CCNA VOICE 640-461 CERT GUIDE • • CHAPTER 9 Managing Endpoints and End Users in CUCM Implementing IP Phones in CUCM: Special Functions • Network Time Protocol (NTP) • Cisco Discovery Protocol (CDP) • Dynamic Host Configuration Protocol (DHCP) • Power over Ethernet (PoE) • Trivial File Transport Protocol (TFTP) • Domain Name System (DNS) Implementing IP Phones in CUCM: Network Time Protocol (NTP) • Call Detail Records (CDR) • Call Management Records (CMR) • Cisco Unified Communications Manager Publisher Acts as an NTP server Can communicate with a public NTP server Can use it’s internal clock (Not Recommended) • Skinny Client Control Protocol (SCCP) get time via SCCP messages • Session Initiation Protocol (SIP) get time from a NTP reference server Implementing IP Phones in CUCM: Network Time Protocol (NTP) Implementing IP Phones in CUCM: Cisco Discovery Protocol • Cisco Proprietary Layer 2 protocol • “See’s” only directly connected neighbors • Can be dangerous to leave on except when necessary • Can be controlled on a per-interface basis • Phones use CDP to establish VLAN membership Implementing IP Phones in CUCM: Dynamic Host Configuration Protocol (DHCP) • IP Address • Subnet Mask •Default Gateway •DNS Server(s) •TFTP Server(s) • Domain • Lease time • Options (150 [SCCP], 66 [SIP]) Implementing IP Phones in CUCM: Dynamic Host Configuration Protocol (DHCP) Implementing IP Phones in CUCM: Dynamic Host Configuration Protocol (DHCP) Implementing IP Phones in CUCM: Dynamic Host Configuration Protocol (DHCP) Implementing IP Phones in CUCM: Dynamic Host Configuration Protocol (DHCP) service dhcp ! Enables the DHCP service ! ip dhcp excluded-address 10.1.1.1 10.1.1.10 ! Specifies a start / end range of addresses that DHCP will NOT assign ip dhcp pool name IP_PH0NES ! Creates a pool of addresses (case-sensitive name) and enters DHCP configuration mode ! network 10.1.1.0 255.255.255.0 ! Defines the subnet address for the pool default-router address 10.1.1.1 ! Defines the default gateway dns-server address 192.168.1.10 192.168.1.11 ! Identifies the DNS server IP address(es) - up to 8 Ips ! option 150 ip 192.168.1.2 ! Identifies the TFTP server IP. Multiple IPs may be included, separated by spaces. Implementing IP Phones in CUCM: Power Over Ethernet (PoE) • IEEE Standard 802.3af • Currently provides up to 15.4 Watts of power • “In-Line Power” Cisco pre-standard • PoE Switch • Powered patch panel • Inline power injector Implementing IP Phones in CUCM: Trivial File Transport Protocol (TFTP) • Critical Service • Option 150 (SCCP), Option 66 (SIP) • Must be a phone service Router CUCM Normal TFTP servers will not function! Implementing IP Phones in CUCM: Trivial File Transport Protocol (TFTP) Implementing IP Phones in CUCM: Domain Name System • Host Name to IP Address resolution • Not critical to V0IP • Recommended to eliminate reliance on DNS for IP Phones • External to CUCM Cluster • Not offered in CUCM Implementing IP Phones in CUCM: SCCP Phone registration Process 1. The phone obtains power (PoE or AC adapter). 2. The phone loads its locally stored firmware image. 3. The phone learns the Voice VLAN ID via CDP from the switch. 4. The phone uses DHCP to learn its IP address, subnet mask, default gateway, and TFTP server address. (Other items may be learned also.) 5. The phone contacts the TFTP server and requests its configuration file. (Each phone has a customized configuration file named SEP<mac_address>.cnf.xml created by CUCM and uploaded to TFTP when the administrator creates or modifies the phone.) 6. The phone registers with the primary CUCM server listed in its configuration file. CUCM then sends the softkey template to the phone using SCCP messages. Implementing IP Phones in CUCM: SIP Phone registration Process 1. The phone obtains power (PoE or AC adapter). 2. The phone loads its locally stored firmware image. 3. The phone learns the Voice VLAN ID via CDP from the switch. 4. The phone uses DHCP to learn its IP address, subnet mask, default gateway, and TFTP server address. (Other items may be learned also.) 5. The phone contacts the TFTP server and requests the Certificate Trust List file (only if the cluster is secured). 6. The phone contacts the TFTP server and requests its SEP<mac_address>.cnf.xml configuration file. 7. The phone downloads the SIP Dial Rules (if any) configured for that phone. 8. The phone registers with the primary CUCM server listed in its configuration file. Implementing IP Phones in CUCM: SIP Phone registration Process 9. The phone downloads the appropriate localization files from TFTP. 10.The phone downloads softkey configurations from TFTP. 11.The phone downloads custom ringtones (if any) from TFTP. Implementing IP Phones in CUCM: Prepare CUCM to Support Phones • Configure and Verify Network Services: Set up NTP, DHCP, and TFTP. • Configure Enterprise Parameters: Modify and verify clusterwide default settings. • Configure Service Parameters: Tune application settings and behavior. Implementing IP Phones in CUCM: Phone Registration Requirements • Device Pool • Cisco Unified CM Group • Region • Location • Date/Time Group • Phone NTP Reference • Device Defaults • Softkey Template • Phone Button Template • SIP Profile • Phone Security Profile • Common Phone Profile Implementing IP Phones in CUCM: Device Pool • Device Pools provide a set of common configurations to a group of devices. • You