integrating rnc and wbts to netact (1)

NetAct™ 16.8 Integrating RNC and WBTS to NetAct DN09111775 Issue: 4-0 Integrating RNC and WBTS to NetAct Disclaimer The information in this document applies solely to the hardware/software product (“Product”) specified herein, and only as specified herein. This document is intended for use by Nokia Solutions and Networks' customers (“You”) only, and it may not be used except for the purposes defined in the agreement between You and Nokia Solutions and Networks (“Agreement”) under which this document is distributed. No part of this document may be used, copied, reproduced, modified or transmitted in any form or means without the prior written permission of Nokia Solutions and Networks. If you have not entered into an Agreement applicable to the Product, or if that Agreement has expired or has been terminated, You may not use this document in any manner and You are obliged to return it to Nokia Solutions and Networks and destroy or delete any copies thereof. The document has been prepared to be used by professional and properly trained personnel, and You assume full responsibility when using it. Nokia Solutions and Networks welcome Your comments as part of the process of continuous development and improvement of the documentation. This document and its contents are provided as a convenience to You. Any information or statements concerning the suitability, capacity, fitness for purpose or performance of the Product are given solely on an “as is” and “as available” basis in this document, and Nokia Solutions and Networks reserves the right to change any such information and statements without notice. Nokia Solutions and Networks has made all reasonable efforts to ensure that the content of this document is adequate and free of material errors and omissions, and Nokia Solutions and Networks will correct errors that You identify in this document. But, Nokia Solutions and Networks' total liability for any errors in the document is strictly limited to the correction of such error(s). Nokia Solutions and Networks does not warrant that the use of the software in the Product will be uninterrupted or error-free. N O WA RRAN T Y OF AN Y KI ND , EI T HER E X P R E S S OR I M P L I E D , I N C L U D I N G B U T N O T L I M I T E D TO A NY WAR RA NT Y OF AVAI LABI LIT Y, AC CU RA C Y, R E L I A B I L I T Y, T I T L E , N O N - I N F R I N G E M E N T, M ER C HANTA BI LI T Y OR F IT N ESS F OR A PA RT IC UL A R P U R P O S E , I S M A D E I N R E L AT I O N TO T H E C ONT ENT O F TH IS DO CU M EN T. IN N O E V E N T W I L L N O K I A S O L U T I O N S A N D N E T W O R K S B E L IA BLE F O R AN Y DA M A GES, I NC LUD IN G B U T N OT L I M I T E D TO S P E C I A L , D I R E C T, I N D I R E C T, I NC I DENTAL OR CO NS EQ UEN T IAL OR AN Y L OS S E S , S U C H A S B U T N O T L I M I T E D TO L O S S O F PRO FI T, RE VEN UE , BU SI NESS IN T ER RU P T I ON , B U S I N E S S O P P O RT U N I T Y O R D ATA T H AT M AY ARI SE FRO M T H E US E O F T H IS DO CU M E N T O R T HE I N F O R M AT I O N I N I T, E V E N I N T H E C A S E O F ERR O RS I N OR OM I SSI ON S F RO M T H IS DO CU M E N T O R I T S C O N T E N T. This document is Nokia Solutions and Networks’ proprietary and confidential information, which may not be distributed or disclosed to any third parties without the prior written consent of Nokia Solutions and Networks. Nokia is a registered trademark of Nokia Corporation. Other product names mentioned in this document may be trademarks of their respective owners, and they are mentioned for identification purposes only Copyright © 2016 Nokia Solutions and Networks. All rights reserved. Important Notice on Product Safety This product may present safety risks due to laser, electricity, heat, and other sources of danger. Only trained and qualified personnel may install, operate, maintain or otherwise handle this product and only after having carefully read the safety information applicable to this product. The safety information is provided in the Safety Information section in the “Legal, Safety and Environmental Information” part of this document or documentation set. Nokia Solutions and Networks is continually striving to reduce the adverse environmental effects of its products and services. We would like to encourage you as our customers and users to join us in working towards a cleaner, safer environment. Please recycle product packaging and follow the recommendations for power use and proper disposal of our products and their components. If you should have questions regarding our Environmental Policy or any of the environmental services we offer, please contact us at Nokia Solutions and Networks for any additional information. Integrating RNC and WBTS to NetAct Table of Contents Contents 1 Overview of RNC and WBTS integration...................................................................................................... 6 2 Preparing the network elements..................................................................................................................10 2.1 Preparing OMS........................................................................................................................................10 2.1.1 Checking the service status in OMS.............................................................................................. 10 2.1.2 Checking the instance identifier of OMS........................................................................................12 2.1.3 Changing heartbeat interval of OMS using Application Launcher..................................................13 2.1.4 Enabling the secure file transfer between OMS and NetAct..........................................................13 2.2 Preparing RNC........................................................................................................................................ 14 2.2.1 Creating Network Element Access Control admin user for IPA-RNC.............................................15 2.2.2 Creating Network Element Access Control admin user for mcRNC.............................................. 16 2.2.3 Activating SFTP and SSH for IPA-RNC......................................................................................... 18 2.2.4 Enabling secure file transfer on RNC............................................................................................ 22 2.3 Preparing WBTS..................................................................................................................................... 23 2.3.1 Enabling secure file transfer on WBTS.......................................................................................... 23 3 Preparing NetAct........................................................................................................................................... 25 3.1 3.2 3.3 3.4 3.5 3.6 Managing the Maintenance Region........................................................................................................ 25 Managing NetAct user for RNC and WBTS integration engineer...........................................................26 Checking NetAct licenses....................................................................................................................... 27 Deploying NetAct fast pass (formerly INES) compatible metadata........................................................ 27 Enabling pre-aggregation........................................................................................................................ 29 Managing the credentials........................................................................................................................30 3.6.1 Checking the credentials................................................................................................................ 30 3.6.2 Creating the credentials..................................................................................................................32 3.7 Adding OMS, RNC and WBTS to Domain Name Service in NetAct...................................................... 35 3.8 Preparing Element Management............................................................................................................ 35 3.8.1 Installing Application Launcher....................................................................................................... 36 3.8.2 Installing BTS Site Manager...........................................................................................................37 3.8.3 Installing Element Management Launch Scripts............................................................................ 38 3.8.4 Configuring OMS Application Launcher and Element Manager.....................................................39 3.8.5 Configuring BTS Site Manager.......................................................................................................40 3.9 Configuring certificates for TLS mode on NetAct................................................................................... 41 4 Preparing the intermediate system............................................................................................................. 42 4.1 Setting up firewall rules.......................................................................................................................... 42 5 Integrating RNC and WBTS to NetAct manually........................................................................................51 5.1 Integration operations on OMS...............................................................................................................51 5.1.1 Configuring RNC and WBTS time synchronization with NetAct.....................................................51 5.1.2 Configuring DNS forwarder in OMS............................................................................................... 51 5.1.3 Checking OMS connectivity towards NetAct.................................................................................. 53 5.2 Integration operations on NetAct............................................................................................................ 53 3 Integrating RNC and WBTS to NetAct 5.2.1 5.2.2 5.2.3 5.2.4 5.2.5 Table of Contents Checking NetAct connectivity towards OMS.................................................................................. 54 Creating managed objects..............................................................................................................54 Associating OMS to a Maintenance Region.................................................................................. 56 Uploading integration data..............................................................................................................56 Uploading the alarms......................................................................................................................57 6 Integrating RNC and WBTS to NetAct with NEIW..................................................................................... 59 6.1 Integration operations in NEIW...............................................................................................................59 7 Operations on NetAct after integration.......................................................................................................62 7.1 Collecting the SSH public keys of OMS and RNC in NetAct................................................................. 62 7.1.1 Collecting the SSH public keys of OMS in NetAct.........................................................................62 7.1.2 Collecting the SSH public keys of RNC in NetAct......................................................................... 62 7.1.2.1 Viewing and setting the gateway configuration......................................................................63 7.1.2.2 Collecting the SSH public key of IPA-RNC and mcRNC on nwi3 node................................. 64 7.1.2.3 Collecting the SSH public key of IPA-RNC on q3user node..................................................65 7.1.2.4 Collecting the SSH public key of mcRNC on nx2s node....................................................... 67 7.2 Provisioning the credentials.................................................................................................................... 68 7.3 Configuring DST on RNC....................................................................................................................... 69 8 Verifying the integration............................................................................................................................... 70 8.1 Verifying the Configuration Management connectivity............................................................................70 8.1.1 Verifying configuration management data flow...............................................................................70 8.1.2 Verifying command execution from command manager................................................................ 71 8.2 Verifying the Element Management connectivity.................................................................................... 72 8.3 Verifying the Fault Management connectivity......................................................................................... 75 8.3.1 Verifying the alarm flow from IPA-RNC to NetAct.......................................................................... 75 8.3.2 Verifying the alarm flow from mcRNC to NetAct............................................................................ 76 8.4 Verifying the Performance Management connectivity.............................................................................78 9 Using management functions for RNC and WBTS....................................................................................80 10 Removing RNC and WBTS integration..................................................................................................... 81 10.1 Removing RNC and WBTS integration from NetAct............................................................................ 81 10.2 Removing WBTS from NetAct.............................................................................................................. 84 11 Troubleshooting RNC and WBTS integration...........................................................................................87 11.1 11.2 11.3 11.4 11.5 11.6 11.7 11.8 11.9 Alarms not received.............................................................................................................................. 87 Performance data not found................................................................................................................. 87 Element Managements not launched....................................................................................................88 Configuration Management upload failure............................................................................................ 89 Object creation failure........................................................................................................................... 90 NEIW execution errors.......................................................................................................................... 90 Integration data upload failure.............................................................................................................. 91 Network element not visible in Configuration Management applications.............................................. 92 OMS Web UI launched with blank page...............................................................................................93 4 Integrating RNC and WBTS to NetAct Table of Contents 12 Upgrading WCDMA integration..................................................................................................................95 5 Integrating RNC and WBTS to NetAct Overview of RNC and WBTS integration 1 Overview of RNC and WBTS integration This chapter describes the compatibility information between the network elements and NetAct, integration workflow and network connection. Before integration, you must have basic knowledge of: • Operation and Maintenance Server (OMS) • Radio Network Controller (RNC) • Flexi BTS • Flexi Lite BTS • NetAct • network protocols • network topology • interfaces involved • user management plan • network management plan RNC The main purpose of RNC is to manage and control the resources in the Universal Mobile Telecom System (UMTS) Radio Access Network. There are two types of RNCs, IPA-RNC and multicontroller RNC (mcRNC): • The IPA-RNC is a 3rd generation network element based on the IPA2800 architecture and M2000 mechanics platform. • The mcRNC is a WCDMA Radio Network Controller (RNC) that is optimized for the IP network environment and based on Nokia multicontroller platform. The mcRNC is built of several similar multicontroller modules, and the minimum network element configuration has two modules. Note: In this document, RNC refers to both IPA-RNC and mcRNC unless stated otherwise. RNC is managed from NetAct through the following units: • Operation and Maintenance Server (OMS) OMS provides a local management interface and an interface to NetAct. OMS also has some post-processing operations and maintenance (O&M) functions. • Operation and Maintenance Interface Operation and Maintenance Interface performs all crucial upper-level system maintenance functions of RNC and serves as an interface between OMS and the other units in RNC. Flexi BTS DN09111775 4-0 © 2016 Nokia Solutions and Networks 6 Integrating RNC and WBTS to NetAct Overview of RNC and WBTS integration Flexi BTS consists of Flexi Transport Module (FTM) and Flexi Control Module (FCM). They can be remotely configured and managed from NetAct after they have been successfully commissioned and configured for the operation and maintenance connection. The connections between NetAct and the WCDMA BTSs (WBTSs) go through Operation and Maintenance Interface in RNC. When IP traffic is forwarded between NetAct and WBTSs, Operation and Maintenance Interface acts as an IP router. Support information of network element releases and NetAct The supported network element releases and their corresponding supported management functions and applications of NetAct are listed in the following table: OMS IPA-RNC RN7.0 Management functions and applications OMS RNO2.0 RNO3.0 RNO3.1 RN8.0 WOMS16 RN8.1 WOMS17 RNC16 RNC17 mcRNC Flexi Lite BTS Flexi BTS WN8.0 mcRN3.0 mcRN4.1 WL8.0 mcRNC16 WL9.1 mcRNC17 WN9.0 WN9.1 WBTS16 WBTS17 Management functions Fault Management (FM) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Configuration Management (CM) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Performance Management (PM) No No Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Software Management (SWM) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Hardware Management (HWM) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Element Management launch (EM Yes (HTTP/ Yes (HTTP/ Yes (MML) Yes (SCLI) Yes (HTTP/ Yes (HTTP/ launch) HTTPS) HTTPS) HTTPS) HTTPS) License Management (LIM) No No Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Centralized Network Element User Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) No No Yes Yes Yes Yes Management (CNUM) Credential Provisioning Applications Dynamic Adaptation (DA) No No No No No No NE Integration Wizard (NEIW)* Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Yes (NWI3) Administration of Measurement No No Yes (NWI3) Yes (NWI3) No No No (AoM) Other Troubleshooting Data Collection Yes (manual up- Yes (manual up- Yes (manual upload not support- Yes (NWI3) Yes (NWI3) load not support- load not supported) (NWI3) ed) (NWI3) ed) (NWI3) Table 1: Supported network element releases, management functions, applications and southbound interfaces Note: • * Automated integration is done through OMS. DN09111775 4-0 © 2016 Nokia Solutions and Networks 7 Integrating RNC and WBTS to NetAct Overview of RNC and WBTS integration • From WCDMA 17 onwards, the adaptations of RNC and WBTS are visible after you deploy NetAct fast pass (formerly INES) compatible metadata. For more information, see Deploying NetAct fast pass (formerly INES) compatible metadata on page 27. Integration process The following flowchart shows the integration process. Figure 1: Integration process Network connection The following figure shows how the network elements are connected to NetAct after the integration. DN09111775 4-0 © 2016 Nokia Solutions and Networks 8 Integrating RNC and WBTS to NetAct Overview of RNC and WBTS integration Figure 2: Network connection DN09111775 4-0 © 2016 Nokia Solutions and Networks 9 Integrating RNC and WBTS to NetAct Preparing the network elements 2 Preparing the network elements This section describes how to prepare the netwok elements for NetAct integration. 