UCM61xx – Technical Training
Download
Report
Transcript UCM61xx – Technical Training
Innovative
IP Voice & Video Solutions
Agenda
- Company Overview
- UCM6100 Series Features
Voice
Video
Data
Mobility
- Sample Scenarios
- Live Demo
Agenda
- Company Overview
- UCM6100 Series Features
Voice
Video
Data
Mobility
- Sample Scenarios
- Live Demo
Grandstream – Company Overview
• Founded in 2002
• Over 400 employees
• Product Portfolio contains over 40
products:
20 different IP Phones
5 ATAs
10 IP Surveillance cameras
5 Video Encoder/Decoders
• Serving small-to-medium size
businesses and consumer markets
Awards & Recognition
12-time winner
7-time winner
US
Boston - Headquarters
Los Angeles, CA
Dallas, TX
China
Hangzhou, Shenzhen
Hong Kong - Warehouse
Morocco
Casablanca - Support Center, EMEA
Venezuela
Venezuela- Support Center, LATAM
Netherlands
Moerdijk - Warehouse
Celebrated 10 Years of Growth and Innovation in 2012
Grandstream – Product Portfolio
VoIP Product
Lines
• IP Multimedia Phones
• Enterprise IP Phones
• Small Business/Home Office IP
Phones
• Analog VoIP Gateways
• Analog Telephone Adapter
Surveillance
Product Lines
•
•
•
•
•
Box IP Cameras
Cube & Mini Dome IP Cameras
IP Video Encoders
Outdoor IP Cameras
Video Management Software
Grandstream Networks, Inc.
IP-PBX and Softswitch
ITSPs
VoIP Applications, Services, and Hardware
Door Intercom
Video Management Systems
Grandstream’s Long History of Open Source
Asterisk is a Registered Trademark of Digium
Android is a Registered Trademark of Google Inc.
Introducing…
UCM6100 Series IP PBX Appliance
UCM6102
UCM6104
UCM6108
UCM6116
Asterisk is a Registered Trademark of Digium
Agenda
- Company Overview
- UCM6100 Series Features
Voice
Video
Data
Mobility
- Sample Scenarios
- Live Demo
UCM6100 Series
Delivering high quality, secure and reliable voice, video, data & mobility to SMBs
UCM6100 Series
• Enterprise-grade features in an affordable,
compact, quiet & easy-to-manage PBX
designed specifically for the SMB market
• No licensing fees
• Fast and easy setup & management
• ALL hardware/software included as
well as lifetime firmware updates
Highlights
• Single-brand solution: allows quick system setup (auto-provisioning, office
phonebook) & backups (system/terminals configuration, CDR, call recordings,
IVR), integrated billing (pending).
• License-free solution: no IP end-point license, no transcoding licenses, no
voicemail licenses.
• Guaranteed interoperability over a variety of terminals from low-end to
enterprise IP phones, ATA to high-density gateways.
• Integration with Grandstream video surveillance suit of products.
• Total solution at unbeatable price.
General Specifications
• Up to 500 extensions
• Up to 60 concurrent calls
• FXO Ports:
2
4
8
16
(UCM6102)
(UCM6104)
(UCM6108)
(UCM6116)
• Gigabit ports with PoE Plus
• Each bridge supports up to
32 conference attendees
• Zero-configuration provisioning
• Simple setup/management
with Web UI
Asterisk is a Registered Trademark of Digium
Hardware Specifications
• 1GHz ARM Cortex processor
• 512MB DDR RAM
• 4GB NAND Flash
• Integrated 2/4/8/16 PSTN trunk FXO ports, 2 analog FXS ports
• Gigabit network port with integrated PoE Plus (802.3at-2009)
• USB and SD peripheral ports
• LED indicators for power, network, FXO and FXS statuses
• 128x32 graphic LCD Display
UCM6100 Interfaces
UCM Model
Ethernet Port (with PoE)
NAT Router
FXS
FXO
Peripheral Ports
UCM6102
WAN and LAN ports
YES
2
2
USB, SD Card
UCM6104
2 LAN ports
N/A
2
4
USB, SD Card
UCM6108
1 LAN Port
N/A
2
8
USB, SD Card
UCM6116
1 LAN Port
N/A
2
16
USB, SD Card
*NOTE
• Only UCM6102 can act as Router (DHCP server).
• UCM6104 has 2 Ethernet ports as well but can be used in Switch/Dual mode only.
• UCM6108/UCM6116 have only 1 Ethernet port.
