Using LifeSize Transit with LifeSize Bridge

©2005–2011 Logitech and its licensors. All rights reserved. May 27, 2011

1

Technical Note Using LifeSize Transit with LifeSize Bridge This document explains how to configure LifeSize Bridge with LifeSize Transit Server v3.0.1, LifeSize Transit Client v3.0.1, video communications systems, and firewalls in common deployment scenarios. The following graphic depicts the network configuration. Some deployments have LifeSize Bridge 2200 in the DMZ.

Firewall

LAN INTERNET

LifeSize video

communications systems

LifeSize Transit Client

LifeSize Bridge 2200

LifeSize video

communications systems

DMZ

LifeSize Transit Server (public IP address)

Note: This diagram depicts an environment with one firewall appliance that generates both the LAN and the DMZ. If your environment uses an inner firewall appliance to create the LAN and an outer appliance to generate the DMZ, the firewall settings depicted in this document apply to the inner firewall appliance.

Common deployment scenarios are as follows: H.323 Deployments

LifeSize Bridge in a Private LAN Case 1: Using an External Gatekeeper in the LAN Case 2: Using LifeSize Transit Server’s Internal Gatekeeper

LifeSize Bridge in DMZ with Public IP Address Case 1: No Gatekeeper Case 2: External Gatekeeper in LAN

SIP Deployments LifeSize Bridge in Private LAN

Case 1: Case 2: Sending the Media through Port 443, 444

LifeSize Bridge in DMZ with Public IP Address


2

H.323 Deployments

LifeSize Bridge in a Private LAN

Case 1: Using an External Gatekeeper in the LAN

The devices in this example are as follows:

Device IP Address Location LifeSize Bridge 10.95.11.166 LAN

LifeSize Transit Client 10.95.11.163 LAN

External gatekeeper 10.95.11.165 LAN

Video communications system 1 10.95.11.169 LAN

Video communications system 2 50.50.50.167 Internet, registered to gatekeeper in the LAN through LifeSize Transit Client and LifeSize Transit Server

Video communications system 3 50.50.50.156 Internet

Video communications system 4 50.50.50.158 Internet, registered to LifeSize Transit Server

LifeSize Transit Server 50.50.50.160 DMZ

1. Set the firewall rules as shown in the following example:


3

2. Create a tunnel between LifeSize Transit Client and LifeSize Transit Server. From a browser log in to the LifeSize Transit Client, navigate to Operation & Maintenance : Connection, and do the following:

a. Enter the User ID 4567 and a password.

b. Enter 50.50.50.160 for the LifeSize Transit Server

c. Select Direct for Proxy Mode, and enter the password.

3. Register video communications system 1 (10.95.11.169) to LifeSize Gatekeeper with the extension 22169.

4. From a browser, log in to LifeSize Transit Server, navigate to Operation & Maintenance : H.323 Configuration, and do the following:

a. Select Use Gatekeeper at Private LAN.

b. Click Set.

c. In the Operation & Maintenance menu, click H.323 Routing.

d. In H.323 Prefix or Domain enter a number, in this example, 887.

e. In H.323 Zone Gatekeeper host[:port], enter 10.95.11.165:1719.

f. In Tunnel via, enter the tunnel number you created, in this example, 4567.

g. Click Add.

5. In the LifeSize Transit Client user interface, navigate to Operation & Maintenance : H.323 Settings, and do the following:

a. In Outbound prefix at Gatekeeper, enter 86 and click Set.

b. Select Strip prefix from outbound calls.

c. Select Register at Gatekeeper.

d. Click Refresh.

e. Registration status must show Registered.

6. Create a conference in the LifeSize Bridge Utility with a Conference ID of 2500.

7. Register LifeSize Bridge to the gatekeeper in the LifeSize Bridge Utility.

a. From the Preference tab, click H.323.

b. Ensure Enable H.323 is selected.

c. Configure the Gatekeeper section: H.323 Name Helium222166

H.3232 Extension 222166

Gatekeeper ID GATEKEEPER

Gatekeeper Mode Manual

Gatekeeper Hostname 10.95.11.165

Gatekeeper Port 1719

d. Click Save.


