G430 and G450 quickstart

It is easy to forget one or two details so this is a brief collection of commands and thoughts on Avaya media-gateways.

Serial and Console connection

G430
On the G430 you can connect via the Serial Port, you will either need a crossover cable or a switch and two Ethernet cables.

Connect the laptop to the switch and the switch to the G430 or the laptop directly to the appliance with the crossover cable. Set the IP of the laptop to 192.11.13.5, subnet to 255.255.255.252 and default gateway to 192.11.13.6. Open an SSH session to 192.11.13.6 and login with the credentials provided or if this is a new/factory reset device User:root Password:root.

If this is a working installation you should now be able to reach CM, BSM… from your laptop.

G450
For the G450 you can connect via Serial the same way as above but if this is a new or factory reset appliance you have to use the console port. If using the console port you will need the Avaya provided RS-232 cable also known as a rollover cable and most probably a USB to serial adapter.

Connect the RJ-45 end of the rollover cable to the GW port marked as Console, the big end of it to the usb adapter and the usb to the laptop. Open device manager (windows), go to Ports and check what COM port the Generic USB Adapter got (COMX) now open putty, select serial connection, serial line: COMX, Speed (Baud Rate) 9600 on the left you can open serial settings and check the following data, Data bits:8, Parity: None, Stop bits:1, Flow Control:None. Click open, enter credentials or User:root Pass:root

Factory reset

There are two ways to reset these gateways, one is a software reset and the other a hardware reset, both have the same results but you might have to chose one over the other because of reasons given below. Note that if you reset these devices you will have to physically connect to them to adjust the configuration as DHCP is not enabled by default and you will lose connectivity.

Software reset
Connect to the GW via SSH, enter username and password and issue the command nvram init to wipe the config.
If you do not know the credentials but are not on on release 36.5.0 or later you have the possibility to login via Console or Serial and use the default username: root and password: ggdaseuaimhrke once logged in, nvram init to wipe the config.

Hardware reset
If you are on 36.5.0 or later and can not login via SSH you have no choice but to do a hardware reset to have access to the GW again. In this case it is best to have a female to female jumper ready if needed. Power down the device and disconnect it from power. In case of the G430 you have to take off the top of the enclosure and for the G450 you have to pull out the main board from the front (in both cases you have to have a screwdriver). Look for a set of three pins, one is labeled NVRAM, one INIT and one is usually CHECK. Connect NVRAM and INIT with the provided jumper or your female to female jumper wire, power on the Gateway and if you are connected via Serial or Console you should see the appliance resetting, it will tell you when to remove the jumper and reboot the device, if you are not connected just wait 5 minutes, power down the Gateway, remove the jumper and boot it up.

Once reset you can login via Console / Serial with username: root and password: root

This is what it usually looks like.

Firmware Upgrade

Checking the GW firmware

By default software bank B is is being used on a new Gateway, you can check this by running show image version in the cli, you should get something like this:

TESTGW101-???(super)# show image version
Bank Version
A 37.21.0
B (current) 37.41.0

Where “current” marks the software bank in use.

Upgrading GW via USB

Download the .bin upgrade file from support.avaya.com and put it on a FAT32 formatted USB stick, plug it in to the first USB slot on the GW (not in the S8300!) on the GW issue the command dir usbdevice0 you should see the name of the .bin file.
Now use copy usb SW_imageB usbdevice0 g450_sw_37_41_0.bin
you can change imageB to imageA and of course use your software version, mine is just an example. Uploading the file will take a while but you can check the status with show download software status 10 as soon as it shows “running state: Idle” the download of the file is done. Finish with the steps below.

Upgrading GW via TFPT

Download the .bin upgrade file from support.avaya.com and put it on your TFTP server or Utility Server/Utility Services, if you upload it via “Upload Gateway Firmware” you can connect to the US via TFTP. On the gateway issue the command
copy tftp SW_imageA g450_sw_37_41_0.bin 192.168.1.1
again, change imageB to imageA, software version and IP if needed. Finish with the steps below.

Finishing the upgrade

If you downloaded the new firmware to the other boot bank you can now change to it by issuing set boot bank bank-a or set boot bank bank-b do a copy run start and a reset chassis to reboot the GW and load the new firmware.

Basic Configuration

When sliding in the media modules note that the S8300 can only be put in V1 and other media modules could have a slot and vintage , (sw release or driver) requirement, it is best to consult the documentation for the gateways (ressources on bottom).

Configuring these gateways can be done really fast if you have the required information and know what you are doing.

If this is a new Gateway, the config script should start automatically once you connect , if you manage to hit a wrong button you can start it again with script-config here you have to enter IP Addressing data.