2.1 Preparing OMS This section describes how to prepare OMS for NetAct integration. The prerequisites for integrating OMS to NetAct are listed in the following table. Requirements Instructions Installation of OMS is successful. See WCDMA RAN, Rel. WCDMA 17, Operating Documentation in Services on OMS are started. Nokia Networks Online Services (NOLS). You can access NOLS after authentication. The navigation path is Install → OMS. The OMS release is supported by the See Supported network element releases, management functions, current NetAct release. applications and southbound interfaces. IP address of OMS northbound inter- Contact your network element administrator. face Full Qualified Domain Name (FQDN) of OMS The credentials on OMS needed for NetAct integration The credentials of the following accounts on OMS must be obtained: • root • Nemuadmin 1 Table 2: Requirements needed for OMS Note: 1. Nemuadmin is a default NWI3 credential that is used when integrating network elements for the first time. It is also used for accessing OMS using SSH, Web-based administration GUI, and Application Launcher. If you want to create a new integration user, see WCDMA RAN, Rel. WCDMA 17, Operating Documentation on Nokia Networks Online Services (NOLS). You can access NOLS after authentication. The navigation path is Install → OMS → Installing and Commissioning OMS → Integrating OMS to the network → Creating NWI3 user in OMS. 2.1.1 Checking the service status in OMS This section describes how to check the service status in OMS. Check the status of the following services in OMS: • SSH DN09111775 4-0 © 2016 Nokia Solutions and Networks 10 Integrating RNC and WBTS to NetAct Preparing the network elements • file transfer services • NWI3 1. Check the status of SSH service by logging in to OMS as the Nemuadmin user through SSH session. If you fail to log in, contact your network element administrator. 2. Check the status of file transfer services by performing the following steps: a) Log in to OMS as the Nemuadmin user through SSH, and switch to the root user. b) Check the status of file transfer services by entering: /opt/Nokia/SS_Inet/script/verify.sh Expected outcome The following is an example output: ==================== --- Start InitPOA! ConfigPOA done --- InitPOA done! --- InitPOA succeeded! --- ConfigORB done! --- ConfigORB() succeeded! TLSMode is "off" Testing OMS file transfers FTP :WORKING (should be enabled) SFTP :NOT WORKING (should be disabled) HTTP :WORKING (should be enabled) HTTPS :NOT WORKING (should be disabled) ==================== ... :OK :OK :OK :OK If the status shows NOT WORKING, enable the corresponding service. For detailed instructions, see the following table: File transfer services Instructions to enable the services FTP Enter the fshascli -rn /FTP command. Expected outcome /FTP is restarted successfully SFTP See Enabling the secure file transfer between OMS and NetAct on page 13. HTTP Enter the fshascli -rn /HTTPDOMS command. Expected outcome /HTTPDOMS is restarted successfully DN09111775 4-0 © 2016 Nokia Solutions and Networks 11 Integrating RNC and WBTS to NetAct Preparing the network elements File transfer services Instructions to enable the services HTTPS See Enabling the secure file transfer between OMS and NetAct on page 13. Table 3: Instructions to enable file transfer services 3. Check the status of NWI3 services by performing the following steps: a) Log in to OMS as the Nemuadmin user through SSH. b) Check the status of NWI3 services by entering: fshascli -s /NWI3Adapter Expected outcome The following is an example output. /NWI3Adapter: administrative(UNLOCKED) operational(ENABLED) usage(ACTIVE) procedural() availability() unknown(FALSE) alarm() If usage(ACTIVE) is shown in the output, skip the next step. c) Activate NWI3 services by entering: fshascli -rn /NWI3Adapter Expected outcome /NWI3Adapter is restarted successfully 2.1.2 Checking the instance identifier of OMS This section describes how to check the instance identifier of OMS. Perform the following steps to check the instance identifier of OMS: 1. Log in to OMS as the Nemuadmin user through SSH. 2. Check the instance identifier of OMS by entering: cat /etc/cluster-id DN09111775 4-0 © 2016 Nokia Solutions and Networks 12 Integrating RNC and WBTS to NetAct Preparing the network elements Expected outcome The following is an example output: OMS-100 In this case, 100 is the instance identifier of OMS. 2.1.3 Changing heartbeat interval of OMS using Application Launcher This section describes how to configure heartbeat interval of OMS using Application Launcher. The value of heartbeat supervision interval in NetAct is 20 minutes. If a change is necessary, the modified heartbeat interval must be less than 20 minutes on OMS side. For detailed instructions on how to install Application Launcher, see Installing Application Launcher. 1. Log in to Application Launcher as the Nemuadmin user. 2. Open Parameter Tool. 3. In the left application pane, select the following fragment: fsClusterId=ClusterRoot → fsFragmentId=AlarmMgmt → fsFragmentId=AlarmProcessors → fsAlarmProcessorId=AlarmProcessor1 → fsAlarmProcessorConfigurationId=Default In the right application pane, find the fsHeartbeatInterval attribute. 4. Set the fsHeartbeatInterval parameter value according to your need and press ENTER. 5. Log in to OMS through SSH as the Nemuadmin user. 6. Restart OMS alarm system by entering: fshascli -rn /AlarmSystem Expected outcome /AlarmSystem is restarted successfully 2.1.4 Enabling the secure file transfer between OMS and NetAct This section describes how to enable the secure file transfer between OMS and NetAct. The secure file transfer feature is a licensed RAN feature which enables protected transfer of the O&M data files between RAN network elements and NetAct. The HTTPS/TLS and SFTP services are used by the NetAct mediations and applications for file transfer between OMS and NetAct. The following instructions must be done to enable secure file transfer between OMS and NetAct. DN09111775 4-0 © 2016 Nokia Solutions and Networks 13 Integrating RNC and WBTS to NetAct Preparing the network elements Ensure that the certificate is installed on the network element. For more information, see Configuring certificates on network elements in Administering NetAct System Security. Ensure that the following certificates are installed in NetAct: • CM certificates - For more information, see Adding certificates for CM upload. • Network element certificates - For more information, see Adding a network element certificate to the NWI3 mediation's truststore. • NWI3 Tomcat Server certificates - For more information, see Configuring the Tomcat NWI3-HTTP server. 1. Log in to Application Launcher as the Nemuadmin user. 2. Open Parameter Tool. 3. Select the TLSModeFT parameter in OMS. The path to the parameter is fsClusterId=ClusterRoot → fsFragmentId=OMS → omsFragmentId=System → omsFragmentId=Network → omsFragmentId=TLS → omsParameterId=TLSModeFT. 4. In the omsParameterValue attribute, set the value of the TLSModeFT parameter according to the following instruction: TLSModeFT is a parameter for setting TLS operating mode with three alternatives: • Off: FTP, HTTP • Probing: FTP, HTTP, SFTP, HTTPS • Forced: SFTP, HTTPS To open HTTPS, set the value of the TLSModeFT parameter to Forced. To open both HTTP and HTTPS, set the value of the TLSModeFT parameter to Probing. 2.2 Preparing RNC This section describes how to prepare RNC for NetAct integration. The prerequisites for RNC are listed in the following table: Requirements Instructions Installation of RNC is successful. Refer to WCDMA RAN, Rel. WCDMA 17, Operating Documentation Services on RNC are started. on Nokia Networks Online Services (NOLS). You can access NOLS after authentication. The navigation path is Install → RNC. The RNC release is supported by the See Supported network element releases, management functions, current NetAct release. applications and southbound interfaces. IP address of RNC Contact your network element administrator. Full Qualified Domain Name (FQDN) of RNC DN09111775 4-0 © 2016 Nokia Solutions and Networks 14 Integrating RNC and WBTS to NetAct Preparing the network elements Requirements Instructions The credentials on RNC needed for The credentials of the following accounts on RNC must be obtained: NetAct integration • SYSTEM - for IPA-RNC OMU 1 • root - for mcRNC Table 4: Requirements needed for RNC Note: 1. The root user of mcRNC is not recommended due to security reasons. It should be used only for the creation of a user which has administrative permissions, for example, NUPADM. 2.2.1 Creating Network Element Access Control admin user for IPA-RNC This section describes how to create the Network Element Access Control (NEAC) admin user for IPARNC. The admin user is used for provisioning service users for IPA-RNC. The corresponding service type for the user is NEUM Admin Access. NUPADM is presented as an example of a Network Element Access Control (NEAC) admin user. 1. Log in to IPA-RNC OMU as the SYSTEM user through Telnet. 2. Check whether required users have been created in the MML session by entering: ZIAI:USERID=NUPADM; Expected outcome The following is an example output: LOADING PROGRAM VERSION 7.6-0 EXECUTION STARTED RNC IPA2800 2014-01-15 06:21:54 USER ID: NUPADM PROFILE NAME: NUPADM COMMAND CLASS AUTHORITIES: A=250 B=250 C=250 D=250 E=250 F=250 G=250 H=250 I=250 J=250 K=250 L=250 M=250 N=250 O=250 P=250 Q=250 R=250 S=250 T=250 U=250 V=250 W=250 X=250 Y=250 PASSWORD VALIDITY TIME LEFT: PASSWORD NEVER EXPIRES MML COMMAND LOG ACCESSIBILITY: LIMITED UNIQUE PROFILE: YES MML SESSION IDLE TIME LIMIT: 15 MIN(S) FTP AND SFTP ACCESSIBILITY: NO COMMAND EXECUTED DN09111775 4-0 © 2016 Nokia Solutions and Networks 15 Integrating RNC and WBTS to NetAct Preparing the network elements Note: • The values of COMMAND CLASS AUTHORITIES must be 250 from A to Y. If not, update the value by entering: ZIAA:<PROFILE NAME>:ALL=250; • Check all users in the system by entering: ZIAI:USERID=ALL:COM:; 3. If the NUPADM user is not created, create a new profile and a new user by performing the following steps: a) Create a new profile by entering: ZIAA:<PROFILE NAME>:ALL=250:VTIME=FOREVER:; Note: ALL=250 defines the profile authority in all command classes and VTIME=FOREVER means that the password never expires. b) Create a new user by entering: ZIAH:<USER NAME>:<PROFILE NAME>:; Note: • Profile name is the one created in the previous step. • When prompted, provide the password. 2.2.2 Creating Network Element Access Control admin user for mcRNC This section describes how to create the Network Element Access Control (NEAC) admin user for mcRNC. The admin user is used for provisioning service users for mcRNC. The corresponding service type for the user is NEUM Admin Access. NUPADM is presented as an example of a Network Element Access Control (NEAC) admin user. The admin user needs the following permissions: • fsumManageAll • fsNetworkingManage • fsNetworkingView 1. Log in to mcRNC as the root user through SSH. 2. Enter SCLI Shell by entering: DN09111775 4-0 © 2016 Nokia Solutions and Networks 16 Integrating RNC and WBTS to NetAct Preparing the network elements fsclish 3. Check if the sclimgr group exists by entering: show user-management group group-name sclimgr Expected outcome The following is an example output: Account(s) in the configuration directory server: Textual identity : sclimgr Numeric identity : 10003 Assigned users : No users mapped to the group Note: If the group does not exist, proceed to step 5. 4. Check whether the sclimgr group has the correct permissions by entering: show user-management group group-name sclimgr include-permissions yes Expected outcome The following is an example output: Account(s) in the configuration directory server: Textual identity : sclimgr Numeric identity : 10003 Assigned users : No users mapped to the group Assigned permissions : fsumManageAll, fsNetworkingManage Note: • If fsNetworkingManage, fsumManageAll, and fsNetworkingView are all included in Assigned permissions, the permissions are correct. Otherwise, add the missing permission by entering the following command: add user-management group-to-permission group-name sclimgr perm-id <PermissionId> • If NUPADM is included in Assigned users, NUPADM is assigned to the sclimgr group. In this case, skip the following steps. Otherwise, complete the following steps. 5. If the sclimgr group does not exist, create the secondary group and grant the needed permissions by entering the following commands: add user-management group group-name sclimgr DN09111775 4-0 © 2016 Nokia Solutions and Networks 17 Integrating RNC and WBTS to NetAct Preparing the network elements add user-management group-to-permission group-name sclimgr perm-id <PermissionId> Note: Do not use a primary group to assign permissions. All permissions should be added by using secondary groups. 6. To check whether the NUPADM user exists, enter the following command: show user-management user user-name NUPADM Expected outcome The following is an example output: Account(s) in the configuration directory server: Account owner details : NUPADM Textual id : NUPADM Numeric id : 10001 Primary group : NUPADM(10001) Home directory : /home/NUPADM Login shell : fsclish Password changed on : 14.08.2015 Password can be changed after : password can be changed anytime Password expires on : password never expires Password expiration notification after : password expiration is not notified Account expires on : account never expires Allowed inactive days with expired password : account is never disabled after password expires Note: If the NUPADM user exists, enter the following command to assign it to the sclimgr group and skip step 7. set user-management user user-name NUPADM primary-group NUPADM secondary-groups sclimgr 7. If the NUPADM user does not exist, create the NUPADM user by entering the following commands: add user-management group group-name NUPADM add user-management user user-name NUPADM primary-group NUPADM secondary-groups sclimgr set user-management passwd set-user-passwd user-name NUPADM When prompted, provide the password. DN09111775 4-0 © 2016 Nokia Solutions and Networks 18 Integrating RNC and WBTS to NetAct Preparing the network elements 2.2.3 Activating SFTP and SSH for IPA-RNC This section describes how to activate SFTP and SSH for IPA-RNC. Note: If you do not want to activate SSH or SFTP connection for IPA-RNC, skip this section. To enable SSH connection between IPA-RNC and NetAct, activate the SSH Server in the IPA-RNC, and then store the SSH public keys of the IPA-RNC in NetAct. Create or update the corresponding service user locally in IPA-RNC using MML commands. 1. Log in to IPA-RNC OMU as the SYSTEM user through Telnet. 