Pre Sales Communications

(1)

Pre Sales Communications

OmniVista 4760 from R4.1 & OmniPCX Enterprise R7.1

IP Protocols and Ports

(2)

OmniVista 4760 from R4.1 – IP Protocols

ESD / Pre Sales / JMB 2/21 February 2009 – Ed01b

OmniVista 4760 from R4.1 – IP Protocols

1. Objectives

This document provides the list of all IP protocols and the ports used by the OmniVista 4760 (client/server) to manage an OmniPCX Enterprise.

The use of these protocols and ports is described through the examples.

2. IP protocols

2.1. Global overview

2.1.1. Protocols

GIOP: OmniVista 4760 uses CORBA (Common Object Request Broker Architecture) technology to communicate between Server and Client. GIOP is the CORBA exchange protocol.

LDAP: is used to retrieve or send data to the Directory server. HTTP: is used to provide HTML pages and on-line help. TDS: is used to access the accounting database (SQL Sybase). CMOT: is used to retrieve or send the data from the PBX database. TELNET: is used when the user connects to the PBX system.

FTP: is the file transfer protocol used to retrieve the PBX files (accounting, past time performance). The active mode is used up to OmniVista R3.1; the passive mode is used from OmniVista R3.2.

(4)

OmniVista 4760 from R4.1 – IP Protocols

SSH: is the secure protocol that replaces TELNET and FTP. SFTP is the file transfer protocol embedded with SSH protocol. SFTP it is not the evolution of the FTP protocol.

SNMP: is used to provide voice network alarms by SNMP traps.

SMTP: is used following an event, which includes sending information to a mail server. By default, 4760 sends the message to port 25 of the SMTP server.

Information about SMTP is not provided in this document.

STAP: Simple Telephony Application Protocol. It is used with the call by name feature in the Enterprise Directory.

2.2. Protocols and ports used without security protocol

All ports, which are defined by default, can be modified after OmniVista 4760 server installation (for more information, see technical documentation).

When the customer only uses the embedded client in the server, all the listening ports to a remote PC client management remain closed. There is no need to open the customer firewall. All listening ports of the 4760 server and PC client that are used by protocols are opened when a session starts.

2.2.1. Connection

2.2.1.1. Windows PC client with connection to the 4760 server

The protocols used are available whatever the type of Client Management (browser or client embedded in the Windows PC). The protocols and ports used are the same with or without user identification.

GIOP:

At the first connection, it is used to communicate with: • The security server,

(5)

OmniVista 4760 from R4.1 – IP Protocols

• The license server and user access rights are sent via this protocol.

The default listening ports used by the 4760 server are: 30025, 30019, 30012.

The default listening port used by the PC Client management is a free port in range: 30500 to 30509.

LDAP: It is used to retrieve directory system information. The default listening port used by the 4760 server is: 389.

HTTP: It is used for the help on the way.

The default listening port used by the 4760 server is: 80.

2.2.1.1.1. Ports usage OmniVista OmniVista OmniVista OmniVista 4760476047604760 PC Client PC Client PC Client PC Client Management ManagementManagement Management

DP : Dynamics Ports: Between1024 to 5000 DP : Dynamics Ports: Between1024 to 5000 DP : Dynamics Ports: Between1024 to 5000 DP : Dynamics Ports: Between1024 to 5000 RP : Range ports : between 30500 to 30509 RP : Range ports : between 30500 to 30509 RP : Range ports : between 30500 to 30509 RP : Range ports : between 30500 to 30509

389 389389 389 30025 30025 30025 30025 30019 30019 30019 30019 80 8080 80 30012 3001230012 30012 RP RP RP RP Ports PortsPorts Ports Ports PortsPorts Ports DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP

DP Connection to the Directory server

Access to the security server Access right request as PC client

Test HTTP server Request to the notification server Answer of the notification server

OmniVis OmniVis OmniVis OmniVista ta ta ta 4760476047604760 PC Client PC Client PC Client PC Client Management ManagementManagement Management

DP : Dynamics Ports: Between1024 to 5000 DP : Dynamics Ports: Between1024 to 5000 DP : Dynamics Ports: Between1024 to 5000 DP : Dynamics Ports: Between1024 to 5000 RP : Range ports : between 30500 to 30509 RP : Range ports : between 30500 to 30509 RP : Range ports : between 30500 to 30509 RP : Range ports : between 30500 to 30509

389 389389 389 30025 30025 30025 30025 30019 30019 30019 30019 80 8080 80 30012 3001230012 30012 RP RP RP RP Ports PortsPorts Ports Ports PortsPorts Ports DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP DP

DP Connection to the Directory server

Access to the security server Access right request as PC client

Test HTTP server Request to the notification server Answer of the notification server

2.2.1.2. Web directory consultation

HTTP: It is used for the web presentation.

