NGINX-PLUS-1.5.3 OpenTouchR1.3 IWR Ed02
NGINX-PLUS-1.5.3 OpenTouchR1.3 IWR Ed02
NGINX-PLUS-1.5.3 OpenTouchR1.3 IWR Ed02
Inter-Working Report
Partner: NGINX
Application type: Reverse Proxy
Application name: NGINX Plus 1.5.3
Alcatel-Lucent Platform: OpenTouch
The product and release listed have been tested with the Alcatel-Lucent Communication Platform and the release specified
hereinafter. The tests concern only the inter-working between the AAPP members product and the Alcatel-Lucent
Communication Platform. The inter-working report is valid until the AAPP members product issues a new major release of
such product (incorporating new features or functionality), or until Alcatel-Lucent issues a new major release of such
Alcatel-Lucent product (incorporating new features or functionalities), whichever first occurs.
ALCATEL-LUCENT MAKES NO REPRESENTATIONS, WARRANTIES OR CONDITIONS WITH RESPECT TO THE APPLICATION
PARTNER PRODUCT. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, ALCATEL-LUCENT HEREBY EXPRESSLY
DISCLAIMS ANY AND ALL REPRESENTATIONS, WARRANTIES OR CONDITIONS OF ANY NATURE WHATSOEVER AS TO THE
AAPP MEMBERS PRODUCT INCLUDING WITHOUT LIMITATION THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON
INFRINGEMENT OR FITNESS FOR A PARTICULAR PURPOSE AND ALCATEL-LUCENT FURTHER SHALL HAVE NO LIABILITY
TO AAPP MEMBER OR ANY OTHER PARTY ARISING FROM OR RELATED IN ANY MANNER TO THIS CERTIFICATE.
Certification overview
Date of certification
April 2014
Alcatel-Lucents representative
Florian Residori
Claire Dechrist
Author(s):
Reviewer(s):
OpenTouch BE/MS
OT 1.3 (1.3.000.042)
NGINX plus 1.5.3
Gateway
Collaboration & UC
Security
Revision History
Edition 1: creation of the document November 2013
Edition 2: Minor writing correction April 2014
Test results
Passed
Refused
Postponed
Andrew Alexeev
Title:
Business Development
Address:
Zip Code:
State:
City:
Country:
USA
Phone:
Fax:
Mobile Phone:
Web site:
Email address:
http://nginx.com
[email protected]
TABLE OF CONTENTS
1 INTRODUCTION ........................................................................................................................................ 6
1.1 GLOSSARY .................................................................................................................................................. 7
2 VALIDITY OF THE INTERWORKING REPORT ................................................................................. 8
3 LIMITS OF TECHNICAL SUPPORT ....................................................................................................... 9
3.1 CASE OF ADDITIONAL THIRD PARTY APPLICATIONS ...................................................................................... 9
4 SUMMARY OF TEST RESULTS ............................................................................................................. 10
4.1 SUMMARY OF THE MAIN FEATURES TESTED................................................................................................. 10
4.2 SUMMARY OF PROBLEMS ........................................................................................................................... 11
4.3 SUMMARY OF LIMITATIONS........................................................................................................................ 11
4.4 NOTES, REMARKS ..................................................................................................................................... 11
5 APPLICATION INFORMATION ........................................................................................................... 12
6 TEST ENVIRONMENT ............................................................................................................................. 14
6.1 TESTS PERFORMED ................................................................................................................................... 14
6.2 GENERAL ARCHITECTURE .......................................................................................................................... 14
6.3 HARDWARE CONFIGURATION................................................................................................................... 15
6.4 SOFTWARE CONFIGURATION...................................................................................................................... 15
6.4.1 Alcatel-Lucent Communication Platform OT ............................................................................. 15
6.4.2 Partner Application ....................................................................................................................... 15
7 TEST RESULT TEMPLATE ...................................................................................................................... 16
8 TEST RESULTS ......................................................................................................................................... 17
8.1 CLIENT INITIALIZATION AND AUTHENTICATION .......................................................................................... 17
8.2 OUTGOING CALLS ..................................................................................................................................... 18
8.3 INCOMING CALLS ...................................................................................................................................... 19
