCHBOARD SECURITY

introducing The BlackBerry Collaboration Service

Sample Configuration: Cisco UCS, LDAP and Active Directory

User Document. Adobe Acrobat 7.0 for Microsoft Windows Group Policy Objects and Active Directory

NetSpective Global Proxy Configuration Guide

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

NTP Software QFS for NAS, Hitachi Edition

SMART Vantage. Installation guide

Set Up Certificate Validation

Monitoring the BlackBerry Enterprise Server

Dialogic 4000 Media Gateway Series as a Survivable Branch Appliance for Microsoft Lync Server 2010

Installing and Configuring vcenter Multi-Hypervisor Manager

PingFederate. Identity Menu Builder. User Guide. Version 1.0

How to Configure a High Availability Cluster in Azure via Web Portal and ASM

Server Installation ZENworks Mobile Management 2.7.x August 2013

Installing Policy Patrol on a separate machine

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

Instant Messaging Compliance for IM and Presence Service on Cisco Unified Communications Manager, Release 10.5(1)

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Step-By-Step Guide to Deploying Lync Server 2010 Enterprise Edition

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

PaperCut Payment Gateway Module - RBS WorldPay Quick Start Guide

VMware Identity Manager Connector Installation and Configuration

IP Office SIP Extension Support

Remote Filtering Software

CA Nimsoft Unified Management Portal

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

SolarWinds Log & Event Manager

Configuring SonicWALL TSA on Citrix and Terminal Services Servers

Dell One Identity Cloud Access Manager Installation Guide

Steps for Basic Configuration

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

Web Application Firewall

CA Nimsoft Monitor. Probe Guide for Cloud Monitoring Gateway. cuegtw v1.0 series

NETWRIX EVENT LOG MANAGER

CA Spectrum. Microsoft MOM and SCOM Integration Guide. Release 9.4

Integrating LANGuardian with Active Directory

MailMarshal SMTP in a Load Balanced Array of Servers Technical White Paper September 29, 2003

Enabling Remote Management of SQL Server Integration Services

Certificate Management for your ICE Server

Deploying NetScaler Gateway in ICA Proxy Mode

Windows Live Mail Setup Guide

Application Notes for Avaya Aura Conferencing 7.2 and Radvision SCOPIA Elite MCU Issue 1.0

Technical Brief for Windows Home Server Remote Access

RSA Authentication Manager 7.1 Basic Exercises

Unifying Information Security. Implementing TLS on the CLEARSWIFT SECURE Gateway

Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3)

Basic Exchange Setup Guide

Installation and Administration Guide

Sophos Mobile Control Installation guide. Product version: 3

Optimization in a Secure Windows Environment

Deploying Personal Virtual Desktops by Using RemoteApp and Desktop Connection Step-by-Step Guide


Smart Control Center. User Guide. 350 East Plumeria Drive San Jose, CA USA. November v1.0

BlackBerry Enterprise Server for Microsoft Office 365 preinstallation checklist

End User Setup and Handling

VMware Identity Manager Administration

Transcription:

LCS Gateway Administration Guide Product Version 4.2 Document Version A November 2005 1899 Wynkoop Street, Suite 600 Denver, CO 80202 303-308-3231

Disclaimers Copyright 2005 Jabber, Inc. The information contained in this document is proprietary to Jabber, Inc. This information is considered confidential and is not to be disclosed to any outside parties without the express written consent of Jabber, Inc. This document is provided for informational purposes only, and the information herein is subject to change without notice. Jabber, Inc. does not provide any warranties covering and specifically disclaims any liability in connection with this document. Trademarks JABBER and the light bulb logo are either trademarks or registered trademarks of Jabber, Inc. All other trademarks are the property of their respective owners. Page ii