can create as many Device Pools as you need, typically one per location, but they can also be applied per function. Implementing IP Phones in CUCM: Cisco Unified Call Manager Group • A CM Group defines a top-down ordered list of redundant subscriber servers to which the phones can register. • The list can include a maximum of three subscribers (plus an optional Survivable Remote Site Telephony [SRST] reference). •The first server in the list is the primary subscriber; the second is the backup, and the third is the tertiary. •The number of CM Groups created depends on the number of subscribers in the cluster. •The goal is to provide server redundancy to the phones while distributing phone registrations evenly as planned in the system design. Implementing IP Phones in CUCM: Region • A region is a virtual assignment that allows the system designer to control the bit rate for calls. • Example: If we define two regions, called Vancouver_HQ_REG and Ottawa_BR_REG, we can set the bit rate for calls within the Vancouver region to 256 kbps, within the Ottawa region to 64 kbps, and between the two regions to 16 kbps. Implementing IP Phones in CUCM: Location • Location defines a maximum amount of bandwidth used by calls to a particular location. • Each call is tracked, and the bandwidth it uses is deducted from the total for that location. •When the bandwidth remaining is not enough to support another call at a given bit rate, that call is dropped by default. Implementing IP Phones in CUCM: Date/Time Group • Use NTP for time synchronization of all devices. • NTP references Greenwich Mean Time, which makes the time displayed on devices “wrong” if they are not in the GMT time zone. • Date/Time Groups allow us to offset the correct time learned via NTP to match the local time zone of the device. Implementing IP Phones in CUCM: Phone NTP Reference • SIP phones need an NTP server address from which they can obtain the time using NTP. • Not required for SCCP phones which use SCCP signaling. Implementing IP Phones in CUCM: Phone NTP Reference Implementing IP Phones in CUCM: Device Defaults • Device Defaults page lists all the supported endpoints (with separate entries for SCCP and SIP as necessary) • Lists the firmware load, Device Pool, and Phone Button Template each endpoint uses by default. Implementing IP Phones in CUCM: Softkey Template and Phone Button Template • Softkey Template controls what softkey button functions are available to the user. • Typically used for feature access (Conference, Transfer, Park, Extension Mobility, and so on). Implementing IP Phones in CUCM: Profiles • Profiles allow for a one-time configuration of repetitive tasks. Implementing IP Phones in CUCM: Phone Security Profile • A default Phone Security Profile exists for each type of phone/protocol. •These default profiles have security disabled. Implementing IP Phones in CUCM: Common Phone Profiles • DND settings • Phone personalization capabilities • VPN settings • USB port behavior • Video capabilities • Power-save options Implementing IP Phones in CUCM: Adding Phones in CUCM • Manual Configuration: The administrator creates a new phone, configuring all settings in real time on the Phone Configuration page. • Autoregistration: The administrator configures CUCM to dynamically configure and add to the database any new IP Phone that connects to the network. • Bulk Administration Tool (BAT): Using templates provided by CUCM, the administrator creates .csv files that contain all the required information to create multiple phones in one operation. • Auto Register Phone Tool (TAPS): An Interactive Voice Response (IVR) server enhances the Autoregister and BAT functionality, providing an automated method of adding potentially thousands of phones at a time. Implementing IP Phones in CUCM: Adding Phones Manually in CUCM 1. Navigate to Device > Phone, and then click Add New. 2. Choose the IP Phone Model from the drop-down list. 3. Choose the device protocol (either SCCP or SIP; some phones will support only one protocol, and this step will be skipped). Implementing IP Phones in CUCM: Adding Phones Manually in CUCM 4. Select, or enter, the required specific information for the phone. The four required fields that do not have default values (must be manually configured) include the following: 5. MAC Address: The MAC address is the unique identifier that links the IP Phone hardware to the software configuration in CUCM. Device Pool: The Device Pool (as described earlier in this chapter) applies many common settings to the phone that are relevant to its physical location and desired behavior. Phone Button Template: The Phone Button Template defines what functions are assigned to the buttons on the phone (DNs, Speed Dials, Services, and so on). Device Security Profile: Applies a set of security-related configurations, as described previously in this chapter. Save Implementing IP Phones in CUCM: Adding Phones Manually in CUCM Implementing IP Phones in CUCM: Adding Phones Manually in CUCM (Association Page) 6. Add New DN. The Directory Number Information page opens, in which you must enter a Directory Number, and optionally set the Partition and other optional configurations. Route Partition: Partition is part of the calling privileges system or Class of Control. Alerting Name: This is the name to display on the caller’s phone when this phone is