8.4 FEATURES DURING CONVERSATION ............................................................................................................ 20
8.5 WEB SERVICES ......................................................................................................................................... 22
8.6 MYTEAMWORK SERVICES (ONLY FOR MYIC PC) ......................................................................................... 23
8.7 VIDEO ...................................................................................................................................................... 24
9 APPENDIX A : AAPP MEMBERS APPLICATION DESCRIPTION .............................................. 26
10 APPENDIX B: CONFIGURATION REQUIREMENTS OF THE AAPP MEMBERS
APPLICATION .............................................................................................................................................. 27
10.1 NGINX CERTIFICATE FOR SSL ................................................................................................................. 27
10.2 UPDATE CONFIGURATION FILES ............................................................................................................... 27
10.3 FIREWALL CONFIGURATION ..................................................................................................................... 29
11 APPENDIX C: ALCATEL-LUCENT COMMUNICATION PLATFORM: CONFIGURATION
REQUIREMENTS .......................................................................................................................................... 30
11.1 OT REVERSE PROXY CONFIGURATION ...................................................................................................... 30
11.2 OT SBC CONFIGURATION ....................................................................................................................... 31
11.3 MYIC PC SIP CLIENT CONFIGURATION ................................................................................................... 32
12 APPENDIX D: AAPP MEMBERS ESCALATION PROCESS ........................................................ 34
13 APPENDIX E: AAPP PROGRAM .......................................................................................................... 35
13.1 ALCATEL-LUCENT APPLICATION PARTNER PROGRAM (AAPP) ............................................................. 35
13.2 ALCATEL-LUCENT.COM ......................................................................................................................... 36
Alcatel-Lucent Application Partner Program Inter-working report
Copyright 2014 Alcatel-Lucent, All rights reserved
1 Introduction
This document is the result of the certification tests performed between the AAPP members
application and Alcatel-Lucents platform.
It certifies proper inter-working with the AAPP members application.
Information contained in this document is believed to be accurate and reliable at the time of printing.
However, due to ongoing product improvements and revisions, Alcatel-Lucent cannot guarantee
accuracy of printed material after the date of certification nor can it accept responsibility for errors or
omissions.
Updates to this document can be viewed on:
-
1.1 Glossary
API
AAA
CA
DMS
CSR
Certificate Signing Request. This is file generated by a server to get signed by a
CA which will deliver a signed certificate.
DN
Distinguished Name
DNS
EVS
Event server
FQDN
Fully Qualified Domain Name. A domain name that specifies its exact location in
the tree hierarchy of the Domain Name System (DNS). It specifies all domain levels,
including the top-level domain, relative to the root domain. Ex: myhost.mydomain.com
IM
Instant Messaging
MyIC
My Instant Communicator
LDAP
Lightweight Directory Access Protocol. This is a directory that can be used as an
authentication server.
OTES
PLMN
PKI
Public Key Infrastructure. It provides digital certificates that can identify an
individual or an organization and directory services that can store and, when necessary,
revoke the certificates.
RP
Reverse Proxy
SBC
SSL TLS
Transport Layer Security (formerly Secure Socket Layer). It allows
client/server applications to communicate across a network in a way designed to prevent
eavesdropping, tampering, and message forgery. TLS provides endpoint authentication and
communications confidentiality over the Internet using cryptography.
Note: The InterWorking report becomes automatically obsolete when the mentioned product
releases are end of life.
Feature
N/A
OK
OK
But
NOK
5 Application information
Application commercial name:
NGINX
Application version:
Interface type:
NGINX is a lightweight, high performance web server/reverse proxy. It runs on UNIX, GNU/Linux,
BSD variants, Mac OS X, Solaris, and Microsoft Windows.
Nginx is available in three versions, for technology professionals through to businesses and
enterprises. For more information: http://nginx.com/products/
NGINX Plus product is built on the open source NGINX product and includes advanced features to
support mission critical production environments. In contrast to legacy hardware-based networking
appliances, NGINX Plus originates from the world of application software and provides an
innovative new set of features to bridge users and applications.