Table of Contents Chapter 1. Introduction... 5 System Requirements 5 LCS 5 XCP Server and IM Client 6 Memory 6 Ports 6 System Architecture 6 Chapter 2. Installing the LCS Gateway... 9 Chapter 3. Configuring the LCS Gateway... 11 Configuration Checklist 12 Add an S2S Connection Manager 12 Add the LCS Gateway to the S2SCP 13 Add a Rule to the S2SCP 16 Add an Open Port Component 17 Add the S2SCP ID as a Jabber Administrator 19 Publish SRV Records on your DNS Server 20 Chapter 4. Obtaining a Certificate and Public Key... 21 Generate a Certificate Request and a Private Key 22 Generate a Public Key 23 Obtain the Certificate from Your Certificate Authority 23 Convert the Certificate to PEM Format 24 Appendix A. Support for SIP/SIMPLE Standards... 25 Exceptions 26 Limitations 26 Appendix B. Configuring the LCS, SIMPLE, and AIM Gateways... 27 Appendix C. Known Issues... 31 Table of Contents Page iii

Page iv Table of Contents

Chapter 1 Introduction Thank you for purchasing the LCS Gateway, which allows the exchange of messages and presence between Jabber users and Live Communications Server (LCS) users. The gateway is sold separately, and requires separate licensing and installation. The LCS Gateway communicates using SIP/SIMPLE protocol standards and is completely transparent to Jabber users. LCS contacts are added to a user s roster in the same way that Jabber IM contacts are added, and their IDs are entered in the same format used by Jabber contacts; for example, jbrown@example.com. System Requirements This section lists the system requirements for running the LCS Gateway. LCS Both your LCS server and the LCS Access Proxy must be running LCS 2005 Service Pack 1. Enhanced federation must be enabled on the LCS server. The Jabber (XCP) domain must be configured as an authorized domain that is allowed to federate with the LCS server. Microsoft Office Communicator 2005 is the only supported client for LCS users. Chapter 1 Introduction Page 5

System Architecture XCP Server and IM Client The LCS Gateway runs with version 4.2 of the Jabber IM/XCP server and with version 3.1 of the Jabber Messenger client. Memory For the LCS Gateway, you should allow an extra 512 MB of memory above the 512 MB required for the XCP server. Ports Port 5269 must be accessible to the Internet if you want your Jabber IM/XCP server to communicate with other Jabber servers over the Internet. (This port is probably already configured in your system.) Port 5060 must be available for incoming SIP/SIMPLE over TCP traffic. Port 5061 (used by the LCS Gateway) must be available for incoming SIP/SIMPLE over TLS traffic. System Architecture The LCS Gateway uses Jabber, Inc. s server-to-server (S2S) technology, which allows XCP servers to communicate with XMPP and other servers that are located outside the firewall. The LCS Gateway consists of an S2S Connection Manager (S2SCM), which is configured with an S2S Command Processor and an LCS Director. The S2SCM is installed on the main Jabber server. Ports 5060 and 5061 must be available for traffic coming in through your firewall. If you anticipate a great deal of network traffic, you can run the S2SCM on a separate machine. Page 6

System Architecture Figure 1 illustrates how the LCS Gateway is deployed in a company-to-company scenario where a firewall is involved. cindy@example.com LCS 2005 Standard or Enterprise Server XMPP Client LCS Gateway Port 5269 S2S Connection Manager S2S Command Processor LCS Director Port 5060 Port 5061 LCS 2005 Access Proxy jane@company.com Jabber IM/XCP 4.2 Server example.com Firewall Figure 1. Company-to-company LCS Gateway architecture LCS Client Figure 2 illustrates an LCS Gateway deployment within the same company. cindy@example.com LCS 2005 Standard or Enterprise Server XMPP Client LCS Gateway S2S Connection Manager Jabber IM/XCP 4.2 Server example.com S2S Command Processor LCS Director LCS 2005 Access Proxy sally@example.com Figure 2. Intra-company LCS Gateway architecture LCS Client Chapter 1 Introduction Page 7