2. Check if licenses 1305, 1306 and 1244 are available. a) Check if the licenses are available by entering: ZW7I:FEA,FULL:FEA=1244,; ZW7I:FEA,FULL:FEA=1306,; ZW7I:FEA,FULL:FEA=1305,; Feature Feature code Feature name Secure Management Interface 1244 Secure Mngt Interface SSH protocol 1306 SSH Server SFTP protocol 1305 SFTP Server Table 5: Required licenses Note: • OFF means that the license is unavailable. • ON means that the license is available. b) If the licenses are not available, activate them by entering: ZW7M:FEA=1244:ON; ZW7M:FEA=1305:ON; ZW7M:FEA=1306:ON; c) To deactivate the licenses, enter: ZW7M:FEA=1244:OFF; ZW7M:FEA=1306:OFF; ZW7M:FEA=1305:OFF; 3. To check the current configuration of the SSH Server, enter the following command: ZI2H:PROTOCOL=SSH; DN09111775 4-0 © 2016 Nokia Solutions and Networks 19 Integrating RNC and WBTS to NetAct Preparing the network elements Expected outcome The following is an example output: LOADING PROGRAM VERSION 7.10-0 SSH CONFIGURATION IPv4 SSH ENABLED: YES IPv4 SSH PORT: 22 ... PRIVATE RSA KEY NAME: PRIVATEKEY1 PRIVATE DSA KEY NAME: PRIVATEKEY2 LOGIN GRACE TIME: 60 COMMAND EXECUTED 4. To check the public key names, enter: ZQ4L; Expected outcome The following is an example output: LOADING PROGRAM VERSION 7.3-0 EXECUTION STARTED KEY NAME KEY TYPE --------------PUBLICKEY1 SSH RSA PUB PRIVATEKEY1 SSH RSA PRI PUBLICKEY2 SSH DSA PUB PRIVATEKEY2 SSH DSA PRI COMMAND EXECUTED Find the RSA and DSA public keys which correspond to the RSA and DSA private keys in this step. Public key is located before the corresponding private key. 5. If the SSH Server is not configured, create SSH new host keys by performing the following steps: Note: Ensure that the rules in naming public and private keys are followed: • The default key size in bit is 1024. • The default key type is RSA. • The key name should not contain any spaces, punctuation or special characters. • The key name should not be more than 15 characters. • The key name should not contain lower-case letters. • The key name should not contain numbers only. • The key name should not begin with a number. a) Generate a new SSH host RSA key pair by entering: DN09111775 4-0 © 2016 Nokia Solutions and Networks 20 Integrating RNC and WBTS to NetAct Preparing the network elements ZI2K:<PUBLICKEY1>,<PRIVATEKEY1>:RSA:2048:; For example: ZI2K:PUBLICKEY1,PRIVATEKEY1:RSA:2048:; Expected outcome The following is an example output: LOADING PROGRAM VERSION 7.9-0 COMMAND EXECUTED b) Generate a new SSH host DSA key pair by entering: ZI2K:<PUBLICKEY2>,<PRIVATEKEY2>:DSA:1024:; For example: ZI2K:PUBLICKEY2,PRIVATEKEY2:DSA:1024:; Expected outcome The following is an example output: LOADING PROGRAM VERSION 7.9-0 GENERATING DSA KEY CAN LAST LONG COMMAND EXECUTED c) Configure the SSH server by entering: ZI2S:IPV4STATE=ON,:IPV6STATE=OFF:RSAKEY=<PRIVATEKEY1>, DSAKEY=<PRIVATEKEY2>:; For example: ZI2S:IPV4STATE=ON,:IPV6STATE=OFF:RSAKEY=PRIVATEKEY1,DSAKEY=PRIVATEKEY2:; Expected outcome The following is an example output: LOADING PROGRAM VERSION 7.9-0 COMMAND EXECUTED 6. Collect each IPA-RNC public host key by entering: ZI2X:<PUBLICKEY1>; ZI2X:<PUBLICKEY2>; For example: ZI2X:PUBLICKEY1; DN09111775 4-0 © 2016 Nokia Solutions and Networks 21 Integrating RNC and WBTS to NetAct Preparing the network elements ZI2X:PUBLICKEY2; Expected outcome The following is an example output: KEY VALUE IN PEM ENCODED ASCII. REMOVE LINE FEEDS BEFORE USE: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwom/6/ 3GVBczLksrQqGrraDxAO58s9+fNVFyNX tkequU2Vc7WNiOUDmkrU255hfFdA0k6zmumlQMreh8EfK9BnF+KqTwqVlnShhrVB75 8ZtoOn1CaJoi5jOCShHPj8ILMwIz5GdyfmtTNpn1qiA1Oy5H8cYgFrIUek+FRtfl0r YUhXBZ675WzI345VY8cezEMegH7fbES527iaJVI+81GyoxDy8fm/ch/wAcnAtqi6kf Xz11iB8gFhB/ySsAn9AKLHRuVmY10LItlvPrDmC5fm2ZSnypdNAINMOaSXEe8wOiUq fotXE0AJvv9bv2AwUAP4DEGYDp8b6inWRrdJlNXQ== KEY TYPE: SSH Public RSA Key KEY LENGTH: 4096 BYTES SHA1 DIGEST: 33:21:be:18:4b:c6:9a:c3:28:c1:94:50:90:88:d3:e9:fa:cc:69:e9 MD5 DIGEST: bd:9e:f4:39:90:8c:06:ca:13:f5:1a:8e:80:77:4a:63 In this example, AAAAB3NzaC1yc2EAAAABIwAAAQEAwom/6/3GVBczLksrQqGrraDxAO58s9+fNVFyNX tkequU2Vc7WNiOUDmkrU255hfFdA0k6zmumlQMreh8EfK9BnF+KqTwqVlnShhrVB75 8ZtoOn1CaJoi5jOCShHPj8ILMwIz5GdyfmtTNpn1qiA1Oy5H8cYgFrIUek+FRtfl0r YUhXBZ675WzI345VY8cezEMegH7fbES527iaJVI+81GyoxDy8fm/ch/wAcnAtqi6kf Xz11iB8gFhB/ySsAn9AKLHRuVmY10LItlvPrDmC5fm2ZSnypdNAINMOaSXEe8wOiUq fotXE0AJvv9bv2AwUAP4DEGYDp8b6inWRrdJlNXQ== is the public host key. 7. Enable the SFTP server in the network element by entering: ZI2Q:STATE=ON:; 2.2.4 Enabling secure file transfer on RNC This section describes how to enable secure file transfer on RNC. The secure file transfer feature is a licensed RAN feature which provides the possibility of using a secure protocol in file transfer instead of an unsecured protocol. The following tasks must be done to enable secure file transfer on RNC: • Ensure that BTS O&M interface between RNC and OMS is secure. For more information, see WCDMA RAN, Rel. WCDMA 17, Operating Documentation in Nokia Networks Online Services (NOLS). You can access NOLS after authentication. The navigation path is Features → Features from Previous Releases → RU10 Feature Descriptions and Instructions → Operability features → RAN1102: Secure Management Interface for Flexi WCDMA BTS → Activating RAN1102: Secure Management Interface for Flexi WCDMA BTS → Secure BTS O&M interface between RNC and OMS. • Ensure that SFTP and SSH services are activated on IPA-RNC. DN09111775 4-0 © 2016 Nokia Solutions and Networks 22 Integrating RNC and WBTS to NetAct Preparing the network elements For more information, see Activating SFTP and SSH for IPA-RNC on page 18. • Ensure that the certificate is installed on IPA-RNC. For more information, see WCDMA RAN, Rel. WCDMA 17, Operating Documentation in Nokia Networks Online Services (NOLS). The navigation path is Operate and Maintain → Administer → IPA-RNC → Managing Information Security in IPA-RNC → Managing secure operation and maintenance connections → Configuring SSL/TLS authentication proxy. • Ensure that the certificate is installed on mcRNC. For more information, see WCDMA RAN, Rel. WCDMA 17, Operating Documentation in Nokia Networks Online Services (NOLS). The navigation path is Operate and Maintain → Administer → Managing Security in mcRNC → Centralized certificate management → Certificate management SCLI commands → Installing certificates. 2.3 Preparing WBTS This section describes how to prepare WBTS for NetAct integration. The prerequisites for WBTS are listed in the following table. Requirements Instructions Installation of WBTS is successful. Refer to WCDMA RAN, Rel. WCDMA 17, Operating Documentation Services on WBTS are started. on Nokia Networks Online Services (NOLS). You can access NOLS after authentication. The navigation path is Install → BTS. The WBTS release is supported by See Supported network element releases, management functions, the current NetAct release. applications and southbound interfaces. IP address of WBTS The WBTS IP addresses include, at least, the FTM IP address. For more information, contact your network element administrator. The credentials on WBTS needed for NetAct integration The user should be administration level user. For more information, see WBTS user management plan and related user guide. Table 6: Requirements needed for WBTS 2.3.1 Enabling secure file transfer on WBTS This section describes how to enable secure file transfer on WBTS. The secure file transfer feature is a licensed RAN feature which enables secure BTS O&M communication between the RNC and Flexi WCDMA BTS. The following tasks must be done to enable secure file transfer on WBTS: • Ensure that the certificate is installed on WBTS. For more information, see WCDMA RAN, Rel. WCDMA 17, Operating Documentation in Nokia Networks Online Services (NOLS). You can access NOLS after authentication. The navigation DN09111775 4-0 © 2016 Nokia Solutions and Networks 23 Integrating RNC and WBTS to NetAct Preparing the network elements path is Integrate and Configure → BTS → Integrating and Configuring Flexi Multiradio BTS WCDMA Transmission → Configuration of security features → Configuring certificates manually. • Ensure that secure file transfer is enabled on WBTS. For more information, see WCDMA RAN, Rel. WCDMA 17, Operating Documentation in Nokia Networks Online Services (NOLS). The navigation path is Features → Features from Previous Releases → RU10 Feature Descriptions and Instructions → Operability features → RAN1206: Secure File Transfer → Activating RAN1206: Secure File Transfer. DN09111775 4-0 © 2016 Nokia Solutions and Networks 24 Integrating RNC and WBTS to NetAct Preparing NetAct 3 Preparing NetAct This section describes how to prepare NetAct for RNC and WBTS integration. The prerequisites on NetAct are listed in the following table: Requirements Instructions NetAct installation is successful. See Running Preventive Health Check. Understand NetAct node structure See Node structure overview. Obtain NetAct IP addresses for a VM See Locating the right virtual machine for a service. on which a certain service is running Obtain NetAct virtual IP addresses See Identifying the relevant virtual machine. NetAct services are running. See Understanding the status of a service from the smanager.pl command. If any service is not started, contact the system administrator for further investigation. The root objects are created. The root objects required by RNC and WBTS integration are: • MRC-<instance ID> – Object class: MRC (MRC) – Instance: Set the instance value according to the network management plan and ensure that the instance is unique. Note: • Ensure that the instance does not contain any of the following characters: & < > ' " • Ensure that the instance does not contain more than 80 characters. • PLMN-PLMN – Object class: PLMN (PLMN) – Instance: PLMN For more information on how to create the objects, see Creating managed objects. Table 7: Requirements on NetAct needed for RNC and WBTS integration 3.1 Managing the Maintenance Region This section describes how to check and create Maintenance Region in NetAct. NetAct Maintenance Region (MR) is used to maintain a group of network elements which share the credentials for accessing the network elements. DN09111775 4-0 © 2016 Nokia Solutions and Networks 25 Integrating RNC and WBTS to NetAct Preparing NetAct Check your network layout and the location of the network elements in the network layout. Based on the location, place the network element into an existing MR or create a new MR if there is no MR which represents the area. For more information on how to check or create an MR, see Creating maintenance region. 3.2 Managing NetAct user for RNC and WBTS integration engineer This section provides the information needed for creating users for integration engineers in NetAct. User for integration operations in NetAct Start Page For integration operations in NetAct Start Page, the administrator must create a dedicated integration user for integration engineers. Assign the following default roles to the group to which the integration user belongs: • NetAct-Administrator (This role is required if NE Integration Wizard is supported) • CM-Configuration Management Administration • CM-Network Planning and Engineering • CM-Provisioning • FM-Fault Management Admin • PM-Performance Analysis • PM-Performance Management Control • PM-Performance Monitoring • PM-Performance Quality Assurance • SM-Security Administration Note: SM-Security Administration role grants the integration user the access to the credentials in Network Element Access Control application and the adaptation packages in Adaptation Manager application. Consider your company security requirements and decide whether to assign this role to the integration user. To support Element Management launch from Node Manager, the integration user must be assigned to a Node Manager user group. For more information, see Managing Node Manager users and user groups. User for integration operations in NetAct VMs Use the omc user for integration operations in NetAct VMs. When root access is needed, switch to the root user and switch back to the omc user after the operation. Customizing user plan The roles of permission can be customized in NetAct. For detailed instructions on how to manage users and permissions, see User Management Help and Permission Management Help. DN09111775 4-0 © 2016 Nokia Solutions and Networks 26 Integrating RNC and WBTS to NetAct Preparing NetAct Note: During the role-scope combination, Nokia recommends that you select only the needed root objects listed in Preparing NetAct. 3.3 Checking NetAct licenses This section describes how to check NetAct licenses which authorize the integration. The NetAct licenses enable you to create managed objects. 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 2. In NetAct Start Page, open License Manager by clicking Configuration → License Manager. 3. In License Manager, if the License Browser view is not open, click Licenses → License Browser. 4. In License Browser, click the NetAct™ Software Licenses tab if it is not already selected. 5. Click the files in the License filename column. 6. Check if the feature code of the needed license is displayed. Application Feature Code License Key Name NetAct Radio 0000003598 NetAct Radio WCDMA standard SW Table 8: Required licenses If the feature code is not displayed, contact the system administrator for further investigation. 3.4 Deploying NetAct fast pass (formerly INES) compatible metadata This section describes how to deploy NetAct fast pass (formerly INES) compatible metadata for WCDMA on NetAct. From WCDMA 17 onwards, before integration, you must deploy NetAct fast pass (formerly INES) compatible metadata on NetAct using Adaptation Deployment Suite (ADS). For other releases, skip this section. DN09111775 4-0 © 2016 Nokia Solutions and Networks 27 Integrating RNC and WBTS to NetAct Preparing NetAct The following table lists the network element identifiers (<NE_type> and <NE_release>) of WCDMA which are used during the deployment. Network element (NE) NE_type NE_release RNC and WBTS WCDMA WCDMA17 Table 9: Network element identifiers of WCDMA 1. Log in to any NetAct VM where the generic_mediations service is running as the omc user. 2. Navigate to the /opt/oss/NOKIA-integrationmanager/bin/ directory by entering: cd /opt/oss/NOKIA-integrationmanager/bin/ 3. Deploy NetAct fast pass (formerly INES) compatible metadata for WCDMA by entering: sh ads_client.sh -nt <NE_type> -v <NE_release> where <NE_type> and <NE_release> are identifiers of WCDMA. For example: sh ads_client.sh -nt WCDMA -v WCDMA17 Expected outcome An example output: 2015-12-09 08:34:27,287 - [Deploying Adaptation WCDMA + WCDMA17 ...] 2015-12-09 08:34:28,552 - [Adaptation Deployment started for [WCDMA + WCDMA17]] 2015-12-09 08:34:29,703 - [Deployment Status:STARTED] 2015-12-09 08:34:29,703 - [Adaptation [WCDMA + WCDMA17] deployment is up and running background. You could check status via: " sh ads_ client.sh -nt WCDMA -v WCDMA17 -q"] Note: • If the output indicates Deployment Status:DONE immediately after the deployment is started, skip the following steps in this section. In this case, the NetAct fast pass (formerly INES) compatible metadata for WCDMA has been deployed successfully before integration. • For WCDMA, the duration of the deployment is 1-2 hours. 4. Check the deployment status by entering: sh ads_client.sh -nt <NE_type> -v <NE_release> -q For example: DN09111775 4-0 © 2016 Nokia Solutions and Networks 28 Integrating RNC and WBTS to NetAct Preparing NetAct sh ads_client.sh -nt WCDMA -v WCDMA17 -q Expected outcome The following is part of an example output: <DeploymentStatus> <status neRelease="WCDMA17" neType="WCDMA" ... status="done"> ... </status> </DeploymentStatus> <FragmentStatus In the output, check the deployment status under <DeploymentStatus>. • If it indicates status="done", the deployment is completed. • If it indicates status="started", the deployment is ongoing. In this case, wait and check the deployment status again. The duration of the deployment varies according to the adaptation package size of the network element. Before the deployment is completed, do not start the deployment for another network element. Otherwise, the newly started deployment will not be executed by ADS. • If it indicates status="failed", the deployment is failed. In this case, record the name of the failed fragment, and go to Failed to deploy NetAct fast pass (formerly INES) compatible metadata for possible causes and solutions. 5. If Monitor or Performance Manager is opened before deployment, relaunch the opened application respectively. 3.5 Enabling pre-aggregation This section describes how to enable pre-aggregation for WCDMA17. For other WCDMA releases, skip this section. The following procedure is an example to enable pre-aggregation: 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. DN09111775 4-0 © 2016 Nokia Solutions and Networks 29 Integrating RNC and WBTS to NetAct Preparing NetAct c) Click Accept to accept the terms and conditions. 2. In NetAct Start Page, open Performance Manager by clicking Reporting → Performance Manager. 3. In Performance Manager, click Administration → Reporter Admin Toolkit. 4. In Reporter Admin Toolkit, click Administration of Aggregates. 5. For WCDMA, check the RNC-NSN Radio Network Controller adaptation and ensure that all the corresponding measurement types are enabled. For the measurement types of the RNC-NSN Radio Network Controller adaptation which are not enabled, enable the aggregation. For detailed instructions, see Administration of Aggregates. 3.6 Managing the credentials This section describes how to manage the credentials in NetAct to enable the access to the network elements. Prerequisites If the SM-Security Administration role is not assigned to the integration user, the integration user cannot launch Network Element Access Control application. The security administrator must perform the operations in this section. Manage credentials to enable NetAct access to the network elements. 3.6.1 Checking the credentials This section describes how to check the existence of the network element credentials in NetAct. Check whether the needed credentials are created and associated to the right Maintenance Region. 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. DN09111775 4-0 © 2016 Nokia Solutions and Networks 30 Integrating RNC and WBTS to NetAct Preparing NetAct c) Click Accept to accept the terms and conditions. 2. Click Security → Network Element Access Control. 3. Select the Credentials tab if it is not already selected. 4. In the credential list, check the following credentials: Service type Profile NWI3 Access Default Group • The group to which the integration user belongs Service user NWI3 Access user Default • The maintenance region created in Managing the Maintenance Region • sysop on page 25 • cmauto or • cmwsapi EM Access Network element/MR • The group to which the • OMS EM Access user integration user belongs • The maintenance region created in Managing the Maintenance Region on page 25 • sysop or • OMS • WBTS SCLI Access Default SCLI Access user • The maintenance region created in Managing the Maintenance Region on page 25 or • mcRNC Remote MML Default Access Remote MML Access user • The maintenance region created in Managing the Maintenance Region on page 25 or • IPA-RNC NEUM Admin Default Access NEUM Admin Access user • The maintenance region created in Managing the Maintenance Region on page 25 or • IPA-RNC • mcRNC FTP Access Default FTP Access user • The maintenance region created in Managing the Maintenance Region on page 25 or • IPA-RNC DN09111775 4-0 © 2016 Nokia Solutions and Networks 31 Integrating RNC and WBTS to NetAct Preparing NetAct Service type Profile SFTP Access Default Group Service user SFTP Access Network element/MR • The maintenance region created in user Managing the Maintenance Region on page 25 or • IPA-RNC • mcRNC Default Access Default Default Access • The maintenance region created in user Managing the Maintenance Region on page 25 or • IPA-RNC HTTP Access Default HTTP Access • The maintenance region created in user Managing the Maintenance Region on page 25 or • mcRNC HTTPS Access Default HTTPS Access • The maintenance region created in user Managing the Maintenance Region on page 25 or • mcRNC Table 10: Required credentials Note: If the Group column shows Several Groups, click it to see the groups. Note: If RNC resiliency is configured, the PRNC objects should also have the corresponding credentials. 3.6.2 Creating the credentials This section describes how to create the non-existing credentials in NetAct. Only create the credentials which do not exist. If all the needed credentials are created, skip this section. 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage DN09111775 4-0 © 2016 Nokia Solutions and Networks 32 Integrating RNC and WBTS to NetAct Preparing NetAct <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 2. Click Security → Network Element Access Control. 3. Select the Credentials tab if it is not already selected. 