Ascent Support Document

Linux command set commonly used

Root access or su access is required for most of the below jobs. Please make sure you have one. You will be connected to linux server on ssh port 22 (default) It will be a good idea if you have a secure file sharing client sharing client ps aef (to list all running processes) | (to redirect output) Grep (to filter pattern) So, # ps aef | grep <pattern> will fetch you the desired, in our case # ps aef |grep sipsecure #ps aef |grep securertp # df h (to view disk usage) #top (to view memory usage by programs and load on server) #tshark (to view or capture network packets) #getenforce (to see the status of selinux) (ideally it should be disabled) #service mysqld status #iptables -L (to list the soft firewall rules) #iptables F (to flush the existing rules to default) #service iptables save (to make the changes permanen ie. Save in the configuration file) #kill <PID> (to kill the processes) #crontab -e (to edit crontab) * You will not need to use crontab initially. #tshark n S R <pattern> -w somefile.pcap This will display and capture the patternand write it in the file in raw format (desired) -n will disable name resolution, to prevent the wireshark/ network services to be interrupted or hang while in process of name resolution -S will be necessary to use if you want t display and capture both -R read ie. Display the capture -w writes ie. Saves the capture After wireshark use, always remove contents in /tmp/ folder

# uname a (to see if the OS is 32 bit or 64 bit) #ulimit a (displays all types of user limits) #vi <filename> To edit or view any file

Demo steps:
The information you should have: SIP server IP/domain name Valid test account Balance link (not always provided on demo stage)

CDR/call history link (not always provided on demo stage)

http://85.13.254.26/ascentdemo_ne/ManageTokens.aspx This is the link to view/add auth-codes .Following are details of the entries 1. Auth token : will be a unique numeric, filled by you 2. SIP server : will be provided by customer

3. SIP Port : Default is 5060 unless any other port provided by customer 4. Company name : customer company name-demo or customer name-demo 5. Call URL : The CDR link provided by customer, if not you can fill the customer domain name 6. Auth URL : The balance link provided by customer 7. Encryption IP : ascent encryption ip with port Example - 192.168.0.1:86

The above link is actually a web app for the MsSql database in the same server. In some cases you might need to run queries on the server itself. Once the auth-token is successfully created, Test the dialer Registration balance link calls voice quality

Troubleshooting
You need to check the following:

Authenticity of the details provided by you. For that you will use x-lite. Cross check all entries in the auth code page. Check the services on the encryption server. We have 2 server side applications for SIP and RTP, mentioned above in Linux section. To restart a service you need to simply kill the process, there is a script that will bring the process up. Check the SIP Ip in the Ip address table, commonly located at /usr/local/etc/sipsecure/ip_addr_file Run wireshark on server and try to analyze the packet flow.

Encryption server: (32/64 bit centos Linux )

Sipsecure , securertp (ascent applications) Mysql (dependency)

The above should be running at all times With that you will need to see disk usage and network usage

Flow Diagram of Ascent Applications

Auth Code (TCP Request)

SIP Client
(Ascent PC/Mobile Dialer)

SIP Details (IP,Web links ) (HTTP Response )

Provisioning/ Authentication Server (Windows)

*Encrypted

Encryption Server (Linux) RTP

*Decrypted

SIP Proxy Server

*Encrypted

*Decrypted

RTP

*SIP + RTP Packets

adhishnigam: 31.193.168.4 32n108A3b2

Carrier Network

http://www.homeandlearn.co.uk/net/nets1p5.html