I will go through the usual extra config of one of these boxes.

Enable port redundancy and disable spanning tree.
show port redundancy
For G430 set port redundancy 10/3 10/4 on
For G450 set port redundancy 10/5 10/6 on
set port redundancy enable
set spantree disable

Set reset times
set reset-times transition-point 1
set reset-times primary-search 5
set reset-times total-search 25

Set sync (in case of BRI/PRI connection)
set sync interface primary vX
set sync primary

(in this case X is a slot where you want to sync from)

In case you have a HA-SBC setup that shares an IP address and switches between standby and primary or you change one of the IP/MAC address combinations that connect to the GW (e.g. deploy a new SBC) you have to disable arp inspection as this can lead to one-way or no audio.
clear arp-cache
no ip arp inspection

The documentation states that this setting requires a reset of the GW but it might work without it.

Always do a copy run start otherwise the GW will lose the configuration on the next restart.

Basic Troubleshooting commands

  • show faults
  • show temp
  • show fans
  • show volt
  • show platform main
  • show voip-dsp
  • test voip-dsp
  • show system
  • show logging file cont

Best place to start when troubleshooting a GW is show faults the GW is usually very good at communicating its issue.

Resources

Date: 24.12.2019

Getting VMware ESXi ready for Avaya SDM client

Prerequisites

  • Server with vSphere ESXi installed
  • ESXi License with vSphere API enabled (the free one doesn’t work)
  • Avaya SDM client on Windows
  • Local DNS Services

ESXi

The VMware Installer will generate a self signed certificate for the hostname of the ESXi host, this hostname needs to be resolvable later by the SDM client.

If you have already installed your host you can see the certificate via your browser.

The certificate on the left was issued when I first installed the host, this is just a hostname and not an FQDN so this will not work, the one on the right is the newly generated one. The SDM client does not work with IP Addresses so you have to have the certificate issued to the FQDN.

Add the FQDN to your DNS Resolver so it does go to the appropriate address.

pfsense DNS Resolver

Once everything is neat and tidy the SDM will show us the certificate and we can hit Accept Certificate and go on to deploy some VMs.

Successfully added the host to the SDM client.

Windows SDM client

Install SDM client on the PC you are going to deploy the OVAs from, the client should have the same release as your System Manager. You can find the SDM client on support.avaya.com under System Manager.

If you put all OVAs and Patches here
C:\Program Files\Avaya\AvayaSDMClient\Default_Artifacts
the OVA will be loaded to the hypervisor on hitting “deploy”, the other option is to “browse” for them when selecting the OVA file, but this way you will have to wait until the file is “loaded”.

Error messages

Retrieving host certificate info is failed: The certificate received from x.x.x.x was issued for a different server. Secure communication cannot be established from Solution Deployment Manager to systems where the host IP/FQDN does not match the details in the security certificate. You may need to re-generate the certificate on your system to correctly match the host details or connect with the FQDN of the system rather than the IP address.

This is the error message you get if this is not done correctly.

Professionally change the FQDN of your ESXi host or use the quick and dirty method which should under no circumstances be used in a production environment:
Go into the CLI of the ESXi, verify the
/etc/hosts
files has the correct hostname/FQDN information, edit the file
/etc/vmware/esx.conf
the row
/adv/Misc/HostName = "labmachine"
should contain the FQDN of the server. Reboot and run
/sbin/generate-certificates
reboot, now you should have the correct hostname/FQDN and certificate.

Error Code-UNABLE_TO_CREATE_VM:: Unable to create new VM. The license on the host does not support VMWare API which is required by SDM. Please contact VMware for appropriate licenses.

You get this one if you do not have the licenses for vSphere API and try to deploy a VM.

Are you using the free VMware ESXi license? It will not work, you need a license with the feature vSphere API.
I have VMware vSphere 6 Essentials Plus and can confirm that it does work with that, I am quite sure it also works with VMware vSphere Essentials.

Retrieving host certificate info is failed: The server https://vcenter.lab.lab/sdk does not exist. Please check the IP addresss / FQDN.

Are you trying to add a Vcenter? If so you have to do that on the lower left, Map vCenter.

Hardware resources

Keep in mind that Avaya not only specifies how much of every resource is needed (RAM, CPU, Donkeystrength…) but also what the minimum vCPU speed is. The SDM client will reserve these resources from the start and if they are not available it will not even let you deploy the VM. Of course you can later remove the reservations in your actual vmware ESXi manager.

To quickly get the Hardware requirements for an Avaya product get the deployment guide and search for “Supported footprints”

Date: 19.08.2019