NGINX Plus frees applications from the heavy lifting of HTTP by managing all of the complexities of
application request routing, application security, content delivery and acceleration without incurring
unnecessary costs in time or capital.
Advanced Features of NGINX Plus Include:
The following diagram describes a typical redirection policy implemented on the Nginx RP for the
Alcatel-Lucent solution.
6 Test environment
6.1 Tests performed
This document describes the tests of homeworker scenario using NGINX plus configured as a
reverse proxy and MyIC PC/MyIC Mobile Android applications for OT users (also called
conversation users) in the context of OT solution release 1.3.000.42.
MyIC clients use an internet connection on the WAN. Remote user is connected to the enterprise
network through the RP in HTTPS and to a SBC in SIP without media encryption.
OT users have several devices: at least a MyIC PC SIP or MyIC Mobile Android and a MyICPhone
desktop phone (8082).
The way to configure OT server, MyIC PC SIP, Android clients and NGINX RP is described in the
Appendix. In these tests, Nginx is running in a linux vm.
Test Case
N/A
OK
NOK
Comment
Test case 1
Action
Expected result
Test case 2
Action
Expected result
Test case 3
Action
Expected result
Test case 4
Action
Expected result
Test Case Id: a feature testing may comprise multiple steps depending on its complexity. Each
step has to be completed successfully in order to conform to the test.
Test Case: describes the test case with the detail of the main steps to be executed the and the
expected result
N/A: when checked, means the test case is not applicable in the scope of the application
OK: when checked, means the test case performs as expected
NOK: when checked, means the test case has failed. In that case, describe in the field Comment
the reason for the failure and the reference number of the issue either on Alcatel-Lucent side or on
Application Partner side
Comment: to be filled in with any relevant comment. Mandatory in case a test has failed especially
the reference number of the issue.
8 Test Results
In all following sections, the SIP client under test is an external user; It has been declared on the
public side of the RP. For this remote user, MyIC PC SIP/Android has been configured to connect
to OT via Nginx reverse proxy.
Test Case
N/A
NOK
Comment
Application initialization
MyIC PC SIP basic connection to the OT
through reverse proxy
OK
Authentication
certificate must
disabled on the
(not supported
MyIC
PC
Android)
User logout/login
User logout/login without exiting the
application.
3
A
Application exit
Stop MyIC client.
MyIC user is unregistered.
via
be
RP
on
and
Test
Case
Id
1
Test Case
N/A
OK
NOK
Comment
A
Check that the call is established
2
Test
Case
Id
1
Test Case
N/A
OK
NOK
Comment
Test Case
N/A
OK
NOK
Comment
Hold/Resume
Call from User A (MyIC PC SIP/Android) to
User B and establish the call.
Put User B on hold.
Test
Case
Id
4
Test Case
N/A
OK
NOK
Comment
User picture
Test
Case
Id
1
Test Case
N/A
OK
NOK
Comment
Event notifications
Missed call event
Test
Case
Id
Test Case
IM
Whiteboard
N/A
OK
NOK
Comment
8.7 Video
Test
Case
Id
1
Test Case
N/A
OK
NOK
Comment
A
Check that the call in audio and video is correctly
presented and established
Video call from internal User A (MyIC PC SIP)
to remote User B (MyIC PC SIP).
B
C
Check that the call in audio and video is correctly
presented and established
Video call from internal User A (MyIC Phone)
to remote User B (MyIC PC SIP).
