Nortel Networks NN42030-300 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Nortel Networks NN42030-300, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Nortel Networks NN42030-300 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Nortel Networks NN42030-300. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Nortel Networks NN42030-300 should contain:
- informations concerning technical data of Nortel Networks NN42030-300
- name of the manufacturer and a year of construction of the Nortel Networks NN42030-300 item
- rules of operation, control and maintenance of the Nortel Networks NN42030-300 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Nortel Networks NN42030-300 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Nortel Networks NN42030-300, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Nortel Networks service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Nortel Networks NN42030-300.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Nortel Networks NN42030-300 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    Nortel Mobile Communication 3100 Series Portfolio Nortel Mobile Communication Gateway 3100 Installation and Upgrades Release: 2.1 Document Revision: 02.03 www.nortel.com NN42030-300 .[...]

  • Page 2

    Nortel Mobile Communication 3100 Series Portfolio Release: 2.1 Publication: NN42030-300 Document status: Standard Document release date: 9 May 2008 Copyright © 2007, 2008 Nortel Networks All Rights Reserved. Sourced in Canada LEGAL NOTICE This document contains Nortel confidential and proprietary information. It is not to be copied, disclosed or d[...]

  • Page 3

    3 . Contents New in this release 7 Features 7 Other changes 7 How to get help 9 Finding the latest updates on the Nortel Web site 9 Getting help from the Nortel Web site 9 Getting help over the telephone from a Nortel Solutions Center 9 Getting help from a specialist by using an Express Routing Code 10 Getting help through a Nortel distributor or r[...]

  • Page 4

    4 Nonredundant server option 23 Redundant server option 23 Software installation 24 Postinstallation 27 Overview 27 MCG 3100 Web Console logon 27 MCG 3100 parameter configuration 28 License file 31 Licence file troubleshooting 32 Manage TLS certificates 33 Enroll with a Certificate Authority 33 Certificate Signing Request generation 34 Signed TLS c[...]

  • Page 5

    5 Procedure 17 Starting, stopping, and restarting the Administration Server 51 Procedure 18 Starting, stopping, and restarting the Group Call Server 51 Procedure 19 Checking the Gateway Server processes 52 Procedure 20 Checking the Administration Server processes 53 Procedure 21 Backing up the databases 54 Procedure 22 Restoring the databases 54 Pr[...]

  • Page 6

    6 Nortel Mobile Communication 3100 Series Portfolio Nortel Mobile Communication Gateway 3100 Installation and Upgrades NN42030-300 02.03 Standard 9 May 2008 Copyright © 2007, 2008 Nortel Networks .[...]

  • Page 7

    7 . Ne w in this release This section details what’s new in Nortel Mobile Communication Gateway 3100 Installation and Upgrades (NN42030-300) for Nortel Mobile Communication 3100 (MC 3100) Release 2.1. Features This section describes the features that impact the book. This release provides support for the new client, the Nortel Mobile Communicatio[...]

  • Page 8

    8 New in this release Revision history May 2008 Standard 02.03. This document is issued to support Nortel Mobile Communication 3100 Release 2.1. Only the release date changed. April 2008 Standard 02.02. This document is issued to support Nortel Mobile Communication 3100 Release 2.1. Added the DNS port to Table 6 "Port usage" (page 57) . A[...]

  • Page 9

    9 . Ho w to g et help This chapter explains how to get help for Nortel products and services. Finding the latest updates on the Nor tel W eb site The content of this documentation is current at the time the product is released. To check for updates to the latest documentation for the Nortel Mobile Communication 3100 Series Portfolio, go to h ttp://[...]

  • Page 10

    10 How to get help Getting help from a specialist by using an Express Routing Code To access some Nortel Technical Solutions Centers, you can use an Express Routing Code (ERC) to quickly route your call to a specialist in your Nortel product or service. To locate the ERC for your product or service, go to: h ttp://www.nortel.com/erc Getting help th[...]

  • Page 11

    11 . Intr oduction This chapter contains the following topics: • “Subject” (page 11) • “Conventions” (page 11) • “Related information” (page 12) Subject This document describes the Nortel Mobile Communication Gateway 3100 (MCG 3100) server installation, which is part of the Nortel Mobile Communication 3100 Series Portfolio. Intend[...]

  • Page 12

    12 Introduction Table 1 Text conventions (cont’d.) Convention Description Italic text Indicates document titles, for example: See the Mobile Communication Client 3100 for Windows Mobile User Guide (NN42030-100) . CLI command text Indicates CLI command prompts, input, and output, for example: REQ NEW <zone #> . Terminology This document refe[...]