System Architecture Page 8

Chapter 2 Installing the LCS Gateway This chapter describes how to install version 4.2 of the LCS Gateway product, which runs with version 4.2 of the Jabber IM/XCP server. The LCS Gateway must be installed in the $JABBER_HOME directory on your XCP server. If you anticipate a great deal of network traffic, you can also install the LCS Gateway and the XCP S2S package on another machine, perhaps located in your network s demilitarized zone (DMZ). You can then run the S2SCM from that machine. These instructions assume that the $JABBER_HOME environment variable has been set on your system. To install the LCS Gateway 1. On your XCP server, change to the $JABBER_HOME/bin directory. 2. Enter the following commands to stop the Jabber IM/XCP server and the Jabber IM/XCP Controller:./runjabber stop./runcontroller stop 3. Change to the directory where you downloaded the LCS Gateway installation package. 4. Depending on your operating system, enter one of the following commands. (The --prefix argument ensures that the package is installed into the Jabber IM/XCP server installation directory.)./xcp-lcsgw-installer-4.2.0.x-linux.bin --prefix=$jabber_home or./xcp-lcsgw-installer-4.2.0.x-solaris8.bin --prefix=$jabber_home Chapter 2 Installing the LCS Gateway Page 9

5. Change to the $JABBER_HOME/bin directory and enter the following command to restart the Controller:./runcontroller start 6. Log into the Jabber IM/XCP Controller and start the server. Page 10

Chapter 3 Configuring the LCS Gateway After you have installed the LCS Gateway, you must configure it using the Jabber IM/XCP Controller. When you configure the gateway, make sure that you use the Controller s Advanced configuration view; the gateway is an advanced XCP feature, and thus, uses advanced configuration options. If you are also running the SIMPLE Gateway, read Appendix B, Configuring the LCS, SIMPLE, and AIM Gateways in addition to following the instructions in this chapter. The appendix contains tips for configuring the gateways on the same XCP system. The following sections are provided in this chapter: Configuration Checklist Add an S2S Connection Manager Add the LCS Gateway to the S2SCP Add a Rule to the S2SCP Add an Open Port Component Add the S2SCP ID as a Jabber Administrator Publish SRV Records on your DNS Server Chapter 3 Configuring the LCS Gateway Page 11

Configuration Checklist Configuration Checklist The following table contains values that you will need to use as you configure the LCS Gateway. You can use the table to keep track of the values as you go along. Table 1. Configuration checklist Value needed during configuration Write the value here... S2S Command Processor s ID (for example, cm-2_s2scp-1) S2S Command Processor s Connection Type (accept or connect) S2S Command Processor s Component IP S2S Command Processor s Port S2S Command Processor s Password LCS Gateway s ID (for example, cm-2_s2scp-1_lcssd-1) XCP server s realm (To determine the server s realm, click the Edit link beside Core Router in the Router area on the Controller s main screen. The realm is the second configuration option on the Global Settings Configuration screen.) Add an S2S Connection Manager The LCS Gateway must be configured in a server-to-server Connection Manager (S2SCM). If you already have an S2SCM and this is the first gateway being configured, you can configure it within the existing S2SCM. Skip to the section, Add the LCS Gateway to the S2SCP on page 13. (Each additional gateway must be configured within its own S2SCM.) If you have installed and configured the SIMPLE Gateway and/or the AIM Gateway for Jabber, you must configure a new S2SCM for the LCS Gateway. See Appendix B for additional configuration instructions. Page 12

Add the LCS Gateway to the S2SCP To add an S2S Connection Manager 1. In the Components area in the Controller s main screen, click Go to add a new Connection Manager. Figure 3. Adding a Connection Manager 2. Configure the Connection Manager using the online help as needed. 3. Under Add a new command processor, select S2S Command Processor in the list and click Go. Figure 4. Adding an S2S Command Processor 4. Configure the S2S Command Processor using the online help as needed. We recommend that you use the default port number, 7334, which is the standard port used by Jabber, Inc. for an S2S Command Processor. Add the LCS Gateway to the S2SCP The LCS Gateway enables communication between the Jabber IM/XCP server and remote SIP connectors, and is used to exchange presence and IM messages between Jabber and LCS users. To add the LCS Gateway 1. In the Director Configuration area on the S2S Command Processor Configuration screen, select LCS Gateway in the list and click Go. Chapter 3 Configuring the LCS Gateway Page 13

Add the LCS Gateway to the S2SCP LCS Gateway displays in the list only when you have installed the LCS Gateway. Figure 5. Adding the LCS Gateway Director The LCS Gateway Configuration screen is shown in the following figure. Figure 6. Configuring the LCS Gateway 2. Change the LCS Gateway configuration as needed. The parameters are described in the following table. Table 2. LCS Gateway parameter descriptions Field IP address of external interface Description The IP address of the external TCP interface on which this director listens for connections from LCS 2005 Access Proxies. By default, this is set to the IP address of the system on which the Jabber IM/XCP server is installed. Page 14