4. Create the credentials as in the following table. Service type Profile NWI3 Access Default Displayed attributes and values • NWI3 UserName Application group • The group to Additional information The username and password • NWI3 Password which the inte- must be identical to those of all • Confirm NWI3 Pass- gration user be- OMSs in the same MR. longs word • sysop • cmauto • cmwsapi EM Access Default • EM Access UserName • The group to • EM Access Password which the inte- must be identical to those of all • Confirm EM Access gration user be- OMSs and WBTSs in the same longs MR if you do not want to provision Password • sysop SCLI Access Default The username and password • SCLI Password must be identical to those of all word Default cess the credential. • SCLI UserName • Confirm SCLI Pass- Remote MML Ac- The username and password RNCs in the same MR if you do not want to provision the credential. • Remote MML UserName • Remote MML Password • Confirm Remote MML Password NEUM Admin Ac- Default cess • NEUM Admin UserName • NEUM Admin Password • Confirm NEUM Admin Password FTP Access Default • FTP UserName • FTP Password • Confirm FTP Password DN09111775 4-0 © 2016 Nokia Solutions and Networks 33 Integrating RNC and WBTS to NetAct Preparing NetAct Service type Profile SFTP Access Default Displayed attributes and values Application group Additional information • SFTP UserName • SFTP Password • Confirm SFTP Password Default Access Default • User Name • Password • Confirm Password HTTP Access Default • HTTP UserName • HTTP Password • Confirm HTTP Password HTTPS Access Default • HTTPS UserName • HTTPS Password • Confirm HTTPS Password Table 11: Parameters of the credentials Note: • The user name and password are in accord with the user name and password policy on the network element. • If the Default Access credential already exists, the Remote MML Access and FTP Access credentials for IPA-RNC are not necessary. a) Click New.... b) From the Service type drop-down list, select the service type. c) From the Profile drop-down list, select the profile type. Expected outcome The corresponding attributes are displayed. If Default is selected automatically, you are not able to modify it. d) Enter the data in respective fields. e) In the Network element field, select Maintenance region and select the Maintenance Region created in Managing the Maintenance Region on page 25 from the drop-down list. f) Click Save. Note: If more than one credential is created with the same credential details, there is a prompt for confirming. To know more details, see Confirm credential creation for existing service user. To proceed, click Ok. DN09111775 4-0 © 2016 Nokia Solutions and Networks 34 Integrating RNC and WBTS to NetAct Preparing NetAct Expected outcome The credential shows in the Credentials tab. g) Select the credential and click Grant/Revoke.... The Grant and Revoke Credentials window shows. h) In the Application Group field, select the application groups, and then click Save. i) Repeat the steps to create all the credentials. 3.7 Adding OMS, RNC and WBTS to Domain Name Service in NetAct This section describes how to add OMS, RNC and WBTS to NetAct Domain Name Service. Add the OMS, RNC and WBTS IP addresses and host names to the DNS zone in NetAct. To make zone file management easy, Nokia recommends that you consider the zone management as part of IP network planning: how many zones are needed and how many entries are inserted into one zone. For detailed instructions, see Administering DNS in NetAct. 3.8 Preparing Element Management This section describes how to prepare Element Management. If there is more than one Node Manager Citrix Virtual Delivery Agent (VDA) server, repeat all the operations in this section on each Node Manager Citrix Virtual Delivery Agent (VDA) server. Ensure that: • Node Managers are installed and configured correctly. For more information, see Installing Node Managers and related software. Check with your NetAct administrator to see if Node Managers are installed. • Users and user groups on the Node Manager server are set up correctly. For more information, see Managing Node Manager users and user groups. • Application Launcher and BTS Site Manager are installed so Element Management function can work properly. Note: If you have Disaster Recovery solution in your NetAct system, also perform the following steps on Disaster Recovery Site (SITE-B). Supported applications Supported network element versions OMS Application Launcher RNO2.0, RNO3.0, RNO3.1, WOMS16, WOMS17 DN09111775 4-0 © 2016 Nokia Solutions and Networks 35 Integrating RNC and WBTS to NetAct Preparing NetAct Supported applications Supported network element versions WBTS Site Manager WN8.0, WN9.0, WN9.1, WL8.0, WL9.1, WBTS16, WBTS17 Table 12: Supported applications and network element versions 3.8.1 Installing Application Launcher This section describes how to install Application Launcher. If Application Launcher is installed, skip this section. 1. Log in to Node Manager Citrix Virtual Delivery Agent (VDA) server as the <domain name> \<administrator account> by using remote desktop connection. Note: • To log in using remote desktop, click Start → All Programs → Accessories → Remote Desktop Connection. • <domain name> is the domain name of the Node Manager Citrix Virtual Delivery Agent (VDA) server. For more information, contact the NetAct administrator. 2. Open a web browser and enter the northbound IP or FQDN address of OMS. Note: If you use FQDN of OMS, ensure that the correct DNS is configured in the DNSMaster VM of NetAct. For more information, see Adding OMS, RNC and WBTS to Domain Name Service in NetAct on page 35. 3. Log in to OMS as the Nemuadmin user. 4. Click Download Application Launcher, and select Windows from the drop-down list if it is not selected by default. Note: For more information on downloading Application Launcher, contact your network element administrator. 5. Click Download, and save the setupwin32.exe file in a designated drive. 6. Open cmd and change the directory to the folder where setupwin32.exe(OMS AL installation file name) is located. 7. Execute setupwin32.exe LAX_VM "<path of JDK or JRE>". For example: setupwin32.exe LAX_VM "C:\Program Files\Java\jdk1.8.0_60\bin\java.exe" or DN09111775 4-0 © 2016 Nokia Solutions and Networks 36 Integrating RNC and WBTS to NetAct Preparing NetAct setupwin32.exe LAX_VM "C:\Program Files\Java\jre1.8.0_60\bin\java.exe". Expected outcome The Application Launcher is successfully installed. 8. Set the permissions of the cache folder. a) Open the installation folder, right-click the cache folder, and then select Properties. Expected outcome The cache Properties dialog appears. b) In the cache Properties dialog, click the Security tab, and then click Edit.... Expected outcome The Permissions for cache dialog appears. c) In the Permissions for cache dialog, in the Group or user names area, select Users (<domain of users>\Users). d) In the Permissions for Users area, allow the following permissions, and click OK. • Read & execute • List folder contents • Read • Write • Special permissions e) In the cache Properties dialog, click OK. 3.8.2 Installing BTS Site Manager This section describes how to install BTS Site Manager. 1. Log in to Node Manager Citrix Virtual Delivery Agent (VDA) server as the <domain name> \<administrator account> by using remote desktop connection. Note: • To log in using remote desktop, click Start → All Programs → Accessories → Remote Desktop Connection. • <domain name> is the domain name of the Node Manager Citrix Virtual Delivery Agent (VDA) server. For more information, contact the NetAct administrator. 2. Download the BTS Site Manager installer. DN09111775 4-0 © 2016 Nokia Solutions and Networks 37 Integrating RNC and WBTS to NetAct Preparing NetAct Note: • The installer is an EXE file and may have a file name similar to BTSSiteEMWN1234.exe. • Contact your network element administrator for the location of this file. 3. Run the installer and follow the instructions provided by the installation wizard. Expected outcome The BTS Site Manager is successfully installed. 3.8.3 Installing Element Management Launch Scripts This section describes how to install Element Management Launch Scripts. 1. Log in to Node Manager Citrix Virtual Delivery Agent (VDA) server as the <domain name> \<administrator account> using remote desktop connection. Note: • To log in using remote desktop, click Start → All Programs → Accessories → Remote Desktop Connection. • <domain name> is the domain name of the Node Manager Citrix Virtual Delivery Agent (VDA) server. For more information, contact the NetAct administrator. 2. From the Start menu, in the Search programs and files box, enter Command Prompt, and press ENTER. 3. Navigate to C:\Apps\Oss, and then create a folder named EM if it does not exist by entering: mkdir EM 4. Navigate to C:\Apps\Oss\EM, and then create a folder named WCDMA if it does not exist by entering: mkdir WCDMA 5. Navigate to C:\Apps\Oss\EM\WCDMA, and then enter: psftp <IP address of any NetAct VM where the was service is running> Note: • When prompted, provide the username and password of the WAS node. DN09111775 4-0 © 2016 Nokia Solutions and Networks 38 Integrating RNC and WBTS to NetAct Preparing NetAct • If Store key in cache? (y/n) appears, press y. 6. Open the base folder by entering: cd /var/opt/oss/global/NSN-fsdc/com.nsn.em/tools/NOKGOMS/base 7. Download scripts by entering: mget WEB_Launch.vbs httpssoclient.bat launchEM.pl Expected outcome The httpssoclient, launchEM, and WEB_Launch files are downloaded to the WCDMA folder in C:\Apps\Oss\EM. 3.8.4 Configuring OMS Application Launcher and Element Manager This section describes how to configure OMS Application Launcher and Element Manager. 1. Log in to Node Manager Citrix Virtual Delivery Agent (VDA) server as the <domain name> \<administrator account> using remote desktop connection. Note: • To log in using remote desktop, click Start → All Programs → Accessories → Remote Desktop Connection. • <domain name> is the domain name of the Node Manager Citrix Virtual Delivery Agent (VDA) server. For more information, contact the NetAct administrator. 2. Navigate to C:\Apps\Nokia\NokiaOss\config\EM, create a folder named NOKGOMS if it does not exist. 3. In C:\Apps\Nokia\NokiaOss\config\EM\NOKGOMS, create a folder named base if it does not exist. 4. Open the installation folder of Application Launcher. Note: • The default installation folder is C:\opt\nsn\ALClient_2. DN09111775 4-0 © 2016 Nokia Solutions and Networks 39 Integrating RNC and WBTS to NetAct Preparing NetAct • If you are integrating RU40 or a version earlier than RU40 (for example, RU30), the installation folder is C:\opt\nokiasiemens\ALClient_2. 5. Right-click em.bat, select Create shortcut and then rename the created shortcut file to ApplicationLauncher. 6. Copy the ApplicationLauncher shortcut file to the C:\Apps\Nokia\NokiaOss\config\EM \NOKGOMS\base folder. 7. Open C:\Apps\Oss\EM\WCDMA. 8. Copy the ApplicationLauncher shortcut to the C:\Apps\Oss\EM\WCDMA folder. Expected outcome The ApplicationLauncher shortcut appears in C:\Apps\Oss\EM\WCDMA. 9. Right-click httpssoclient.bat, select Create shortcut and then rename the created shortcut as httpssoclient. Expected outcome The httpssoclient shortcut appears in C:\Apps\Oss\EM\WCDMA. 10. Right-click launchEM.pl, select Create shortcut and then rename the created shortcut file to launchEM. Expected outcome The launchEM shortcut appears in C:\Apps\Oss\EM\WCDMA. 11. Copy the httpssoclient and launchEM shortcut files to the C:\Apps\Nokia\NokiaOss \config\EM\NOKGOMS\base folder. 3.8.5 Configuring BTS Site Manager This section describes how to configure BTS Site Manager. Ensure that OMS IP address is added to the Java exceptional site list on all Node Manager Citrix Virtual Delivery Agent (VDA) servers and Access Server. For detailed instructions, see Managing Java trusted sites in Administering Node Manager Server. 1. Log in to Node Manager Citrix VDA server as the <domain name>\<administrator account> using remote desktop connection. Note: DN09111775 4-0 © 2016 Nokia Solutions and Networks 40 Integrating RNC and WBTS to NetAct Preparing NetAct • To log in using remote desktop, click Start → All Programs → Accessories → Remote Desktop Connection. • <domain name> is the domain name of the Node Manager Citrix Virtual Delivery Agent (VDA) server. For more information, contact the NetAct administrator. 2. Navigate to C:\Apps\Nokia\NokiaOss\config\EM, and then create a folder named NOKWBTS if it does not exist. 3. In C:\Apps\Nokia\NokiaOss\config\EM\NOKWBTS, create a folder named base if it does not exist. 4. Open the BTS Site Manager installation folder. 5. In the installation folder, right-click BTSSiteManager.bat, select Create shortcut, and then rename the created shortcut file to wbtssitemanager. 6. Copy the wbtssitemanager shortcut to the C:\Apps\Nokia\NokiaOss\config\EM\NOKWBTS \base folder. 3.9 Configuring certificates for TLS mode on NetAct This section describes how to configure certificate on NetAct for TLS mode. CA server (PKI) and certificates are required for TLS mode. NetAct and WCDMA must use the certificates signed by the same root CA. Ensure that the following certificates are installed in NetAct: • CM certificates For more information, see Adding certificates for CM upload in Managing certificates for NWI3 interface. • Network element certificates For more information, see Adding a network element certificate to the NWI3 mediation's truststore in Managing certificates for NWI3 interface. • NWI3 Tomcat Server certificates For more information, see Configuring the Tomcat NWI3-HTTP server in Managing certificates for NWI3 interface. For detailed instructions on how to configure certificates, see Managing certificates for NetAct services in Administering NetAct System Security. DN09111775 4-0 © 2016 Nokia Solutions and Networks 41 Integrating RNC and WBTS to NetAct Preparing the intermediate system 4 Preparing the intermediate system This section describes how to prepare intermediate system between the network elements and NetAct. 4.1 Setting up firewall rules This section describes the firewall rules needed for enabling the communication between the network elements and NetAct. The default firewall rules for connecting the network elements to NetAct are listed in the following table: Note: To prevent security risk, Nokia recommends that you choose the secure protocol (SFTP over FTP, SSH over Telnet and HTTPS over HTTP). Note: Once RNC resiliency is configured, the backup PRNC also need to set up firewall rule between NetAct. The FTP service is disabled by default in NetAct. For detailed instructions on how to enable FTP service, see Starting FTP in Administering FTP. 1 TL 2 Service Source Source Port Dest. Dest. Port AL NodeMgr ephemeral WBTS 443 HTTPS TCP https Secured HTTP collection to WBTS NodeMgr ephemeral WBTS 6000 HTTP TCP http File transfer via HTTP Optional: This Object Description firewall rule is not required if the respective secure protocol is used NodeMgr ephemeral WBTS 6001 HTTPS TCP https File transfer via HTTPS NodeMgr ephemeral WBTS 12000 IIOP TCP entextxid SEM-FTM connection NodeMgr ephemeral OMS 22 SSH TCP ssh Element manager connections NodeMgr ephemeral OMS 80 HTTP TCP http Used to access OMS Element Manager via WebUI. Optional: This firewall rule is not required if the respective secure protocol is used. NodeMgr ephemeral OMS 443 HTTPS TCP https Used to access OMS Element Manager via WebUI. NodeMgr ephemeral OMS 500 IIOP TCP udp-500 Ipsec IKE negotiation NodeMgr ephemeral OMS 636 LDAPS TCP ldaps Application Launcher launch NodeMgr ephemeral OMS 49568 IIOP TCP tcp-49568 OMS connection needed for EM Launch DN09111775 4-0 © 2016 Nokia Solutions and Networks 42 Integrating RNC and WBTS to NetAct Preparing the intermediate system AL 1 Source Source Port Dest. Dest. Port NodeMgr ephemeral OMS 49152-49652 IIOP TL 2 TCP Service Object Description ne-ap- Ephemeral ports used by OMS Ap- plaunch- plication launcher internal applica- er-oms tions, i.e.: Measurement management, Fault management. NodeMgr ephemeral IPA-RNC 23 TELNET TCP telnet Putty telnet connection to RNC. This rule is retained is to keep compatiability with RU30 NEs. Optional: This firewall rule is not required if the respective secure protocol is used. NodeMgr ephemeral RNC 22 SSH/ TCP SSH SFTP Putty ssh connection to RNC. This rule is retained is to keep compatiability with RU30 NEs. NX2S and ephemeral mcRNC 22 XOH SSH/ TCP ssh SFTP SCLI commands towards NE SFTP for download software package on mcRNC NX2S and ephemeral IPA-RNC 22 XOH NWI3 SSH/ TCP ssh SSH TCP http HTTP file transfers from WBTS Op- SFTP ephemeral WBTS 6000 HTTP tional: This firewall rule is not required if the respective secure protocol is used NWI3 ephemeral WBTS 6001 HTTPS TCP https HTTPS file transfers from WBTS NWI3 ephemeral OMS 22 SSH/ TCP sshd Secured shell and secured file trans- SFTP NWI3 ephemeral OMS 80 HTTP fer from OMS TCP http HTTP file transfers from OMS Optional: This firewall rule is not required if the respective secure protocol is used NWI3 ephemeral OMS 443 HTTPS TCP https HTTPS file transfers from OMS NWI3 ephemeral OMS 49341 IIOP TCP nwi3- NWI3 Security fragment security-fragment NWI3 ephemeral OMS 49342 IIOP TCP nwi3-li- NWI3 LM Agent cense-mgragent NWI3 ephemeral OMS 49348 IIOP TCP nwi3- NWI3 SWM NEBR swmnodebackup NWI3 ephemeral OMS 49351 IIOP TCP nwi3- NWI3 Topology Service topolo- DN09111775 4-0 © 2016 Nokia Solutions and Networks 43 Integrating RNC and WBTS to NetAct Source Source Port Preparing the intermediate system Dest. Dest. Port AL 1 TL 2 Service Object Description gy-service NWI3 ephemeral OMS 49361 IIOP TCP nwi3-pm- NWI3 PM Service service NWI3 ephemeral OMS 49363 IIOP TCP nwi3-sw- NWI3 SW Agent agent NWI3 ephemeral OMS 49366 IIOP TCP nwi3- NWI3 Symptom data upload symptom-data-upload NWI3 ephemeral OMS 49368 IIOP TCP nwi3-cer- NWI3 Certificate Service ma-service NWI3 ephemeral OMS 49375 IIOP TCP nwi3-au- NWI3 Audit Trail Service ditlog-service NWI3 ephemeral OMS 49566 IIOP TCP nwi3- NWI3 Adapter adapter NWI3 ephemeral RNC 21 FTP TCP ftp FTP file transfers from RNC Optional: This firewall rule is not required if the respective secure protocol is used NWI3 ephemeral RNC 22 SFTP TCP ssh SFTP file transfers from RNC OMS ephemeral LB WAS vir- 80 HTTP TCP http Exchange files between netAct and tual IP NE using HTTP protocol. Optional: This firewall rule is not required if the respective secure protocol is used OMS ephemeral LB WAS vir- 389 LDAP TCP ldap tual IP OMS ephemeral figured for CNUM LB WAS vir- 443 HTTPS TCP https tual IP OMS ephemeral ephemeral Exchange files between netAct and NE using HTTPS protocol LB WAS vir- 446 IIOP TCP tual IP OMS LDAP port used by OMS that is con- WebSphere 446 HTTPS TCP cm-lte- HTTPS port in WebSphere Applica- oms-pro- tion Server used for CM LTE -> OMS vision provisioning purpose. cm-lte- HTTPS port in WebSphere Applica- oms-pro- tion Server used for CM LTE -> OMS vision provisioning purpose. OMS ephemeral WebSphere 49400-49499 IIOP TCP https For CM upload OMS ephemeral NWI3 80 TCP http HTTP port used by OMS file down- HTTP load (hardcoded in OMS). Optional: This firewall rule is not required if the respective secure protocol is used DN09111775 4-0 © 2016 Nokia Solutions and Networks 44 Integrating RNC and WBTS to NetAct Preparing the intermediate system 1 Source Source Port Dest. Dest. Port AL OMS ephemeral NWI3 123 NTP TL 2 UDP Service Object ntp Description OMS clock time set to NWI3 node which is used as one of NTP server in NetAct. OMS ephemeral NWI3 443 HTTPS TCP https HTTPS port used by OMS file download (hardcoded in OMS). OMS ephemeral NWI3 33749 HTTPS TCP httpd For software backup OMS ephemeral NWI3 49152 IIOP TCP nwi3-reg- NWI3 registration service service OMS ephemeral NWI3 49164 IIOP TCP nwi3-no- NWI3 notification service tific-service OMS ephemeral NWI3 49177 IIOP TCP nwi3- NWI3 topology event consumer topology-eventconsumer OMS ephemeral NWI3 49179 IIOP TCP nwi3- NWI3 alarm event consumer alarmeventconsumer OMS ephemeral NWI3 49192 IIOP TCP nwi3- NWI3 trace event consumer