Zultys Technologies ZIP4X5 Bluetooth FHSS transceiver in VOIP Phone User Manual ZIP 4x4 User s Manual 1 0 2 20 April 2003

Zultys Technologies Bluetooth FHSS transceiver in VOIP Phone ZIP 4x4 User s Manual 1 0 2 20 April 2003

Contents

Manual 2

64ZIP4x5 User’s ManualTo log out of a phone, do the following:1. Select User | Log out of group.2. The display changes to:The display shows the names of all the users who have temporarily logged into the phoneas an operator or agent. If more than one user has logged into the phone, the phone displays“all” as the first selection.3. Use the Up and Down buttons to select the individual you want to log out, or select “all” tolog all users out of all groups, and press the Enter button.4. The phone ceases to light the LED on the User button green continuously if there are noother additional users logged into the phone and no user is logged into an ACD group oroperator group. When you use the headset, the same LED is lit continuously red.5. If there were no ACD agents logged into the ZIP4x5, the display shows instead:When you press any key, the phone displays the idle screen.This function is used to log out of an operator or ACD group. When you use this function, thephone removes you from all groups that you have logged into. If you had logged into multiplegroups, and you want to log out of one group but remain in one or more other groups, you mustlog back into the groups after executing this command.7.4 Do Not Disturb (DND)Press this button if you want to receive no calls. The phone lights the LED on the buttoncontinuously red. The display does not change. When you set DND, it has no effect on calls thatyou have in progress or calls that are on hold.If you have configured any forwarding rules on the phone, setting DND overrides those rules.When this function is active and the ZIP4x5 receives a call it immediately rejects it. The phonedoes not make any sound, does not light any of the call appearance buttons, and does not changethe display. If you press this button when you have one or more incoming calls, you will reject allincoming calls.If your phone is idle,1 the phone displays the number of calls that you have missed, for example:Group log out}allLancelot CapabilityUser log outNo user is logged inSales support17 missed callsMon 26 Jan 04 20:311. See section 6.3.1 on page 50 for a definition of the idle state.
7. Special Functions 65To remove the DND function, press the button again.To call a person who had called you see section 9.7.5 on page 124.7.5 Forward7.5.1 DescriptionWhen the phone forwards a call, it redirects an incoming call to another destination (name ornumber). The destination can be another extension within the enterprise or an external number.You can turn on and off forwarding to instruct the phone to forward calls:•unconditionally (all calls)•if you do not answer the phone (on no answer)•if you have an active call (when busy)7.5.2 UnconditionalIf you have configured the phone to forward calls unconditionally the phone does not announcethat it is receiving an incoming call. It does not change the display or any LED. The phoneimmediately forwards the call to the destination that you have specified.When the phone receives an incoming call, it does not accumulate this as a missed call.7.5.3 On No AnswerIf you have configured the phone to forward calls on no answer, the phone announces anincoming call in the usual manner. If you do not answer the call within ten seconds, the phonetransfers the call to the destination that you have specified.The phone counts the number of calls that it forwards on no answer as missed calls.7.5.4 When BusyIf you have configured the phone to forward calls when busy, the phone announces an incomingcall in the usual manner if you do not have an active call.If you have an active call, the phone forwards the call to the destination that you have specified.In this case, an active call is one where you are in the middle of a conversation or when you haveput a conversation on hold. That is, the phone has a call button whose LED is lit continuouslygreen or orange, or flashing green or orange.If the phone receives more than one incoming call, the phone will indicate there are incomingcalls on multiple call appearances. As soon as you answer one of the calls, the phone is now busyand it immediately forwards the other calls to the destination that you have specified.The phone counts the number of calls that it forwards when busy as missed calls.
66ZIP4x5 User’s Manual7.5.5 ConfiguringPress the Forward button.1 The display changes to:This example shows five rows, though in practice the display can show only three rows at once.As you press Up and Down, the display scrolls through the list of choices. Press the Enter buttonto select a choice or the Esc button to cancel. When you make a selection other than off, the display changes to one of the following to promptyou to enter a name or number to which the calls should be redirected:You can enter the name or number from the keypad as you would if you were making a call, orfrom a memory location.2After you enter a name or number and press the Enter button, the phone lights the LED on theFwd button continuously green. If you select off, the LED is turned off.7.6 ParkThe functionality of call park and call pickup are dependent on the phone system. You can parkindividual calls and conference calls. The following description is based on connecting yourZIP4x5 to a phone system that fully supports the park and pickup function.Forward}offall callson no answerwhen busy1. You can access this feature through the menu, under settings. Pressing the Forward button is a short cut.Forwardall calls}1704Forwardon no answer}1066Forwardwhen busy}14152. See section 9.7.3 on page 122 and section 9.7.4 on page 123 for a description of how to specify a memory location.
7. Special Functions 677.6.1 Individual CallTo park a call, ensure you are in active communication with the person. That is, the LED on thecall appearance button is lit continuously green. Press the Park button. The ZIP4x5 transfers thecall to the park server and appears to the other person as if the call has been placed on hold.1 Theperson with whom you were talking hears music on hold supplied by the phone system.2The system issues you a two digit number and the screen changes to:You must note the two digit number that the system issues to you (in the example above it is 37).The display remains unchanged until another action takes place.The phone transfers control of the call to the phone system, turns off the LED on the callappearance button, turns the LED on the Park button continuously red, and sounds an audibledouble beep in the earpiece or speaker. You can place the phone on hook. The phone continues to display the screen shown above, and continues to light the LED on thePark button, until you go on hook, press a call appearance button, or use another function orfeature of the phone. If the phone receives an incoming call, it will retain the display for aminimum of two seconds.The phone does not provide dial tone until you go on hook and off hook again or you press a callappearance button.To retrieve the call use the Pickup function as described in section 7.7 on page 68.7.6.2 Failure to Park an Individual CallIf the park is unsuccessful, the phone displays:The phone retains this display until you press a key, lift the handset, or replace the handset, afterwhich it displays the screen that the phone was showing prior to you attempting to park the call.You remain connected to the other person.You can try to park the call again, but if your attempts to park a call fail repeatedly, you shouldconsult your system administrator.1. See section 10.6.5 on page 176 for details how to configure the address of the park server.2. See section 9.5.2 on page 116 for a description of the hold function.Park on 37Lancelot CapabilityBrown* Failure to park *Lancelot CapabilityBrown
68ZIP4x5 User’s Manual7.6.3 Conference CallWhen you park a conference call, the ZIP4x5 parks each of the calls that comprise the conferencecall sequentially. The phone system returns a two digit park number for each of the calls in yourconference call. For example, if you had three parties in a conference call, the phone displays:The phone system normally issues sequential numbers for the park numbers, but this cannot beguaranteed.When you park the conference call, the parties to the call hear music on hold and cannotcommunicate with one another until you pickup the call as described in section 7.7 on page 68.17.6.4 Failure to Park a Conference CallIf the park is unsuccessful, the phone displays XX instead of a park number:The phone retains this display until you press a key, lift the handset, or replace the handset, afterwhich it displays the screen that the phone was showing prior to you attempting to park the call.You remain connected to the party or parties that were not parked.You can try to park the call again, but if your attempts to park a call fail repeatedly, you shouldconsult your system administrator.7.7 PickupThe functionality of call park and call pickup are dependent on the phone system. You can pickupan individual call or a conference call that has been parked with the Park function as described insection 7.6 on page 66. You can pickup a call that you parked yourself or that another person parked. You cannot pickupa call that was parked if the other party terminated the call while the call was parked.Park on 57 58 59Conference call1. This is different from placing the conference on hold as described in section 9.8.2 on page 127.Park on 57 XX 58Conference call* Failure to park *
