Step 1 |
Sign in to Cisco Unity Connection Administration.
|
Step 2 |
(Not applicable to Unity Connection for 12.5(1) SU4 and later) If you use Cisco Unified CM authentication and encryption, do the following substeps. Otherwise, skip to Step 3.
-
In Cisco Unity Connection Administration, expand Telephony Integrations, expand Security, then select SIP Certificate.
-
On the SIP Certificates page, select Add New.
-
On the New SIP Certificate page, enter the following settings for the SIP certificate and select Save.
Table 15. Settings for the New SIP Certificate Page
Field
|
Setting
|
Display Name
|
Enter a display name for the SIP certificate.
|
Subject Name
|
Enter a subject name that matches the X.509 Subject Name of the SIP security profile for the SIP trunk in Cisco Unified CM
Administration.
This subject name must match the X.509 Subject Name of the SIP security profile used by Cisco Unified CM. Otherwise, Cisco
Unified CM authentication and encryption fail.
|
|
Step 3 |
In Cisco Unity Connection Administration, expand
Telephony Integrations, then select
Phone System.
|
Step 4 |
On the Search Phone Systems page, under Display Name, select the
name of the default phone system.
|
Step 5 |
On the Phone System Basics page, in the Phone System Name field,
enter the descriptive name that you want for the phone system.
|
Step 6 |
If you want to use this phone system as the default for TRaP
connections so that administrators and users without voicemail boxes can record
and playback through the phone in Unity Connection web applications, check the
Default TRAP Switch check box. If you want to use
another phone system as the default for TRaP connections, uncheck this check
box.
|
Step 7 |
Select
Save.
|
Step 8 |
On the Phone System Basics page, in the Related Links drop-down
box, select
Add Port Group and select
Go.
|
Step 9 |
On the New Port Group page, enter the applicable settings and
select
Save.
Table 16. Settings for the New Port Group Page
Field
|
Setting
|
Phone System
|
Select the name of the phone system that you entered in
Step 5.
|
Create From
|
Select
Port Group Template and
select
SIP in the drop-down
box.
|
Display Name
|
Enter a descriptive name for the port group. You can accept the
default name or enter the name that you want.
|
Authenticate with SIP Server
|
Check this check box if you want Unity Connection to
authenticate with the Cisco Unified CM server.
|
Authentication User Name
|
Enter the name that Unity Connection uses to authenticate with
the Cisco Unified CM server.
|
Authentication Password
|
Enter the password that Unity Connection uses to authenticate
with the Cisco Unified CM server.
|
Contact Line Name
|
Enter the voice messaging line name (or pilot number) that users
use to contact Unity Connection and that Unity Connection uses to register with
the Cisco Unified CM server.
|
SIP Security Profile
|
Select the SIP security profile that Unity Connection uses.
|
Enable Next Generation Encryption
|
|
SIP Certificate
(Not applicable to Unity Connection for 12.5(1) SU4 and later)
|
(Only when a secure TLS port is used and Enable Next Generation Encryption check box is unchecked) Confirm that the applicable SIP certificate is selected.
|
Security Mode
|
(Only when a secure TLS
port is used and
Enable Next Generation
Encryption check box is unchecked) Select the applicable security
mode:
-
Authenticated—The
integrity of call-signaling messages are ensured because they are connected to
Cisco Unified CM through an secure TLS port. However, the privacy of
call-signaling messages are not ensured because they are sent as clear
(unencrypted) text.
-
Encrypted—The
integrity and privacy of call-signaling messages are ensured on this port
because they are connected to Cisco Unified CM through an secure TLS port, and
the call-signaling messages are encrypted.
The Security Mode setting
on the Unity Connection server must match the Device Security Mode setting on
the Cisco Unified CM server.
|
Secure RTP
|
(Only when a secure TLS
port is used) Check this check box so that the media stream (RTP) is
encrypted. Uncheck this check box so that the media stream is not encrypted.
|
SIP Transport Protocol
|
Select the SIP transport
protocol that Unity Connection uses.
|
IPv4 Address or Host Name
|
Enter the IPv4 address
(or host name) of the primary Cisco Unified CM server that you are integrating
with Unity Connection.
You must enter an IP
address or host name in this field, or an IP address or host name in the IPv6
Address or Host Name field (or, if applicable, enter information in both
fields). You cannot leave both fields blank.
|
IPv6 Address or Host Name
|
Enter the IPv6 address
(or host name) of the primary Cisco Unified CM server that you are integrating
with Unity Connection.
The IPv6 address should
be in canonical textual representation format proposed by
“RFC 5952” standard for
IPv6 Address Text Representation.