Voice, Fax and Video
Voice and Fax Codecs
•
•
•
•
•
•
•
•
G.711 aLaw/uLaw
G.722 (HD Voice)
G.723 (5.3K / 6.3K)
G.726
G.729 A/B
iLBC
GSM
T.38
Video Codecs
• H.264
• H.263
• H.263+
Hardware Transcoding
• Up to 8 calls between 2 LBRs
• Up to 16 calls between PCM and LBR
• Up to maximum concurrent calls when the codecs are the same
Signaling and Control
VoIP Protocols
• Open source SIP (RFC3261)
• Asterisk proprietary IAX
DTMF Methods
• In Audio
• RFC2833
• SIP INFO
Provisioning Protocol and Plug-and-Play
• TFTP/HTTP/HTTPS
• Auto-Discovery and Auto-Provisioning of Grandstream Endpoints
Network Protocols
• TCP/UDP/IP, RTP/RTCP, ICMP, ARP, DNS, DDNS, DHCP, NTP, TFTP, SSH, HTTP/HTTPS,
PPPoE, SIP (RFC3261), STUN, TLS/SIP
Calling Features
SIP Trunk and Endpoint Registrations
• Up to 50 SIP Trunk Accounts
• Up to 500 SIP Endpoint Registrations
Concurrent Calling
• UCM6102: Up to 30 simultaneous calls
• UCM6104: Up to 45 simultaneous calls
• UCM6108/UCM6116: Up to 60 simultaneous calls
Conference Bridges
• UCM6102/UCM6104: Up to 3 password-protected conference bridges allowing up to 25
simultaneous participants
• UCM6108/UCM6116: Up to 6 password-protected conference bridges allowing up to 32
simultaneous participants
Calling Features (continued)
Call Center Features
• Multiple call queues can be configured
• Automatic call distribution based on experience/availability/number of
calls answered by the call queue agents
• Call waiting time announcement to the agent
Customized Auto Attendant
• IVR up to 5 levels
Calling Features (continued)
Basic Features
Advanced Features
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Auto Attendant (IVR)
Caller Record (CDR)
Conference Bridge
Do Not Disturb
Call Forward
Call Queue
Call Park
Call Pickup
Call Waiting
Black/White List
Callback
Intercom/Paging
Ring Group
Multi-Language
Attended/Blind Transfer
Music on Hold
Voicemail
Call Forwarding
Record Server
LDAP Server
Busy Lamp Field (BLF)
Zero Configuration
Video Codec Negotiation
DID
Mobile Extension
Firewall/Router
FAX server
Fax-to-Email
TLS
Media Security (SRTP)
FXO Automatic Detection
3-way Video Conference
Eventlist BLF
Remote Ext BLF
DISA
Group Call pick-up
VLAN
PBX Security
Network
• LLDP support on data link layer authentication
• 802.1x authentication for network access
• Firewall/ACL access control
System Configuration
•
•
•
•
Inbound route/outbound route with privilege assignment
Log printout
Automatic system backup
System alert and Email notification on important system events
Application
•
•
•
•
•
•
Fail2Ban for SIP authentication errors
HTTPS for secure remote access
AES-128 encryption for data transmission
Random generated passwords for SIP extensions
TLS Signaling encryption between UCM and end-point
SRTP real-time media encryption between UCM to end-point
Easiest Possible Setup…
Asterisk is a Registered Trademark of Digium
UCM6100 Series
Fully Compliant with SIP Standards
Tested with…
Skype Connect
UCM6100 Series
Voice
Mobility
Secure, high-quality and reliable
Softphone apps
Conference
Remote monitoring
Full codec support
Multiple offices connection
Voice features customization
Data
Video
Call recording
SIP video call
CDR
Surveillance integration
Codec transcoding
Video codec support
System backup
Voicemail/Fax to Email
LDAP phonebook
UCM6100 Series - Voice
Delivering high quality, secure and reliable voice communications
UCM6100 Series - Voice
Delivering high quality, secure and reliable voice communications
Customizable
•
•
•
•
•
•
•
•
Call Routing
Auto-Attendant
IVR
Call Forwarding
Call Retrieval
Music on Hold
Transfer
Ring Group/Hunt Group
UCM6100 Series - Voice
Delivering high quality, secure and reliable voice communications
Conferencing
• 3-way conferencing
• Multiple conference bridges
(up to 32 users per bridge)
UCM6100 Series - Voice
Delivering high quality, secure and reliable voice communications
Supports All Major
Voice Codecs
•
•
•
•
•
•
•
•
•
•
PCMU
PCMA
G.722 (HD audio)
G.723
G.726
AAL2-G.726-32
G.729
ILBC
GSM
ADPCM
UCM6100 Series - Voice
Delivering high quality, secure and reliable voice communications
Call Recording
• Automatically/manually record calls per extension/trunk for future
use
• Calls saved directly onto external storage first if plugged in to the
UCM6100 series
• Can be accessed, played, and downloaded remotely from Web UI
UCM6100 Series - Voice
Delivering high quality, secure and reliable voice communications
Security