7. Special Functions 697.7.1 Individual CallYou can resume a conversation that has been previously put on hold with the Park function usingany ZIP4x5 phone. Press the Pickup button. The phone lights the LED continuously red on thePark button and displays:Enter the two digit number for the parked call and press the Enter button or the # key. If youspecify an invalid number (or if the party who was parked terminated the call in the mean time),the phone displays:If the phone is off hook, the phone will play the fast busy tone when you have entered an invalidnumber. You can enter a valid number or press the Esc button to exit the function.Once the phone is connected to the parked call, the phone turns off the LED on the Pickup buttonand changes the display to the usual display of a call being connected, as described in section 9.3.5on page 109.If you forget the two digit number, call the operator for assistance. The operator may be able toassist you to find the number.If you pickup a parked call that you had not intended to pickup, park the call again. Call theoperator and tell the operator what has happened.7.7.2 Conference CallTo pickup a conference call, you must pickup each of the calls that was parked. Therefore, you usethe pickup function more than once to resume the conference. 1. Press the Pickup button.The phone lights the LED continuously red on the Park button and displays:2. Enter the two digit number for one of the parked calls and press the Enter button or the #key.You are now communicating with one of the people on the conference call.3. Press the Conf key.The phone lights the first call appearance orange and selects a second call appearance.4. Repeat from item 1 until you have picked up all members of the conference call.Pickup from}Pickup from}37(36 is invalid)Pickup from}
70ZIP4x5 User’s ManualIf you try to pickup from an invalid number, the phone display indicates the error shown in theprevious section.7.8 PageA page is an announcement sent to multiple people without those people needing to answer thephone. The phone plays the announcement through its speaker and you do not need to take thephone off hook to hear the announcement. If you have an active conversation (the LED on a callappearance button is lit continuously green or orange), the phone may or may not play theannouncement depending on the settings chosen by the system administrator. The functionalityof paging is dependent on the phone system.To make a paging announcement, do the following:1. If you have any active calls, put them on hold or terminate them.2. If you have calls in progress on all four call appearances, you cannot page. Terminate at leastone of the calls to make a call appearance available.3. Either:a. Go off hook and press the Page button; orb. Press the Page button. 4. The ZIP4x5 accesses the phone system and changes the display to:The phone shows a new bar every second and maintains the total time on the right of thethird row of the display. Every 10 s the phone clears the bars and then starts to show themone by one again.15. If the phone encounters an error, it displays one of the screens shown in section 7.9 on page71.6. The phone lights the LED on the Page button continuously red.7. The phone changes the display to:The phone displays a list of paging groups that you are allowed to page. This list is definedby the system administrator.8. Use the Up and Down buttons or the Up and Down keys to select the group you want topage and press the Enter button.PageRetrieving list••••••• 01:171. The length of time taken to access the server depends on the number of paging groups and the activity on your network.This could be anywhere from a second to a minute.Select paging group}Inside SalesFinance
7. Special Functions 71The phone selects the lowest numbered call appearance and puts the phone into speakermode.9. The phone lights the LED on the Page button to flash red for 250 ms and off for 250 ms.10. The phone changes the display to:The phone indicates which group you are paging and shows a timer that increments toindicate the duration of the page.11. Speak your paging announcement. The call control system relays it to all members of thepaging group.12. When you have finished the page, go on hook, press the call appearance button that wasbeing used, or press the Page button.7.9 Error ConditionsIf the phone encounters an error while logging in a user, logging in an ACD agent, parking a call,or paging, it will display one of the following error messages.1. In this section, the first line of the display of the screen images shows:However, if the phone receives an error while you are logging into an ACD group, thescreens will instead show:If you are parking a call, the screens will instead show:If you are attempting to make a page, the screens will instead show:2. If communications with the phone system fail, the phone displays:PagingInside Sales00:15User log inGroup log inCall parkPageUser log inError:Network failure
72ZIP4x5 User’s Manual3. If the phone system does not respond, the phone displays:4. If the phone system has asked for authentication (user address and password), and youentered these incorrectly, the phone displays:5. If the phone system does not support the function, the phone displays:6. When you press any key, the phone displays the idle screen.User log inError: Server notrespondingUser log inError: Invalid address or passwordUser log inError:Notsupported by server
73 Chapter 8Firewalls, NATs, and VPNs8.1 IntroductionMany employees work from home, using high speed Internet access via DSL or a cable modem.Home configurations often provide some protection against hackers, viruses, and other hazardsby incorporating a small router that performs firewall and Network Address Translation (NAT)services. These routers may have Virtual Private Networking (VPN) capabilities to provide secureaccess to corporate LAN. Figure 8-1 displays a typical setup for a remote employee.One disadvantage of this approach is that the IT manager must support and configure this router.The ZIP4x5 offers a more efficient approach by providing Firewall, NAT, and VPN capabilities, inaddition to normal phone features. This simplified configuration is shown in figure 8-2.Figure 8-1 Typical home network for a telecommuterFigure 8-2 A Simplified Home Network using a ZIP4x5
74ZIP4x5 User’s ManualFigure 8-3 depicts a network configuration that utilizes the ZIP4x5 operating as a remote router. A VPN tunnel is established or traversed when the ZIP4x5, or a device behind it, attempts to reachan IP address range at the headquarters. When the ZIP4x5, or devices behind it, attempt tocontact other IP addresses, the ZIP4x5 routes the traffic through its firewall and NAT.The ZIP4x5 provides two methods of setting up your remote network:•Configuration files that are accessible through the corporate TFTP server. Configuration filesare typically used by the network administrator to configure the ZIP4x5 before shipping thephone to the remote user. Appendix C, starting on page 197, describes the construction anduse of configuration files.•Web Interface Configuration Utility is accessible by entering the IP address of your ZIP4x5on your internet browser. The remote user can modify individual configuration settings withthis utility without returning the device to the administrator. Appendix D, starting on page225, describes the Web Interface Configuration Utility.This chapter describes the remote network functions available on the ZIP4x5 and provides adescription of the configuration file statements and web interface configuration utility panelsrequired to implement and configure these functions.8.2 Enabling Remote Network Support8.2.1 Network Mode DefinitionsThe ZIP4x5 defines two network configuration modes: normal network mode and remotenetwork mode:Figure 8-3 General network diagram
8. Firewalls, NATs, and VPNs 758.2.1.1 Normal Network ModeWhen the ZIP4x5 is in normal network mode, it functions as a SIP device within a LAN. You cangenerate and accept calls with the phone, but it is not configured to act as remote network router.When booting the ZIP4x5 in normal network mode, the phone’s network can be configuredthrough the DHCP server or you can set a static IP address. Normal network mode supports amaximum of eight VLANs. 8.2.1.2 Remote Network ModeWhen the ZIP4x5 is in remote mode, it performs router services between your LAN and a WAN,such as the internet. You can configure the phone to establish a VPN tunnel through the WANwith the corporate network and then provide corporate resources to the devices connected to thephone through its LAN. Remote network mode allows you to provide firewall services and act asa DHCP server for your LAN. Remote network mode supports two VLANs: one VLAN connectsthe ZIP4x5 to your LAN while the other VLAN connects the phone to the WAN.8.2.2 Setting the Network ModeYou can set the network mode through the configuration file or the Web Interface8.2.2.1 Configuration FileMode and Remote Network VLAN instructions are firewall configuration commands. Firewallconfiguration commands must be listed in the file section that is headed by [FW]. The commandsthat configure the mode and the VLAN include:.mode: This instruction determines the network mode of the phone. Valid settings are 0 and 1:•To enable Normal Network Mode, set mode = 0. All remote settings are disabled and thephone behaves as a normal SIP device.•To enable Remote Network Mode, set mode = 1. All remote settings are enabled, includingfirewall, VPN, and router support between the WAN and your LAN. When mode=1, the following parameters must also be set:—wan_vid: This instruction establishes the VLAN ID for the WAN. Valid settings range from1 to 4095; default value is 2. Within the VLAN configuration of the phone, wan_vidcorresponds to VLAN A. The tag bits for the Phone, P1, P2, P2, and the LAN are TUUUE.(See section 10.6.4 on page 173 for information on tag bits).[FW]mode=1wan_vid=2lan_vid=1[VLAN_CONFIG]mode=1Figure 8-4 Configuration File Instructions that sets the Network mode.