You must enter an IP
address or host name in this field, or an IP address or host name in the IPv4
Address or Host Name field (or, if applicable, enter information in both
fields). You cannot leave both fields blank.
Note
|
IPv6 is supported for SIP
integrations with Cisco Unified CM 10.0.
|
|
IP Address or Host Name
|
Enter the IP address (or
host name) of the primary Cisco Unified CM server that you are integrating with
Cisco Unity Connection.
|
Port
|
Enter the TCP port of the
primary Cisco Unified CM server that you are integrating with Unity Connection.
We recommend that you use the default setting.
|
|
Step 10 |
On the Port Group Basics page, do the following substeps if the
Cisco Unified CM cluster has secondary servers, or if you want to add a TFTP
server (required for Cisco Unified CM authentication and encryption).
Otherwise, skip to
Step 11.
-
On the Edit menu, select
Servers.
-
If you want to add a secondary Cisco Unified CM server, on the
Edit Servers page, under SIP Servers, select
Add. Otherwise, skip to
Step 10e.
-
Enter the following settings for the secondary Cisco Unified CM
server and select
Save.
Table 17. Settings for the SIP
Servers
Field
|
Setting
|
Order
|
Enter the order of
priority for the Cisco Unified CM server. The lowest number is the primary
Cisco Unified CM server, the higher numbers are the secondary servers.
|
IPv4 Address or Host Name
|
Enter the IPv4 address
(or host name) of the secondary Cisco Unified CM server.
You must enter an IP
address or host name in this field, or an IP address or host name in the IPv6
Address or Host Name field (or, if applicable, enter information in both
fields). You cannot leave both fields blank.
|
IPv6 Address or Host Name
|
Enter the IPv6 address
(or host name) of the secondary Cisco Unified CM server.
The IPv6 address should
be in canonical textual representation format proposed by
“RFC 5952” standard for
IPv6 Address Text Representation.
You must enter an IP
address or host name in this field, or an IP address or host name in the IPv4
Address or Host Name field (or, if applicable, enter information in both
fields). You cannot leave both fields blank.
Note
|
IPv6 is supported for SIP
integrations with Cisco Unified CM 10.0.
|
|
IP Address or Host Name
|
Enter the IP address (or
host name) of the secondary Cisco Unified CM server.
|
Port
|
Enter the IP port of the
Cisco Unified CM server that you are integrating with Unity Connection. We
recommend that you use the default setting.
|
TLS Port
|
Enter the TLS port of the
Cisco Unified CM server that you are integrating with Unity Connection. We
recommend that you use the default setting.
|
-
If applicable, repeat
Step 10b. and
Step 10c. for an additional
Cisco Unified CM server in the Cisco Unified CM cluster.
-
If you want to add a TFTP server (required for Cisco Unified CM
authentication and encryption), under TFTP Servers, select
Add. Otherwise, skip to
Step 10h.
-
Enter the following settings for the TFTP server and select
Save.
Table 18. Settings for the TFTP
Servers
Field
|
Setting
|
Order
|
Enter the order of
priority for the TFTP server. The lowest number is the primary TFTP server, the
higher numbers are the secondary servers.
|
IPv4 Address or Host Name
|
Enter the IPv4 address
(or host name) of the TFTP server.
You must enter an IP
address or host name in this field, or an IP address or host name in the IPv6
Address or Host Name field (or, if applicable, enter information in both
fields). You cannot leave both fields blank.
|
IPv6 Address or Host Name
|
Enter the IPv6 address
(or host name) of the TFTP server.
The IPv6 address should
be in canonical textual representation format proposed by
“RFC 5952” standard for
IPv6 Address Text Representation.
You must enter an IP
address or host name in this field, or an IP address or host name in the IPv4
Address or Host Name field (or, if applicable, enter information in both
fields). You cannot leave both fields blank.
Note
|
- IPv6 is supported for SIP
integrations with Cisco Unified CM 10.0.
- If you select a secured
SIP profile from the SIP security profile drop down menu with IPv6
configuration in the
Primary Server Settings, then make sure that the DNS server
should be able to resolve both the IPv6 address and host name correctly.
|
|
IP Address or Host Name
|
Enter the IP address (or
host name) of the TFTP server.
|
-
If applicable, repeat
Step 10e. and
Step 10f. for an additional
TFTP server.
-
On the Edit menu, select
Port Group Basics.
-
On the Port Group Basics page, select
Reset.
|
Step 11 |
On the Port Group Basics page, in the Related Links drop-down
box, select
Add Ports and
select
Go.
|
Step 12 |
On the New Port page, enter the following settings and select
Save.
Table 19. Settings for the New Port Page
Field
|
Setting
|
Enabled
|
Check this check box.
|
Number of Ports
|
Enter the number of voice
messaging ports that you want to create in this port group.