• Built-in Firewall with static
defense, Fail2ban (for SIP
authentication errors)
• UCM6102 supports dynamic
defense blacklist/whitelist
• 802.1X Network Security
• SRTP/TLS Encryption
• HTTPS Web UI
UCM6100 Series - Video
Delivering high quality, secure and reliable video communications
UCM6100 Series - Video
Delivering high quality, secure and reliable video communications
Video Calling
• Any SIP video endpoint
• Face-to-face real-time communication
with customers and employees
UCM6100 Series - Video
Delivering high quality, secure and reliable video communications
Supports All Major Video Codecs
• H.263
• H.263p
• H.264
UCM6100 Series - Video
Delivering high quality, secure and reliable video communications
Video Conferencing
• Create your own multiuser video conference
when using Grandstream
video phones with the
UCM6100
UCM6100 Series - Video
Delivering high quality, secure and reliable video communications
Video Surveillance
Integration
• Create a comprehensive solution to view,
monitor and receive alerts from IP
cameras
• Register IP cameras to the PBX
• Make video calls to IP cameras to view
live feeds
• Speak through cameras with 2-way
audio & video (door entry)
• IP cameras can be set to automatically
call video phone when alert is triggered
• Receive alerts from anywhere in the
world
UCM6100 Series - Data
Delivering high quality, secure and reliable data communications
UCM6100 Series - Data
Delivering high quality, secure and reliable data communications
Call Detail Records
(CDR)
• View phone usage records,
broken down by line, date,
time, etc.
• Hospitality industry - create
detailed billing and call logs
• Monitor calling habits of users
UCM6100 Series - Data
Delivering high quality, secure and reliable data communications
Integrate Phonebook
Files and Servers
• Supports LDAP files
• LDAP files are synced with
PBX rather than phones
• UCM6100s with peer trunks
can sync up LDAP phonebooks
with each other
UCM6100 Series - Data
Delivering high quality, secure and reliable data communications
Email Forwarding
• Voicemail to email forwarding (.WAV file)
• Fax to email forwarding (.PDF file)
Fax
Email
Voicemail
UCM6100 Series - Data
Delivering high quality, secure and reliable data communications
System Backup
• Never lose unique configuration
settings and files
• Backup to external USB flash
drive/SD card or internal Flash
storage
• Backup to user’s network server
• Create specific backup times
UCM6100 Series - Mobility
Delivering high quality, secure and reliable mobility
UCM6100 Series – Mobility
Delivering high quality, secure and reliable mobility
Make and receive calls on
your smartphone & laptop
• Compatible with SIP smartphone &
computer applications, including Bria
• Utilize the extension for the user,
rather than their desk at the office
• Supports both video and audio calls
UCM6100 Series – Mobility
Delivering high quality, secure and reliable mobility
Monitor your business
from anywhere
• View live feeds & receive alerts
from IP cameras on any device with
an internet connection
• Speak through IP cameras
UCM6100 Series – Mobility
Delivering high quality, secure and reliable mobility
Access important business
files from anywhere
• Call recordings remotely
accessible from Web UI
• Voicemail to email
• Fax to email
UCM6100 Series
Delivering high quality, secure and reliable voice, video, data & mobility to SMBs
Agenda
- Company Overview
- UCM6100 Series Features
Voice
Video
Data
Mobility
- Sample Scenarios
- Live Demo
UCM6100 Series Multiple Offices Deployment
UCM6100 Deployment Case Study 1
Typical Single Office Scenarios
Plan A: Traditional Cabling System
Traditional Analog System
PSTN
FXO
LAN
IAD
Headquarter
UCM6100
Traditional Cabling
Router
Fax Machine
Internet
Analog Phone
Plan B: Modern Office All IP System
Modern IP Office
Fax Machine
PSTN
Headquarters
FXO
IP Phone
IP Camera
LAN
ATA with Analog Phone
UCM6100
Router
Internet
Plan E: Low Cost SIP Trunk Solution
With SIP Trunk(s)
Fax Machine
IP Phone
FXO
PSTN
Headquarters
LAN
Analog Phone
UCM6100
Router
SIP
SIP Camera
IMS /ITSP
Service Provider
Internet
IP Phone
Fax Machine
FXO
PSTN
IP Camera
LAN
UCM6100
Headquarters
Analog Phone
Router
Internet
SOHO/HOME
LAN
Router
PC
Analog Phone
Fax Machine
SMB With
Remote SOHO
UCM6100 Deployment Case Study 2
Typical Multi-office Scenario
• ABC Logistics Inc. is headquartered in New Zealand. They have Branch locations
throughout the world.