76ZIP4x5 User’s Manual—lan_vid: This instruction establishes the VLAN ID for the LAN. Valid settings range from1 to 4095; default value is 1. You cannot set lan_vid to the same value as wan_vid. Withinthe VLAN configuration of the phone, lan_vid corresponds to VLAN B. The tag bits for thePhone, P1, P2, P2, and the LAN are TEEEU. (See section 10.6.4 on page 173 for informationon tag bits).— Mode=1 (VLAN_CONFIG section): When in remote network mode, the ZIP4x5 does notoffer VLAN capabilities. This setting enables the LAN and WAN tag bit and ID settings.VLAN C through VLAN H are disableded when mode (firewall) = 1. Tag bits for each ofthese VLANs are set to TEEEE.8.2.2.2 Web InterfaceThe Web Interface instruction that sets the network mode is Enable Firewall, NAT, and VPN,located on the Network Setup panel shown in figure 8-5. To access the Network Setup panel,select Protected Settings | Network Setup from the Home panel.To e n a b l e Normal Network mode, verify that the Enable Firewall, NAT, and VPN is not checked.To e n a b l e Remote Network mode, verify that Enable Firewall, NAT, and VPN is checked, thenconfigure the LAN and WAN parameters located on the VLAN panel shown in figure 8-6. Toaccess this panel, select Protected Settings | VLAN from the home panel. If the Enable Firewall,NAT, and VPN option on the Network Setup panel is not selected, the Web Interface displays theVLAN configuration panel for normal network mode.Figure 8-5 Web Interface panel – Network Setup
8. Firewalls, NATs, and VPNs 778.3 WAN ConfigurationThe ZIP4x5 provides three methods for configuring its interface settings to communicate withyour WAN, normally through your ISP:•act as a DHCP client to your ISP in order to receive and set your WAN configurationinformation•use Point to Point Protocol over Ethernet (PPPoE) to access your account with your ISP•enter Fixed IP Address settings as provided by your ISP8.3.1 DHCP ClientWhen the ZIP4x5 acts as a DHCP client, you receive the WAN IP address, subnet mask, defaultgateway, and DNS server through the ISP’s DHCP server.8.3.1.1 Setting DHCP Mode through the Configuration FileSetting up the ZIP4x5 as a DHCP client requires two commands:•In the NET_CONFIG file section, set use_dhcp to yes•In the FW file section, turn off PPPoE by setting pppoe_mode to 0, then set wan_ip andwan_mask to dummy values. The ZIP4x5 replaces these values when it receives them fromthe DHCP server.Figure 8-6 Web Interface Panel – VLAN, Remote Network mode
78ZIP4x5 User’s ManualFigure 8-7 displays configuration file code that enables DHCP mode.8.3.1.2 Setting DHCP Mode through the Web InterfaceThe Web Interface instruction that sets the WAN connection for DHCP mode is located on theWAN panel shown in figure 8-8. To access the WAN panel, select Protected Settings | NetworkSetup | WAN from the Home panel. The Enable Firewall, NAT, and VPN option on the NetworkSetup panel must be selected to view this panel. To set the ZIP4x5 as a DHCP client, set Connection type to DHCP, enter dummy values for the WANIP address and subnet mask, then press the Update button.[NET_CONFIG]use_dhcp=yes[FW]pppoe_mode=0wan_ip=1.1.1.1wan_mask=255.255.255.255Figure 8-7 Configuration File Instructions to configure the ZIP4x5 as a DHCP client.Figure 8-8 Web Interface WAN panel
8. Firewalls, NATs, and VPNs 798.3.2 PPPoE ModePPPoE is used by security conscious DSL service providers that require a username and passwordto establish a connection. A basic network diagram is shown in figure 8-9. The ZIP4x5 replaces theRouter with PPPoE and supplies a username and password to the PPPoE server at the ISP. TheZIP4x5 discovers the PPPoE server through a broadcast mechanism and learns its IP address andother network settings from the ISP.8.3.2.1 Setting Up PPPoE through a Configuration FileSetting PPPoE Mode with the configuration file requires the following commands:•In the NET_CONFIG file section, set use_dhcp to no•In the FW file section, turn on PPPoE by setting pppoe_mode to 1, specify a user name(pppoe_user) and password (pppoe_pwd), then set wan_ip and wan_mask to dummy values.The ZIP4x5 replaces these values when it receives them from the PPPoE server.Figure 8-10 displays an example of code that enables PPPoE mode.8.3.2.2 Setting PPPoE Mode through Web InterfaceThe Web Interface instruction that sets the WAN connection for PPPoE mode is located on theWAN panel shown in figure 8-8. To access the WAN panel, select Protected Settings | NetworkSetup | WAN from the Home panel. The Enable Firewall, NAT, and VPN option on the NetworkSetup panel must be selected to view this panel. Set Connection type to PPPoE and specify the User Name and User Password in the PPPoEsection of the panel. Enter dummy values for the WAN IP address and subnet mask, then pressthe Update button.Figure 8-9 Using the ZIP4x5 with PPPoE[NET_CONFIG]use_dhcp=no[FW]pppoe=1pppoe_user=dana_thomas_remotepppoe_pwd=rdds43wawan_ip=1.1.1.1wan_mask=255.255.255.255Figure 8-10 Configuration File Instructions that enables PPPoE mode.
80ZIP4x5 User’s Manual8.3.3 Fixed Address ModeWhen you specify fixed IP address mode, you must configure the static WAN IP address, subnetmask, default gateway address, and primary DNS server address. You can also specify secondaryand tertiary DNS server addresses along with NTP and TFTP server addresses. Your ISP providesthese addresses to you.8.3.3.1 Setting Up Fixed IP Addressing through a Configuration FileSetting Fixed IP Address Mode with the configuration file requires the following commands:1. In the NET_CONFIG file section:•set use_dhcp to 0•set default_gateway to the IP address provided by your ISP•set primary_dns to the IP address provided by your ISP•set secondary_dns to the IP address provided by your ISP (optional)2. In the FW file section:•set pppoe_mode to 0•set wan_IP to the fixed public IP address provided by the ISP•set wan_mask to the subnet mask for the WAN interface; this is also provided by the ISP.Figure 8-11 displays an example of code that sets Fixed IP Address mode.8.3.3.2 Setting Fixed IP Addressing through the Web InterfaceThe Web Interface instruction that sets the WAN connection for Fixed Address mode is locatedon the WAN panel shown in figure 8-9. To access the WAN panel, select Protected Settings |Network Setup | WAN from the Home panel. The Enable Firewall, NAT, and VPN option on theNetwork Setup panel must be selected to view this panel. Set Connection type to Fixed IP and specify the User Name and User Password. Then press theUpdate button. Then return to the Network Setup panel (figure 8-5) and enter the IP address forthe default gateway, and the DNS servers.[NET_CONFIG]use_dhcp=nodefault_gateway=147.139.10.3primary_dns=147.139.15.0[FW]pppoe_mode=0wan_ip=147.139.20.5wan_mask=255.255.255.0Figure 8-11 Configuration File Instructions that sets the Network mode.
8. Firewalls, NATs, and VPNs 818.4 LAN ConfigurationConfiguring the LAN connection to your ZIP4x5 requires the assignment of a static IP address tothe LAN network. You can also configure the ZIP4x5 as a DHCP server for the devices located onyour LAN.8.4.1 Setting the IP AddressSetting the IP Address requires the valid IP Address and subnet mask that accesses your LAN.8.4.1.1 Setting the IP Address through the Configuration FileSetting the IP Address for the LAN requires the following commands in the NET_CONFIG filesection:•set IP_addr to the IP address for the LAN•set subnet_mask to the subnet mask of the LANFigure 8-12 displays an example of code that sets Fixed IP Address mode.8.4.1.2 Setting the IP Address through the Web InterfaceThe Web Interface instructions that sets the LAN IP address and subnet mask is located on theLAN panel shown in figure 8-13. To access the LAN panel, select Protected Settings | NetworkSetup | LAN from the Home panel. The Enable Firewall, NAT, and VPN option on the NetworkSetup panel must be selected to view this panel.8.4.2 Configuring the ZIP4x5 as a DHCP ServerSetting up the ZIP4x5 as a DHCP server provides a resource for devices on your LAN to obtaindynamic IP addresses and network configuration parameters, as shown in figure 8-14. Thefollowing data is provided by the ZIP4x5 DHCP server:Dynamic IP Addresses: The dynamic addresses that the ZIP4x5 DHCP server provides shouldbelong to the private address spaces defined in RFC 1918:—10.0.0.0 - 10.255.255.255 (10/8 prefix)—172.16.0.0 - 172.31.255.255 (172.16/12 prefix)—192.168.0.0 - 192.168.255.255 (192.168/16 prefix)Lease Duration. This specifies the period that client PCs can maintain their dynamic IP addresswithout renewing their lease.DNS Server: Specifies the address of the DNS server accessible to the LAN. The ZIP4x5 DHCPServer can provide up to three server addresses.Domain Name: Specifies the domain name of the LAN.[NET_CONFIG]ip_addr=172.16.16.1subnet_mask=255.255.128.0Figure 8-12 Configuration File Instructions that sets the Network mode.
82ZIP4x5 User’s ManualNTP Server: Specifies the IP address of the NTP server. The ZIP4x5 DHCP Server can provide upto three server addresses.TFTP Server: Specifies the IP address of the TFTP server that is accessible to the devices on yourLAN.Figure 8-13 Web Interface LAN panelFigure 8-14 ZIP4x5 as a DHCP Server
8. Firewalls, NATs, and VPNs 838.4.2.1 Configuring the ZIP4x5 as a DHCP Server from the Configuration FileSetting up the ZIP4x5 as a DHCP server requires that the phone is not configured as a DHCPclient in the WAN Configuration, as explained in section 8.3.1. DHCP configuration requires thefollowing commands in the DHCP_SRV file section:•mode: Set mode to 1 to enable DHCP server functions. Set mode to 0 to disable DHCP serverfunctions.•start_ip: specifies the starting address of the DHCP scope. This begins the list of IP addressesthat the DHCP assigns to requesting devices.•end_ip: specifies the ending address of the DHCP scope.•o_mask: specifies the subnet mask for the DHCP scope.•lease_secs: specifies the IP Address lease duration, in seconds•o_router: specifies the IP address of the default gateway•o_dns1: specifies the IP address of the primary DNS server•o_dns2: specifies the IP address of the secondary DNS server•o_dns3: specifies the IP address of the tertiary DNS server•o_domain: specifies the default domain name•o_ntp1: specifies the IP address of the primary NTP server•o_ntp2: specifies the IP address of the secondary NTP server•o_ntp3: specifies the IP address of the tertiary NTP server•o_tftp: specifies the IP address of the TFTP serverFigure 8-15 displays an example of code that configures the ZIP4x5 as a DHCP server.8.4.2.2 Configuring the ZIP4x5 as a DHCP Server from the Web InterfaceTo access the DHCP Web Interface panel, shown in figure 8-16, select Protected Settings |Network Setup | DHCP Server from the Home panel. The Enable Firewall, NAT, and VPN optionon the Network Setup panel must be selected to view this panel. Parameter descriptions are listedin the order that they appear on the web interface panel.DHCP server mode. Set this parameter to Enabled to configure the ZIP4x5 as a DHCP server. Setthis parameter to Disabled to disable server functions.[DHCP_SRV]mode=1start_ip=10.0.0.0end_ip=10.0.0.255o_mask=255.255.255.0lease_secs=3600o_router=10.1.32.5o_dns1=10.1.15.4o_domain=zultys.como_ntp1=10.1.18.2o_tftp=10.1.11.224Figure 8-15 Configuration File Instructions that configures the ZIP4x5 as a DHCP server.