ringing. Call Forward and Call Pickup Settings: This is where the administrator can determine how to forward a call if the DN is busy or does not answer, or for Call Forward All. Display: The text entered in the Display field serves as an internal Caller ID. When this DN calls another IP Phone, the Display text replaces the calling DN number. Line Text Label: This is the text that displays on the phone to describe the line External Phone Number Mask: If this phone makes an off-net call (typically to the PSTN), this field can change the Calling Line ID (CLID) to present a full PSTN number. Implementing IP Phones in CUCM: Adding Phones Manually in CUCM (Association Page) 7. Save 8. Configure Device (<Phone>), and then click Go. 9. Continue making config changes, or can click Save again to commit the changes made so far. Implementing IP Phones in CUCM: Adding Phones via Autoregistration in CUCM 1. Verify your Autoregistration Phone Protocol. 2. Verify that at least one CM Group has Autoregistration enabled. 3. Enable and configure autoregistration on one or more CUCM servers within the CM Group enabled for autoregistration. 4. Configure the range of DNs that will be dynamically and sequentially issued to auto-registering phones. 5. Set the Partition that will be assigned to the autoregistered DNs. 6. Verify that the Auto-registration Disabled on this Cisco Unified Communications Manager checkbox is unchecked. 7. Save. Implementing IP Phones in CUCM: Adding Phones via Autoregistration in CUCM Implementing IP Phones in CUCM: Bulk Administration Tool (BAT) • Allows administrators to perform database inserts, modifications, or deletions in bulk. • Makes it feasible to add a great many phones, users, or other elements more quickly and with fewer errors. • Allows the administrator to schedule the operation to happen automatically and unattended. Implementing IP Phones in CUCM: Auto Register Phone Tool • The most sophisticated strategy. • Auto Register Phone Tool (formerly known as the Tool for Auto Registered Phone Support, but which is still known as TAPS). Implementing IP Phones in CUCM: End Users verses Application Users Implementing IP Phones in CUCM: Credential Policy • Contains three of the four characteristics: uppercase, lowercase, numbers, and symbols • Cannot use the same number or character more than three times consecutively • Cannot include the alias, username, or extension • Cannot include consecutive numbers or characters Implementing IP Phones in CUCM: Credential Policy Personal Identification Numbers (PIN’s) • Cannot use any number more than two times consecutively • Cannot include the user mailbox or extension, nor the reverse of them• Must contain at least three different numbers. • Cannot be the dial-by-name version of the user name. • Cannot contain repeated digit patterns, nor any patterns that are dialed in a straight line on the phone keypad. Implementing IP Phones in CUCM: User Locale • User locales allow different languages to be displayed on the IP Phone and the User Web Pages. Device Association • For users to be able to control their own devices (setting up their own speed dials, services, and ring preferences...) Implementing IP Phones in CUCM: End Users • Manual, one-at-a-time entry • Bulk import using the Bulk Administration Tool • LDAP synchronization (and optional authentication) Implementing IP Phones in CUCM: End Users Manual Entry • User ID • Last Name • Presence Group • Remote Destination Limit Implementing IP Phones in CUCM: End Users Manual Entry Implementing IP Phones in CUCM: End Users Bulk Entry (BAT) • BAT allows the administrator to create and upload a CSV file with all the users’ information populated and insert the data into the database in an automated way. Implementing IP Phones in CUCM: LDAP Integration • Lightweight Directory Access Protocol (LDAP). • LDAP is a standards-based (with some significant vendor-specific exceptions) • Allows an organization to create a single, centralized directory information store. • LDAP holds information about user accounts, passwords, and user privileges. Implementing IP Phones in CUCM: LDAP Integration Examples • Microsoft Active Directory (2000, 2003, 2008) • Microsoft Active Directory Application Mode 2003 • Microsoft Lightweight Directory Services 2008 • iPlanet Directory Server 5.1 • Sun ONE Directory Server (5.2, 6.x) • Open LDAP (2.3.39, 2.4) Implementing IP Phones in CUCM: LDAP Synchronization • Populates the CUCM database with user attributes from LDAP. • LDAP holds information about user accounts, passwords, and user privileges. • Information is centralized in LDAP and available to other applications. • Separate directories do not need to be maintained for each application. Implementing IP Phones in CUCM: LDAP Authentication • Redirects password authentication to the LDAP system. • Synchronization and Authentication can be enabled together. • Information that now comes from LDAP is no longer configurable in CUCM Implementing IP Phones in CUCM: LDAP Attribute Mapping Implementing IP Phones in CUCM: LDAP Synchronization 1. Activate the Cisco DirSync service. 2. Configure the LDAP system. 3. Configure the LDAP directory. 4. Configure LDAP Custom Filters. Implementing IP Phones in CUCM: LDAP Synchronization Implementing IP Phones in CUCM: LDAP Synchronization Implementing IP Phones in CUCM: LDAP Synchronization End of Chapter 9