Cisco UCME / BE4000 / UC500 - RADIUS

These instructions help you configure your Cisco UCME phone system to work with TIM Enterprise. Contact your system maintainer if you are not familiar with the configuration of your PBX.

Support files

Ensure the following support files exist in the /config/ folder of the TIM Enterprise application:

Cisco UCME - RADIUS.TDT
Cisco UCME - RADIUS.TDS

Contents

• Configure Cisco AXL sync
• Configure UCME to send RADIUS events
• Configure TIM Enterprise to capture RADIUS packets

Configure Cisco AXL sync

info

You may need to purchase a license to enable SMDR on this PBX. Please speak to your system maintainer if you are unsure.

Follow the steps below to configure TIM Enterprise to synchronise with the directory of your your Cisco UCME:

1. Click on the Directory tab.

2. Go to the Directory level where you want to sync the UCME files and add a new Directory Sync object. Enter a name for the object and click on the Add button, as shown below

   

3. Left-click on the newly-created object and select Properties.

4. In the Directory type drop-down list, select Cisco UCME.

5. In the Host name field, enter the IP address of your UCME.

6. In the Host port field, enter the port number of the IOS service, e.g. 23.

7. In the Username field, enter the username of the IOS login that can perform synchronisation.

   

8. Click on Set password button and enter the password of the IOS login that can perform synchronisation.

   

9. Click on the Save button to apply the changes.

Configure UCME to send RADIUS events

Use Telnet to connect to the IP address of your UCME as shown below:

Single site configuration

Enter the following commands to enable the UCME to send RADIUS events to TIM Enterprise:

Step	IOS commands	Description
1	enable	Causes the UCME to enter EXEC mode. Type your EXEC password if requested
2	conf t	Enters the global configuration mode
3	aaa new-model	Enables aaa accounting mode
	aaa accounting connection h323 start-stop group RADIUS
	gw-accounting aaa
	acct-template callhistory-detail
4	RADIUS-server host 192.168.0.1 auth-port 0 acct-port 1612	Specifies the IP address and port of TIM Enterprise's RADIUS, to which CDR data will be sent, e.g. 192.168.0.1:1612
5	RADIUS-server key C1sco	Specifies a RADIUS authentication secret that will be used by TIM Enterprise (configured in the next section), e.g. C1sco
6	RADIUS-server vsa send accounting	Enables VSA events
7	end	Exits configuration mode
8	wr	Saves the changes

Multi-site configuration

If you need to send the data to more than one server, such as TIM Enterprise and UCC server for example, you can set up multiple RADIUS connections in the phone system. To configure a multi-site system, follow the steps below:

info

Replace SITE_NAME with a unique name for the destination RADIUS information. Replace SITE_IP with the IP address of the RADIUS server. Replace SITE_KEY with the secret you want to assign to that specific site.

	IOS Commands	Description
1	enable	Causes the UCME to enter EXEC mode. Type your EXEC password if requested
2	conf t	Enters the global configuration mode
3	aaa new-model	Enables aaa accounting mode
4	aaa accounting update newinfo
5	radius-server vsa send accounting	Enables VSA events
6	gw-accounting aaa	Enables aaa accounting
	acct-template callhistory-detail
	exit
7	radius server SITE_NAME	Configures the call accounting for each separate site
	address ipv4 SITE_IP acct-port 1612	Specifies the IP address and port of TIM Enterprise's RADIUS, to which CDR data will be sent, e.g. 192.168.0.1:1612
	key SITE_KEY	Specifies a RADIUS authentication secret that will be used by TIM Enterprise (configured in the next section), e.g. C1sco
	exit	Exits current site configuration

info

Repeat step 7 for each individual site

	IOS Commands	Description
8	aaa group server radius SITE_NAME	Configures a specified aaa server group
	server name SITE_NAME	Specifies a RADIUS server to use for this aaa group
	exit	Exits current site configuration

info

Repeat step 8 for each individual site

	IOS Commands	Description
9	aaa accounting connection h323	Configures the aaa connection information
	action-type start-stop	Setting the action type will send RADIUS information when the call starts and stops
	broadcast	Enabling broadcast means that all the aaa groups will be sent RADIUS data
10	group SITE_NAME	Specifies

info

Repeat step 10 for each system

	IOS Commands	Description
11	end	Exits configuration mode
12	wr	Saves the changes

info

For a system with five or more RADIUS servers, it is recommended to amend the server retransmit options in the UCME, in order to reduce the stress on the phone system.

IP radius source-interface

To force RADIUS to use the IP address of a specified interface for all outgoing RADIUS packets, use the ip radius source-interface command in global configuration mode. If you don't wish to use the IP address of a specified interface, use the no form of this command.

Step	IOS Command
1	ip radius source-interface SUBINTERFACE_NAME
2	no ip radius source-interface

Configure TIM Enterprise to capture RADIUS packets

Follow the steps below to configure TIM Enterprise to receive RADIUS data from your UCME:

1. Click on the Directory tab.

2. If you don't have a PBX object, press New object and select PBX. Name your site and then select Add. Locate the PBX object you want to configure in the Directory, click on it and select Properties.

3. A new window will open, displaying the general properties of your PBX object. Select Cisco UCME - RADIUS from the Data format list and tick the Keep a local backup of data box, as shown below:

   

4. Click on the Connection tab and select RADIUS connection from the Connection method list.

5. In the Client IP field, enter the IP address of your UCME.

6. In the Secret key field, enter the RADIUS-server key you configured on your UCME in the section above, e.g. C1sco.

   

7. Click on the Save button to apply the settings.