84ZIP4x5 User’s ManualStarting IP address. This parameter specifies the starting address of the DHCP scope. This beginsthe list of IP addresses that the DHCP assigns to requesting devices.Ending IP address. This parameter specifies the ending address of the DHCP scope.Subnet mask. This parameter specifies the subnet mask for the DHCP scope.Lease duration. This parameter specifies the IP Address lease duration.DHCP options. These data entry boxes configure the IP addresses that the ZIP4x5 returns to itsclient devices.8.5 FirewallThe firewall defines the attributes of the data packets that the ZIP4x5 allows passage through tothe LAN and WAN. Figure 8-16 Web Interface DHCP Server panel
8. Firewalls, NATs, and VPNs 858.5.1 Component DescriptionThe ZIP4x5 firewall comprises the following two components: The LAN filters and the WANfilters.8.5.1.1 LAN FiltersThe LAN filters determine the packets that the firewall prohibits from being sent from the LANto the WAN. By default, the ZIP4x5 grants full access to the WAN (internet) for packetsoriginating from LAN devices.Each LAN filter statement comprises a set of filters. Each filter is made up of the followingcomponents:•name: This parameter is the firewall label.•protocol: This parameter specifies the protocol of the packets that are prohibited from passingthrough the firewall.•address: This parameter specifies the source IP address of the packets that are prohibited frompassing through the firewall.•port: This parameter specifies the port number of the packets that are prohibited from (LANfirewall) passing through the firewall.Firewall filters are prioritized such that packets are evaluated against them in sequential order.You can also enable or disable individual filters.8.5.1.2 WAN FiltersWAN filters determine the packets that the firewall allows to pass from the WAN to the LAN. Thefirewall also allows packets into the LAN that are direct responses to data originally sent from theLAN. By default, the ZIP4x5 denies access to the LAN for all packets originating from the WAN(internet).Each WAN filter statement comprises a set of filters. Each filter is made up of the followingcomponents:•name: This parameter is the firewall label.•protocol: This parameter specifies the protocol of the packets that are allowed to pass throughthe firewall.•address: This parameter specifies the IP address of the LAN device that will receive thepackets that match the protocol and port listed by this filter.•port: This parameter specifies the port number of the packets that are allowed to pass throughthe firewall.Firewall filters are prioritized such that packets are evaluated against them in sequential order.You can also enable or disable individual filters. Figure 8-17 displays a sample network with the ZIP4x5 functioning as a firewall.8.5.2 Setting Up Firewalls through a Configuration FileThe FW section of the configuration file provides two firewall statements: lan_filters andwan_filters. The syntax of each statement follows:
86ZIP4x5 User’s Manuallan_filter = l_filter1 | l_filter2 | l_filter3 |... |l_filtern such that:l_filterx specifies an individual filter such that:l_filterx= l_namex#l_protx#l_addrx#l_portx#l_activexl_namex is the labell_protx is the protocol of the data packet targeted by the filtervalid entries are tcp, udp, icmp, alll_addrx is the origin IP address of data packets targeted by the filteraddress range is specified by address/prefix notation example syntax is 10.10.10.0/24l_portx is the origin port of targeted data packetsvalid for only udp and tcp protocolsmultiple ports specified by colon – 10:12 indicates 10-12l_activex indicates the activity status of the filter0 - filter is not used; 1 - filter is usedwan_filter = w_filter1 | w_filter2 | w_filter3 |... |w_filtern such that:w_filterx specifies an individual filter such that:w_filterx= w_namex#w_protx#w_addrx#w_portx#w_activexw_namex is the labelw_protx is the protocol of the data packet targeted by the filtervalid entries are tcp, udp, icmp, allw_addrx is the origin IP address of data packets targeted by the filterparameter can only specify a single addressexample syntax is 10.10.10.0w_portx is the origin port of targeted data packetsvalid for only udp and tcp protocolsparameter can only specify a single portw_activex indicates the activity status of the filter0 - filter is not used; 1 - filter is usedFigure 8-18 displays the section of a configuration file that creates a firewall.Figure 8-17 ZIP4x5 Firewall
8. Firewalls, NATs, and VPNs 878.5.3 Setting the Firewalls through the Web InterfaceThe Web Interface instructions that configure the firewall is located on the Firewall panel shownin figure 8-19. To access the Firewall panel, select Protected Settings | Network Setup | Firewallfrom the Home panel. The Enable Firewall, NAT, and VPN option on the Network Setup panelmust be selected to view this panel.8.6 Static RoutesStatic routes allow you to specify a gateway for communicating with a device at a given IPaddress.[FW]lan_filters=NoWebAccessForBill#tcp#172.16.16.20#80:82#1wan_filters=AcceptFTP#tcp#172.16.16.54#21#1|AcceptSomeTelnet#172.16.16.45#23#1Figure 8-18 Configuration File Instructions that configures a FirewallFigure 8-19 Web Interface Firewall panel
88ZIP4x5 User’s Manual8.6.1 Setting Up Static Routes through a Configuration FileThe FW section of the configuration file provides a static route statement that allows you toestablish multiple static routes:static_route = route1 | route2 | route3 |... |routen where:routex specifies an individual static route with the following syntax:routex = addressx#subnetx#gatewayxaddressx is the IP address of the remote networksubnetx is subnet mask of the remote networkgatewayx is the IP address that must be used to reach the target.8.6.2 Setting the Firewalls through the Web InterfaceThe Web Interface instruction that sets the static routes is located on the Static Routes panelshown in figure 8-21. To access this panel, select Protected Settings | Network Setup | StaticRoutes from the Home panel. The Enable Firewall, NAT, and VPN option on the Network Setuppanel must be selected to view this panel.[FW]static_routes=210.1.0.0#255.255.252.0#172.3.1.8|10.5.0.0#255.255.240.0#172.16.16.20Figure 8-20 Configuration File Instructions that configures Static RoutesFigure 8-21 Web Interface Static Route panel
8. Firewalls, NATs, and VPNs 89Each row specifies one static route:•Destination Network: This parameter is the IP address of the device(s) at the route’s end.•Subnet Mask: This parameter is the subnet mask of the device(s) at the route’s end.•Gateway: This parameter specifies the IP address of the device that must be accessed to reach thetarget device.8.7 Virtual Private Networks (VPN)8.7.1 DescriptionA virtual private network (VPN) uses a public telecommunication infrastructure, such as theInternet, to provide remote offices or individual users with secure access to their organization'snetwork. A VPN maintains privacy through security procedures and tunneling protocols thatencrypt data at the sending end and decrypt it at the receiving end. An additional level of securitycan be added by also encrypting the originating and receiving network addresses.VPN connections link local area networks. The traffic that flows between these networks passesthrough shared resources such as routers, switches, and other network equipment that make upthe public wide area network (WAN). VPN communications are secured through an IP Security(IPsec) tunnel.Figure 8-22 shows an example of a VPN tunnel between a small office and its corporateheadquarters.Figure 8-22 VPN tunnel between a small office and a corporate headquarters
90ZIP4x5 User’s Manual8.7.1.1 IP Security (IPsec)Internet Protocol Security (IPsec) is a framework for a set of protocols that secures networkcommunications at the packet processing layer. IPsec is useful for implementing VPNs and forremote user access through dial-up connections to private networks. IPsec handles securityarrangements without requiring changes to individual user computers.IPsec protocols define the following VPN attributes:Packet Encapsulation Mode: The packet encapsulation mode determines the structure of the IPpacket that is sent through the VPN. The ZIP4x5 uses Tunnel Mode, where the original IP packetis encapsulated within another IP payload, with a new header appended to it.Authentication and Encryption: These protocols determine the method of authenticating andencrypting packets that are sent through the VPN. Key Management Method: Key management refers to the means that keys are distributed to VPNparticipants. The ZIP4x5 supports AutoKey IKE and Manual Keys:•AutoKey IKE uses the Internet Key Exchange (IKE) protocol to automatically generate andnegotiate keys.•In Manual Key mode, administrators on both ends of the tunnel configure all securityparameters. While this is a viable technique for small static networks, key management overconfigurations across great distances pose security issues. Manual key mode is sometimesnecessary with ISPs having firewalls that do not allow passage of connections in IKE mode.8.7.2 Establishing a VPN using AutoKey IKEAutoKey IKE utilizes Tunnel Negotiation to synchronize the methods and parameters that the VPNparticipants will use to secure communications through an IPsec tunnel. Two negotiation phasesare required to establish an AutoKey IKE IPSec tunnel and agree upon the Security Association(SA) parameters. An SA is a unidirectional agreement between the participants regarding themethods and parameters that will secure tunnel communications.Phase 1. The participants establish a secure channel for negotiating the Security Associations.Phase 2. The participants negotiate the Security Associations for encrypting and authenticatingthe ensuing data exchanges.8.7.2.1 Phase 1Phase 1 of an AutoKey IKE tunnel negotiation consists of the exchange of proposals for how toauthenticate and secure the channel. The participants exchange proposals for the followingsecurity services:Authentication algorithms. The ZIP4x5 supports sha1 and md5.Encryption algorithms. The ZIP4x5 supports 3des, des, blowfish, cast128.A Diffie-Hellman Group. The Diffie-Hellman (DH) exchange is used to generate new keys. TheZIP4x5 uses DH Group 2 for all Phase 1 negotiations.Preshared Key. A Preshared key is a key used for encryption and decryption that must bepossessed by both participants before initiating communication. The maximum length of thepreshared key is 128 characters.