4

Dialing the Conference from the Video Communications Systems

System Description Dial Pattern 1 In the LAN with a private IP address <LifeSize Bridge IP address##conference ID>, in this

example, 10.95.11.166##2500

2 In the Internet registered to the gatekeeper in the LAN through LifeSize Transit Server and LifeSize Transit Client

<conference ID>, in this example, 2500

3 In the Internet with a public IP address <LifeSize Transit Server IP Address##conference ID>, in this example, 50.50.50.160##2500

4 In the Internet with a public IP address, registered to LifeSize Transit


Note The incoming prefix must be a part of the conference ID. For example, if the incoming prefix is 25, make the conference ID 2500.

You can also use this configuration with only ports 443 and 444 enabled in the firewall.

Case 2: Using LifeSize Transit Server’s Internal Gatekeeper




Video communications system 1 10.95.11.169 LAN

Video communications system 2 50.50.50.167 Internet, registered to a gatekeeper in the LAN through LifeSize Transit Server and LifeSize Transit Server

Video communications system 3 50.50.50.156 Internet

Video communications system 4 50.50.50.158 Internet, registered to LifeSize Transit Server


Set the firewall rules as shown in the example at the beginning of case 1. Complete the following configuration steps:

1. From LifeSize Transit Server, navigate to Operation & Maintenance : H323 Configuration.

2. Select Use built-in-gatekeeper.

3. Click Set.

4. Ensure that no options have been set in H.323 Routing.

5. From LifeSize Transit Client, navigate to Operation & Maintenance : H323 Settings and ensure that Registration status in the Internal Gatekeeper Registration section is empty.


5

6. In the LifeSize Bridge Utility, navigate to Preferences : H.323 and register LifeSize Bridge to LifeSize Transit Client:

a. From the Preference tab, click H.323.

b. Ensure Enable H.323 is selected.

c. Configure the gatekeeper section: H.323 Name Helium222166

H.3232 Extension 222166

Gatekeeper ID


Gatekeeper Hostname 10.95.11.163


Note: When using the embedded gatekeeper in LifeSize Transit Server, devices in the LAN use the LifeSize Transit Client IP address as the gatekeeper hostname, because LifeSize Transit Client is the proxy server for LifeSize Transit Server.

d. Click Save.

7. Register video communications system 1 to the LifeSize Transit Client.


System Description Dial Pattern 1 Registered to LifeSize Transit Client <conference ID>, in this example, 2500

2 In the Internet registered to the gatekeeper in the LAN through LifeSize Transit Server and LifeSize Transit Client


3 In the Internet with a public IP address <LifeSize Transit Server IP Address##conference ID>, in this example, 50.50.50.160##2500

4 In the Internet with a public IP address, registered to LifeSize Transit Server


You can also use this configuration when only ports 443 and 444 are enabled in the firewall.

LifeSize Bridge in DMZ with Public IP Address

Case 1: No Gatekeeper


Device IP Address Location LifeSize Bridge 50.50.50.163 DMZ


Video communications system 1 10.95.11.160 LAN, registered to LifeSize Transit Server with H.460

Video communications system 2 10.95.11.161 LAN, registered to LifeSize Transit Client



6


2. Create a tunnel between LifeSize Transit Client and LifeSize Transit Server.


System Description Dial Pattern 1 Registered to LifeSize Transit Client

with H.460 enabled. <conference ID/LifeSize Bridge IP address##conference ID>, in this example, 2500/50.50.50.163##2500.

2 Registered to LifeSize Transit Client <LifeSize Bridge IP Address##conference ID>, in this example, 50.50.50.163##2500. You can also dial just the conference ID.

Case 2: External Gatekeeper in LAN




External Gatekeeper 10.95.11.165 LAN

Video communications system 1 10.95.11.160 LAN, registered to the gatekeeper

Video communications system 2 50.50.50.157 Public

Video communications system 3 50.50.50.158 Public, registered to gatekeeper



2. Register video communications system 1 to the private gatekeeper with extension.

3. From Transit Server, navigate to Operation & Maintenance : H323 Configuration.


7

4. Select Use built-in-gatekeeper.

5. Click Set.

6. Select H.323 Routing and configure the following settings:

H.323 Prefix or Domain 887

H.323 Zone Gatekeeper host[:port] 10.95.11.165:1719

Tunnel via 4567


Vendor Radvision


7. Click Add.

8. From LifeSize Transit Client, navigate to Operation & Maintenance : H.323 Settings.

9. In the Internal Gatekeeper Registration section do the following

a. In Outbound Prefix at Gatekeeper enter 86 and click Set.

b. Select Strip prefix from outbound calls

c. Select Register at Gatekeeper

d. Click Refresh.

e. Ensure that Registration Status is Registered.