D
C
Check that the call in audio and video is correctly
presented and established
Alcatel-Lucent Application Partner Program Inter-working report
Copyright 2014 Alcatel-Lucent, All rights reserved
Test
Case
Id
Test Case
N/A
OK
NOK
Comment
nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid
/var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include
/etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile
on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
}
include /etc/nginx/conf.d/*.conf;
Default.conf
server {
listen
80 default_server;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
location / {
return 444;
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404
/404.html;
opentouch5.aapp-etesting.conf file :
server {
listen
443;
server_name opentouch5.aapp-etesting.com;
# SSL configuration
ssl
on;
ssl_certificate
/etc/nginx/cert/cert.pem;
ssl_certificate_key /etc/nginx/key/cert.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Client authentiication via Certificate
# ssl_client_certificate /etc/nginx/cert/etesting.pem;
# ssl_verify_client on;
location / {
proxy_pass https://10.1.2.85;
# /!\ Warning do not use this method !!
#proxy_redirect
https://ice2.etesting.lab/ /;
server {
listen
8016;
server_name opentouch5.aapp-etesting.com;
# SSL configuration
ssl
on;
ssl_certificate
/etc/nginx/cert/cert.pem;
ssl_certificate_key /etc/nginx/key/cert.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Client authentiication via Certificate
# ssl_client_certificate /etc/nginx/cert/etesting.pem;
# ssl_verify_client on;
location / {
proxy_pass https://10.1.2.85:8016;
# /!\ Warning do not use this method !!
#proxy_redirect
https://ice2.etesting.lab/ /;
Provide
easy
interfacing
for
Alcatel-Lucent
communication
products:
Alcatel-Lucent's communication products for the enterprise market include infrastructure
elements, platforms and software suites. To ensure easy integration, the AAPP provides a
full array of standards-based application programming interfaces and fully-documented
proprietary interfaces. Together, these enable third-party applications to benefit fully from
the potential of Alcatel-Lucent products.
Web site
The Application Partner Portal is a website dedicated to the AAPP program and where the
InterWorking Reports can be consulted. Its access is free at
http://applicationpartner.alcatel-lucent.com
13.2 Alcatel-Lucent.com
You can access the Alcatel-Lucent website at this URL: http://www.Alcatel-Lucent.com/
(*) The Application Partner Business Partner can be a Third-Party company or the Alcatel-Lucent
Business Partner itself
The Application Partner shall be contacted first by the Business Partner (responsible for
the application, see figure in previous page) for an analysis of the problem.
The Alcatel-Lucent Business Partner will escalate the problem to the Alcatel-Lucent
Support Center only if the Application Partner has demonstrated with traces a problem
on the Alcatel-Lucent side or if the Application Partner (not the Business Partner) needs
the involvement of Alcatel-Lucent.
In that case, the Alcatel-Lucent Business Partner must provide the reference of the Case
Number on the Application Partner side. The Application Partner must provide to AlcatelLucent the results of its investigations, traces, etc, related to this Case Number.
Alcatel-Lucent reserves the right to close the case opened on his side if the investigations
made on the Application Partner side are insufficient or do no exist.
Note: Known problems or remarks mentioned in the IWR will not be taken into account.
For any issue reported by a Business Partner outside the scope of the IWR, Alcatel-Lucent
offers the On Demand Diagnostic service where Alcatel-Lucent will provide 8 hours
assistance against payment.
IMPORTANT NOTE 1: The possibility to configure the Alcatel-Lucent PBX with ACTIS quotation tool
in order to interwork with an external application is not the guarantee of the availability and the
support of the solution. The reference remains the existence of a valid InterWorking Report.
Please check the availability of the Inter-Working Report on the AAPP (URL:
https://private.applicationpartner.alcatel-lucent.com) or Enterprise Business Portal (Url: Enterprise
Business Portal) web sites.
IMPORTANT NOTE 2: Involvement of the Alcatel-Lucent Business Partner is mandatory, the access
to the Alcatel-Lucent platform (remote access, login/password) being the Business Partner
responsibility.
In all these cases, Alcatel-Lucent offers the On Demand Diagnostic service where AlcatelLucent will provide 8 hours assistance against payment.
Telephone numbers:
Alcatel-Lucent Business Partners Support Center for countries:
Country
Supported language
France
Belgium
French
Luxembourg
Germany
Austria
German
Switzerland
United Kingdom
Italy
Australia
Denmark
Ireland
Netherlands
+800-00200100
South Africa
Norway
English
Poland
Sweden
Czech Republic
Estonia
Finland
Greece
Slovakia
Portugal
Spain
Spanish
END OF DOCUMENT