8. Firewalls, NATs, and VPNs 91Key Lifetime. The ZIP4x5 supports a phase 1 key lifetime of 28,800 seconds. This parametercannot be altered.A successful Phase 1 negotiation concludes when both ends of the tunnel agree to accept at leastone set of the Phase 1 security parameters. The ZIP4x5 offers three phase 1 negotiation modes:Main Mode. This mode features three two-way exchanges that protect the identities of theparticipants. Main mode is difficult to efficiently use when a VPN peer uses its identity as part ofthe authentication process.Aggressive Mode. This mode features two exchanges (three messages) in which the identities ofthe participants are exchanged in the clear.Base Mode. This mode features four messages where the initiator sends authentication data alongwith the key exchange payload; this allows the responder to verify the senders identity beforeresponding with a key exchange payload.8.7.2.2 Phase 2After the participants establish a secure and authenticated channel, they proceed through Phase2 to negotiate the Security Associations for securing data to be passed through the IPSec tunnel.In a process that is similar to Phase 1, the participants exchange proposals to determine thesecurity parameters. Phase 2 proposals include an authentication algorithm, an encryptionalgorithm, and can specify a Diffie-Hellman group to implement Perfect Forward Secrecy.Authentication algorithms. The ZIP4x5 supports hmac_md5 and hmac_sha1.Encryption algorithms. The ZIP4x5 supports rijndael and 3des.Perfect Forward Secrecy. Perfect Forward Secrecy (PFS) is a method for deriving Phase 2 keysindependently from the preceding keys. When PFS is not implemented, the Phase 1 proposalcreates the key from which all Phase 2 keys are derived. The originating key can generate Phase2 keys with a minimum of CPU processing. If an unauthorized party gains access to theoriginating key, all successive encryption keys are compromised. PFS addresses this security riskby forcing a new Diffie-Hellman key exchange for each Phase 2 tunnel. Although using PFS ismore secure, enabling PFS may require more time to perform the rekeying procedure. When PFSis enabled, the ZIP4x5 uses DH Group 2 for all Phase 2 negotiations.8.7.3 Establishing a VPN using Manual KeysManual keys require the agreement of VPN security parameters and keys by the networkadministrators prior to the establishment of the VPN. The ZIP4x5 supports the following ManualKey parameters:•authentication algorithms – The ZIP4x5 supports hmac_md5 and hmac_sha1.•encryption algorithms – The ZIP4x5 supports rijndael and 3des•encryption key – This parameter specifies the encryption key. Each VPN participant must enterthe same key. It is recommended that the length of the key be at least 16 bytes.•authorization key – This parameter specifies the authorization key. Each VPN participant mustenter the same key. It is recommended that the length of the key be at least 16 bytes.
92ZIP4x5 User’s Manual•security parameter index – The Security Parameter Index is a data field that identifies theSecurity Association. It must be exactly 8 hex digits. Each VPN participant defines an inboundand outbound SPI; the inbound SPI of the local end must match the outbound SPI at theremote end.8.7.4 Setting Up VPNs through a Configuration FileEstablishing a VPN with a configuration file requires the following commands in the Firewall filesection.8.7.4.1 Commands for AutoKey IKE Mode and Manual Key modeipsec_mode. This command enables VPN support and specifies the key management method thatyour VPNs use:—ipsec_mode=0 VPN mode is disabled—ipsec_mode=1 VPN mode is enabled and uses autokey IKE—ipsec_mode=2 VPN mode is enabled and uses manual keysremote_lan_net. This command specifies the IP address of the remote LAN. Address format isnet/prefix.remote_wan_ip. This command specifies the IP address of the remote VPN gateway.encrypt_algo. This parameter specifies the encryption algorithm for data transfer (manual) orphase 2 negotiations (AutoKey). Valid settings include rijndael and 3des.auth_algo. This parameter specifies the authentication algorithm for data transfer (manual) orphase 2 negotiations (AutoKey). Valid settings include hmac_md5 and hmac_sha1.8.7.4.2 Commands for AutoKey IKE Modep1_encrypt_algo. This command specifies the phase 1 negotiation algorithm. Valid settingsinclude 3des, des, blowfish, and cast128.p1_hash_algo. This command specifies the phase 1 negotiation hash algorithm. Valid settingsinclude sha1 and mds.p1_mode. This specifies the phase 1 mode. Valid settings include main, aggressive, and base.psk. This command specifies the preshared key.pf_secrecy. This command specifies the method for deriving phase 2 keys:—pf_secrecy=0 off—pf_secrecy=1 perfect forward secrecy is used to derive phase 2 keys.key_lifetime. This command specifies the period that a key is valid. After the lifetime expires, thekey must be renegotiated. Valid settings include x hour, x min, x sec.my_ident. This parameter specifies the user IP address and is valid only if p1=aggressive.
8. Firewalls, NATs, and VPNs 938.7.4.3 Commands for Manual Keys Modeencrypt_key. The parameter specifies the encryption key used in manual key mode. Valid settingmust be double-quoted character string or a series of hexadecimal digits preceded by ‘0x’. Thisparameter is valid only if ipsec_ mode=2.authkey. This parameter specifies the authorization key when in manual key mode. Valid settingmust be double-quoted character string or a series of hexadecimal digits preceded by ‘0x’. Thisparameter is valid only if ipsec_ mode=2.inbound_spi. This specifies the Security Parameter Index which is a field used to identify theSecurity Association. It must be exactly 8 hex digits. The inbound SPI at the local end must matchthe outgoing SPI at the remote end. Valid only if ipsec_mode=2.outbound_spi. This specifies the Security Parameter Index which is a field used to identify theSecurity Association. It must be exactly 8 hex digits. The inbound SPI at the remote end mustmatch the outbound SPI at the local end. Valid only if ipsec_mode=2.Figure 8-23 displays an example of code that establishes a VPN tunnel.8.7.5 Establishing a VPN through the Web InterfaceThe Web Interface instruction that sets the Virtual Private Network is located on the VPN panelshown in figure 8-24. To access the VPN panel, select Protected Settings | Network Setup | VPNfrom the Home panel. The Enable Firewall, NAT, and VPN option on the Network Setup panelmust be selected to view this panel.Parameter descriptions are listed in order of appearance on the panel.8.7.5.1 General Parameter DescriptionsEnabled / Disabled: Select Enabled to establish a VPN from your ZIP4x5.Remote IP network. This command specifies the IP address of the remote LAN. Address format isnet/prefix.Remote IP network gateway. This command specifies the IP address of the remote VPN gateway.Encryption. This parameter specifies the encryption algorithm for data transfer (manual) or phase2 negotiations (AutoKey). Valid settings include aes and 3des.[FW]ipsec_mode=1remote_lan_net=172.16.0.0/20remote_wan_ip=180.1.0.50p1_encrypt_algo=rijndaelp1_hash_algo=sha1p1_mode=aggressivepsk=JUNKpf_secrecy=0key_lifetime=1 hourencrypt_algo=3desauth_algo=hmac_md5my_indent=“user_name@zultys.com”Figure 8-23 Configuration File Instructions that establishes and AutoKey IKE VPN.
94ZIP4x5 User’s ManualAuthentication. This parameter specifies the authentication algorithm for data transfer (manual)or phase 2 negotiations (AutoKey). Valid settings include md5 and sha1.Key Management. This parameter specifies the key management method. Valid settings areAutomatic IKE and Manual.8.7.5.2 Automatic Parameter DescriptionsPerfect Forward Secrecy. This command specifies the method for deriving phase 2 keys:—pf_secrecy=0 off—pf_secrecy=1 perfect forward secrecy is used to derive phase 2 keys.When pfs is enabled, the ZIP4x5 uses DH Group 2 for all phase 2 negotiations.Pre-shared key. This parameter specifies the preshared key.Figure 8-24 Web Interface VPN panel
8. Firewalls, NATs, and VPNs 95Key Lifetime. This command specifies the period that a key remains valid. After the lifetimeexpires, the key must be renegotiated. Valid settings includes 12 hours, 3600 seconds, and 30minutes.8.7.5.3 Manual Parameter DescriptionsEncryption key. This parameter specifies the encryption key used in manual key mode. Validsetting is either a double-quoted character string or a series of hexadecimal digits preceded by ‘0x’.Authentication key. This parameter specifies the authorization key when in manual key mode.Valid setting is either a double-quoted character string or a series of hexadecimal digits precededby ‘0x’. Inbound SPI. This specifies the Security Parameter Index, which is a field that identifies theSecurity Association. It must be exactly 8 hex digits. The inbound SPI at the local end must matchthe outgoing SPI at the remote end.Outbound SPI. This specifies the Security Parameter Index, which is a field that identifies theSecurity Association. It must be exactly 8 hex digits. The inbound SPI at the remote end mustmatch the outbound SPI at the local end.8.7.5.4 Phase 1 Settings DescriptionsEncryption Algorithm. This command specifies the phase 1 negotiation algorithm. Valid settingsinclude 3des, des, blowfish, and cast128.Hash Algorithm. This command specifies the phase 1 negotiation hash algorithm. Valid settingsinclude sha1 and mds.Mode. This command specifies the phase 1 mode. Valid settings include main, aggressive, andbase.User FQDN. This parameter specifies the user IP address and is valid only if p1=aggressive. Validsetting is a fully qualified domain name.