Note
|
For a Unity Connection
cluster, you must enter the total number of voice messaging ports that are used
by all Unity Connection servers. Each port is later assigned to a specific
Unity Connection server.
|
|
Phone System
|
Select the name of the
phone system that you entered in
Step 5.
|
Port Group
|
Select the name of the
port group that you added in
Step 9.
|
Server
|
Select the name Unity
Connection server.
|
|
Step 13 |
On the Search Ports page, select the display name of the first
voice messaging port that you created for this phone system integration.
Note
|
By default, the display names for the voice messaging ports are
composed of the port group display name followed by incrementing numbers.
|
|
Step 14 |
On the Port Basics page, set the voice messaging port settings
as applicable. The fields in the following table are the ones that you can
change.
Table 20. Settings for the Voice Messaging Ports
Field
|
Considerations
|
Enabled
|
Check this check box to
enable the port. The port is enabled during normal operation.
Uncheck this check box to
disable the port. When the port is disabled, calls to the port get a ringing
tone but are not answered. Typically, the port is disabled only by the
installer during testing.
|
Server
|
(For Unity Connection
clusters only) Select the name of the Unity Connection server that you want
to handle this port.
Assign an equal number of
answering and dial-out voice messaging ports to the Cisco Unity Connection
servers so that they equally share the voice messaging traffic.
|
Answer Calls
|
Check this check box to
designate the port for answering calls. These calls can be incoming calls from
unidentified callers or from users.
|
Perform Message
Notification
|
Check this check box to
designate the port for notifying users of messages. Assign Perform Message
Notification to the least busy ports.
|
Send MWI Requests
|
Check this check box to
designate the port for turning MWIs on and off. Assign Send MWI Requests to the
least busy ports.
|
Allow TRAP Connections
|
Check this check box so
that users can use the port for recording and playback through the phone in
Unity Connection web applications. Assign Allow TRAP Connections to the least
busy ports.
|
|
Step 15 |
Select
Save.
|
Step 16 |
Select
Next.
|
Step 17 |
Repeat
Step 14 through
Step 16 for all
remaining voice messaging ports for the phone system.
|
Step 18 |
(Not applicable to Unity Connection for 12.5(1) SU4 and later) If you use Cisco Unified CM authentication and encryption,
do the following substeps. Otherwise, skip to Step 21.
-
In Cisco Unity Connection Administration, expand Telephony Integrations > Security, then select Root Certificate.
-
On the View Root Certificate page, right-click the Right-click to Save the Certificate as a File link, and select Save Target As.
-
In the Save As dialog box, browse to the location where you want to save the Unity Connection root certificate as a file.
-
In the File Name field, confirm that the extension is .pem (rather than .htm), and select Save.
The certificate must be saved as a file with the extension .pem (rather than .htm) or Cisco Unified CM cannot recognize the
certificate.
-
In the Download Complete dialog box, select Close.
|
Step 19 |
(Not applicable to Unity Connection for 12.5(1) SU4 and later) Copy the Unity Connection root certificate to all Cisco Unified CM
servers in this Cisco Unified CM system integration by doing the following substeps.
-
On Cisco Unified CM, sign in to Cisco Unified Operating System Administration page.
-
Navigate to Security and select Certificate Management.
-
On Certificate List page, select Upload Certificate/Certificate Chain.
-
In the Upload Certificate/Certificate Chain window, select CallManager-trust in Certificate Purpose field.
-
Browse the file in Upload File field and select Upload.
|
Step 20 |
(Applicable to Unity Connection for 12.5(1) SU4 and later) If you use Cisco Unified CM authentication and encryption then
generate and upload RSA key based Tomcat certificates. For details, see Settings for RSA Key Based certificates section.
|
Step 21 |
If another phone system integration exists, in Cisco Unity
Connection Administration, expand
Telephony
Integrations, then select
Trunk.
|
Step 22 |
On the Search Phone System Trunks page, on the Phone System
Trunk menu, select
New Phone System
Trunk.
|
Step 23 |
On the New Phone System Trunk page, enter the following settings
for the phone system trunk and select
Save.
Table 21. Settings for the Phone System Trunk
Field
|
Setting
|
From Phone System
|
Select the display name
of the phone system that you are creating a trunk for.
|
To Phone System
|
Select the display name
of the previously existing phone system that the trunk connects to.
|
Trunk Access Code
|
Enter the extra digits
that Unity Connection must dial to transfer calls through the gateway to
extensions on the previously existing phone system.
|
|
Step 24 |
Repeat
Step 21 and
Step 22 for all
remaining phone system trunks that you want to create.
|