  • Page 13

    Related information 13 NTPs The following NTPs are referenced in this document: • Linux Platform Base and Applications Installation and Commissioning (NN43001-315) • Nortel Mobile Communication 3100 Series — Planning and Engineering (NN42030-200) • Nortel Mobile Communication Gateway 3100 — Administration (NN42030-600) Nortel Mobile Commu[...]

  • Page 14

    14 Introduction Nortel Mobile Communication 3100 Series Portfolio Nortel Mobile Communication Gateway 3100 Installation and Upgrades NN42030-300 02.03 Standard 9 May 2008 Copyright © 2007, 2008 Nortel Networks .[...]

  • Page 15

    15 . Fundamentals This chapter contains the following topics: • “Overview” (page 15) • “MCG 3100 server components” (page 15) • “Installation options” (page 17) • “Overview of the MC 3100 installation” (page 17) Overview This section describes the Nortel Mobile Communication Gateway 3100 (MCG 3100) server hardware and softwa[...]

  • Page 16

    16 Fundamentals ATTENTION You must install the MCG 3100 software on a dedicated server that runs no other applications. Hardware components The MCG 3100 server runs only on the following supported commercial off-the-shelf (COTS) hardware: • HP DL320G4 (NTDU97AAE5) • IBM x306m (NTDU99AAE5) Table 2 "Hardware requirements" (page 16) desc[...]

  • Page 17

    Overview of the MC 3100 installation 17 Installation options Two installation options exist: • MCG 3100 Server is installed on one server—all software components are installed on one supported COTS server. This is the nonredundant configuration. • MCG 3100 Server is installed on two servers—all software components are installed on two suppo[...]

  • Page 18

    18 Fundamentals Before you start the installation, read Nortel Mobile Communication 3100 Series — Planning and Engineering (NN42030-200) . Nortel Mobile Communication 3100 Series Portfolio Nortel Mobile Communication Gateway 3100 Installation and Upgrades NN42030-300 02.03 Standard 9 May 2008 Copyright © 2007, 2008 Nortel Networks .[...]

  • Page 19

    19 . Preinstallation This chapter contains the following topics: • “Overview” (page 19) • “Linux base installation” (page 19) • “Enterprise network verification” (page 20) Overview Before you install the Mobile Communication Gateway 3100 (MCG 3100) server software, you must perform some preinstallation configuration and verificati[...]

  • Page 20

    20 Preinstallation ATTENTION Carefully observe the labels for the network interfaces of the specific platforms. — HP COTS platform: The network interfaces can be labelled (0,1) or (1, 2). The lower number is eth0 and the higher number is eth1. — IBM 306M platform: The network interfaces are labelled backwards. Interfaces (0, 1) are eth1 and eth[...]

  • Page 21

    Enterprise network verification 21 To verify communication with the LDAP server, use the ping command. After the installation and commissioning is complete, you can verify that LDAP is working by performing a Corporate Directory (Corp Dir) search from a client. You should ensure that the DNS and LDAP server can be accessed from the MCG 3100. Suppor[...]

  • Page 22

    22 Preinstallation Nortel Mobile Communication 3100 Series Portfolio Nortel Mobile Communication Gateway 3100 Installation and Upgrades NN42030-300 02.03 Standard 9 May 2008 Copyright © 2007, 2008 Nortel Networks .[...]

  • Page 23

    23 . Installation This chapter contains the following topics: • “Overview” (page 23) • “Nonredundant and redundant server implementations” (page 23) • “Software installation” (page 24) Overview After you complete the preinstallation tasks, you install the Nortel Mobile Communication Gateway 3100 (MCG 3100) software in a nonredunda[...]

  • Page 24

    24 Installation Rules for redundant server implementations In a redundant server configuration, mobile clients access the active server, and not the inactive backup server. The two servers switch roles freely, and the following rules determine the status—either ACTIVE or INACTIVE: • If you do not enter a backup IP address in the MCG 3100 Web Co[...]

  • Page 25

    Software installation 25 3 Locate the MCG 3100 software on the CD and enter the following command: appinstall The installation script prompts you for the root password. 4 Enter the root password. The following prompt appears: Do you want to check the media [Y][N]? 5 To verify the media, enter Y (Yes). For a new installation, the following prompt ap[...]