System Description Dial Pattern 1 In the LAN, registered to the gatekeeper <outbound prefix##LifeSize Bridge IP address##conference ID>,

in this example, 86##50.50.50.163##2500

2 Public <LifeSize Bridge IP Address##conference ID>, in this example, 50.50.50.163##2500

3 Public, registered to the gatekeeper < conference ID>, in this example, 2500

SIP Deployments

LifeSize Bridge in Private LAN

Case 1:




Video communications system 1 10.95.11.169 LAN, registered to LifeSize Transit Server through LifeSize Transit Client


Video communications system 3 50.50.50.158 Public registered to SIP registrar in LifeSize Transit Server



8



3. In the LifeSize Bridge Utility, navigate to Preferences : SIP.

4. Register to LifeSize Transit Server with the following settings:

Identification SIP Username 22166

Authorization Username 22166

Authorization Password <password>

Registrar Enable the SIP registrar Select

Registrar Hostname 50.50.50.160

Registrar Port 5060

Proxy Enable the SIP proxy server Select

Register the system through the SIP proxy server Select

Proxy Hostname 10.95.11.163

Proxy Port 5060

Signaling UDP Signaling Port 5060

TCP Signaling Port 0

TLS Signaling Port 0


9

5. Ensure that Registration Status changes to Registered.

6. Create a conference in the LifeSize Bridge Utility with a conference ID of 2500.


System Description Dial Pattern 1 In the LAN, registered to LifeSize Transit

Server through LifeSize Transit Client <conference ID / conference ID@LifeSize Transit Server IP address>, in this example, 2500 / [email protected]

2 Public <conference ID@LifeSize Transit Server IP address>, in this example, [email protected]

3 Public registered to SIP registrar in LifeSize Transit Server


Case 2: Sending the Media through Port 443, 444




Video communications system 1 10.95.11.58 LAN, registered to LifeSize Transit Server through LifeSize Transit Client






10

2. In the LifeSize Bridge Utility, navigate to Preferences : SIP.

3. Register to LifeSize Transit Server with the following settings:

Identification SIP Username 22166

Authorization Username 22166

Authorization Password <password>

Registrar Enable the SIP registrar Select

Registrar Hostname 50.50.50.160

Registrar Port 5060

Proxy Enable the SIP proxy server Select

Register the system through the SIP proxy server Select

Proxy Hostname 10.95.11.163

Proxy Port 5060

Signaling UDP Signaling Port 5060

TCP Signaling Port 0

TLS Signaling Port 0

4. Ensure that Registration Status changes to Registered.

5. Create a conference in the LifeSize Bridge Utility with a conference ID of 2500.


System Description Dial Pattern 1 In the LAN, registered to LifeSize

Transit Server through LifeSize Transit Client

<conference ID / conference ID@LifeSize Transit Server IP address>, in this example, 2500 / [email protected]

2 Public <conference ID@LifeSize Transit Server IP address >, in this example, [email protected]



The media will flow through ports 443 and 444 .

LifeSize Bridge in DMZ with Public IP Address The devices in this example are as follows:



Video communications system 1 10.95.11.58 LAN, registered to LifeSize Transit Server





11

1. From video communications system 1, navigate to Administrator Preferences : Network : LifeSize Transit.

2. In Transit Hostname, enter the LifeSize Transit Server IP address, in this case, 50.50.50.160.

3. Enter the username and password.

4. Ensure that Transit ICE is enabled.

5. Enable LifeSize Transit.

6. Ensure that LifeSize Transit Status changes to Enabled.

7. Navigate to Administrator Preferences : Communication : SIP.

8. For SIP Username and Authorization Name, use the same name you used for LifeSize Transit username.

9. For Authorization Password, use the same name you used for the LifeSize Transit password.

10. For Register Hostname, use the IP address for LifeSize Transit Server.

11. Click Register.

12. Ensure that the status changes to Registered.


System Description Dial Pattern 1 In the LAN, registered to LifeSize

Transit Server <conference ID>, in this example, 2500

2 Public <conference ID@LifeSize Transit Server IP address >, in this example, [email protected]



Using LifeSize Transit with LifeSize Bridge

Documents

Transcript of Using LifeSize Transit with LifeSize Bridge