(6)

OmniVista 4760 from R4.1 – IP Protocols

2.2.1.2.1. Ports usage

2.2.2. Application

2.2.2.1. Configuration

The protocols and ports described below concern the launching module and connection in the PBX. All PBX configuration actions are made in this way.

GIOP:

In this context, this protocol is used to: • Request connection to the 4760 server, • Send and receive PBX data information, • Synchronize with the PBX MIB,

• Receive alarms and events configuration commands, • Retrieve security information about user rights.

The default listening ports used by the 4760 server are: 30022, 30014, 30017, 30018, 30025. The default listening port used by the PC Client management is a free port in the range: 30500 to 30509.

(7)

OmniVista 4760 from R4.1 – IP Protocols

CMISE: is used to send requests to the OmniPCX Enterprise. The listening port of the OmniPCX Enterprise is: 2535.

HTTP: is used when the GUI mode is used for set configuration.

2.2.2.2. Accounting

The protocols and ports described below concern the launching application and accounting configuration in the server. For accounting reports, see chapter 2.2.3.1 report generation).

(8)

OmniVista 4760 from R4.1 – IP Protocols

TDS: is used to retrieve Data in the accounting database (Sybase Anywhere). The default listening port used by the 4760 server is: 30011.

LDAP: is used to retrieve the accounting information (rights…) in the directory system. The default listening port used by the 4760 server is: 389.

GIOP: is used to retrieve security information about user rights. The default listening port used by the 4760 server is: 30025.

2.2.2.3. Directory

The protocols and ports described below concern the launching application and Directory configuration in the server. For declaring the OXE, see chapter 2.2.3.2 OXE declaration.

(9)

OmniVista 4760 from R4.1 – IP Protocols

TDS: is used to retrieve information from the accounting database (Sybase Anywhere). The default listening port used by the 4760 server is: 30011.

LDAP: is used to retrieve the Data in the directory system. The default listening port used by the 4760 server is: 389.

GIOP: is used to retrieve security information about user rights. The default listening port used by the 4760 server is: 30025.

2.2.2.4. Alarms

The protocols and ports described below concern the launching application and Alarm actions made in the server (Delete, Acknowledge…). For alarm reports, see chapter 2.2.3.1 Report generation.

(10)

OmniVista 4760 from R4.1 – IP Protocols

GIOP:

In this context, this protocol is used to receive alarms and events configuration from the notification server.

The default listening port used by the PC Client management is: 30500 to 30509

LDAP: is used to retrieve the alarms information (right…) in the directory system. The default listening port used by the 4760 server is: 389.

2.2.2.5. Topology

The protocols and ports described below concern the launching application and actions made in Topology (object creation…).

(11)

OmniVista 4760 from R4.1 – IP Protocols

GIOP:

In this context, the protocol is used to receive alarms from the notification server and retrieve user rights from the security server.

The default listening port used by the 4760 server is: 30022, 30025.

The default listening port used by the PC Client management is a free port in range: 30500 to 30509.

LDAP: is used to retrieve the topology information (PBX…) in the directory system. The default listening port used by the 4760 server is: 389.

HTTP: It is used for the Topology GUI and the on-line help. The default listening port used by the 4760 server is: 80. 2.2.2.5.1. Ports usage

2.2.2.6. Scheduler

The protocols and ports described below concern the launching application and actions made in Scheduler (job creation ...).

(12)

OmniVista 4760 from R4.1 – IP Protocols

GIOP: is used to communicate with the Scheduler server and the security server The default listening ports used by the 4760 server are: 30024 and 30025.

LDAP: is used to retrieve the scheduler information (rights…) in the directory system. The default listening port used by the 4760 server is: 389.

2.2.3. Miscellaneous

2.2.3.1. Report generation

The protocols and ports described below concern the launching application and reports generation. All report types are concerned (accounting, alarms, performances).

(13)

OmniVista 4760 from R4.1 – IP Protocols

GIOP: is used to communicate with the extractor server and security server The default listening port used by the 4760 server is: 30016 and 30025.

TDS: is used to retrieve data in the accounting database (Sybase Anywhere). The default listening port used by the 4760 server is: 30011.

LDAP: is used to retrieve the Directory information necessary to generate a report. The default listening port used by the 4760 server is: 389.

2.2.3.2. OXE declaration

(14)

OmniVista 4760 from R4.1 – IP Protocols

CMISD: is used to supervise the OmniPCX Enterprise alarms. If the OXE alarms are not supervised, the protocol is not used when an OXE PBX is declared.

The listening port of the OmniPCX Enterprise is: 2535.

FTP or SFTP: is used to retrieve the OmniPCX Enterprise MIB. If the MIB is already in the OmniVista database, the MIB is not retrieved from the OmniPCX Enterprise and the FTP protocol is not used.