96ZIP4x5 User’s Manual
97 Chapter 9Using the Phone9.1 Going Off Hook and On HookYou can use the handset, headset, or speaker for any call and easily switch between them – evenduring the same call. Subsequent sections detail the processes for making and terminating a call.This section briefly describes how to select between the three audio paths.9.1.1 Using the Handset, Headset, and SpeakerTo use the handset, pick it up. When you have finished using it, replace it in the cradle.To use the headset, press the Hook button. When you have finished using it, press the Hookbutton again. When the headset is active, the phone lights the LED on the Hook buttoncontinuously red. When the headset is inactive, the phone turns off the LED. You can also use a Bluetooth wireless headset with your ZIP4x5. To activate Bluetooth mode,select Menu | User Settings | Bluetooth | Enable, then press the Enter button. Section 10.5.7 onpage 155 describes the process of detecting available Bluetooth headsets and pairing a Bluetoothheadset with your phone. To initiate a call with a Bluetooth headset that is paired with your phone, turn on the headset. Thedisplay shows the following Bluetooth icon when Bluetooth is enabled and the phone is able tocommunicate with your headset:If Bluetooth is enabled, but the phone is not paired with a headset or cannot sense the headset towhich it is paired, it will display the Bluetooth icon with a dash in the middle of the headset:To use the speaker, press and release the Speaker key. When you have finished using it, press thekey again. When the speaker is active, the phone lights the LED on the Speaker key continuouslyred. When the speaker is inactive, the phone turns off the LED.ZIP 4x5 SIP PhoneúFri 23 Apr 04 14:24ZIP 4x5 SIP PhoneùFri 23 Apr 04 14:24
98ZIP4x5 User’s Manual9.1.2 Off HookThe term off hook means that you do one of the following:•pick up the handset•press the Hook button so that it is active (LED is lit continuously red)•press the Speaker key so that the speaker is active (LED is lit continuously red)The phone is said to be off hook when you have done any one of these things.9.1.3 On HookThe term on hook means that you do all of the following:•replace the handset in the cradle•press the Hook button so that it is inactive (LED is off)•press the Speaker key so that the speaker is inactive (LED is off)The phone is said to be on hook when all of these conditions are met.9.1.4 Switching Between the Handset, Headset, and SpeakerIf you are using the handset and want to:•use the headset, press the Hook button and replace the handset in the cradle•use the speaker, press the speaker key and replace the handset in the cradleIf you are using the headset and want to:•use the handset, pick up the handset•use the speaker, press the speaker keyIf you are using the speaker and want to:•use the handset, pick up the handset•use the headset, press the Hook button9.1.5 Disconnecting the Handset or Headset9.1.5.1 HandsetThe phone cannot detect whether a handset is connected or not. Therefore if you connect ordisconnect a handset during a call, the phone does not change its state. 9.1.5.2 HeadsetBefore a Call. If you connect a headset to the headset jack before making a call, you can use it tomake or receive subsequent calls.
9. Using the Phone 99During a Call. If you are using a headset and unplug it during a call, the phone continues to sendthe sound to the headset jack. You cannot hear the other person and he or she cannot hear you.To resume the conversation, plug the headset back into the plug, lift the handset, or press theSpeaker button.If you connect a headset to the headset jack during a call, and the Hook button was inactive, thenwhen you subsequently press the Hook button you can use the headset. If the Hook button wasactive when you inserted the headset you cannot use it during the current call.9.2 Making a CallTo make a call, you normally want the phone to be in the idle state (see section 6.3.1 on page 50).You can obtain dial tone before you dial, or you can make a call without hearing a dial tone.1Section 9.2.1 on page 99 and section 9.2.2 on page 101 describe how to dial a number. You can alsomake a call by dialling a SIP address as described in section 9.2.6 on page 102.You can make a call by dialling from memory (the phone book) as described in section 9.7.5 onpage 124, or by dialling from the list of recent calls as described in section 9.7.5 on page 124.You can directly call from one ZIP4x5 to another without the aid of a call control system, asdescribed in section 9.2.9 on page 105 Important This type of phone is different from phones that have been in common use forthe past 100 years. On those older phones, as you press a button to dial a digit,the phone transmits the digit to the telephone exchange. On the ZIP4x5, thephone sends all the digits as a complete message and you therefore need toinform the phone when you have entered all the digits. The phone thenassembles the complete message and sends it to the SIP server.9.2.1 Dialling a Number After You Get Dial Tone1. Do one of the following:a. Take the phone off hook.2•If all four call appearances are in use, nothing happens.•If there is a free call appearance, the phone selects the lowest numbered callappearance that is free. The phone flashes the LED on that call appearance buttongreen for 250 ms and off for 750 ms.3 This indicates the call appearance has beenreserved but is not yet in use.•The phone provides dial tone to the handset, headset, or speaker as appropriate.4b. Press one of the call appearance buttons that has its LED turned off.1. It is not necessary to receive a dial tone. If the phone is connected to the switch, you can make a call. This is similar tothe way you use a PC. If it is connected to the network, you can access the network – you do not require any audiblefeedback prior to accessing the network.2. See section 9.1.2 on page 98 for a definition of off hook.3. A summary of the meanings of the LEDs for the call appearance buttons is given in appendix B on page 193.4. The tone that you hear is generated by the phone. You select that to match the tone commonly in use in your country.Section 10.5.10 on page 160 describes how you select the country where you live.
100ZIP4x5 User’s Manual•The phone reserves the call appearance and indicates this by flashing the LED on thatcall appearance button green for 250 ms and off for 750 ms.•The phone selects speaker mode and provides dial tone to the speaker.2. The phone shows:The number on the first row is the call appearance that has been reserved for this call.3. Enter the digits.1•As you enter the digits, the phone displays the digits, for example:•The phone plays the DTMF digits to the handset, headset, or speaker as appropriatewhile you type them.•The phone flashes the LED on the call appearance button fast, which is a prompt for youto press it.4. When you have finished entering all the digits, do one of the following:a. Press the # key.2b. Press the call appearance button that is flashing green.3c. Wait three seconds, after which time the phone assumes that you have entered all thedigits.5. The phone will play the DTMF digit for the # key.6. The phone will send the dialled digits. It plays no sound while it does this.7. The phone will change the display to (for example):The first line of the display shows the call appearance that is being used for the call.8. The phone indicates the call appearance that is being used by changing the flashing for theLED on the call appearance button. The LED will be lit for 750 ms and flash off for 250 ms.1. Call•1. At this point, you can dial from a memory location in the phone book. When you do so, you don’t need to enter anydigits or do any of the items listed in step 4. See section 9.7.3 on page 122 for details.1. Call408832802. If you want to send a # digit as part of the dialled name or number, see section 9.2.3 on page 101.3. If you press any other call appearance button, the phone will clear the display and assume you want to make a new call.1. Calling4083280450
9. Using the Phone 1019. While the call is proceeding, the phone plays ringback tone. This may be generated by thephone according to the country selection that you have made.10. When the call is established (the called party has answered) the phone lights the LED on thecall appearance button green continuously.9.2.2 Dialling a Number without Dial ToneYou can make a call without having to hear a dial tone or the digits being dialled. You can do thiswhile the phone is in the calculator mode. This mode is called “hot key dialling”.1. Enter the digits. The phone shows the digits on the screen. As you enter the digits the phonedoes not play the DTMF sounds for the digits.2. Do one of the following:a. Pick up the handset. The phone selects the lowest number call appearance that isavailable and sends the digits.b. Press the Hook button. The phone selects the lowest number call appearance that isavailable, sends the digits, and routes the sound to the headset.c. Press the Speaker key. The phone selects the lowest number call appearance that isavailable, sends the digits, and puts the phone into speaker mode.d. Press one of the call appearance buttons. The phone sends the digits and puts the phoneinto speaker mode.e. Press the # key. The phone selects the lowest numbered call appearance that is available,sends the digits, and puts the phone into speaker mode. The phone does not play theDTMF digit for the # key.You can also dial directly from the phone book without a dial tone as described in section 9.7.3 onpage 122.9.2.3 Sending a # as Part of the NumberWhen you are entering a number and you press the # key the phone interprets that as the end ofthe number and sends the number to the switch without the #. If you need to send a # as part ofthe string, press the Func key. The phone changes the top row of the display to show:The keys now allow you to enter letters as well as numbers. This is more fully described in section9.2.6 on page 102. Press the * key twice to display characters that you can select. Use the rightarrow on the volume key to highlight the # character, then press the * key again. Finally, pressthe Func key so that the keys enter only numbers again.9.2.4 Dialling When in Calculator ModeYou can keep the phone normally in calculator mode as described in section 9.9.9 on page 132 andstill be able to make and receive calls. When you want to make a call, you can do so with orwithout a dial tone.1. Call Func:abc
102ZIP4x5 User’s ManualIf you want to dial a SIP address, you must exit calculator mode first.1. Do one of the following:a. Lift the handset or press the Hook button.b. Press one of the call appearance buttons that is not lit.2. The phone exits calculator mode, reserves a call appearance, and provides dial tone.3. Dial the number or address as described in section 9.2.1 on page 99.When you terminate the call, the phone returns to calculator mode if there is no activity on anyof the call appearances (all LEDs on these buttons are off). When the phone resumes the calculatormode, the phone displays the state of any calculation that you had started.9.2.5 Making a Call While Accessing the MenuIf you are accessing the menu and want to make a call, you can do so only by getting dial tonefirst. That is, you must go off hook or select a free call appearance as described in section 9.2.1 onpage 99. When the call terminates the phone resumes access to the menu exactly as it was priorto the call. The phone automatically exits the menu function 60 s after the end of the call if you donot press any keys or buttons.If you are accessing the phone book, and have used the search function to locate a name, number,or address, then when you go off hook or select a call appearance, the phone calls that contact andexits the menu function.9.2.6 Dialling Using a SIP Address9.2.6.1 PurposeWhen you dial using a SIP address, you don’t need to know a person’s phone number. This is agood method of making a call if the person’s address has been created logically. You can use anyof the schemes described in section 9.2.1 on page 99 or section 9.2.2 on page 101. If the phone isin calculator mode see section 9.2.4 on page 101 for how to make the call.A SIP address is normally written as:SIP:name@domainFor example:SIP:john.doe@zultys.comWith the ZIP4x5, you must not write “SIP:” because the phone will automatically insert that foryou. Also, when you call an address that is within the same domain as your phone, you do notneed to enter the domain name.9.2.6.2 Entering an AddressTo dial using a SIP address, you must take the phone out of calculator mode. See section 9.9.8 onpage 132 for details. It is easier to enter an address in this manner without first selecting a callappearance or obtaining dial tone. When you have selected a call appearance, the phone timesout between you entering characters and sends the characters. This time-out might be too shortwhen creating an alphanumeric address.