traceeventconsumer OMS ephemeral NWI3 49300 IIOP TCP nwi3-cm- NWI3 CM event consumer event-notification OMS ephemeral NWI3 49311 IIOP TCP nwi3- NWI3 topology service topology-service-callback OMS ephemeral NWI3 49312 IIOP TCP nwi3- NWI3 topology delete topology-deletecallback OMS ephemeral NWI3 49333 IIOP TCP nwi3- NEBR download callback agent swmnodebackup OMS ephemeral NWI3 49344 IIOP TCP nwi3- NEBR upload callback agent swmnodebackup DN09111775 4-0 © 2016 Nokia Solutions and Networks 45 Integrating RNC and WBTS to NetAct Preparing the intermediate system 1 Source Source Port Dest. Dest. Port AL OMS ephemeral NWI3 49350 IIOP TL 2 TCP Service Object nwi3-hw- Description NWI3 HW event consumer agent OMS ephemeral NWI3 49354 IIOP TCP nwi3-au- NWI3 audit trail dit-trailcallback OMS ephemeral NWI3 49355 IIOP TCP tcp-49355 NWI3 Symptom data upload OMS ephemeral NWI3 49509 IIOP TCP nwi3-li- NWI3 licence event consumer cense-eventconsumer OMS ephemeral NWI3 49510 IIOP TCP nwi3-cert- NWI3 certificate management agent OMS ephemeral NWI3 49530 IIOP TCP nwi3-pm- NWI3 pm event consumer eventconsumer OMS ephemeral NWI3 49557 IIOP TCP nwi3-sw- NWI3 Software Upload upload OMS ephemeral NWI3 49558 IIOP TCP nwi3-sw- NWI3 Software Download download OMS ephemeral NWI3 49559 IIOP TCP nwi3-sw- NWI3 Software change event con- change- sumer eventconsumer OMS ephemeral NWI3 49560 IIOP TCP nwi3- NWI3 Software update event con- sw-up- sumer date-eventconsumer OMS ephemeral NWI3 49561 IIOP TCP nwi3-sw- NWI3 Software Commit/Rollback commit OMS ephemeral NWI3 49600 IIOP TCP nwi3-au- NWI3 audit trail event consumer dit-traileventconsumer OMS ephemeral NWI3 49619 IIOP TCP tcp-49619 NWI3 CNUM mediator management OMS ephemeral NWI3 49620 IIOP TCP nwi3- NWI3 integration mediator manage- media- ment tor-callback OMS ephemeral NWI3 49622 IIOP TCP nwi3-lo- NWI3 user management cal-security-callback DN09111775 4-0 © 2016 Nokia Solutions and Networks 46 Integrating RNC and WBTS to NetAct Preparing the intermediate system 1 Source Source Port Dest. Dest. Port AL OMS ephemeral NodeMgr 49152 - IIOP TL 2 TCP 49652 OMS ephemeral SBI-Com- 80 HTTP TCP Service Object Description ne-ap- listening ports for CORBA call- plaunch- backs between OMS and Application er-oms Launcher in NodeMgr server http CM NWI3 data file transfer. Optional: monMedia- This firewall rule is not required if the tion respective secure protocol is used (port 8443). OMS ephemeral SBI-Com- 443 HTTPS TCP SBI-Com- 49400 - IIOP TCP monMedia- 49499 CM NWI3 data file transfer monMediation OMS ephemeral tcp-49400 CM NWI3 - 49499 tion OMS ephemeral DNS 53 DNS TCP/ dns UDP Optional. To be used if NetAct is used as DNS for the NE. DNS primarily uses this port to serve requests. OMS ephemeral DNS 953 DNS TCP TCP-953 port used by Remote DNS daemon (named) control service. Q3 ephemeral IPA-RNC 22 SSH/ TCP ssh SFTP Port used to log into a remote machine and execute commands. SFTP data connection. Q3 support SFTP since NetAct 15.5 Q3 ephemeral IPA-RNC 23 TELNET TCP telnet Used to establish a connection to Transmission Control Protocol (TCP) port number 23, where a Telnet server application (telnetd) is listening. Optional: This firewall rule is not required if the respective secure protocol is used. IPA-RNC ephemeral LB WAS vir- 389 LDAP TCP ldap tual IP mcRNC_CF- ephemeral PU RNC configured for CNUM LB WAS vir- 389 LDAP TCP ldap tual IP ephemeral DNS LDAP port used by IPA-RNC that is LDAP port used by mcRNC that is configured for CNUM 53 DNS TCP/ dns UDP Optional. To be used if NetAct is used as DNS for the NE. DNS primarily uses this port to serve requests. RNC ephemeral DNS 953 DNS TCP TCP-953 port used by Remote DNS daemon (named) control service. SBI-Com- ephemeral OMS 80 HTTP TCP http CM NWI3 data file transfer. Optional: monMedia- This firewall rule is not required if the tion respective secure protocol is used (port 443). DN09111775 4-0 © 2016 Nokia Solutions and Networks 47 Integrating RNC and WBTS to NetAct Preparing the intermediate system 1 TL 2 Service Source Source Port Dest. Dest. Port AL SBI-Com- ephemeral OMS 443 HTTPS TCP https CM NWI3 data file transfer ephemeral LB WAS vir- 389 LDAP TCP ldap LDAP port used by WBTS that is Object Description monMediation WBTS tual IP configured for CNUM WBTS ephemeral NodeMgr 13062-13092 HTTPS TCP x-window File transfer via HTTPS WBTS ephemeral DNS 53 TCP/ dns Optional. To be used if NetAct is DNS UDP used as DNS for the NE. DNS primarily uses this port to serve requests. WBTS ephemeral DNS 953 DNS TCP TCP-953 port used by Remote DNS daemon (named) control service. WebSphere ephemeral OMS 22 SSH TCP ssh SSH WebSphere ephemeral OMS 80 HTTP TCP http CM outgoing request. Optional: This firewall rule is not required if the respective secure protocol is used. WebSphere ephemeral OMS 443 HTTPS WebSphere ephemeral OMS 33434-33523 ICMP TCP https CM outgoing request. UDP udp-33434-33523 Used for checking the connection between NetAct and OMS with traceroute command WebSphere ephemeral OMS 49350 IIOP TCP nwi3-hw- NWI3 HW Agent agent WebSphere ephemeral OMS 49357 IIOP TCP nwi3- NWI3 CM Plan Management cm-planmgmt WebSphere ephemeral OMS 49363 IIOP TCP nwi3-sw- NWI3 SW Agent agent WebSphere ephemeral OMS 49367 IIOP TCP nwi3- NWI3 Measurement Handler measurement-hndlr WebSphere ephemeral OMS 49566 IIOP TCP nwi3- NWI3 Adapter adapter WebSphere ephemeral RNC 49400-49499 TCP TCP tcp-49400-49499 Port range for feedback objects of RNCs WebSphere ephemeral mcRNC 22 SSH TCP ssh SSH shell from NetAct Monitor WebSphere ephemeral IPA-RNC 22 SSH TCP ssh For IPA-RNC, Executing MML commands through Command manager WebSphere ephemeral IPA-RNC 23 TELNET TCP telnet For IPA-RNC, Executing MML commands through Command manager optional insecure protocol, rule is not DN09111775 4-0 © 2016 Nokia Solutions and Networks 48 Integrating RNC and WBTS to NetAct Source Preparing the intermediate system Source Port Dest. Dest. Port AL 1 TL 2 Service Object Description required if respective secure protocol is used WebSphere ephemeral RNC 33400-33600 ICMP UDP udp-33400-33600 Used for checking the connection between NetAct and RNC with traceroute command WebSphere ephemeral WBTS 33434-33933 ICMP UDP udp-33434-33933 Used for checking the connection between NetAct and WBTS with traceroute command Table 13: Firewall rules for RNC and WBTS Note: • If the network element uses NetAct VM as NTP server or DNS server, ensure that appropriate firewall ports (123 for NTP and 53 for DNS) are open. 1 • AL : Application Layer 2 • TL : Transport Layer • If the port is ephemeral, select a port from the port pool of the IP stack. • NetAct performs the network element status check on the O&M connections by implementing Internet Control Message Protocol (ICMP). Before integration, enable ICMP (ping) traffic from the NetAct VMs where the was services are running to OMS, RNC and WBTS in firewall configuration. For detailed descriptions of all the sources and destinations mentioned in Table 13: Firewall rules for RNC and WBTS on page 42, see the following table: Node Description NetAct nodes LB WAS virtual IP Virtual IP address of the WebSphere Application Server Load Balancer DNS IP address of the VM where the DNS service is running NWI3 IP address of the VM where the nwi3 service is running NX2S and XOH IP address of the VM where the nx2s and xoh services are running Q3 IP address of the VM where the q3user service is running WebSphere IP addresses of the VMs where the was service is running NodeMgr IP addresses of the Node Manager Citrix Virtual Delivery Agent (VDA) servers SBI-CommonMediation IP address of the node where the common_mediations service is running. network element nodes OMS IP address of OMS North Bound Interface. mcRNC IP address of the O&M interface of MultiController-RNC network element. DN09111775 4-0 © 2016 Nokia Solutions and Networks 49 Integrating RNC and WBTS to NetAct Preparing the intermediate system Node Description mcRNC_CFPU The recommended IP address is the physical eth0/vlan interface IP address of the CFPU unit, to which the /PAP and /RuimReplicator recovery groups have been assigned as users. IPA-RNC IP address of the OMU interface of IPA-RNC network element. RNC IP address of the O&M interface of MultiController-RNC network element or IP address of the OMU interface of IPA-RNC network element. WBTS IP address of the FTM interface of WBTS network element. Table 14: Node descriptions Note: • For more information about connections between the network elements and NetAct, see WCDMA RAN, Rel. WCDMA 17, Operating Documentation on Nokia Networks Online Services (NOLS). You can access NOLS after authentication. In the documentation, go to Reference → Security → Communication Matrix and Operate and Maintain → Administer → OMS → Managing Security with OMS → Network security in OMS → Configuring OMS firewall. • To get the IP addresses in NetAct, see Locating the right virtual machine for a service. • To locate the Node Manager Citrix Virtual Delivery Agent (VDA) server, contact your NetAct administrator. DN09111775 4-0 © 2016 Nokia Solutions and Networks 50 Integrating RNC and WBTS to NetAct Integrating RNC and WBTS to NetAct manually 5 Integrating RNC and WBTS to NetAct manually This section describes how to integrate RNC and WBTS to NetAct manually for the releases which do not support NE Integration Wizard. For network element releases which do not support NE Integration Wizard (NEIW), follow the instructions in this section. Otherwise, go to Integrating RNC and WBTS to NetAct with NEIW on page 59. 5.1 Integration operations on OMS This section describes the operations needed on OMS for it to be integrated to NetAct. 5.1.1 Configuring RNC and WBTS time synchronization with NetAct This section describes how to configure NetAct as the time source for NetAct, RNC and WBTS. Accurate time synchronization is the key element to ensure the capability of providing reliable mobile network services. Nokia recommends that you consider the time synchronization as part of the IP network planning: what the time source for NetAct, RNC and WBTS is, and what the time sharing topology is. NetAct, RNC and WBTS must synchronize their time with a time source, and the scenarios vary as the following: • NetAct, RNC and WBTS use the same time source (external NTP server). • NetAct, RNC and WBTS use different time sources (external NTP servers). • RNC and WBTS use NetAct as secondary or tertiary time source. Note: There must be more than one time source with synchronized time. It is not recommended to use NetAct as the primary time source for RNC and WBTS. For more information on how to configure time synchronization, see WCDMA RAN, Rel. WCDMA 17, Operating Documentation on Nokia Networks Online Services (NOLS). You can access NOLS after authentication. The navigation path is Install → OMS → Installing and Commissioning OMS → Integrating OMS to the network → Configuring NTP services in OMS. 5.1.2 Configuring DNS forwarder in OMS This section describes how to configure DNS forwarder in OMS. RNC and WBTS can get DNS service and keep it in synchronization with OMS. OMS can forward the DNS queries to NetAct DNS server. NetAct DNS server or external DNS server can be used as DNS forwarder in OMS. Follow the instructions below: DN09111775 4-0 © 2016 Nokia Solutions and Networks 51 Integrating RNC and WBTS to NetAct Integrating RNC and WBTS to NetAct manually Note: OMS can only parse IPv4 address. The IP address in this section means IPv4 address. 1. Log in to OMS as the Nemuadmin user through SSH, and then switch to the root user. 2. Check the DNS settings by entering: fsipnet service get ClusterDNS Expected outcome The following is an example output: fsipnet service add ClusterDNS forwarder <dns service host IP address> If no screen output is displayed, it indicates that no DNS forwarder is configured. If the required IP addresses are configured, skip the following steps. 3. Configure the DNS forwarder: • If unwanted DNS service host IP address is displayed, remove it by entering: fsipnet service modify ClusterDNS delforwarder <DNS_ip_address> • If you want to add a new DNS service host IP address based on the existing forwarder(s), enter: fsipnet service modify ClusterDNS addforwarder <DNS_ip_address> • If there is no screen output, add the DNS service host IP addresses as OMS DNS forwarders by entering: fsipnet service add ClusterDNS forwarder <DNS_primary_ip_address> forwarder <DNS_secondary_ip_address> Note: • From DNS management point of view, network element can be integrated into external DNS servers and/or into NetAct, which means that the <DNS_primary_ip_address> and <DNS_secondary_ip_address> can have the following values: • External primary DNS server IP address and external secondary DNS server IP address • External primary DNS server IP address and NetAct DNS dns-master service host IP • NetAct DNS dns-master service host IP and NetAct DNS dns-slave service host IP For more information about external DNS server address, contact your network administrator. DN09111775 4-0 © 2016 Nokia Solutions and Networks 52 Integrating RNC and WBTS to NetAct Integrating RNC and WBTS to NetAct manually • It is recommended to add all possible NetAct VM IP addresses which host DNS service as OMS DNS reference for high availability purpose. A NetAct system usually contains 2 DNS service hosts; one acts as a master service and the other one acts as a slave service. See Preparing NetAct on page 25 to get IP addresses of the NetAct VMs which host the DNS services. 4. Update changes by entering: fsipreconfigure commit 5. Restart OMS DNS service to activate the newly added DNS forwarders by entering: fshascli -rn /ClusterDNS Expected outcome /ClusterDNS is restarted successfully 5.1.3 Checking OMS connectivity towards NetAct This section describes how to check OMS connectivity towards NetAct. Perform the following steps to check the connectivity towards NetAct on OMS: 1. Check the OMS IP layer connectivity towards NetAct. a) Log in to OMS as the Nemuadmin user through SSH session. b) Check the connectivity towards NetAct by entering: wget http://<IPv4 address of the NetAct VM where the nwi3 service is running >:49152 Expected outcome ... Connecting to <IPv4 address of NetAct NWI3 VM >:49152... connected. ... 2. Check the NWI3 adapter. For more information, see WCDMA RAN, Rel. WCDMA 17, Operating Documentation on Nokia Networks Online Services (NOLS). You can access NOLS after authentication. The navigation path is Troubleshoot → OMS → Troubleshooting OMS → OMS management interfaces troubleshooting → Registration of the NWI3 Adapter to NetAct fails → Recovery procedures → Checking the NWI3 adapter - NetAct connection. DN09111775 4-0 © 2016 Nokia Solutions and Networks 53 Integrating RNC and WBTS to NetAct Integrating RNC and WBTS to NetAct manually 5.2 Integration operations on NetAct This section describes the operations needed on NetAct for integrating RNC and WBTS. 5.2.1 Checking NetAct connectivity towards OMS This section describes how to check NetAct connectivity towards OMS. Perform the following steps to check the connectivity towards OMS on NetAct: 1. Log in to the NetAct VM which hosts the nwi3 service as the omc user. 2. Check the NetAct connectivity towards OMS by entering the following command: curl --head <FQDN of OMS> Expected outcome HTTP/1.1 301 Moved Permanently Date: <Current date and time> Server: Apache Location: https://<FQDN of OMS>/OMSElementManager/ Connection: close Content-Type: text/html; charset=<charset code> If HTTP/1.1 is shown, the connectivity from NetAct towards OMS is alive. Note: If the OMS FQDN is not added in NetAct DNS or the NetAct DNS service is not working with the error message curl: (6) Couldn't resolve host '<FQDN of OMS>', double check and reconfigure the DNS forwarders of OMS. 5.2.2 Creating managed objects This section describes how to create the managed objects in NetAct Monitor. Create managed objects in NetAct Monitor with the following hierarchy: |-PLMN-PLMN |-OMS-<instance ID> |-HTTP-1 In the hierarchy, upper level managed object is referred to as parent object. For example, PLMNPLMN is the parent object of OMS-<instance ID>. Note: Nokia recommends that you use secure protocols wherever possible (SFTP instead of FTP, SSH instead of Telnet, and HTTPS instead of HTTP). 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage DN09111775 4-0 © 2016 Nokia Solutions and Networks 54 Integrating RNC and WBTS to NetAct Integrating RNC and WBTS to NetAct manually <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 2. In NetAct Start Page, click Monitoring → Monitor. 3. In Monitor, open Object Explorer by selecting Tools → Managed Objects → Object Explorer. Expected outcome The Objects pane appears. 4. In the Objects pane, create the managed objects as in the following table: Object Class OMS Assign as self Mandatory values agent Yes • Instance: The instance ID of the OMS. For more information, see Checking the instance identifier of OMS on page 12. • Agent Direct Integration to this NetAct: true • Version: the version of the OMS network element HTTP No • Instance: 1 • Host Name: Northbound FQDN of OMS without the trailing dot (for example, nboms.netact.customer.com) Note: Ensure that OMS northbound interface is added to domain name service in NetAct. For more information, see Adding OMS to domain name service in NetAct. • Security mode: HTTPS Table 15: Parameters of the managed objects a) Right-click the parent object and select New → Object.... b) In the New Object dialog, from the Object Class drop-down list, select the object class, and, if required (indicated in the table), select Assign as self agent. c) Click Next >. d) In the Fill Mandatory Values dialog box, fill in the mandatory values, and then click Finish. Note: For attributes which are not mentioned in the table, keep their values as default. DN09111775 4-0 © 2016 Nokia Solutions and Networks 55 Integrating RNC and WBTS to NetAct Integrating RNC and WBTS to NetAct manually Expected outcome The object is created and shown in the Objects panel. e) Perform the post actions if required. f) Repeat the steps to create other managed objects. 5.2.3 Associating OMS to a Maintenance Region This section describes how to associate OMS to a Maintenance Region. Associate the managed objects to the Maintenance Region (MR) created in Managing the Maintenance Region on page 25. 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 2. In NetAct Start Page, click Monitoring → Monitor. 3. In Monitor, open the Object Explorer by selecting Tools → Managed Objects → Object Explorer. The Objects panel appears. 4. Right-click the OMS object and select Maintenance Region Association. The Associate Maintenance Region dialog appears. 5. Select the Maintenance Region created in Managing the Maintenance Region on page 25. 6. Select Propagate selected Maintenance Region to the sub tree. 7. Click OK. Expected outcome The managed objects are associated to the Maintenance Region. In the Properties panel of the OMS object, the Maintenance Region is listed in the Maintenance Region field. 