  • Page 26

    26 Installation ... RPM installation complete. Please follow post installation instructions. The term postinstallation instructions refers to the postinstallation configuration procedures. For more information, see “Postinstallation” (page 27) . 10 Remove the CD. 11 Proceed to postinstallation configuration. OR For a redundant server implementa[...]

  • Page 27

    27 . P ostinstallation This chapter contains the following topics: • “Overview ” (page 27) • “MCG 3100 Web Console logon” (page 27) • “MCG 3100 parameter configuration” (page 28) • “License file” (page 31) • “Manage TLS certificates” (page 33) After the MCG 3100 installation completes, the client software must be insta[...]

  • Page 28

    28 Postinstallation Step Action 1 In a Web browser address bar, enter one of the following addresses: http://<hostname>:8282/adminserver OR https://<hostname>:8553/adminserver/ where <hostname> is the domain name of the server. 2 At the Web Console log on screen, enter the following default username and password: • Username: adm[...]

  • Page 29

    MCG 3100 parameter configuration 29 Step Action 1 Log on to the MCG 3100 Web Console using the Administrator username and password, as described in Procedure 2 “Logging on to the MCG 3100 Web Console” (page 27) . 2 Click Gateway . 3 Click Configuration for the Gateway you want to modify. 4 Click Unlock . The configuration parameters unlock and [...]

  • Page 30

    30 Postinstallation Table 4 MCG 3100 configuration parameter fields (cont’d.) Field Description LDAP Server Address The IP address and port of the LDAP server that hosts the corporate directory. Obtain this value from the directory administrator. Syntax: [IP]:[port] Example: 192.167.3.99:389 LDAP Username The username required to gain access to t[...]

  • Page 31

    License file 31 Table 4 MCG 3100 configuration parameter fields (cont’d.) Field Description Dial In Service DN This is the number in the request URI for service DN calls proxied by the CS 1000 SPS to the MCG 3100. The service DN allows MCG 3100 users to place calls directly from their wireless devices to other parties using Direct Outbound call m[...]

  • Page 32

    32 Postinstallation 9 For a redundant server implementation, repeat Step 2 to Step 8 on the redundant server. --End-- Licence file troub leshooting Before you contact Nortel to report a licensing issue, perform the following troubleshooting measures: • Check the time, date, and time zone of the server. • Check the route to the license server ([...]

  • Page 33

    Manage TLS certificates 33 Table 5 Common server license status errors (cont’d.) Server License Status Issue description Resolution ERROR 103: Client’s system clock is suspect and/or the client configuration has been tampered with. This error indicates that the system clock was changed after a previous activation. Reset the system clock and res[...]

  • Page 34

    34 Postinstallation Whether you select a commercial Certificate Authority (CA) or build your own CA Server, you must provide the following information to enroll: • first and last name of the certificate administrator • e-mail address of the certificate administrator • any other information requested by the CA ATTENTION Nortel strongly recomme[...]

  • Page 35

    Manage TLS certificates 35 A keystore is a file that can contain trusted certificates and combinations of private keys with their corresponding certificates. The information within the keystore is organized by alias, for example: • tomcat (required): stores the public/private key pair and the Signed TLS Certificate from the CA • root (required)[...]

  • Page 36

    36 Postinstallation ATTENTION For the mobile clients that use TLS security, you must enter the same FQDN in the device System Settings. For information about the configuration of the System Settings on the device, see Nortel Mobile Communication Client 3100 for Blackberry User Guide (NN42030-101) , Nortel Mobile Communication Client 3100 for Nokia [...]

  • Page 37

    Manage TLS certificates 37 firsthand The CSR text appears as in the following example: Sample CSR text -----BEGIN NEW CERTIFICATE REQUEST----- MIIBJTCB0AIBADBtMQswCQYDVQQGEwJVUzEQMA4G A1UEChs4lBMHQ XJpem9uYTENA1UEBxMETWVzYTEf MB0GA1UEChMWTWVs3XbnzYSBDb 21tdW5pdHkgQ2 9sbGVnZTEA1UEAxMTd3d3Lm1jLm1hcmljb3BhLmV kdTBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQDRNU6 x[...]

  • Page 38

    38 Postinstallation OR Upload the CSR.txt file. 4 Request a signed TLS certificate. The CA generates a signed TLS certificate and sends it to the certificate administrator’s e-mail address. 5 Save the signed TLS certificate to a location that is accessible from the MCG 3100 Server. You require the signed TLS certificate to perform “Root and sig[...]

