Web proxy troubleshooting. Logs to check.

The logs to check when accessing the AWV through a web proxy are located on the web proxy MBG




The best way to watch them as you perform a test connection is using the “tail -f” command in putty or from the console

If you dont know how to putty to see the mbg console check out this post


tail -f /var/log/httpd/error_log |grep {your ip address you are connecting from}


tail -f /var/log/httpd/access_log |grep {your ip address you are connecting from}

MSL port query commands, web proxy etc

Run these commands from putty or the console. Login as root not admin

Dont know how to putty to the MSL/MBG/Micollab? See this post

nc -vz {AWV URL} 443
nc -vz {AWV URL} 4443
nc -vz {AWV 2nd URL} 443
nc -vz {AWV 2nd URL} 4443

URL will be the Micllab FQDN and the AWV FQDN

E.G. conference.yourdomain.com and conference1.yourdomain.com

When the command is ran you should get a “succedded” back

How to: Block incoming calls by CLI on MBG using SIP

First step in the process is to create a new ICP in the MBG Configuration TAB with an IP Address which is not valid on the network and name this ICP “Block number” for example.

Continue reading

Using putty as a socks5 proxy

You can use the MBG to VPN to a customers network but this is another trick in your box.

From your office putty into the external address of the MBG

(This has to be allowed in the remote access section of MSL)

Setup tunnels in Putty, see below, copy this and click Add. Make sure to choose “dynamic” and “Auto”




As some of the Mitel kit requires Internet explorer(IE) i will use it as my example.

In IE choose internet options, connections,LAN settings



Now you can web browse to any web site on the customer network, including the 3300, MBG, Nupoint, ETC

MBG daisy chaining

MBG – Installation and Maintenance Guide

Setting up Daisy Chained Servers

For geographically remote servers:

  1. Configure your upstream MBG server as usual (either Gateway or DMZ deployment).
  2. On the downstream server, use the MBG web interface to configure the following


  •  On the Configuration tab, select Network Profiles and then click Put Into

Daisychain Mode.

  • In the Daisy-Chain IP address field, enter the IP address of the upstream MBG


  •  Click Save.


  • Downstream server can be in either Gateway or DMZ deployment mode.
  • Add sets and configuration changes to the upstream server only.

For remote offices with high volume of remote sets:

This scenario can be configured in one of the following two ways:

  1. Remote (downstream) office uses an MBG server operating in Gateway mode as the Internet firewall.
  2. Remote office has a separate firewall and runs the MBG server in DMZ mode.

In either case the configuration described under For geographically remote servers should be
done on the downstream server.

Note: There is no restriction on the location of remote sets – they do not have to be on
the LAN side of the server. So it is possible (and may be desirable) to have Internet MBG
sets also point to the downstream server to maintain local streaming with sets on the
remote LAN.

mbg daisychain2


mbg daisychain

How to use UCA remotly with a Desk Phone

This has changed in version 6 UCA

  1. First you need an Mitel Border Gateway (MBG) with Web proxy
  2. In Ver5.0 you programme the client as softphone as well as the normal desk phone
  3. Programme the soft phone DN as any free number and enter the MBG external IP address
  4. Click “Retreive the certificate” and get the administrator to approve the certificate in the MBG
  5. After cert has been “approved” you should get a message telling you so in the UCA client
  6. In the MBG add a minet user with the DN you used in the client

UCA-RemoteProxyServices UCA-Certificate UCA-EnableTeleworker