9. Using the Phone 103To enter an alphanumeric address instead of a numeric address, press the Func key once. Thedisplay shows Func:abc on the top row. The function key in this mode locks the use of the keysso that you do not need to repeatedly press the Func key.The digit keys 2 to 9 allow you to type the letters of the alphabet that are displayed on those keys.When you press a key, it selects the first character. If you quickly press the key again, it selects thesecond letter and so on. When you repeatedly press the key, the phone selects the next characterin sequence, then the number of the key, then it scrolls back to the first letter.To scroll through the list of characters, press the key within 800 ms of the last press. If you takelonger than this, the cursor position moves to the right and when you next press the key you willselect the first letter in the list. If you want to select a character from the same key to be the nextcharacter you enter, you can wait or you can press the right arrow on the volume key.To select upper case characters instead of lower case characters, press the # key. The displayshows Func:ABC on the top row. To return to selecting lower case characters, press the # keyagain. The arrow on that key reminds you the key is used to shift between upper and lower casecharacters.The maximum length of a SIP address is defined to be 256 characters. However, the ZIP4x5 willallow you only to enter 64 characters. Once you reach that limit, the phone will not accept morecharacters.9.2.6.3 Character Mapping on Numeric KeysThis is a list of the characters selected by repeatedly pressing the various keys:1. ~, -, _, !, 12. a, b, c, 2; or A, B, C, 23. d, e, f, 3; or D, E, F, 34. g, h, i, 4; or G, H, I, 45. j, k, l, 5; or J, K, L, 56. m, n, o, 6; or M, N, O, 67. p, q, r, s, 7; or P, Q, R, S, 78. t, u, v, 8; or T, U, V, 89. w, x, y, z, 9; or W, X, Y, Z, 90. @, space, 0*. * then selection9.2.6.4 Using the * KeyWhen you press the * key, the ZIP4x5 selects the * which can be sent as a part of a dialled number,either by SIP or as a DTMF digit. If you press the * key twice within 800 ms, you can select frommany different symbols. The phone changes the display to:Select character:.,:;-_#*()'"@&%/\<>~+÷=±µ°?!§$€¥
104ZIP4x5 User’s ManualThe cursor is at the dot character. Use the left and right arrows on the volume key or the Up andDown buttons to move the cursor. Press the Esc button to exit this mode. When the cursor ishighlighting the character you want to select press any other key. The phone places the characteryou selected in place of the * that it originally displayed.1You can enter a dot (period or full stop) quickly by pressing the * key three times.9.2.6.5 Exiting Alphanumeric modeYou can put the phone out of the alphanumeric mode by pressing Func at any time. This willallow you to easily enter digits that may be part of the address. You can return the phone toalphanumeric mode by pressing the Func key again.9.2.6.6 DisplayThe process for making a call to a SIP address, and what the LCD shows during the process, aresimilar to that described in section 9.2.1 on page 99 and section 9.2.2 on page 101 for dialling anumber. When you are entering the address, the display shows:9.2.6.7 Editing the AddressUse the volume key as described in section 9.2.7 on page 104.9.2.6.8 Sending the AddressTo send the address (and initiate the call), lift the handset, press the hook button, press thespeaker key, or press a call button. If you did one of these prior to entering the address, press the# key twice or wait three seconds.9.2.6.9 LEDsThe LEDs operate as they do when you enter a numeric phone number.9.2.7 Editing a NumberYou can edit a number or SIP address that you have entered by using the volume keys.When you press the right arrow, the cursor moves forward through the digits. If the cursor wasat the last digit, the phone places the cursor at the first digit.When you press the left arrow, the phone deletes the character to the left of the cursor.2 If you pressthe left arrow when the cursor is at the first character, the phone moves the cursor to the positionafter the last character (and it therefore does not delete any character).1. You cannot use some of these characters as part of an address. The SIP address is formulated based on the same rulesas an email address.Call: Func:abcjohn.doe@z•2. This is equivalent to the backspace action on a computer’s keyboard.
9. Using the Phone 105For example, suppose you want to dial the number 12345, but instead you enter:You can either press the left arrow twice, to get:Then enter 345. Or, press the right arrow three times so that the cursor is at the 4. Then enter 3.The digit three is inserted before the digit 4.9.2.8 Dialling an Invalid DestinationWhen you initiate the call, the phone performs a simple check on the number or address that youentered. If this is invalid, the phone displays:The phone retains this display for three seconds before returning to whatever was displayed priorto your initiating the call (usually the idle display). If you had selected a call appearance, it willbecome idle after five seconds.9.2.9 Making a Call Without a SIP ProxyThe ZIP4x5 is intended for use with a telephone system but it is possible to use it without one.You might do this if you have two phones either directly connected or isolated on a network. Tomake the call, you must know the IP address of the phone you want to call or the other devicemust have an FQDN that your ZIP4x5 can resolve with a DNS server.To make a call directly to the other device, ensure that:•your phone has a unique IP address•your phone has not registered with a SIP registrar•you know the IP address and device ID of the phone you want to contactThe following instructions contain many steps, some of which may not be applicable, dependingon the configuration of the phone prior to your using it:1. Log into the phone using the password as described in section 10.6.1 on page 165.2. Disable DHCP, set a static IP address, subnet mask and default gateway, as described insection 10.6.2 on page 166.13. Remove the address of the TFTP server and the address of the SIP outbound proxy, asdescribed in section 10.6.2 on page 166.1245121. Invalid address408€321. It is not a requirement that the phones have a static IP address. However, if you use DHCP, the phone may receive anew IP address after its lease expires. You will have to find out this new IP address before you can make a call to thatphone.