• ABC Logistics Inc. wishes to incorporate a VoIP system that would allow their
Branch locations to interconnect with their corporate location and each other.
IP Phone
IP Phone
PSTN
LAN
IP Phone
New Zealand/HQ
Router
Internet
Hong Kong
Austria
Canada
Requirements:
1) Each Branch location can directly communicate with the Corporate office
2) Each location must have individual conference bridges
3) Each location must make use of IVR’s to control the flow of incoming calls
4) Each location must be able to communicate with other locations
5) Each location must support Fax-to-email and Voicemail-to-email
6) Each location must back up their configurations daily
Agenda
- Company Overview
- UCM6100 Series Features
Voice
Video
Data
Mobility
- Sample Scenarios
- Live Demo
Let’s Get To Work!
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Quick Installation
UCM6100 Interfaces
UCM Model
Ethernet Port (with PoE)
NAT Router
FXS
FXO Peripheral Ports
UCM6102
WAN Port, LAN Port
YES
2
2
USB, SD Card
UCM6104
LAN 1 Port, LAN 2 Port
N/A
2
4
USB, SD Card
UCM6108
LAN Port
N/A
2
8
USB, SD Card
UCM6116
LAN Port
N/A
2
16
USB, SD Card
Quick Installation
Connecting The UCM6102
1. Connect the UCM6102 WAN port to the
uplink port of an Ethernet switch/hub with
an RJ45 Ethernet cable.
2. Connect the power adapter.
3. Once the UCM6102 boots up and connects to the
network, the LED indicator for WAN port will be in
solid green and the LCD shows up the IP address.
4. (Optional) Connect PSTN lines from the wall jack
to the FXO ports; connect analog lines (phone and
fax) to the FXS ports.
Quick Installation
Connecting The UCM6104
1. Connect the UCM6104 LAN 1 port to the
uplink port of an Ethernet switch/hub with
an RJ45 Ethernet cable.
2. Connect the power adapter.
3. Once the UCM6104 boots up and connects to the
network, the LED indicator for LAN 1 port will be in
solid green and the LCD shows up the IP address.
4. (Optional) Connect PSTN lines from the wall jack
to the FXO ports; connect analog lines (phone and
fax) to the FXS ports.
Quick Installation
Connecting The UCM6108/UCM6116
1. Connect the UCM6108/UCM6116 LAN
port on the back of the device to the
uplink port of an Ethernet switch/hub
with an RJ45 Ethernet cable.
2. Connect the power adapter.
3. Once the UCM6108/UCM6116 boots
up and connects to the network, the
LED indicator for NETWORK port will be
in solid green and the LCD shows up
the IP address.
4. (Optional) Connect PSTN lines from the wall jack to the FXO ports; connect analog lines
(phone and fax) to the FXS ports.
Quick Installation
Get Access Info From LCD Menu
View Events: Critical Events and other system events.
Device Info: Hardware version, software version, P/N number, MAC address, Up time.
Network Info: Mode (DHCP, Static IP, PPPoE), IP address, Subnet Mask.
Network Menu: Network settings for LAN/WAN (DHCP, Static IP, PPPoE).
Factory Menu: Reboot, Reset, LCD Test Patterns, Fan Mode, LED Test Patterns, and etc.
Web Info: HTTP/HTTPS, Port number.
Quick Installation
Access Web UI For Status and Configuration
• Connect a computer to the same network as the UCM6100.
• Enter the URL in the following format in the web browser:
http(s)://IP-Address:Port
The default protocol is HTTPS .
The default port number is 8089.
Example: https://192.168.40.167:8089
• Enter the login username and password
(default: admin).
PLEASE CHANGE THE PASSWORD AFTER YOUR FIRST LOGIN!