Add the LCS Gateway to the S2SCP Field Description Port Threads to use for establishing outgoing connections Interval (in seconds) to check and remove pending connections Interval (in seconds) to timeout SIP requests Interval (in seconds) to timeout Client requests Default Presence subscription duration (in seconds) Minimum Presence subscription duration (in seconds) Enable sip stack logging Directory path where certificates are stored TLS Host TLS Port Domain used for TLS certificate The port number on which this director listens for connections from LCS 2005 Access Proxies. Note: If you have the SIMPLE Gateway installed (which also uses port 5060), use port 8060 for the LCS Gateway. The number of threads used for communicating with LCS 2005 Access Proxies. The number of seconds to wait for the connection to an LCS 2005 Access Proxy to go through. The connection attempt times out after this time has passed. The number of seconds to wait for SIP requests to be acknowledged by an LCS 2005 Access Proxy. Requests time out after this time interval has passed. The number of seconds to wait for an authorization or other request sent to Jabber Messenger. The default number of seconds that presence subscriptions to LCS users last. The lower this number is, the more time the LCS Gateway will spend refreshing subscriptions. The minimum number of seconds allowed for the duration of presence subscriptions from LCS users. Select Yes only if you want to enable additional output from the SIP stack. The logs are written to syslog. Use this flag with caution; enabling it can impact server performance. Enter the path to the directory in which you store the certificates and public keys that are used when connecting to the LCS network; for example: $JABBER_HOME/certs/sip/ For more information about certificates and public keys, see Chapter 4. Enter the IP address where the LCS Gateway listens for TLS connections from LCS 2005 Access Proxies. Leave the default setting of 5061. This is the port used by the TLS server. Enter the SIP/SIMPLE domain to which LCS 2005 Access Proxies will connect; for example: example.com. Chapter 3 Configuring the LCS Gateway Page 15

Add a Rule to the S2SCP 3. When you have finished configuring the LCS Gateway, click Submit to save your changes. You are returned to the S2S Command Processor Configuration screen. Add a Rule to the S2SCP You must add a new rule to the S2S Command Processor for the LCS Gateway. The S2SCP configuration includes three XMPP rules by default. If you want to use your S2SCM only for the LCS Gateway from Jabber, click the Remove link beside each rule before adding the new rule. To add a rule 1. In the S2S Command Processor Configuration screen, scroll to the Outgoing connection attempt rules area and click Go to add a rule. Figure 7. Adding the LCS Gateway rule 2. In the Rule Configuration screen, enter the information described below: Figure 8. Configuring the LCS Gateway rule - For Director ID, enter the ID of the LCS Gateway (for example, cm-2_s2scp1_lcssd-1). - For DNS SRV lookup to use, enter the following value: _sip._tls Page 16

Add an Open Port Component The LCS network DNS server publishes SRV records with this prefix for their LCS 2005 Access Proxies. 3. Click Submit to save your changes. You are returned to the S2S Command Processor Configuration screen. 4. Click Submit again on the S2S Command Processor Configuration screen and on the Connection Manager Configuration screen to save your configuration. Add an Open Port Component You must add an Open Port to allow the S2S Connection Manager to connect to the router. If you are using a previously-configured S2SCM for the LCS Gateway, it should already have an Open Port. Skip to Publish SRV Records on your DNS Server on page 20. To add an Open Port component 1. In the Components area in the Controller s main screen, select Open Port in the list, and click Go. Figure 9. Adding an Open Port The prompt shown in the following figure displays. Figure 10. Naming the Open Port Chapter 3 Configuring the LCS Gateway Page 17