5.2.4 Uploading integration data This section describes how to perform integration data upload for RNC and WBTS. DN09111775 4-0 © 2016 Nokia Solutions and Networks 56 Integrating RNC and WBTS to NetAct Integrating RNC and WBTS to NetAct manually Upload the integration data. 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 2. In NetAct Start Page, click Monitoring → Monitor. 3. In Monitor, open the Object Explorer by selecting Tools → Managed Objects → Object Explorer. The Objects panel appears. 4. Right-click the OMS object and select Element Management → Integration Data Upload. Expected outcome In the Ongoing Operations area, when the Integration Data Upload progress bar shows 100% Completed, check if Completed Successfully shows in the Operation Status in the Operations History area. 5.2.5 Uploading the alarms This section describes how to perform alarm upload. 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 2. In NetAct Start Page, click Monitoring → Monitor. 3. In Monitor, open the Object Explorer by selecting Tools → Managed Objects → Object Explorer. The Objects panel appears. 4. Right-click the OMS object and select Alarm Upload. DN09111775 4-0 © 2016 Nokia Solutions and Networks 57 Integrating RNC and WBTS to NetAct Integrating RNC and WBTS to NetAct manually Expected outcome In the Ongoing Operations area, when the Alarm Upload progress bar shows 100% Completed, check if Completed Successfully shows in the Operation Status in the Operations History area. DN09111775 4-0 © 2016 Nokia Solutions and Networks 58 Integrating RNC and WBTS to NetAct Integrating RNC and WBTS to NetAct with NEIW 6 Integrating RNC and WBTS to NetAct with NEIW This section describes how to integrate RNC and WBTS to NetAct automatically with NE Integration Wizard (NEIW). For the network element releases which support NE Integration Wizard (NEIW), follow the instructions in this section. Otherwise, go to Integrating RNC and WBTS to NetAct manually on page 51. 6.1 Integration operations in NEIW This section describes how to operate NE Integration Wizard (NEIW) to integrate RNC and WBTS. 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 2. In NetAct Start Page, click Administration → NE Integration Wizard. Expected outcome The NE Integration Wizard application runs. 3. Click New.... The NE Configuration window opens. 4. In NE type and Adaptation release, select OMS and its version from the drop-down lists. Corresponding attributes are displayed. 5. Fill in the mandatory values. Attribute Value MR Select the Maintenance Region created in Managing the Maintenance Region on page 25. DN09111775 4-0 © 2016 Nokia Solutions and Networks 59 Integrating RNC and WBTS to NetAct Attribute Integrating RNC and WBTS to NetAct with NEIW Value OMS O&M agent address Fill in the fully qualified domain name (FQDN) without the trailing dot (for example, ne1.netact.customer.com) or IP address of OMS O&M agent. OMS distinguished name Fill in the distinguished name of OMS as PLMN-PLMN/OMS-<instance ID>. Table 16: Mandatory configuration parameters for OMS 6. (Optional) If you want to configure the time synchronization with NetAct or the DNS forwarder in OMS, fill in the optional values. Attribute Value Additional information Configure DNS forwarder Fill in the DNS IP address. For more If any DNS server is already in OMS information, see Configuring DNS for- configured for OMS, the con- warder in OMS on page 51. figuration in this step does not Note: If you need to configure two or more DNS servers, overwrite the existing servers but only adds new server(s). click the + icon. Configure NTP server in Fill in the NTP service host IP address. If any NTP server is already OMS For more information, see Configuring configured for OMS, the con- RNC and WBTS time synchronization figuration in this step does not with NetAct on page 51. overwrite the existing servers Note: If you need to config- but only adds new server(s). ure two or more NTP servers, click the + icon. OMS root password Fill in the password of the root user. Confirm OMS root pass- Fill in the password of the root user. word The credentials are necessary for both NTP and DNS configurations. Table 17: Optional configuration parameters for OMS 7. Click Save. DN09111775 4-0 © 2016 Nokia Solutions and Networks 60 Integrating RNC and WBTS to NetAct Integrating RNC and WBTS to NetAct with NEIW Expected outcome The integration plan is created and shown in the list. 8. Select the plan and click Integrate. Note: If multiple plans are triggered, the network elements are integrated one by one. The Integration status shows In queue for those waiting ones. Expected outcome If the Integration status changes to Completed, integration is successful. If the Integration status changes to Failed, click the Failed link and then click Show full log to check the log. For more information on how to troubleshoot the problems, see the troubleshooting sections. DN09111775 4-0 © 2016 Nokia Solutions and Networks 61 Integrating RNC and WBTS to NetAct Operations on NetAct after integration 7 Operations on NetAct after integration This section describes required operations for provisioning, collecting SSH public keys and configuring DST after integration. 7.1 Collecting the SSH public keys of OMS and RNC in NetAct This section describes how to collect the SSH public keys of OMS and RNC in NetAct. 7.1.1 Collecting the SSH public keys of OMS in NetAct 1. Log in to NetAct nwi3 node as the omc user. 2. Gather SSH public keys by entering: /opt/oss/bin/gather_ssh_public_keys.pl -e OMS Expected outcome The following is an example output: # 10.1.2.3 SSH-2.0-OpenSSH_4.3 # 10.1.2.4 SSH-2.0-OpenSSH_4.3 # 10.1.2.5 SSH-2.0-OpenSSH_4.3 As a result, the known_hosts.new file is generated in the current directory. 3. Verify that each collected public host key in the known_hosts.new file matches the public host key of the OMS. 4. Make a backup copy of $CPF_CERT_PATH/smx/nwi3/known_hosts. 5. Copy the gathered public host keys from the known_hosts.new file to the end of the $CPF_CERT_PATH/smx/nwi3/known_hosts by entering: cat known_hosts.new >> $CPF_CERT_PATH/smx/nwi3/known_hosts 7.1.2 Collecting the SSH public keys of RNC in NetAct Follow the succeeding steps to collect the SSH public keys of RNC in NetAct. It is mandatory for mcRNC to use SSH connection. For IPA-RNC, if you do not want to use SSH connection, you can skip the part of collecting SSH public keys of IPA-RNC. Note: DN09111775 4-0 © 2016 Nokia Solutions and Networks 62 Integrating RNC and WBTS to NetAct Operations on NetAct after integration • SSH public key collection of mcRNC fails if the gateway configuration of mcRNC is not set to allow bidirectional communication between NetAct and mcRNC. If so, the gateway configuration needs to be updated not only for the first time integration but also for reintegration from one NetAct cluster to another NetAct cluster. • The network administrator must keep the public host keys up-to-date in the users' home directories. 7.1.2.1 Viewing and setting the gateway configuration 1. Log in to the mcRNC O&M as the NUPADM user through SSH session. 2. In the SCLI command environment, enter the following command to view the current gateway configuration: show routing node <NE_node_name> static-route config all Expected outcome Gateway addresses should be shown in the output. user@CFPU-0 [RNC-001] > show routing node CFPU-0 static-route config all CFPU-0@RNC-001 [2014-08-01 11:00:44 +0300] Instance: default BFD hold time: 0 Static route: default Next hop type: normal Rank: 60 Gateway: 10.0.0.1 Preference: 1 BFD monitoring: disabled BFD tx interval: 1000 BFD rx interval: 1000 BFD detect multiplier: 4 Gateway: 169.254.0.5 Preference: 3 BFD monitoring: disabled BFD tx interval: 1000 BFD rx interval: 1000 BFD detect multiplier: 4 Static route: 10.8.8.0/24 Next hop type: normal Rank: 60 Gateway: 10.0.0.1 Preference: not defined BFD monitoring: disabled BFD tx interval: 1000 BFD rx interval: 1000 BFD detect multiplier: 4 Gateway: 169.254.0.5 Preference: 8 BFD monitoring: disabled BFD tx interval: 1000 BFD rx interval: 1000 BFD detect multiplier: 4 The output as below indicates what is set currently: Gateway: 10.0.0.1 Preference: 1 3. The gateway can be added or modified with a static route setting by entering: set routing node <node_name> static-route <destination/mask> nexthop gateway address <GW_IP> bfd-detect-mult <detect-multiplier> bfd- DN09111775 4-0 © 2016 Nokia Solutions and Networks 63 Integrating RNC and WBTS to NetAct Operations on NetAct after integration monitoring <enabled/disabled> bfd-rx-interval <rx-interval> bfd-txinterval <tx-interval> priority <priority> on Expected outcome This command has no screen output on success. The changed or added gateway configuration can be checked by the command mentioned in step 2. For example: user@CFPU-0 [RNC-001] > set routing node CFPU-0 static-route 10.0.99.0/ 24 nexthop gateway address 10.0.0.1 bfd-detect-mult 4 bfd-monitoring disabled bfd-rx-interval 1000 bfd-tx-interval 1000 priority 1 on CFPU-0@RNC-001 [2014-08-01 11:26:35 +0300] user@CFPU-0 [RNC-001] > 7.1.2.2 Collecting the SSH public key of IPA-RNC and mcRNC on nwi3 node This section is needed for both IPA-RNC and mcRNC. 1. Log in as the omc user to the NetAct VM where the nwi3 service is running (nwi3 node). 2. Collect SSH public keys from the nwi3 node. • If RNC resiliency is not configured, collect RNC SSH public key by entering: /opt/oss/bin/gather_ssh_public_keys.pl -e RNC • If RNC resiliency is configured, collect both RNC and PRNC SSH public keys by entering: /opt/oss/bin/gather_ssh_public_keys.pl -e RNC,PRNC Expected outcome The following is an example output: Querying 'RNC', 'PRNC' addresses from NASDA DB: 3 addresses found! Gathering rsa ssh public keys: -----------------------------------------------------------# 10.0.0.1 SSH-2.0-OpenSSH_5.3 # 10.0.1.2 SSH-2.0-OpenSSH_5.3 # 10.0.2.3 SSH-2.0-OpenSSH_5.3 -----------------------------------------------------------A new ssh known hosts file generated: 'known_hosts.new' DN09111775 4-0 © 2016 Nokia Solutions and Networks 64 Integrating RNC and WBTS to NetAct Operations on NetAct after integration As a result, the known_hosts.new file is generated in the current directory. The file contains the public keys of all the network element types for which the gather_ssh_public_keys.pl script was run, in that case, of the RNC or PRNC. 3. Verify that each collected public host key in the known_hosts.new file matches the public host key of RNC or PRNC. If a public host key does not match the key in the network element, then a man-in-the-middle attack might be taking place. 4. Make a backup copy of the $CPF_CERT_PATH/smx/nwi3/known_hosts file if it is already created. 5. Copy the gathered public host keys from the known_hosts.new file to the end of the $CPF_CERT_PATH/smx/nwi3/known_hosts file by entering the following command: cat known_hosts.new >> $CPF_CERT_PATH/smx/nwi3/known_hosts 6. Check if the ssh_known_hosts file exists in the /etc/opt/nokia/oss/common/conf/ folder. If the ssh_known_hosts file does not exist, you can create it by entering: touch /etc/opt/nokia/oss/common/conf/ssh_known_hosts 7. Copy the gathered public host keys from the known_hosts.new file to the end of the shared ssh_known_hosts file by entering: cat ~/known_hosts.new >> /etc/opt/nokia/oss/common/conf/ssh_known_hosts 8. Compare the known_hosts.new file with the ssh_known_hosts and known_hosts files. Remove duplicate host entries from the /etc/opt/nokia/oss/common/conf/ ssh_known_hosts and $CPF_CERT_PATH/smx/nwi3/known_hosts files, so that you do not have two entries for the same network element. Expected outcome The public key of RNC displays in the ssh_known_hosts and known_hosts files. Note: • After launching integration data upload and collecting SSH keys for RNC, ensure that the FTP object under IPA-RNC has the value of SFTP for Security mode and the value of 22 for Port in the Properties pane of Monitor. • The MML object under IPA-RNC is created automatically with default settings. Change these settings to ensure that it has the value of SSH for Agent Interface and the value of 22 for Port. DN09111775 4-0 © 2016 Nokia Solutions and Networks 65 Integrating RNC and WBTS to NetAct Operations on NetAct after integration 7.1.2.3 Collecting the SSH public key of IPA-RNC on q3user node This section is only needed for IPA-RNC. 1. Log in as the q3usr user to the NetAct VM where the q3user service is running (q3user node). 2. Collect SSH public keys from the q3user node. • If RNC resiliency is not configured, collect RNC SSH public key by entering: /opt/oss/bin/gather_ssh_public_keys.pl -e RNC • If RNC resiliency is configured, collect both RNC and PRNC SSH public keys by entering: /opt/oss/bin/gather_ssh_public_keys.pl -e RNC,PRNC Expected outcome The following is an example output: Querying 'RNC', 'PRNC' addresses from NASDA DB: 3 addresses found! Gathering rsa ssh public keys: -----------------------------------------------------------# 10.0.0.1 SSH-2.0-OpenSSH_5.3 # 10.0.1.2 SSH-2.0-OpenSSH_5.3 # 10.0.2.3 SSH-2.0-OpenSSH_5.3 -----------------------------------------------------------A new ssh known hosts file generated: 'known_hosts.new' As a result, the known_hosts.new file is generated in the current directory. The file contains the public keys of all the network element types for which the gather_ssh_public_keys.pl script was run, in that case, of the RNC or PRNC. 3. Verify that each collected public host key in the known_hosts.new file matches the public host key of RNC or PRNC. If a public host key does not match the key in the network element, then a man-in-the-middle attack might be taking place. 4. Make a backup copy of the $CPF_CERT_PATH/smx/q3user/known_hosts file if it is already created. 5. Copy the gathered public host keys from the known_hosts.new file to the end of the $CPF_CERT_PATH/smx/q3user/known_hosts file by entering the following command: cat known_hosts.new >> $CPF_CERT_PATH/smx/q3user/known_hosts 6. Compare the known_hosts.new file with the known_hosts file. Remove duplicate host entries from the $CPF_CERT_PATH/smx/q3user/known_hosts file, so that you do not have two entries for the same network element. DN09111775 4-0 © 2016 Nokia Solutions and Networks 66 Integrating RNC and WBTS to NetAct Operations on NetAct after integration Expected outcome The public key of IPA-RNC displays in the known_hosts file. Note: • After launching integration data upload and collecting SSH keys for RNC, ensure that the FTP object under IPA-RNC has the value of SFTP for Security mode and the value of 22 for Port in the Properties pane of Monitor. • The MML object under IPA-RNC is created automatically with default settings. Change these settings to ensure that it has the value of SSH for Agent Interface and the value of 22 for Port. 7.1.2.4 Collecting the SSH public key of mcRNC on nx2s node This section is only needed for mcRNC. 1. Log in as the nx2suser user to the NetAct VM where the nx2s service is running (nx2s node). 2. Collect SSH public keys from the nx2s node. • If RNC resiliency is not configured, collect RNC SSH public key by entering: /opt/oss/bin/gather_ssh_public_keys.pl -e RNC • If RNC resiliency is configured, collect both RNC and PRNC SSH public keys by entering: /opt/oss/bin/gather_ssh_public_keys.pl -e RNC,PRNC Expected outcome The following is an example output: Querying 'RNC', 'PRNC' addresses from NASDA DB: 3 addresses found! Gathering rsa ssh public keys: -----------------------------------------------------------# 10.0.0.1 SSH-2.0-OpenSSH_5.3 # 10.0.1.2 SSH-2.0-OpenSSH_5.3 # 10.0.2.3 SSH-2.0-OpenSSH_5.3 -----------------------------------------------------------A new ssh known hosts file generated: 'known_hosts.new' As a result, the known_hosts.new file is generated in the current directory. The file contains the public keys of all the network element types for which the gather_ssh_public_keys.pl script was run, in that case, of the RNC. 3. Verify that each collected public host key in the known_hosts.new file matches the public host key of RNC. DN09111775 4-0 © 2016 Nokia Solutions and Networks 67 Integrating RNC and WBTS to NetAct Operations on NetAct after integration If a public host key does not match the key in the network element, then a man-in-the-middle attack might be taking place. 4. Make a backup copy of the $CPF_CERT_PATH/smx/nx2s/scli_known_hosts file if it is already created. 5. Copy the gathered public host keys from the known_hosts.new file to the end of the $CPF_CERT_PATH/smx/nx2s/scli_known_hosts file by entering the following commands: cat known_hosts.new >> $CPF_CERT_PATH/smx/nx2s/scli_known_hosts 6. Compare the known_hosts.new file with the scli_known_hosts file. Remove duplicate host entries from the $CPF_CERT_PATH/smx/nx2s/scli_known_hosts file, so that you do not have two entries for the same network element. Expected outcome The public key of mcRNC displays in the scli_known_hosts file. Note: • After launching integration data upload and collecting SSH keys for RNC, ensure that the FTP object under IPA-RNC has the value of SFTP for Security mode and the value of 22 for Port in the Properties pane of Monitor. • The MML object under IPA-RNC is created automatically with default settings. Change these settings to ensure that it has the value of SSH for Agent Interface and the value of 22 for Port. 7.2 Provisioning the credentials This section describes how to provision the created credentials to the network elements. You can skip this section if you do not want to provision the credentials. Note: Only maintenance region credentials can be provisioned to the network elements. 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. DN09111775 4-0 © 2016 Nokia Solutions and Networks 68 Integrating RNC and WBTS to NetAct Operations on NetAct after integration c) Click Accept to accept the terms and conditions. 2. Click Security → Network Element Access Control. 3. Click the Provisioning tab. 4. Select the following created credentials. • FTP Access • SFTP Access • Default Access • SCLI Access • Remote MML Access • EM Access Note: OMS does not support EM Access provisioning. 5. Click Provision. Expected outcome If it shows completed in the Status column, the credentials are provisioned to the network elements. 7.3 Configuring DST on RNC This section describes how to configure Daylight Saving Time (DST). Daylight Saving Time (DST) configuration is crucial for RNC and WBTS integration. To configure the DST, see Configuring time management. DN09111775 4-0 © 2016 Nokia Solutions and Networks 69 Integrating RNC and WBTS to NetAct Verifying the integration 8 Verifying the integration This section describes how to verify the integration. Note: To avoid impacting the running network environment, consider if you can perform the verifications before you proceed. 8.1 Verifying the Configuration Management connectivity This section describes how to verify the connectivity of Configuration Management towards NetAct. 8.1.1 Verifying configuration management data flow This section describes how to verify the configuration management data flow towards NetAct. Verify the configuration management data flow by performing Configuration Management upload. 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 2. In NetAct Start Page, open CM Operations Manager by clicking Configuration → CM Operations Manager. 