Quick Installation
Login Page: PBX Status
• PBX Status: Trunks, Extensions, Queues, Conference Rooms, Interfaces, Parking Lot
Quick Installation
System Status
•
•
•
•
General: system uptime/firmware version
Network
Storage Usage
Resource Usage
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Network Settings
Configure the UCM6100 to match your network environment
• WAN Settings
• LAN Settings (Only the UCM6102 can act as router)
• 802.1X
• Port Forwarding (UCM6102 only)
Network Settings
WAN Settings
• DHCP
The UCM6100 acts as DHCP client. It obtains IP
address from DHCP server placed in your LAN.
• Static IP (recommended)
• PPPoE
Use PPPoE to get a direct connection between
the UCM6100 and Internet. (The UCM6100
doesn’t have a modem embedded).
Network Settings
LAN Settings
• Route mode
LAN interface needs to be configured with a Static IP
which will be the default gateway for devices behind
LAN port. DHCP server is enabled by default.
Available on UCM6102 only.
• Switch mode
LAN port will just be a pass-through and devices
behind LAN port will be in the same IP segment as
your DHCP server.
• Dual mode
Both network ports can be used for uplink connection.
UCM6102 LAN Port->Route Mode
Network Settings
802.1X Settings
• Use 802.1X Port Based Network Access Control protocol to provide an
authentication mechanism to attach the UCM6100 to the network.
• The UCM6100 802.1X mode algorithms :
EAP-MD5
EAP-TLS
EAP-PEAPv0/MSCHAPv2
Network Settings
Port Forwarding
• UCM6102 only
• LAN Port mode: Route
• Up to 8 rules available for NAT purposes based on WAN port to open, LAN
IP/port to redirect the packets to, and protocol type.
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
System Settings
Change Password
• Highly recommended after first login
• Strong password recommended
At least 8 characters;
Including lowercase/uppercase alphabet characters;
Including digits;
Including special characters.
System Settings
LDAP Server
• UCM6100 built-in LDAP server
provides corporate directory to
your IP phones
• Add multiple phonebooks
• Sync LDAP directory with other
UCM6100s for SIP peer trunks
System Settings
HTTP Server
• UCM6100 built-in HTTP server allows access to web
interface for easy configuration and status information.
• Support HTTP and HTTPS protocols. HTTPS (default) is
highly recommended.
• Default access port is 8089 and configurable for
HTTP/HTTPS. The web interface is not using default HTTP
port 80 or HTTPS port 443 for security considerations.
• Ability to redirect HTTP requests with default port 80 to
configured port (default 8089) using either HTTP or
HTTPS.
System Settings
Email Settings
Email settings will be used for:
• Voicemail to Email
• Fax to Email
• Email notifications for important
system events
System Settings
Time Settings
• Time Auto Updating
NTP Server
DHCP Option 2
DHCP Option 42
Self-defined Time Zone
• Set Time Manually
Use it when the time auto updating is not working
System Settings
NTP Settings
• Built-in NTP Server with Real-time Clock
• Easy sync up all your devices with the UCM6100
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Create User Extensions
Configure Extension Range
Design Considerations
• Departmentalize/Segmentation
• Plan for Expansion
What to Configure?
• User Extensions
• Conference Extensions
Create User Extensions
Batch & Single User Creation
•
•
•
•
•
•
•
Permissions
Complicated Password
Voicemail Password
Email Address
Strategy
Codecs
Fax Detection
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Provisioning using Zero Config
Provisioning Methods
• TFTP
• HTTP
• HTTPS
Configuration File Types
• Binary Configuration
• XML Configuration
• General XML Configuration
Provisioning using Zero Config
Binary/Legacy Configuration File
Configuration Files are encrypted with
AES256
Must be generated via Configuration
Generator Tool
Provisioning using Zero Config
Configuration Templates & Values
http://www.grandstream.com/support/tools
# Account 1/General Settings
#----------------------------------------# Account Active. 0 - No, 1 - Yes. Default is 1
# Number: 0, 1
# Mandatory
P271 = 1
# Account Name
# String
# P270 =
# SIP Server
# String
P47 =
Provisioning using Zero Config
Configuration Templates & Values
XML Syntax
<?xml version="1.0" encoding="UTF-8" ?>
<gs_provision version="1">
<mac>000b82123456</mac>
<config version="1">
<P271>0</P271>
<P270>Account name</P270>
</config>
</xml>
Provisioning using Zero Config
XML Configuration File
• Grandstream Product families such as GXP21xx/GXP14xx/GXP11xx,
GXV31xx, HT50x, HT70x, GXW40xx and DP71x accept configuration files in
XML format in addition to the legacy proprietary binary format.
• The UCM6100 sends XML configuration file to the devices for them to get
provisioned.