Add an Open Port Component 2. Enter the ID of the S2S Command Processor; for example, cm-2_s2scp-1. 3. Click OK. The Open Port Configuration screen displays. The upper portion of the screen is shown in the following figure. Figure 11. Configuring the Open Port 4. Change the Open Port s Description to something like S2SCM Open Port. 5. In the Router Connection Information area, do the following: - Specify the opposite connection type than the one used for the S2SCP; for example, if you used connect for the S2SCP, you must use accept for the Open Port. - Specify the same Component IP, Port, and Password for the Open Port that you used for the S2SCP. See Table 1, Configuration checklist, on page 12 for your values. 6. Scroll down to the Service Component area, and enter an asterisk (*) in the Host Filters text field as shown in the following figure. Figure 12. Configuring host filters 7. Click Submit to save your changes to the Open Port. You are returned to the Controller s main screen. Page 18

Add the S2SCP ID as a Jabber Administrator Add the S2SCP ID as a Jabber Administrator You must add the ID of the S2S Command Processor as a Jabber administrator in the JSM configuration screen. This is necessary to push presence and roster subscriptions to the LCS network. To add a Jabber administrator 1. In the Router area on the Controller s main screen, click the Edit link beside jsm. The Jabber Session Manager Configuration screen displays. Figure 13. Editing the Jabber Session Manager 2. In the Optional Modules section, make sure that the checkbox beside mod_admin is checked. 3. Scroll down to the Jabber Administrators option, and enter the ID of the S2S Command Processor, including the realm; for example: cm-2_s2scp-1.jabber. Figure 14. Adding a Jabber Administrator Jabber is the default realm used during XCP server installation. To determine the realm for this server installation, click Edit beside Core Router in the Router area on the Controller s main screen. The realm is the second entry. 4. Scroll to the bottom of the JSM Configuration screen, and click Submit to save your configuration. Chapter 3 Configuring the LCS Gateway Page 19

Publish SRV Records on your DNS Server Publish SRV Records on your DNS Server In order for the LCS 2005 Access Proxies to communicate with your LCS Gateway, SRV records must be published on your DNS server. Example SRV records for the LCS Gateway are shown below: _sip._tcp.example.com IN SRV 1 0 5060 lcsgw _sip._tls.example.com IN SRV 1 0 5061 lcsgw lcsgw IN A 127.0.0.1 The SRV record maps the LCS Gateway domain name to the IP address where the LCS Gateway is going to run. Page 20

Chapter 4 Obtaining a Certificate and Public Key The connection between the LCS Gateway and the LCS 2005 Access Proxy must be mutual TLS. Certificates are presented by both sides as part of the TLS handshake. This chapter explains one way of generating a certificate request and a public key; however, you can use any method of your choice. Regardless of the method you choose, you must obtain a certificate and a public key, and place them in the $JABBER_HOME/certs/sip directory on the XCP server For the LCS Gateway, you can use a self-signed certificate if you want; you do not have to use a third-party CA. The certificate must conform to RFC 3280 certificate standards and include both server and client authentication EKU flags. The following sections are provided: Generate a Certificate Request and a Private Key Generate a Public Key Obtain the Certificate from Your Certificate Authority Convert the Certificate to PEM Format Chapter 4 Obtaining a Certificate and Public Key Page 21

Generate a Certificate Request and a Private Key Generate a Certificate Request and a Private Key The instructions in this section describe how to generate a certificate request and a private key using OpenSSL. You can use another method if preferred. To generate a certificate request and a private key using OpenSSL 1. Execute the following command on the system where you installed the LCS Gateway. $ openssl req -new -out lcsgw.csr 2. When you are prompted for the PEM pass phrase, enter any password. Confirm the password at the next prompt. 3. Answer the prompts described in the following table. Prompt Country Name (2 letter code) [AU]: State of Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []: Email Address []: A challenge password []: An optional company name []: Response Enter the 2-letter code for your country; for example, US Enter the name of your state or province; for example, Colorado Enter the name of your city; for example, Denver Enter the name of your company; for example, Example Inc Enter the name of your organization; for example, Product Development Enter the LCS Gateway domain; for example, lcsgw.example.com Enter your email address; for example, rjones@example.com Caution! Do not enter anything at this prompt. Press ENTER to leave it blank. This prompt is optional. You can enter an optional company name or press ENTER to leave it blank. After you have answered the prompts, the following files are created: privkey.pem (the private key) lcsgw.csr (the certificate request) Page 22