3. In CM Operations Manager, click Upload → New Upload.... The Upload dialog opens. 4. Select the OMS object in the RNC tab. The selected object shows in the Scope field. 5. (Optional) In the Operation panel, enter a name and a description of the upload operation. 6. Select the Level of feedback. • Summary • Object DN09111775 4-0 © 2016 Nokia Solutions and Networks 70 Integrating RNC and WBTS to NetAct Verifying the integration • Parameter 7. Click Start. The confirmation dialog opens. 8. Click Yes. Expected outcome The Upload dialog opens and the status of the upload operation changes to Started. After successful operation, the status of the upload operation changes to Finished. 9. In CM Operations Manager, click Upload → New Upload.... The Upload dialog opens. 10. Select the RNC object in the BTS tab. The selected object shows in the Scope field. 11. (Optional) In the Operation panel, enter a name and a description of the upload operation. 12. Select the Level of feedback. • Summary • Object • Parameter 13. Click Start. The confirmation dialog opens. 14. Click Yes. Expected outcome The Upload dialog opens and the status of the upload operation changes to Started. After successful operation, the status of the upload operation changes to Finished. 15. In NetAct Start Page, open CM Editor by clicking Configuration → CM Editor. 16. In CM Editor, expand Actual Configuration, then expand PLMN-PLMN, RNC and WBTS objects in sequence. Expected outcome RNC and WBTS objects and their child objects appear under Actual Configuration. DN09111775 4-0 © 2016 Nokia Solutions and Networks 71 Integrating RNC and WBTS to NetAct Verifying the integration 8.1.2 Verifying command execution from command manager This section describes how to verify the command execution from command manager to IPA-RNC. This section describes the tasks which you need to perform to verify the command execution from command manager to IPA-RNC. 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 2. In NetAct Start Page, open CM Operations Manager by clicking Configuration → CM Operations Manager. CM Operations Manager application window opens. 3. In CM Operations Manager, click Tools → Command Manager.... The Command Manager dialog opens. 4. Click the NE Selection tab. 5. From the NE Type drop-down list, select RNC. 6. In the NE Name area, select the required network element. 7. Enter the MML command: ZWQO:CR; 8. Click Execute. Expected outcome In the Output tab, the command execution output displays the list of software versions installed on the IPA-RNC network element and in the Feedback tab, icon is visible indicating that the command execution status is successful. 8.2 Verifying the Element Management connectivity This section describes how to verify the connectivity of Element Management towards NetAct. Verify the following Element Management launches: DN09111775 4-0 © 2016 Nokia Solutions and Networks 72 Integrating RNC and WBTS to NetAct Verifying the integration Element Management option 1 OMS Element Manager Object OMS, RNC OMS Web UI 1 OMS, RNC, PRNC OMS Application Launcher OMS, RNC, PRNC Ping OMS, RNC, WBTS, PRNC 2 Trace Route OMS, RNC, WBTS, PRNC 3 MML Session RNC, PRNC RNC MML Session SCLI Session 4 WBTS 3 RNC, PRNC RNC SCLI Session 4 WBTS RNW Measurement Management RNC, PRNC Fault Management RNC, PRNC RNW Online Monitoring RNC WBTS Site Manager WBTS, WCEL, FTM Reset WBTS WBTS Lock WCEL WCEL Lock WCELs WBTS Unlock WCEL WCEL Unlock WCELs WBTS Table 18: Element Management options and corresponding network element objects Note: 1. For RU50 EP1 and earlier releases, the Element Management option for OMS or RNC is OMS Element Manager. From WCDMA16 onwards, the Element Management option for OMS or RNC is OMS Web UI. 2. From RU50 onwards, Trace Route launch is supported. However, OMS does not support trace route operations from NetAct by default. To ensure that Trace Route launch works, do the following on OMS: • For RU50, upgrade OMS to RU50 EP1. • From RU50 EP1 onwards, execute the following commands on OMS as the root user: DN09111775 4-0 © 2016 Nokia Solutions and Networks 73 Integrating RNC and WBTS to NetAct Verifying the integration iptables -A INPUT -p udp --dport 33434:33523 -m limit --limit 25/sec --limit-burst 8 -j REJECT fsfirewall reload 3. MML Session option is available when the RNC or PRNC object is IPA-RNC and SCLI Session is available when the RNC or PRNC object is mcRNC. To identify the network element in Monitor, right-click the RNC or PRNC object and select Properties. In the Properties pane, check the value of the Adaptation ID property. 4. RNC MML Session option is available when WBTS is under IPA-RNC and RNC SCLI Session is available when WBTS is under mcRNC. To identify the network element in Monitor, right-click the WBTS object and select Properties. In the Properties pane, check the value of the Adaptation ID property. 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 2. In NetAct Start Page, click Monitoring → Monitor. 3. In Monitor, open Object Explorer by selecting Tools → Managed Objects → Object Explorer. Expected outcome The Objects pane appears. 4. According to the table, right-click the object, and select the Element Management option in the Element Management sub-menu. Note: • You can find RNW Measurement Management, Fault Management and RNW Online Monitoring options by selecting Element Management → Launch RNC Specific Application. • You can find Lock WCEL and Unlock WCEL options by selecting Element Management → State Management. • If the Element Management launch is based on web page, disable the blocking popup window function of the browser, and then add the network element to the trusted sites of the browser, or else the Element Management window might be blocked. If there is any security warning, ignore it. DN09111775 4-0 © 2016 Nokia Solutions and Networks 74 Integrating RNC and WBTS to NetAct Verifying the integration • For OMS Application Launcher, if a prompt that shows JAVA VIRTUAL MACHINE VERSION IS NOT SUPPORTED, ignore it by pressing I. Expected outcome If the respective Element Management launch opens successfully, the connectivity is successful. 5. Repeat the steps to check all the Element Management launches. 8.3 Verifying the Fault Management connectivity This section describes how to verify the connectivity of Fault Management towards NetAct. 8.3.1 Verifying the alarm flow from IPA-RNC to NetAct This section describes how to verify the connectivity of IPA-RNC Fault Management towards NetAct. Verify the Fault Management connectivity by sending a test alarm. 1. Start a Telnet session to IPA-RNC OMU using a terminal emulator application, which can act as a client for the Telnet computing protocol. 2. Open service terminal session to IPA-RNC OMU unit by entering: ZDDS:OMU; Expected outcome The following is an example output: LOADING PROGRAM VERSION 7.79-0 WELCOME TO SERVICE TERMINAL DIALOGUE 0000-MAN> 3. Send a test alarm by entering: ZOS:*,*,143,,,,,9786,,,0,XD2244,XD2,XD0,9,1,2,3,4,5,6,7,8,9 4. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. DN09111775 4-0 © 2016 Nokia Solutions and Networks 75 Integrating RNC and WBTS to NetAct Verifying the integration c) Click Accept to accept the terms and conditions. 5. In NetAct Start Page, click Monitoring → Monitor. 6. In Monitor, open the Object Explorer by selecting Tools → Managed Objects → Object Explorer. The Objects panel appears. 7. Click the PLMN-PLMN object to expand it, then right-click the RNC object, and select Find In → Alarm List. The Alarm List window opens. 8. Double-click the alarm with Alarm Number 2244. The Alarm Details dialog opens. 9. In the Started field, check that the time is the time when you sent the test alarm. 10. To cancel the test alarm, right-click the test alarm and select Cancel or enter the following command in the IPA-RNC. ZOS:*,*,143,,,,,9786,,,1,XD2244,XW2,XW0,9,1,2,3,4,5,6,7,8,9 Expected outcome In the Alarm List window, the test alarm disappears. 8.3.2 Verifying the alarm flow from mcRNC to NetAct This section describes how to verify the connectivity of mcRNC Fault Management towards NetAct. Verify the Fault Management connectivity by sending a test alarm. 1. Log in to mcRNC O&M as a user who has equivalent permissions as the _nokadmin user through SSH session. Note: For more information of the _nokadmin user, see WCDMA RAN, Rel. WCDMA 17, Operating Documentation on Nokia Networks Online Services (NOLS). You can access NOLS after authentication. The navigation path is Commission → RNC → Commissioning Multicontroller RNC HW Rel.2 → Configuring factory precommissioned mcRNC → Configuring the controller's management plane. Expected outcome The user is logged in to the SCLI command line environment. Note: Do not use the root user to log in. A non-root credential directly takes user in to the SCLI command line environment. For more information of user creation on mcRNC, which is similar with Creating Network Element Access Control admin user for mcRNC DN09111775 4-0 © 2016 Nokia Solutions and Networks 76 Integrating RNC and WBTS to NetAct Verifying the integration on page 16, refer to mcRNC manual. The NUPADM user has the permissions and can be used here. 2. Send a test alarm by entering: set alarm raise specific-problem 3313 application-id /CFPU-0/ QNCFCPServer-0/QNFH4PRB managed-object fsClusterId=ClusterRoot severity 4 Expected outcome Notification sent successfully to raise alarm 3. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 4. In NetAct Start Page, click Monitoring → Monitor. 5. In Monitor, open the Object Explorer by selecting Tools → Managed Objects → Object Explorer. The Objects panel appears. 6. Click the PLMN-PLMN object to expand it, then right-click the RNC object, and select Find In → Alarm List. The Alarm List window opens. 7. Double-click the alarm with Alarm Number 3313. The Alarm Details dialog opens. 8. In the Started field, check that the time is the time when you sent the test alarm. 9. Cancel the test alarm in mcRNC. a) Check the alarm ID of the test alarm by entering: show alarm active filter-by specific-problem 3313 Expected outcome Alarms: List of Alarms DN09111775 4-0 © 2016 Nokia Solutions and Networks 77 Integrating RNC and WBTS to NetAct Verifying the integration Alarm ID .... : <alarm ID> b) Cancel the test alarm by entering: set alarm clear alarm-id <alarm ID> Expected outcome Alarm Cleared successfully In the Alarm List window of NetAct Monitor, the test alarm disappears. 8.4 Verifying the Performance Management connectivity This section describes how to verify the connectivity of Performance Management towards NetAct. Prerequisites Ensure that performance data is generated recently on RNC. For detailed instructions, see RNC documentation. Here, we take the WBTS object class as an example. 1. Locate the Global ID of the WBTS object. a) Log in to NetAct Start Page as the integration user. b) In NetAct Start Page, click Monitoring → Monitor. c) In Monitor, open the Object Explorer by selecting Tools → Managed Objects → Object Explorer. The Objects panel appears. d) Right-click the WBTS object and select Properties. e) In the Properties panel, check the value of the Global ID property. 2. Locate a raw view with recent data arriving at NetAct. a) Log in to the VM on which the db_crons service is running as the omc user. b) Search for raw view data by entering: etlcolDBInfo.pl -t NOKRWW%RAW Expected outcome ==================================================================== CONNECTING TO DATABASE ==================================================================== Get connection to database ... ok -------------------------------------------------------------------NOKRWW%RAW - Checking database tables NOKRWW%RAW% ------------------------------------------------------------------------------------------------------------------------------- DN09111775 4-0 © 2016 Nokia Solutions and Networks 78 Integrating RNC and WBTS to NetAct *** *** *** *** *** Verifying the integration - Number of rows in raw measurement tables Name of the table Yesterday Today Last entry -----------------------------------------------------------… <raw view name> 4639 5052 2015/09/23 12:45:00 … Total number of rows in tables : 0 Total number of rows in PV-views : 163459 Analysis executed: Thu Apr 9 10:33:30 EEST 2015 by user: <login user> on host: <login node name> c) Choose one raw view whose name contains WBTS and whose Today value is not 0. 3. Check database to see if there is data of the raw view for the WBTS object. a) Run sqlplus tool by entering: sqlplus b) Enter username omc and the password. c) Check the data availability of the raw view for the WBTS object by entering: select * from <raw view name> where WBTS_ID='<Global ID of the object>'; Note: • <raw view name> is the name of the raw view selected in step 2. • <Global ID of the object> is the Global ID of the object located in step 1. For example: select * from NOKRWW_PS_WBTSRES_WBTS_RAW where WBTS_ID=101125; Expected outcome The following is an example output: RNC_ID WBTS_ID PERIOD_STA PERIOD_DURATION PERIOD_DURATION_SUM ---------- ---------- ---------- --------------- ------------------MAX_HSDPA_USERS_PER_WBTS MAX_HSUPA_USERS_PER_WBTS SUM_HSDPA_USERS_PER_WBTS ------------------------ ------------------------ -----------------------SUM_HSUPA_USERS_PER_WBTS DENOM_HSPA_USERS_PER_WBTS SUCC_HSPA05_RECONF_SHUTD ------------------------ ------------------------- -----------------------UNSUCC_HSPA05_RECONF_SHUTD SUCC_HSPA05_RECONF_ACT UNSUCC_HSPA05_RECONF_ACT -------------------------- ---------------------- -----------------------101122 101125 23.09.2015 60 60 1 11 10 10 6 14 9 15 9 Check the above output to see if the date is the same as the generated date of the latest performance data on RNC. If yes, the Performance Management connectivity works properly. DN09111775 4-0 © 2016 Nokia Solutions and Networks 79 Integrating RNC and WBTS to NetAct Using management functions for RNC and WBTS 9 Using management functions for RNC and WBTS This section describes where to find more information on how to use the management functions supported for RNC and WBTS. For more information on how to use the management functions supported for RNC and WBTS, refer to respective documents. • For User Management, see User Management Help. • For Permission Management, see Permission Management Help. • For Configuration Management or Hardware Management, see CM Editor Help and CM Operations Manager Help. • For License Management, see License Manager Help. • For Software Management, see Software Manager Help. • For Performance Management, see Performance Manager Help. • For Administration of Measurement, see Administration of Measurements Help. • For Optimizer, see Optimizing a Network Using Optimizer. • For Audit Trail, see Audit Trail document set. • For Trace Viewer, see TraceViewer Help. • For Network Element Backup and Restore Server, see Administering NetAct Network Element Backup and Restore Server (NEBR Server). • For Centralized Network Element User Management (CNUM) which is supported by WCDMA, see Configuring CNUM for WCDMA network elements. • For troubleshooting data collection function, see Remote troubleshooting data collection to NetAct for WCDMA. DN09111775 4-0 © 2016 Nokia Solutions and Networks 80 Integrating RNC and WBTS to NetAct Removing RNC and WBTS integration 10 Removing RNC and WBTS integration This chapter describes how to remove the integration of RNC and WBTS or remove WBTS from NetAct. Remove the integration of RNC and WBTS in the following cases: • RNC and WBTS are moved to another NetAct or Network Management System. • A re-integration is needed after RNC and WBTS are upgraded with massive changes. • A rollback is needed for either the RNC and WBTS or NetAct. If you need to remove the integration of RNC and WBTS integration from NetAct, see Removing RNC and WBTS integration from NetAct on page 81. If you only need to remove WBTS from NetAct and keep the RNC and WBTS integration to NetAct, see Removing WBTS from NetAct on page 84. 10.1 Removing RNC and WBTS integration from NetAct 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 2. Delete Configuration Management data. a) In NetAct Start Page, open CM Operations Manager by clicking Configuration → CM Operations Manager. b) To open the Workflow Engine dialog, from the Tools menu, select Workflow Engine.... c) In the MO(s) field, add the managed object of network element to be cleaned up. 1. In NetAct Start Page, click Configuration → CM Editor. Expected outcome The CM Editor application runs. 2. In the left pane of CM Editor, expand Actual Configuration and then drag or copy the managed object of the integrated network element. 3. In the Workflow Engine window of CM Operations Manager, drop or paste the managed object to the MO(s) field. DN09111775 4-0 © 2016 Nokia Solutions and Networks 81 Integrating RNC and WBTS to NetAct Removing RNC and WBTS integration Note: You must have both CM Editor and Workflow Engine open to drag and drop or copy and paste the managed object. d) From the Operation list drop-down list, select NE data deletion from Configurator. Expected outcome The selected operation shows in the Operation column, and the corresponding attributes for the operation show on the right. e) (Optional) In the Name field, enter a name for the operation. f) (Optional) In the Description field, enter a description for the operation. g) In the Scope area, select the managed object DN for which the deletion operation needs to be performed if it is not selected. h) Click Start. i) When prompted, click Yes. Expected outcome The NE data deletion from Configurator: Finished dialog appears displaying the feedback. Note: After removing RNC and WBTS integration, delete or disable all the scheduled operations in CM Operations Manager for the network elements. 3. In NetAct Start Page, click Monitoring → Monitor. 4. In Monitor, open Object Explorer by selecting Tools → Managed Objects → Object Explorer. Expected outcome The Objects pane opens. 5. Unregister the WCDMA OMS. a) In the Object panel, right-click the OMS-<instance ID> object, and select Element Management → Element Manager → OMS Application Launcher. Expected outcome The application launcher window appears. Note: If the message JAVA VIRTUAL MACHINE VERSION IS NOT SUPPORTED appears, you may ignore it by pressing I on the keyboard. b) Double-click Parameter tool. DN09111775 4-0 © 2016 Nokia Solutions and Networks 82 Integrating RNC and WBTS to NetAct Removing RNC and WBTS integration Expected outcome The parameter tool window appears. c) Select fsClusterId=ClusterRoot → fsFragmentId=NWI3 → fsFragmentId=mediator. If there are multiple items under fsFragementId=mediator, select the item which Active Value is true for fsnwi3configurationActive. d) In the right pane, remove the value designated for fsnwi3registrationServiceIOR. To remove the value from the Active Value column of fsnwi3registrationServiceIOR. Double-click the value to display the View/Edit Attribute Value window, and clear the value after IOR: in the window, then click OK. Expected outcome The Active Value of fsnwi3registrationServiceOIR is updated to IOR:. e) Close the Parameter Tool window and the Application Launcher window. f) Log in to WCDMA OMS as the Nemuadmin user through SSH and switch to root user by entering the su - command. g) Restart NWI3Adapter by entering: fshascli -rn /NWI3Adapter Expected outcome The NWI3Adapter restarts and the changes are saved. 