On the UCM6100, after we assign an extension to a device, the UCM6100 will
create an XML config file cfgxxxxxxxxxxxx.xml where xxxxxxxxxxxx is the MAC
address of the device to be provisioned.
The XML config file will then be saved in the UCM6100 embedded HTTP(S)/TFTP
server for the device to download.
Provisioning using Zero Config
XML Configuration File (Continued)
• The XML configuration file is saved in the UCM6100 web server under directory zccgi.
• For example, the UCM6100 is using HTTP and the port number is 8089. The XML configuration
file created for device MAC 000B823E175D can be downloaded using the URL below:
http://192.168.40.178:8089/zccgi/cfg000b823e175d.xml
• The XML configuration file created by the UCM6100 can configure the following on the device:
Account registration information for the device to register SIP account.
Network settings related to SIP: NAT Traversal, Use Random Port.
Call Settings: Dial Plan, Auto Answer.
LDAP client configuration for the device to automatically use the default LDAP directory
generated in the UCM6100.
Provisioning using Zero Config
Setup Made EASY!
•
•
•
•
Plug & Play
Auto Discovery
Automatic Assignment
Minimal Manual Operation
Provisioning using Zero Config
Auto Provisioning: Mechanism
SIP End Device
UCM6100
Discover Device
Boot up
Assign Extension
to Device
Create XML
Config File
Send Downloading
URL to Device
Three methods for the “interaction” between SIP
End Device and the UCM6100:
• SIP SUBSCRIBE
When the phone boots up, it sends out SUBSCRIBE to a
multicast IP address in the LAN. The UCM6100 discovers
it and then sends NOTIFY with the XML config file URL in
the message body for the phone to download.
• mDNS
Download
Config File
When the phone boots up, it sends out mDNS query to
get the TFTP server address. The UCM6100 will respond
with its own address. The phone will then send TFTP
request to download the XML config file from the
UCM6100.
• Option 66
Reboot, Get
Provisioned
For UCM6102 only, which can act as a router providing
option 66 with config server path to the phone.
Provisioning using Zero Config
Example 1: UCM6100 and Phones in the Same LAN
• This is a common setup
among small businesses, where
the UCM6100 is placed behind a
company’s router or firewall.
• The phones are in the same
network as the UCM6100 and
can be discovered automatically
by UCM6100 using the Zero
Config feature.
Provisioning using Zero Config
Example 2: UCM6100 and Phones in Different Networks
• In this setup, the UCM6100 is placed directly over the internet (outside from the network
where the phones are deployed). Under this topology, the UCM6100 cannot reach the
phones on its own and the typical auto discovery will not work.
• Another DHCP server will be needed to help the phone point itself to the UCM6100.
Provisioning using Zero Config
Example 2: UCM6100 and Phones in Different Networks
(Continued)
To finish the provisioning in this topology:
• Turn on DHCP Option 66 in the network where the phones are deployed and set the value:
option tftp-server-name "http(s)://ucm_ip_address:port/zccgi".
• All Grandstream phones have DHCP Option 66 turned on by default. Once the phone is
provisioned with the DHCP Option 66, it will be redirected to the UCM6100 and send
request for XML configuration file.
• When the phone requests the XML configuration file from the UCM6100, the UCM6100
will add the phone to the provision list.
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Create Conference Bridges
Bridging the Gap
•
•
•
•
•
•
Public or Private
Recording Option
Bridging of Multiple Parties
Caller Menu
User Invite
Caller Announcements
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Auto-Attendant (IVR)
No receptionist?
• Record or Upload Custom Voice
Prompts
• Supports Multiple Languages
• Scheduled Routes to Specific
IVR Prompts e.g. AfterHours,
Holidays, Maintenance
• Nested IVRs up to 5 levels
Auto-Attendant (IVR)
IVR Security
• Important: Always verify the permissions you assign in the IVR menu.
• If the IVR is reached by public calls, it is recommended that you set the permission
to internal or password protect the outgoing calls trunks.
• An open permission may result in expensive unauthorized calls!
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Create Analog Trunks
Utilizing Existing Systems
• Ability to Select Individual
Channels
• Auto Detection
• Custom Tone Settings
• Auto Record
• Fax Detection
Create Analog Trunks
Get Familiar with Analog Trunk Settings
• Enable Polarity Reversal
If set to “Yes”, the polarity will be reversed upon call establishment and termination. This is usually
used for billing purposes.
• Polarity On Answer Delay
When FXO port answers the call, FXS port may be sent a polarity reversal signal.