Generate a Public Key Generate a Public Key The following instructions describe how to generate a public key using OpenSSL. You can use another method if preferred. To generate a public key using OpenSSL 1. Execute the following command on the system where you installed the LCS Gateway: openssl rsa -in privkey.pem -out domain_key_lcs.gateway.domain.pem where LCS.Gateway.domain is the domain name for the LCS Gateway; for example: lcsgw.example.com. 2. When you are prompted for a password, enter the password you used in Step 2 in the previous section. The domain_key_lcs.gateway.domain.pem file is generated. Obtain the Certificate from Your Certificate Authority The steps in this section may vary depending on the process you use to request and retrieve a certificate from your CA. Do the following 1. Submit the certificate request file to your CA. 2. When the CA has granted your certificate, save it as a binary file. This certificate file is in DER format. You must convert it to PEM format as described in the following section. Chapter 4 Obtaining a Certificate and Public Key Page 23

Convert the Certificate to PEM Format Convert the Certificate to PEM Format These instructions describe how to save the certificate file in PEM format using OpenSSL. You can use another method if preferred. To convert the certificate file using OpenSSL 1. In the directory that contains the certificate file, execute the following command: openssl x509 -in certfile.crt -inform DER -out domain_cert_lcs.gateway.domain.pem This command converts the certificate file from DER to PEM format and creates the domain_cert_lcs.gateway.domain.pem file. 2. Copy the following files to the $JABBER_HOME/certs/sip directory. domain_key_lcs.gateway.domain.pem domain_cert_lcs.gateway.domain.pem Page 24

Appendix A Support for SIP/SIMPLE Standards The LCS Gateway supports the following SIP/SIMPLE standards: Standard RFC Description SIP Core 3261 SIP: Session Initiation Protocol, June 2002 3263 Session Initiation Protocol (SIP): Locating SIP Servers, June 2002 3265 Session Initiation Protocol (SIP): Specific Event Notification, June 2002 SIMPLE 3428 Session Initiation Protocol (SIP) Extension for Instant Messaging, December 2002 3856 A Presence Event Package for the Session Initiation Protocol (SIP), August 2004 IMPP 3859 Common Profile for Presence (CPP), August 2004 3860 Common Profile for Instant Messaging (CPIM), August 2004 3861 Address Resolution for Instant Messaging and Presence, August 2004 3862 Common Presence and Instant Messaging (CPIM): Message Format, August 2004 3863 Presence Information Data Format (PIDF), August 2004 Appendix A Support for SIP/SIMPLE Standards Page 25

Exceptions Exceptions The LCS Gateway supports the standards mentioned in the table with the following exceptions: Supports sip: prefix for SIP/SIMPLE users, but does not support sips: Does not authenticate SIP/SIMPLE users Limitations SIMPLE imposes the following limitations for setting up subscriptions: Subscriptions must be set up on both sides. The LCS user is added to the XMPP user s roster, and then the XMPP user is added to the LCS user s roster. When a Jabber user removes an LCS contact (or vice versa), the user is not automatically removed from the contact s roster. Unlike XMPP, SIP/SIMPLE does not facilitate the automatic removal of contacts from both rosters. LCS-to-XMPP subscriptions are refreshed every hour. When the XMPP server is restarted, LCS users may not see XMPP users presence for a maximum of the subscription interval that has been set up on the LCS IM server (until the next refresh occurs). Page 26

Appendix B Configuring the LCS, SIMPLE, and AIM Gateways This appendix briefly describes how to configure the LCS, SIMPLE, and AIM Gateways when you have two or all three of them installed and running on your XCP system. The information below supplements the instructions provided in Chapter 3, Configuring the LCS Gateway ; however, it is not meant to be used in place of them. No two gateways may be configured within the same S2S Connection Manager (S2SCM). However, if you already have an S2SCM that you are using for communicating with other Jabber XCP servers (XMPP S2S), you can configure the first gateway within this S2SCM. Each additional gateway must be configured in its own S2SCM. Following is an example configuration where all three gateways are installed on the same XCP system. To configure the SIMPLE Gateway 1. Using the XCP Controller, add a Connection Manager 2. Add an S2S Command Processor (The S2SCP has XMPP Incoming and Outgoing directors configured by default.) 3. Add a SIMPLE Server Director. 4. In the SIMPLE Server Director Configuration screen, specify 5060 for the TCP Port and 5060 for the UDP Port, and click Submit to save your configuration. Page 27