  • Page 39

    Manage TLS certificates 39 4 Save both formats of the certificate to a directory location that is accessible from the MCG 3100 Server. --End-- Root and signed certificate installation The keystore must contain the following certificates: • the CA root or intermediate certificate (or both as required by the CA) in TXT format • your signed TLS ce[...]

  • Page 40

    40 Postinstallation ATTENTION Nortel strongly recommends that you back up the keystore directory to protect the files against overwriting, deletion, or corruption. 6 Restart the server: /sbin/service mobilitygw restart 7 When prompted, enter the root password. --End-- Importing a preinstalled CA root or intermediate certificate You must know the ab[...]

  • Page 41

    Manage TLS certificates 41 /usr/java/jdk1.5.0_03/bin/keytool -storepasswd -new <new_password> -storepass <od_password> -keystore /opt/SQMobilityGW where <old_password> is the existing keystore password. <new_password> is your chosen password. 4 Change the working directory: cd /opt/SQmobilityGW/tomcat/conf/ 5 Open the server[...]

  • Page 42

    42 Postinstallation ATTENTION If a user attempts to log on and the root certificate is not installed, a prompt appears asking for permission to allow access to the MCG 3100 Server. If permission is granted and the connection fails or times out, the user must install the root certificate on the mobile client device. When you send the root certificat[...]

  • Page 43

    Manage TLS certificates 43 4 On the device, locate the certificate using File Explorer and click on it. 5 At the continuation prompt , click Accept . The certificate installs on the device. --End-- Nortel Mobile Communication 3100 Series Portfolio Nortel Mobile Communication Gateway 3100 Installation and Upgrades NN42030-300 02.03 Standard 9 May 20[...]

  • Page 44

    44 Postinstallation Nortel Mobile Communication 3100 Series Portfolio Nortel Mobile Communication Gateway 3100 Installation and Upgrades NN42030-300 02.03 Standard 9 May 2008 Copyright © 2007, 2008 Nortel Networks .[...]

  • Page 45

    45 . System software maintenance This chapter contains the following topics: • “System software upgrades” (page 45) • “System software uninstallation” (page 49) • “Admin shell access” (page 50) • “Shell commands” (page 50) System software upgrades After you complete the initial Mobile Communication Gateway (MCG) 3100 system [...]

  • Page 46

    46 System software maintenance Step Action 1 At the server (host server), insert the MCG 3100 software CD into the CD-ROM drive. 2 Log on to the server as nortel. 3 Locate the MCG 3100 software on the CD and run the following command: appinstall 4 Enter the root password. 5 If you are prompted to remove a previous installation, enter Y (Yes) to con[...]

  • Page 47

    System software upgrades 47 The document contains information about SUs for CS 1000. 4 Download the appropriate patches to a location that you can connect to from the MCG 3100. 5 Log on to the MCG 3100 as nortel. For more information, see “Admin shell access” (page 50) . 6 Transfer the SU you downloaded to the /var/opt/nortel/patch directory of[...]

  • Page 48

    48 System software maintenance mobilitybase-2.1-75.src.rpm Size : 72043134 License: Commercial Signature : (none) Summary : Mobility Gateway Base distribution package Description : facility for the configuration of the platform for the mobility gw The server completes the installation. 13 Enter sudo /opt/mobilitybase-2.1-XX/postpatch.sh where XX is[...]

  • Page 49

    System software uninstallation 49 The server responds with information about the SU status. For example, In system patches:1 Patch handle 0* Filename /var/opt/nortel/patch/mobilitybase-2.1. 75.el4 Patch release version: 5.00.38 Reference number: ISS1:1OF1 Patch is in-service In-service date: 14/02/08 15:15:46 Patch category: GEN Patch special instr[...]

  • Page 50

    50 System software maintenance Procedure 15 Uninstalling the MCG 3100 system software WARNING This procedure removes the MCG 3100 software from the server. Use Procedure 14 “Removing an SU” (page 48) to remove patches. Step Action 1 Log on to the server as nortel. 2 From any directory, enter the uninstall command: sudo rpm -e mobilitygw mobilit[...]

  • Page 51

    Shell commands 51 • Procedure 19 “Checking the Gateway Server processes” (page 52) • Procedure 20 “Checking the Administration Server processes” (page 53) • Procedure 21 “Backing up the databases” (page 54) • Procedure 22 “Restoring the databases” (page 54) Procedure 16 Starting, stopping, and restar ting the MCG 3100 Ser ve[...]