106ZIP4x5 User’s Manual4. Assign a unique device ID to the phone and remove the domain name as described in section10.6.5 on page 176.5. Repeat these steps for the other phone.6. Connect the phones so that they can be accessed over the LAN.7. Create a call from one phone to the other using the method outlined in section 9.2.6 on page102, but address the other phone by its device ID and IP address:For example, if the two phones have device IDs of East and West, you might make a call fromEast to West by typing:If the other phone has an FQDN, you might enter:8. If you want to repeatedly make calls in this manner, enter the address into a memorylocation, as described in section 10.2.2 on page 135. Dial the number from memory asdescribed in section 9.7.3 on page 122.9.3 Call Proceeding and Call Answered9.3.1 CallingWhen you have started to make a call, the display changes to:The display shows the call appearance that is in use for this call and the number or address beingcalled. The display indicates the time (minutes and seconds) since you started the call and reflectsthe time that you have been waiting for the call to connect.The phone displays the called number on the second line. In the unlikely event that the numberis greater than 20 digits, the ZIP4x5 displays the rest of the number on the third line.1. Call Func:abc<device ID>@<IPaddress>1. Call Func:abcWest@10.1.13.171. Call Func:abcWest@Zultys.West.com1. Calling40832804500:17
9. Using the Phone 107If the number that you have dialled is in your phone book, the ZIP4x5 displays the name of thecalled party instead of the phone number. It will display the name on the second and third lines.Where possible, the ZIP4x5 will split the name at a space character. For example:or:The phone will continue to use this name instead of the number for future displays during thiscall.If you have dialled the person using a SIP address, the phone will display this instead of a number.It will try to break the name at a period (full stop), “at” symbol, or other punctuation.The LED on the call appearance button flashes green for 750 ms and off for 250 ms.You will hear nothing during this phase of the call.9.3.2 Ringback9.3.2.1 ZIP4x5 to SIP Phone Calls or ZIP4x5 to ISDN CallsWhen you make a call to another SIP phone, the ringback that you hear will be generated by yourphone. The tones will be those that you have selected for the country.1If you are making a call to the PSTN, the SIP to PSTN gateway normally opens thecommunication path so that you hear the sound coming from the network. Therefore, if you arecalling a different country you will hear the ringback tone from that country. This tone may bedifferent from that used in your country.The LED on the call appearance button continues to flash green for 750 ms and off for 250 ms. Thedisplay changes to:The timer continues to show the time since you initiated the call.1. CallingZultys Technologies0:171. CallingLancelot CapabilityBrown 0:171. See section 10.5.10 on page 160 for details on how you select the country.1. Ringing40832804500:32
108ZIP4x5 User’s Manual9.3.2.2 ZIP4x5 to CAS CallsIf you are connected to the PSTN using T1 CAS circuits, your SIP to PSTN gateway may not knowthe status of the connection. It may open the speech path even though there is no ringback. TheLED on the call appearance button will then be lit solidly green.The phone behaves as if the call has been established as described in section 9.5 on page 115.Because the speech path is open, you may hear busy tone although the phone indicates that youare connected.9.3.3 Far End BusyIf the person you are calling is busy, the phone either plays the busy tone for your country or thebusy tone that is generated by the phone network at the far end. This depends whether yourserver has indication that the called party is busy or not. If your server is aware the called partyis busy, your phone flashes the LED on the call appearance button green for 750 ms and red for250 ms. The display changes to:The phone stops the timer as soon as it receives notification that the called party is busy. Thephone maintains this state until you go on hook.9.3.4 Network BusyIf the network is busy, the phone either plays the fast busy tone (congestion tone) for yourcountry or the fast busy tone that is generated by the phone network at the far end. This dependswhether your server can detect whether or not the network is busy. If it is aware the network isbusy, your phone flashes the LED on the call appearance button green and red for 250 ms eachcolor. The ZIP4x5 displays this message if the number you are calling does not exist or is not available.The display changes to:The phone stops the timer as soon as it receives notification that the network is busy.The phone maintains this state until you go on hook.1. Far end busy40832804500:281. Network busy40832804500:23
9. Using the Phone 1099.3.5 Call Answered9.3.5.1 Expanded DisplayWhen the called party answers, the phone makes the LED for the call appearance to be litcontinuously green and changes the display to:orThe display shows the duration of the call in hours, minutes, and seconds. The phone starts thistimer from zero when it is made aware that the phone is connected. Depending on the systemand the protocol used to complete the call, the phone may believe the call is connected but thecalled person has not yet answered the call.If you want to display the date and time, use the Up or Down buttons to show the call appearancesummary.1You can toggle the phone to the compressed display mode by pressing the Enter button.29.3.5.2 Call Appearance SummaryThis summary display is part of the expanded display. Press Up or Down to scroll through theexpanded displays. At the end of the list, the display changes to:The display shows the state of each call appearance as follows:•Idle. Call appearance not in use.•Call. Calling.•FrRn. The far end (called party) is ringing.•Cnct. Connected.•Busy. Far end busy.•NwBz. Network busy1. Connected408328045000:00:451. ConnectedLancelot CapabilityBrown 00:00:451. Do not press the Func key or Menu button before pressing the Up and Down buttons.2. Do not press the Func key or Menu button before pressing the Enter button.1. Cnct 2. Idle3. Idle 4. IdleSun 31 Aug 02 20:32
110ZIP4x5 User’s Manual•Ring. There is an incoming call.•Hold. You have placed the call (individual or conference call) on hold.•Conf. The person is part of a conference call.•Tr n s . You are in the middle of transferring the call.•Rejc. Call to another phone was rejected.You can toggle the phone to the compressed display mode by pressing the Enter button.9.3.5.3 Compressed DisplayWhen the phone displays the data in the compressed mode, the LED remains unchanged at solidgreen while the display changes to:or:On the top row, the phone displays:•the call appearance for this call (1 to 4)•the number you called (or the SIP address of the person you called) or the name of the personif the name exists in the phone book•a timer that indicates the duration of the callThe phone truncates the number (or name) that you have called to 12 characters so that it candisplay the duration of the call. The phone leaves a minimum of two spaces between the end ofthe phone number and the timer.The timer shows the call time in minutes and seconds until the call length has reached an hour. Itthen displays the time in hours and minutes.The phone displays the current time and date just as it does in the idle state.1You can toggle the phone to the expanded display mode by pressing the Enter button.21. 4083280450 00:45Sun 31 Aug 02 20:321. Lancelot C 00:45Sun 31 Aug 02 20:321. See section 6.3.1 on page 50 for the description of the idle state.2. Do not press the Func key or Menu button before pressing the Enter button.
9. Using the Phone 1119.3.6 Network FailureIf the phone sends a message to the SIP server that the SIP server does not answer, the phonedisplays:The phone makes the handset, headset, and speaker quiet and displays the message until youattempt to make another call or perform another task on the phone.You should contact the administrator of the system if you see this message. 9.4 Receiving a Call9.4.1 AlertingWhen you receive a call, the phone flashes the LED of the call appearance button. The LED flasheson for 250 ms and off for 250 ms.The phone plays a ringing tone on the speaker if you have no active calls and you have adjustedthe volume to be greater than zero. If you set the volume to zero, the ZIP4x5 plays no ring sound.The phone plays one ring tone for calls that originate from outside the enterprise and another forthose that originate inside the enterprise. You select the sound that is played using the menu asdescribed in section 10.5.5 on page 149. You adjust the volume as described in section 6.2.1.3 onpage 49.9.4.2 Before You Answer9.4.2.1 Expanded DisplayWhen the phone is in the expanded display mode it shows on the display:The phone shows the call appearance and the name of the called person, truncated to 14characters. This name is taken from the SIP message and not from the name you haveprogrammed into the phone. The phone shows this information because the phone could beshared by multiple people or another person might have redirected his or her calls to your phone.The phone displays the name of the caller, again taken from the SIP message. The ZIP4x5 will tryto break the name at a space character to neatly fit onto the two lines, or at a period (full stop),“at” symbol, or other punctuation if the name is a SIP address.The phone shows in each case, the display name from the SIP message if it is present, otherwiseit displays the user portion of the SIP URI.Unable tocommunicate withSIP device1. To <called name><caller’s name, 1><caller’s name, 2>
112ZIP4x5 User’s ManualFor example, the phone might show:If the SIP header had a number, the ZIP4x5 tries to match the number with numbers you haveentered into the phone book.1 If the phone finds a match, it displays the name associated withthat number in the phone book instead of the number itself. If the SIP header did not have a nameor number for the caller, it will show the SIP address of the caller.You can toggle the phone to the compressed display mode by pressing the Enter button.9.4.2.2 Compressed DisplayWhen the phone is in the compressed display mode it shows on the display:The phone truncates the caller’s name or address to 17 characters. You can toggle the phone tothe expanded display mode by pressing the Enter button.9.4.3 Receiving Multiple Calls and Call WaitingIf you receive multiple calls, the phone flashes the LEDs on the call appearance buttons for eachincoming call.If you have an active call (a call appearance button is lit continuously green or continuouslyorange), the phone plays a short beep in the currently selected audio path. You can select the tonethat is played as described in section 10.5.5 on page 149.If you have one or more calls on hold, and you have placed the phone on hook, the phone playsthe ringing tone you selected on the speaker.9.4.3.1 Expanded DisplayThe display shows the first call that was received. To view the details of other calls, press the Upand Down buttons.2 The display changes, for example:1. To Garden CottageLancelot CapabilityBrown1. The phone book is covered in detail in section 10.2 on page 133.1. Lancelot CapabiliSun 31 Aug 02 20:31. To Garden CottageLancelot CapabilityBrown2. Do not press the Func key or Menu button before pressing the Up or Down buttons.
9. Using the Phone 113Press Down:Press Down:Press Down:This example is for the case when there are three incoming calls. The meaning of theabbreviations on the fourth display is described in section 9.3.5.2 on page 109.You can toggle the phone to the compressed display mode by pressing the Enter button.9.4.3.2 Compressed DisplayThe display shows information for multiple calls. You can scroll the display by pressing the Upand Down buttons:Press Down:Press Down:The phone truncates the caller’s name or address to 17 characters. When you press the Up andDown buttons, the rows of text denoting the call appearances scroll along with the date and time.You can toggle the phone to the expanded display mode by pressing the Enter button. When youdo so, the phone displays the details of the caller that was on the top row of the compresseddisplay.2. To Garden CottageLord Blenheim3. To Garden CottageOxford Stone Masons1. Ring 2. Ring3. Ring 4. IdleTue 10 Feb 04 18:471. Lancelot Capabili2. Lord Blenheim3. Oxford stone Maso2. Lord Blenheim3. Oxford Stone MasoTue 10 Feb 04 13:243. Oxford stone MasoTue 10 Feb 04 13:2421. Lancelot Capabili

Navigation menu