5. In the S2S Command Processor Configuration screen, add an Outgoing Connection Attempt Rule and do the following: - For Director ID, enter the SIMPLE Server Director s ID; for example: cm-2_s2scp-1_simplesd-1. - For DNS SRV lookup to use, enter the following: _sip._tcp 6. Click Submit on each screen until you are returned to the Controller s main screen. 7. Add an Open Port component as described starting on page 17, specifying an asterisk (*) in the Host Filters field. Submit your configuration. Each gateway that you configure requires an open port component. However, only one of the open ports can have an asterisk in the Host Filters field. The other gateways open ports must list specific hosts. To configure the LCS Gateway 1. Using the XCP Controller, add a Connection Manager 2. Add an S2S Command Processor. 3. In the S2S Command Processor configuration screen, remove the XMPP Incoming and Outgoing directors (xmppsoutd-1 and xmppsind-1) and the corresponding Outgoing Connection Attempt Rules. 4. Under Director Configuration, select LCS Gateway in the drop-down list, and click Go. 5. In the LCS Gateway Configuration screen: - Specify 9060 for the TCP Port. This port is not used for communication. - Specify 8061 for the TLS Port. The SRV record, _sip._tls, should point to this port. - Click Submit to save your configuration. 6. In the S2S Command Processor Configuration screen, add an Outgoing Connection Attempt Rule and do the following: - For Director ID, enter the LSC Gateway s ID; for example: cm-3_s2scp-1_lcssd-1 - For DNS SRV lookup to use, enter the following: _sip._tls Page 28

7. Click Submit on each screen until you return to the Controller s main screen. 8. Add an Open Port component: - When prompted for the Open Port s ID, enter the ID of the S2SCP; for example: cm-3_s2scp-1 - In the OpenPort Configuration screen, specify the opposite connection type than the one used for the S2SCP; for example, if you used connect for the S2SCP, you must use accept for the Open Port. - Specify the same Component IP, Port, and Password for the Open Port that you used for the S2SCP. - In the Host Filters field, enter the LCS hostname; for example: lcs.example.com - Submit your configuration. To configure the AIM Gateway from Jabber 1. Using the XCP Controller, add a Connection Manager 2. Add an S2S Command Processor. 3. In the S2S Command Processor configuration screen, remove the XMPP Incoming and Outgoing directors (xmppsoutd-1 and xmppsind-1) and the corresponding Outgoing Connection Attempt Rules. 4. Under Director Configuration, select AIM Gateway from Jabber in the drop-down list, and click Go. 5. In the AIM Gateway from Jabber Configuration screen: - Specify 8060 for the TCP Port. This port is not used for communication. - Specify 5061 for the TLS Port. The SRV record, _sip._tls, should point to this port. - Click Submit to save your configuration. 6. In the S2S Command Processor Configuration screen, add an Outgoing Connection Attempt Rule and do the following: - For Director ID, enter the AIM Gateway from Jabber s ID; for example: cm-4_s2scp-1_aolsd-1 - For DNS SRV lookup to use, enter the following: _SIPfederationTLS._TCP Page 29

7. Click Submit on each screen until you return to the Controller s main screen. 8. Add an Open Port component: - When prompted for the Open Port s ID, enter the ID of the S2SCP; for example: cm-3_s2scp-1 - In the OpenPort Configuration screen, specify the opposite connection type than the one used for the S2SCP; for example, if you used connect for the S2SCP, you must use accept for the Open Port. - Specify the same Component IP, Port, and Password for the Open Port that you used for the S2SCP. - In the Host Filters field, enter the AOL hostname; for example: aol.com - Submit your configuration. Page 30

Appendix C Known Issues This appendix describes the issues that are know to exist with version 4.2 of the LCS Gateway. Issue Number Description 19599 If you configure multiple gateways, each gateway must be configured in its own Connection Manager. 19600 When users who have subscribed to each other through the gateway unsubscribe, each user must unsubscribe from the other to completely remove the subscription. Appendix C Known Issues Page 31

Page 32

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information