First step in the process is to create a new ICP in the MBG Configuration TAB with an IP Address which is not valid on the network and name this ICP “Block number” for example.
If you have a need to test that a link is stable between servers
e.g. between an MBG and a Micollab
If you have a pfx file you will need to decrypt it (unless you are on the latest version on MSL)
If the file was named wildcard certificate the instructions would be something like the below
You will need the password to decrypt the pfx file. This was created the same time as the certificate
You can use the MBG to VPN to a customers network but this is another trick in your box.
From your office putty into the external address of the MBG
(This has to be allowed in the remote access section of MSL)
Setup tunnels in Putty, see below, copy this and click Add. Make sure to choose “dynamic” and “Auto”
As some of the Mitel kit requires Internet explorer(IE) i will use it as my example.
In IE choose internet options, connections,LAN settings
Now you can web browse to any web site on the customer network, including the 3300, MBG, Nupoint, ETC
MBG – Installation and Maintenance Guide
Setting up Daisy Chained Servers
For geographically remote servers:
- Configure your upstream MBG server as usual (either Gateway or DMZ deployment).
- On the downstream server, use the MBG web interface to configure the following
- On the Configuration tab, select Network Profiles and then click Put Into
- In the Daisy-Chain IP address field, enter the IP address of the upstream MBG
- Click Save.
- Downstream server can be in either Gateway or DMZ deployment mode.
- Add sets and configuration changes to the upstream server only.
For remote offices with high volume of remote sets:
This scenario can be configured in one of the following two ways:
- Remote (downstream) office uses an MBG server operating in Gateway mode as the Internet firewall.
- Remote office has a separate firewall and runs the MBG server in DMZ mode.
In either case the configuration described under For geographically remote servers should be
done on the downstream server.
Note: There is no restriction on the location of remote sets – they do not have to be on
the LAN side of the server. So it is possible (and may be desirable) to have Internet MBG
sets also point to the downstream server to maintain local streaming with sets on the
- 5235 are supported in teleworker mode, but not in a clustered MBG enviroment
This has changed in version 6 UCA
- First you need an Mitel Border Gateway (MBG) with Web proxy
- In Ver5.0 you programme the client as softphone as well as the normal desk phone
- Programme the soft phone DN as any free number and enter the MBG external IP address
- Click “Retreive the certificate” and get the administrator to approve the certificate in the MBG
- After cert has been “approved” you should get a message telling you so in the UCA client
- In the MBG add a minet user with the DN you used in the client
- Type this in on putty root logon
- tcpdump -s0 -i eth0 -w testsip.pcap .Useful examples
- eth0 is the NIC, if you have two NIC’s in your MBG then you may want to use eth1
- Start it running before making test call and stop it running after with “Control C”
- then sftp it with winsftp and open testsip.pcap in wireshark (my mirror –winscp517setup)
- Also on MCD 5.0 and above you can now do “Sip TCPDump on/off” in the maintanence commands
- This creates a file in the “vmail” directory on the mitel
- Ftp to the mitel which will put you in the “sysro” directory.
You need to go one directory up to get the the vmail directory
- Same logon to FTP as phone system
Note Gamma Tech Support number = 0808 178 8000 option 1, 1, 2