• Current Disconnect
It is used when the PSTN provider uses a line power drop to indicate call completion to the
subscribing end point. In this case the FXO port will search for a power drop with the preconfigured
time frame to disconnect call from a VoIP extension. Default value is 200ms.
• RX Gain: controls the power level of the signal (audio) received on the FXO ports.
• TX Gain: controls the power level of the signal (audio) sent out to the FXO ports.
• Use CallerID: configures caller ID handling to match local PSTN settings.
Create Analog Trunks
Get Familiar with Analog Trunk Settings
• Busy Detection
This is used to detect if the party on the other end has hung up. This feature causes a Busy Tone
to be used as the FXO line disconnection signal when set to YES.
• Busy Count
If busy detection is enabled, you can set busy count to specify how many counts to wait for
before hanging up. The minimum default is 2.
• Congestion Detection
The FXO port listens to the PSTN line for a fast busy tone. Upon reception of such tone, the
UCM6100 can determine congestion.
• Congestion Count
If congestion detection is enabled, you can set congestion count to specify how many tones to
wait for. The minimum default is 2.
• Tone Country
Select the country for tone settings. You can also select custom and set the values manually.
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Create VoIP Trunks
SIP/VoIP Trunking
• Peered or Registered
• Auto Record
• Long-Distance Charges
Reduced
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Call Routing
Outbound Rule:
How can I direct your call?
•
•
•
•
•
•
Dial Pattern
Secured Route
Strip/Prepend Digits
Failover
Privilege/Permission
Outbound route per caller ID
Call Routing
How to Use Outbound Route Pattern
• Pattern: It is similar to dial plan.
All patterns are prefixed by the “_” character.
N = Any digit from 2-9
. = Wildcard, matches one or more characters
! = Wildcard, matches zero or more characters immediately
X = Any Digit from 0-9
Z = Any Digit from 1-9
• To specify the outbound route based on caller ID, add "/callerID" to the above pattern. The
outbound call has to match both the pattern and the callerID to use this outbound route.
Example: _5XXX/1234567890
Call Routing
Inbound Rule:
How can I direct your call?
• DID Pattern
• Trunk Selection
• Direct Calls to IVR, Extension,
Ring group, Voicemail, FAX
• Scheduled Inbound Routes
• Inbound route per caller ID
Call Routing
----------
How to Secure My Call Routes?
• A wrong trunk/routing configuration may open a backdoor that will allow
unauthorized users to make calls.
• Recommendations
For inbound routes, make sure you assign only the privilege required. For example, If you only expect to
handle internal calls, set the privilege to internal.
Use Inbound route DID features to control if inbound calls can or cannot be forwarded to another trunk
or special extension.
For Outbound route, if the target/dialplan allows pay calls, make sure you assign a higher privilege level
such as National or International. Then only assign this permission to users authorized to make these
calls.
Password protection, sometimes the privilege alone is not enough so you can set a password to the
outgoing route. Users will be required to enter the password in order to make a call out a PIN protected
route.
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Voicemail to Email
Not in the office?
• Voicemail to Email
• Configure Voicemail Limits
• Playback Options
Fax to Email
No Fax Machine? No Problem!
• Fax Extension
• Fax Settings
• Fax to Email Template
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Call Detail Records (CDR)
•
•
•
•
CDR Filter
Call Details
Download Records (.csv)
CDR Statistics
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Maintenance
BE PREPARED!
•
•
•
•
•
Firmware Upgrade
Backup
Cleaner
Reset/Reboot
System Events log/
Email notification
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Troubleshooting
Understanding SIP
Typical call flow example between 2 phones
Troubleshooting
Ethernet Captures
• The most helpful information that you can use in the troubleshooting
process is Ethernet capture
• Tools
Hub/Switch(with port mirroring capabilities)
TCPDump
Wireshark
Text Editors
A voice engineer’s best friend is the Ethernet capture!
Troubleshooting
• UCM6100’s built in Ethernet capturing capability
Troubleshooting
SYSLOG
• Syslog is a standard for computer data logging. It can provide useful
information down to the system level.
• There are several logging “levels”:
Error
Warn
Notice
Verbose
Debug
• Additionally, you can choose to output the logs to another server, such
as a dedicated machine used only for gathering SYSLOG data.
Troubleshooting
• In addition to syslog levels, you are able to
select which UCM6100 “modules” to generate
logs.