  • Page 52

    52 System software maintenance 2 To start the Group Call Server, enter sudo /sbin/service sipconf start 3 To stop the Group Call Server, enter sudo /sbin/service sipconf stop 4 To restart the Group Call Server, enter sudo /sbin/service sipconf restart --End-- Procedure 19 Checking the Gatewa y Server processes Step Action 1 Log on to the server as [...]

  • Page 53

    Shell commands 53 root 9498 9367 0 14:02 pts/0 00:00:00 grep SQMobilityGW --End-- Procedure 20 Checking the Administration Server processes Step Action 1 Log on to the server as nortel. For more information, see “Admin shell access” (page 50) . 2 At the command prompt, enter the following command: ps -ef | grep SQMobilityAdmin The following sam[...]

  • Page 54

    54 System software maintenance CAUTION Service Interruption The database backup and restore procedures take the server out of service for two or more minutes. Nortel recommends that you perform these procedures during periods of low server use. The database stores configuration data and licensed user data. You must know the root password to perform[...]

  • Page 55

    Shell commands 55 ATTENTION You must have a copy of the backup file to restore. Shared files for group calls and conferences are not restored with this procedure. Step Action 1 Log on to the server as nortel. 2 To become the root user, enter su - root 3 Enter the password for root. 4 To stop the server processes, enter /sbin/service sipconf stop /s[...]

  • Page 56

    56 System software maintenance Nortel Mobile Communication 3100 Series Portfolio Nortel Mobile Communication Gateway 3100 Installation and Upgrades NN42030-300 02.03 Standard 9 May 2008 Copyright © 2007, 2008 Nortel Networks .[...]

  • Page 57

    57 . Appendix A P or t number s and pr otocols Table 6 "Port usage" (page 57) lists the port usage details for the MCG 3100. Table 6 Port usage Port Protocol Function Application Configurable Port mapped through firewall 21 TCP FTP Base Linux No No 22 TCP SSH Base Linux No No 53 UDP Domain Name Server (DNS) queries to external DNS MCG 310[...]

  • Page 58

    58 Appendix A Port numbers and protocols Table 6 Port usage (cont’d.) Port Protocol Function Application Configurable Port mapped through firewall 8282 TCP MCG 3100 Admin interface MCG 3100 Admin No No 8443 TCP MCG 3100 Secure Client interface MCG 3100 Gateway No No 8553 TCP MCG 3100 Secure Admin interface MCG 3100 Administration No No 9800 TCP J[...]

  • Page 59

    59 . Appendix B Self-signed cer tificate g eneration As an alternative to using a Certificate Authority, you can generate and use self-signed certificates. ATTENTION Self-signed certificates do not provide the same level of security as CA-signed certificates. Use self-signed certificates for test or demonstration purposes only. For more informatio[...]

  • Page 60

    60 Appendix B Self-signed certificate generation 90 days. Nortel recommends using a value of 3650. ATTENTION Use the host name (including domain name) of the server as the common name (cn). 6 Generate the client certificate: /usr/java/jdk1.5.0_03/bin/keytool -export -alias Tomcat -file publickey.der -storepass firsthand -keypass firsthand -keystore[...]

  • Page 61

    61 . Index A Administration Server restar ting 51 star ting 51 stopping 51 B backup , database 54 C CA intermediate cer tificate obtaining 38 CA root cer tificate distribution 41 installation 39 obtaining 38 Cer tificate Authority , (CA) 33 Cer tificate Signing Request, (CSR) 34 generating 35 D database backup 54 restore 54 document conv ention[...]

  • Page 62

    62 uninstall 49 upgrades 45 T TLS cer tificate installation 39 obtaining 37 T ranspor t La y er Security , (TLS) 33 trusted endpoints 27 trusted hosts 27 U uninstall system software 49 upgrade system software 45 W W eb Console logging on 27 Nortel Mobile Communication 3100 Series Portfolio Nortel Mobile Communication Gateway 3100 Installation and [...]

  • Page 63

    [...]

  • Page 64

    Nortel Mobile Communication 3100 Series Portfolio Nortel Mobile Communication Gateway 3100 Installation and Upgrades Copyright © 2007, 2008 Nortel Networks All Rights Reserved. Sourced in Canada Release: 2.1 Publication: NN42030-300 Document status: Standard Document revision: 02.03 Document release date: 9 May 2008 To provide feedback or to repor[...]