IP remote management (SRM)

For remote access to the communication server, we recommend SRM (Secure IP Remote Management) secure IP remote management. For an installer or supporter to access the communication server via SRM remote management, some configurations must be made in advance. The call number of the SRM server or of several SRM servers are recorded here. The communication server interprets all calls with these CLIP numbers as SRM server calls and routes them accordingly.

If you wish to directly access a communication server via a WAN connection, some ports must be opened on the customer's firewall, which leads to security gaps. With SRM you create on the remote PC a link to the SRM server and not directly to the communication server. The SRM server calls the communication system and gives it its coordinates via DTMF. As a result, the communication server sets up a secure VPN connection to the SRM server. On the client's side, the firewall in the WAN direction is thus crossed, which is easier to control in terms of safety.

Setting up LAN connection from remote PC to the SRM server

You receive the access data and configuration instructions for the SRM server from your sales dealer.

You must install the SRM agent on the remote PC. You can download it from the SRM server.

Note:

For the connection from the remote PC to the SRM server to be also encrypted, you must install a certificate on the remote PC. You can obtain this certificate from your sales dealer.

Setting up communication server for SRM

You have two possibilities to configure how the communication server can recognise a call from the SRM server:

1st possibility: Register here in the IP remote management (SRM) view the SRM server CLIP.

All calls with this CLIP are interpreted by the communication server as SRM server calls.

Note:
Do not use these methods if you are using the communication server with an Mitel Alarm Server or a Mitel Mobile Client Controller. Reason: These server applications give access to the SRM also via CLIP recognition. After the communication server and server application have set up the SRM access via CLIP recognition, only the communication server can be reached via SRM.
2nd possibility: You open here in the Call routing view a DDI number in an ISDN, SIP or analogue DDI plan and select in Call distribution as Routing destination the entry IP remote management (SRM).

All calls with this DDI number are interpreted by the communication server as SRM server calls.
In Access control assign the accessing user an Authorisation profile for which remote maintenance via dial-up access is enabled.
In the Maintenance / General view enable the remote maintenance access once or permanently and activate the setting CLIP required.

Note:

Check whether TCP port 2222 is open from LAN to WAN in the client's firewall.

Setting up online connection to the SRM server

You have set up the SRM server, installed the SRM agent on your remote PC and configured the communication server for the SRM access. Now you want to set up a safe online connection. To do so proceed as follows:

With the SRM agent, create a connection to the SRM server then select the communication server you want and click the symbol.

The SRM server opens a new session and shows you the ports to be used for this session.
Click near the WebAdmin port on the Go link.

A safe online connection with WebAdmin is set up directly.

Note:
To connect with the remote maintenance monitor, you must enter the loopback address (127.0.0.1) and the displayed monitor port in a Telnet client.

↑