• For example:
PBX Module
Application
chan_sip
SIP Calls
chan_dahdi
Analog Calls (FXO/FXS)
app_meetme
Conference
Important: It is not recommended to open all levels to all syslog modules. Too many syslog print
might cause traffic that affect system performance.
Troubleshooting
IP Ping
• A network administration utility to check host
availability and measure round-trip times.
• For example, use IP Ping to check if the
UCM6100 is able to communicate with other
networked devices, such as other Peers or SIP
Trunks.
• The first go-to tool to start troubleshooting.
Troubleshooting
Traceroute
• To display the paths (routes) that IP traffic takes in order to reach its destination.
• To display transit delays on particular network segments.
• It can be a valuable tool when troubleshooting issues such as voice delays.
Live Demo
1. Quick Installation
2. Network Settings
3. System Settings
4. Create User Extensions
5. Grandstream’s Zero Config
6. Create Conference Bridges
7. Auto-Attendant (IVR)
8. Create Analog Trunks
9. Create VoIP Trunks
10. Call Routing
11. Voicemail-to-Email/Fax-to-Email
12. Call Detail Records (CDR)
13. Maintenance
14. Troubleshooting
15. Security
Security
Preventive Measures
•
•
•
•
Dynamic Defense
Static Defense
Fail2Ban
Blacklist + Whitelist
Security
Security Considerations
Hardware Based Protection
IP Tables
IP Address Filtering
Whitelist + Blacklist > Whitelist > Blacklist
Strong Web UI Passwords
Minimize Web Access
Strong SIP Passwords
Don’t Use Normal Ports
Security
Network/System Security Considerations
• Firewalls
Use a firewall between your network and the Internet to limit what attackers from Internet can “reach”
inside your network, and to control types of in/out traffic.
• Passwords
Don’t leave default password for any system in your network (attackers know them). Change it before
any configuration and use long (8 characters is minimum, 12 or more is better) and strong passwords
including uppercase/lowercase alphabet characters, digits and special characters. These types of
password are more resistant to “dictionary” attack.
• VPN
Use VPN to encrypt remote access so no-one on the Internet can monitor and capture your data.
• Management Interface
Management interfaces need to be secured behind your firewall and accessed via VPN. Use secured
protocols such as HTTPS instead of HTTP, SSH… Don’t use default ports for those protocols. To avoid
ports scanning, UCM6100 is using a different port for HTTP/HTTPS which is 8089 instead of 80/443
(which you can change).
Security
Network/System Security Considerations (continued)
• Upgrades
Always keep your systems up-to-date by installing latest upgrades which includes fixes/more security
add-ons…
• Backups
Perform regular backup of your system on daily/weekly basis, which can help to restore your
configuration/voice prompts and etc if needed.
• CDR and Syslog debugging
System administrator has the possibility to monitor CDR and syslog to see what is going on in the
UCM6100 (registration, calls, DoS attempts, rejected requests…)
Security
VoIP Security Considerations (continued)
• Fail2Ban
Enable Fail2Ban on the UCM6100 for SIP
authentication errors
- SIP REGISTRATION
- SIP INVITE
- SIP SUBSCRIBE
Security
VoIP Security Considerations (continued)
• Bind port
Default SIP port is 5060, you may consider changing it in order to avoid ports scanning and hackers
INVITE/REGISTER attempts on default port.
• SIP transport
Use TLS (with certificates) when possible instead of SIP over UDP/TCP. The default TLS port is 5061,
you may consider to change it so no one can sniff your network traffic and see your plain text SIP
messages.
• Secure RTP
Use SRTP when possible instead of RTP to avoid hackers to listen to your communications.
• Call Control and Permissions
The UCM6100 can be configured to require a PIN before the call goes through the outbound route.
Also, please make sure to set approriate permissions for users to allow specific types of calls
(Internal, Local, National, International)
Security
VoIP Security Considerations (continued)
• Always turn “Allow Guest Calls” OFF during normal daily operation
• 401 Unauthorized
Attackers tend to send INVITE or REGISTER messages with a random extension number to an IP-PBX and
wait for a reply to know if the extension exist or no, to continue with their attack process. UCM6100
offers the possibility to reject those attacks by always replying with “401 Unauthorized” so attackers will
not know if the extension used in their request is matching a user or peer.
• Change User Agent or Realm
If using plain text SIP protocol, attackers can sniff network and based on the user agent in SIP messages,
can know which IP-PBX you are using which gives them more visibility on how to attack your server. It’s
always better to change your User Agent from default and use one not giving any clue about which
system you are using. This options is offered by UCM6100 (same applies for Realm)
Questions?
Thank You!