6. Delete the Fault Management data. a) Right-click the OMS object and select Delete All Alarms from Database → Delete Alarms For Object And Its Subnetwork. b) When a confirmation dialog prompts, click Yes. Wait for the deletion to complete in the Progress Tracker. c) Right-click the RNC object and select Delete All Alarms from Database → Delete Alarms For Object And Its Subnetwork. d) When a confirmation dialog prompts, click Yes. Wait for the deletion to complete in the Progress Tracker. 7. Delete the OMS object. a) Right-click the OMS object and select Delete. DN09111775 4-0 © 2016 Nokia Solutions and Networks 83 Integrating RNC and WBTS to NetAct Removing RNC and WBTS integration b) When a confirmation dialog prompts, click Yes. 8. Delete the RNC and PRNC object. a) Right-click the RNC or PRNC object and select Delete. b) When a confirmation dialog prompts, click Yes. 10.2 Removing WBTS from NetAct Prerequisites • Switch the WBTS site which needs to be removed to another RNC before provisioning the WBTS deletion plan. When WBTS is no longer needed, you can remove it from the current NetAct. Perform the following steps to remove WBTS: Note: If you need to remove the integration of RNC and WBTS, see Removing RNC and WBTS integration from NetAct on page 81. 1. Log in to the NetAct Start Page as the integration user. a) Enter the following URL in the address field of your internet browser: https:// <system_FQDN>/startpage <system_FQDN> is the fully qualified domain name of the NetAct cluster load balancer for WebSphere. For more information, see Launching the NetAct Start Page. b) Enter the Username and Password of the integration user on the NetAct login page, and click Log In. c) Click Accept to accept the terms and conditions. 2. In NetAct Start Page, click Monitoring → Monitor. 3. In Monitor, open Object Explorer by selecting Tools → Managed Objects → Object Explorer. Expected outcome The Objects pane opens. 4. Delete the Fault Management data. a) Right-click the WBTS object which is planned to be deleted and select Delete All Alarms from Database → Delete Alarms For Object And Its Subnetwork. b) When a confirmation dialog prompts, click Yes. Wait for the deletion to complete in the Progress Tracker. 5. Delete the WBTS object. DN09111775 4-0 © 2016 Nokia Solutions and Networks 84 Integrating RNC and WBTS to NetAct Removing RNC and WBTS integration a) Right-click the WBTS object which is planned to be deleted and select Delete. b) When a confirmation dialog prompts, click Yes. 6. Delete Configuration Management data. a) In NetAct Start Page, open CM Editor by clicking Configuration → CM Editor. b) In CM Editor, from the Plan menu, select New Plan. Expected outcome The New Plan dialog box appears. c) In the New Plan dialog box, type the name and needed description for the plan, and then click Update. Expected outcome All the objects which can be managed are listed under Managed Objects in the newly created plan. d) Under Managed Objects, find and right-click the WBTS object which is planned to be deleted, and then select Change to Delete. Expected outcome The WBTS object is added to the created plan in CM Editor. e) In NetAct Start Page, open CM Operations Manager by clicking Configuration → CM Operations Manager. f) In CM Operations Manager, in the Plans tab, right-click the plan which includes the WBTS object to be deleted and click Provision. Expected outcome The Provision - <plan name> window opens. g) Make the following modifications: • In the Name field, type the name of the operation. • Clear the Entire plan check box. • Click the RNC tab, select only the RNC check box, and ensure that only the RNW fragment is selected. h) Run the provision operation by clicking Start. Expected outcome The Provision – Activate window opens. No error is shown in Feedback. i) In CM Editor, click the Refresh Tree icon in the toolbar or press F5. DN09111775 4-0 © 2016 Nokia Solutions and Networks 85 Integrating RNC and WBTS to NetAct Removing RNC and WBTS integration Expected outcome The state of the WBTS object changes to non-operational. j) Delete all the plans which are related to the WBTS network element to be deleted. Expected outcome All the plans are deleted successfully. The WBTS network element disappears from CM Editor. DN09111775 4-0 © 2016 Nokia Solutions and Networks 86 Integrating RNC and WBTS to NetAct Troubleshooting RNC and WBTS integration 11 Troubleshooting RNC and WBTS integration This section describes how to troubleshoot the RNC and WBTS integration if any error occurs. 11.1 Alarms not received This section describes how to troubleshoot the case of not receiving alarms from the network elements. Problem There is no alarm (except the alarms with alarm ID 9255 and 9047) displayed in Monitor Alarm List or the test alarm cannot reach NetAct. Possible causes • Integration user permission is incorrect. • The credentials are incorrect. • Firewall is not set correctly. • NWI3 mediation is not functional. Solution 1. Check the integration user permission. For more information, see Managing NetAct user for RNC and WBTS integration engineer on page 26. 2. Check the credentials in Network Element Access Control application. For more information, see Managing the credentials on page 30. 3. Check the firewall settings. For more information, see Setting up firewall rules on page 42. 4. Check if the NWI3 mediation is running. For more information, see Checking the status of NWI3 mediation in Administering NWI3 Southbound Interface. To start the NWI3 service, see Starting the NWI3 service in Administering NWI3 Southbound Interface. 11.2 Performance data not found This section describes how to troubleshoot the case of not finding performance data. Problem Performance Management (PM) data is missing in Performance Manager. Possible causes • Before deploying NetAct fast pass (formerly INES) compatible metadata successfully, Performance Manager GUI is already open. DN09111775 4-0 © 2016 Nokia Solutions and Networks 87 Integrating RNC and WBTS to NetAct Troubleshooting RNC and WBTS integration • Integration user permission is incorrect. • The credentials are incorrect. • Firewall is not set correctly. • nwi3 service is not started in NetAct. • PM pipe is not running. • NWI3Adapter of OMS is locked. • Some ETLOAD processes are not working. • Invalid OMeS files are received. • OMeS file is inaccessible. Solution 1. Restart Performance Manager to load metadata. How to deploy metadata, see Deploying NetAct fast pass (formerly INES) compatible metadata on page 27. 2. Check the integration user permission. For more information, see Managing NetAct user for RNC and WBTS integration engineer on page 26. 3. Check the credentials in Network Element Access Control application. For more information, see Managing the credentials on page 30. 4. Check the firewall settings. For more information, see Setting up firewall rules on page 42. 5. Check the nwi3 service status in NetAct. For more information, see Preparing NetAct. 6. Check the NWI3Adapter status in OMS. For more information, see Checking the service status in OMS on page 10. 7. For PM related issues, see Performance Management. 11.3 Element Managements not launched This section describes how to troubleshoot the case of Element Management launch failure. Problem The Element Managements cannot be launched. Possible causes • After you deploy NetAct fast pass (formerly INES) compatible metadata successfully, Monitor is not restarted. • Integration user permission is incorrect. • The EM Access credential is incorrect. • Firewall is not set correctly. • Node manager is not installed or configured properly. • The configuration of Element Management is not proper. DN09111775 4-0 © 2016 Nokia Solutions and Networks 88 Integrating RNC and WBTS to NetAct Troubleshooting RNC and WBTS integration Solution 1. Restart Monitor to load metadata. 2. Check the integration user permission. For more information, see Managing NetAct user for RNC and WBTS integration engineer on page 26. 3. Check if the EM Access credential is created properly. For more information, see Managing the credentials on page 30. 4. Check the firewall settings. For more information, see Setting up firewall rules on page 42. 5. Check Node Manager installation and configuration. For more information, contact your netact administrator. 6. Check the configuration of Element Management. For more information, see Preparing Element Management on page 35. 11.4 Configuration Management upload failure This section describes how to troubleshoot the case of Configuration Management upload failure. Problem Configuration Management upload fails. Possible causes • Integration user permission is incorrect. • The credentials are incorrect. • Firewall is not set correctly. • nwi3 service is not started in NetAct. • Certificates are not installed (if HTTPS protocol is used). For more information on possible causes and solutions, see CM upload or provision or send to network fails for NE3SWS based network elements in Troubleshooting. DN09111775 4-0 © 2016 Nokia Solutions and Networks 89 Integrating RNC and WBTS to NetAct Troubleshooting RNC and WBTS integration Solution 1. Check the integration user permission. For more information, see Managing NetAct user for RNC and WBTS integration engineer on page 26. 2. Check the credentials in Network Element Access Control application. For more information, see Managing the credentials on page 30. 3. Check the firewall settings. For more information, see Setting up firewall rules on page 42. 4. To start the nwi3 service, see Starting the NWI3 service in Administering NWI3 Southbound Interface. 5. Ensure the required certificates are installed. For more information, see Managing certificates for NetAct services in Administering NetAct System Security. 11.5 Object creation failure This section describes how to troubleshoot the case of object creation failure. Problem OMS and HTTP objects do not appear on NetAct Monitor correctly. Possible causes: • OMS and HTTP instance IDs are not configured correctly. • Host name of OMS and Security mode of HTTP object are not configured correctly. Solution 1. Recreate the OMS object by following the steps below: a) Right-click the OMS object, and then select Delete. b) Create the OMS object again. For more information, see Creating managed objects on page 54. 2. Recreate the HTTP object by following the steps below: a) Right-click the HTTP object, and then select Delete. b) Create the HTTP object again. For more information, Creating managed objects on page 54. 11.6 NEIW execution errors This section describes how to troubleshoot the NE Integration Wizard execution errors. Problem During the integration with NE Integration Wizard (NEIW), execution errors happen with error logs. Possible causes DN09111775 4-0 © 2016 Nokia Solutions and Networks 90 Integrating RNC and WBTS to NetAct Troubleshooting RNC and WBTS integration • The parameters are incorrect. • NWI3 Access credential is incorrect. Solution 1. Check if the parameters are filled correctly. For more information, see Integration operations in NEIW on page 59. 2. Check if the NWI3 Access credential is created properly. For more information, see Checking the credentials on page 30. 11.7 Integration data upload failure This section describes how to troubleshoot the case of integration data upload failure. Problem The integration process is not successful. Possible causes: • Integration user permission is incorrect. • NWI3 Access is not created in NEAC. • Firewall is not set correctly. • NWI3 Access credential is incorrect. • nwi3 service is not started in NetAct. • NWI3Adapter of OMS is locked. • The registration of OMS is expired. Solution 1. Check the integration user permission. For more information, see Managing NetAct user for RNC and WBTS integration engineer on page 26. 2. Create NWI3 Access for OMS. For more information, see Managing the credentials on page 30. 3. Check the firewall settings. For more information, see Setting up firewall rules on page 42. 4. Check if the NWI3 Access credential is created properly. For more information, see Checking the credentials on page 30. 5. Check the nwi3 service status in NetAct. For more information, see Preparing NetAct. 6. Check the NWI3Adapter status in OMS. For more information, see Checking the service status in OMS on page 10. 7. Delete NWI3-1 object and upload integration data again: a) Log in to the NetAct Start Page as the integration user. b) In NetAct Start Page, click Monitoring → Monitor. DN09111775 4-0 © 2016 Nokia Solutions and Networks 91 Integrating RNC and WBTS to NetAct Troubleshooting RNC and WBTS integration c) In Monitor, open the Object Explorer by selecting Tools → Managed Objects → Object Explorer. The Objects panel appears. d) Expand the PLMN-PLMN and OMS objects in sequence. Expected outcome The child objects appear under the OMS object. e) Right-click the NWI3-1 object and select Delete. f) When a confirmation dialog prompts, click Yes. The NWI3-1 object disappears. g) Right-click the OMS object and select Element Management → Integration Data Upload. Expected outcome In the Ongoing Operations area, when the Integration Data Upload progress bar shows 100% Completed, check if Completed Successfully shows in the Operation Status in the Operations History area. 11.8 Network element not visible in Configuration Management applications This section describes how to troubleshoot the case of network element not visible in Configuration Management applications. Problem The network element is not visible in Configuration Management (CM) applications. Possible causes • Wrong release of the network element is used for integration. • Failure occurs in the handling of NASDA notification or no NASDA notification is generated. Solution 1. Check the release of the network element currently in use. 2. NASDA notification can fail if a unsupported release of the network element is integrated, or the notification is sent, but the data cannot be stored to CM database. To find the real root cause: a) Log in to one of the VMs on which the was service is running as the omc user and then switch to the root user. b) Enable logging by executing: /opt/nokia/oss/bin/set_trace_level.sh rac.oescom ALL DN09111775 4-0 © 2016 Nokia Solutions and Networks 92 Integrating RNC and WBTS to NetAct Troubleshooting RNC and WBTS integration c) Repeat the integration process and check the log file /var/opt/oss/log/rac/ oss_trace*.log. d) Contact Nokia Technical Support for further investigation. 11.9 OMS Web UI launched with blank page This section describes how to troubleshoot the case of OMS Web UI launched but shows as blank page failure. Problem OMS Web UI launched but shows as blank page. Possible causes • The OMS version is old and the Web UI cannot work properly with Internet Explorer 11. Solution 1. Log in as <domain name>\<administrator account> to NMS DC1 by using remote desktop connection. Note: <domain name> is the domain name of the Node Manager Domain Controller (DC). For more information, contact the NetAct administrator. 2. Open Internet Explorer and click Tools → Compatibility View settings. Add the northbound IP or FQDN address of OMS in text box and click Add. And then close the window. Note: If FQDN of OMS is added in Compatibility View settings, ensure that the correct DNS is configured in the NetAct VM where the DNS-Master service is running. For more DN09111775 4-0 © 2016 Nokia Solutions and Networks 93 Integrating RNC and WBTS to NetAct Troubleshooting RNC and WBTS integration information, see Adding OMS, RNC and WBTS to Domain Name Service in NetAct on page 35. Figure 3: Compatibility View settings 3. Click Start → All Programs → Administrative Tools → Group Policy Management. 4. Expand Group Policy Management → Forest: <domain fqdn> → Domains → <domain fqdn>. 5. Right-click Default Domain Policy and select Edit. 6. Expand Default Domain Policy → User Configuration → Preferences → Windows Settings → Registry. 7. Right-click Registry and select New → Registry Wizard. Select Local Computer and click New. Navigate to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer \BrowserEmulation\ClearableListData\ and select UserFilter. Click Finish. Figure 4: Registry Wizard 8. Open Start → Command Prompt. 9. Execute the following command: gpupdate /force Note: If the settings do not work on any NMS VM, run the gpupdate /force command on that NMS VM to make it take effect immediately. DN09111775 4-0 © 2016 Nokia Solutions and Networks 94 Integrating RNC and WBTS to NetAct Upgrading WCDMA integration 12 Upgrading WCDMA integration This chapter describes how to upgrade WCDMA integration. Prerequisites 1. The WCDMA network element to be upgraded is integrated to NetAct. 2. The WCDMA network element is upgraded. 3. The upgraded OMS is configured correctly. For detailed instructions, see Integration operations on OMS on page 51. For WCDMA, there are two kinds of upgrade scenarios: • OMS is upgraded, but RNC and WBTS are not upgraded. • The whole set of WCDMA, including OMS, RNC and WBTS, is upgraded. For either scenario, OMS will send the Topo Event to NetAct to update the OMS version (the value of the Version attribute for the OMS object) automatically. For WCDMA, since the upgrade has no object model change, the objects of old version are reused after the upgrading. For the integration to work with the upgraded network element, do the following: • Change the release information of the OMS object in NetAct and then trigger Integration Data Upload. • Upgrade Application Launcher and WBTS Site Manager on Node Manager Citrix Virtual Delivery Agent (VDA) server. To change the release information and trigger Integration Data Upload: 1. Log in to NetAct Start Page as the integration user. 2. In NetAct Start Page, open Monitor by clicking Monitoring → Monitor. 3. In Monitor, open Object Explorer by selecting Tools → Managed Objects → Object Explorer. Expected outcome The Objects pane opens. 4. In the Objects pane, right-click the OMS object and then select Change Version. 5. In the Change Version dialog, select the new version from the drop-down list, and then click OK. 6. Right-click the OMS object and select Element Management → Integrate Data Upload. After successful upload, the value of the Version attribute for the OMS object changes to the upgraded version. To check and upgrade Application Launcher and WBTS Site Manager: For element management launch to work properly in the upgraded WCDMA, ensure that the correct versions of Application Launcher and WBTS Site Manager are installed on Node Manager Citrix Virtual Delivery Agent (VDA) server. For more information, see Preparing Element Management on page 35. DN09111775 4-0 © 2016 Nokia Solutions and Networks 95

integrating rnc and wbts to netact (1)

Related documents

Products

Support

integrating rnc and wbts to netact (1)

Related documents

Add this document to collection(s)

Add this document to saved

Suggest us how to improve StudyLib