If SFTP is used the listening and data port is: 22 (see 2.3.1.1) 2.2.3.2.1. Ports usage

2.2.3.3. Save OXE data

(15)

OmniVista 4760 from R4.1 – IP Protocols

GIOP: is used to communicate with the backup/restore server. The default listening port used by the 4760 server is: 30023. FTP or SFTP: is used to retrieve OmniPCX Enterprise database. The listening port of the OmniPCX Enterprise is: 21.

If SFTP is used, the listening and data port is: 22 (see 2.3.1.1)

LDAP: is used to retrieve Directory information necessary for the OmniPCX database backup/restore.

The default listening port used by the 4760 server is: 389 2.2.3.3.1. Ports usage

(16)

OmniVista 4760 from R4.1 – IP Protocols

2.2.3.4. OXE automatic synchronization

The protocols and ports described below are only used when the scheduler window is open.

CMISD: is used:

• To supervise the OmniPCX Enterprise alarms,

• To retrieve specific telephonic database data (subscriber phone number…) The listening port of the OmniPCX Enterprise is: 2535.

FTP or SFTP: is used to retrieve the files from the OmniPCX Enterprise (MIB, Accounting tickets, PTP counters, VOIP tickets).

If SFTP is used, the listening and data port is: 22 (see 2.3.1.1) GIOP: is used to communicate with the Scheduler server The default listening port used by the 4760 server is: 30024. HTTP: It is used for on-line help.

(17)

OmniVista 4760 from R4.1 – IP Protocols

2.2.3.5. TELNET

TELNET: is used when the 4760 administrator connects to the OmniPCX in terminal mode. In this way, all technical commands to the OmniPCX Enterprise can be made (Login and password are required).

TELNET protocol is not secured.

(18)

OmniVista 4760 from R4.1 – IP Protocols

The listening port of the OmniPCX Enterprise is: 23. 2.2.3.5.1. Ports usage

2.2.3.6. Hypervisor integration

SNMP: The 4760 SNMP traps are sent via this protocol. The listening port of the 4760 is: 161

(19)

OmniVista 4760 from R4.1 – IP Protocols

2.3. Protocols and ports used with security protocols

2.3.1. Between PBX and OmniVista 4760 server

2.3.1.1. SSH/SFTP

SFTP: is the Secured File Transfer Protocol of SSH protocol that replaces TELNET and FTP. It can be used from OmniPCX R6.0.

When the 4760 administrator connects to the OmniPCX in terminal mode, a Proxy in the 4760 server is used. In this way, all technical commands to the OmniPCX Enterprise can be made (Login and password are required).

SSH: is used for Remote maintenance. Authentication is mandatory (Login / Password).

Secured File Transfer Protocol retrieve: MIB structure, Accounting tickets, Counters of Past time performance, VOIP tickets. The port used by default in the 4760 server is: 30100

The listening port of the OmniPCX Enterprise is: 22. 2.3.1.1.1. Ports usage

(20)

OmniVista 4760 from R4.1 – IP Protocols

2.3.2. Between OmniVista 4760 server and client

2.3.2.1. IPSec protocol

IPSec is a standard, which includes specific protocols.

When IPSec is used, the ports, which have been described in the previous chapter 2.2, are not seen through the data network. They are still used at the end point (OXE, 4760 sever or client). IPSec can be deployed if the Operating System for the OmniVista 4760 server is Windows 2003 and Windows 2000, XP or 2003 for the OmniVista 4760 client.

By default, IPSec protection is not active between 4760 server & client.

IPSec protection of OmniVista 4760 is built with two IPSec windows strategies provided by Alcatel (client strategy & server strategy). Except for the HTTP protocol (port 80), these strategies provide security for all the client/server communications.

HTTP port (80) can be added into the IPSec protection, but the Windows PC Web browser, which has active IPSec, can only have access to the 4760 Web Administration server.

In the case of a third party, where the LDAP application would need to access the 4760 Directory Server (LDAP overflow from the OXE, LDAP replication, Alcatel 4059), the LDAP port (389 of the 4760 server) must be removed from the IPSec strategy.

IPSec slows down access time and data exchanges. If the time delays are excessive, IPSec protection field can be reduced (modification of strategies).

If the customer has an IPSec strategy, the IPSec protection of the OmniVista 4760 must be included in it.

(21)

OmniVista 4760 from R4.1 – IP Protocols

KERBEROS: is used to send the authentication request to the Kerberos server embedded in the Data Controller. Authentication is requested when the PC starts.

UDP or TCP support depends on the Kerberos message size. If the size is not compliant with UDP format, it is sent by TCP format. The Microsoft System makes the choice.

ISAKMP: is the security protocol used to define security keys and algorithms. In 4760 server or client, the Port #500 is used as source and destination port.

ESP: is the security protocol used to provide data privacy for the communication exchange between the OmniVista 4760 server and the client.

IPSec protection, simplifies firewall configuration because the communication ports embedded in the IPSec strategy are not filtered in firewalls.

If you have reactions or comments to make about this document, please send an e-mail to

[email protected] with the title of this document and the subject. End of document

Pre Sales Communications