In order to obtain its subscriptions and to be remotely monitored and managed through COM, the IP Office systems requires the following:

Subscription details
Details of the customer ID and subscription server address are provided by email. Those details are entered during the system's initial configuration.

For an IP500 V2 SCN, each IP500 V2 requires a License Server Link.

For a Server Edition deployment, only the Primary server will have a License Server Link.

Internet access
The system needs to be able to access the external internet. This is normally achieved during initial configuration of the system by entering the default gateway address of the outgoing router on the customer network.

That value is used to configure an default IP route in the system configuration with the following settings:

IP Route Setting

Value

IP Address

0.0.0.0

IP Mask

0.0.0.0

Gateway IP Address

The address of the external network router on the customer network

Destination

The system LAN (LAN1 or LAN2) which is connected to the customer network.

If the customer firewall or router controls the ports used for outgoing internet access, ensure that outgoing HTTPS traffic on TCP ports 8443 and 443 are allowed.

The minimum connection bandwidth is 128kbits/s.

The maximum round trip delay is 200ms.

DNS Service
The address of the customer's DNS server or service. If the customer does not have a specific DNS service, then use 8.8.8.8.

If the customer has their own DNS server:

oEnsure that it is configured to allow external access to addresses in the avaya-sub.com domain. That domain is used to the COM servers that support subscription systems in various geographic regions. For example: admin.uk1.avaya-sub.com.

oEnsure that it is also configured to allow external access to storage.googleapis.com. This address is used for subscription features that require access to file storage.

Time source
Subscriptions requires an accurate time source. The recommendation is to use the Google time service at time.google.com. The system's time zone should also be set correctly.

COMAdmin Security User
The connection from the system to COM uses the security settings of the COMAdmin service user account in the IP Office system's security settings. This account is created by default on new and default systems.

Subscription Link Operation

The connection originates from the IP Office to the Internet. The destination is a single static IP, resolved using DNS from the subscription server address entered during initial configuration of the system.

The IP Office alternates between connecting on TCP destination ports 443 and 8443 until successful.

The link use the HTTP 'WebSocket' protocol and TLS 1.2 with mutual authentication.

By default the link carries a heart-beat, license request and license audit.

All other traffic is controlled by the settings of the IP Office system; there are no access controls elsewhere.

If the link is interrupted, the system goes into a 30-day license grace period with a daily alarm. During the grace period, all operations and features are unaffected. Reconnection clears the alarm and resets the grace period.

If the grace period expires, all subscription features are deactivated

Incoming Internet Traffic

All incoming traffic via COM is routed back through the existing subscription connection established by the IP Office system to COM. There should not require any additional configuration on the customer network if the system has successfully obtained it subscription licenses.