Avaya TSAPI with DMCC Recording

This topic provides guidelines for configuring Avaya TSAPI interface with DMCC for CXone Multi-ACD (CXone Open).

The supported Avaya AES TSAPI versions are 8.1.3 and 10.1.

Avaya site engineer is responsible for all procedures in the Avaya environment. The procedures described in this section are by recommendation only!

Follow these steps to set up the Avaya TSAPI interface with DMCC.

Step 1: Prepare Avaya AES TSAPI Environment

Step 2:Prepare Avaya AES DMCC Environment

Step 3: (Optional) Configure the additional integration:

Step 4: Download and save the Essential Data for 3rd Party Connectivity Config in CXone Excel file. You will be required to fill in essential information as you proceed. Once you have finished entering all the necessary details and prepared your environment for CXone Multi-ACD, you must submit the Excel file to your NICE Professional Services representative.

Prepare Avaya AES TSAPI Environment

You must configure the Avaya AES TSAPI Server before you configure CXone Multi-ACD.

The supported Avaya AES TSAPI versions are 8.1.3 and 10.1.

Perform these steps to prepare the Avaya AES TSAPI environment:

Step 1: Verify the TSAPI License and Status

Step 2: Prepare the AES Environment

Step 3: Add a User

Step 4: Verify the Tlink

Step 5: Create a Secure Connection Using VPN

Step 1: Verify the TSAPI License and Status

Before configuring the Avaya TSAPI interface, you must verify that the Avaya TSAPI Service is running, and that the license is valid.

To verify the TSAPI Service and status:

  1. Log in to the AES Server. The Application Enablement Services page appears.

  2. From the menu, select AE Services.

  3. Verify:

    • The TSAPI Service Status column is Online and that the State is Running.

    • The Licensed Mode column shows Normal Mode.

Step 2: Prepare the AES Environment

An Avaya site engineer is responsible for all procedures in the Avaya environment. These procedures are recommendations and guidelines only!

In an AES environment, the AES administrator must prepare the AES-CTI link connections.

To configure the switch on the AES (general guidelines):

  1. Navigate to the AES webpage and login.

  2. Enter your Username and Password. Click Login. The Home page appears.

  3. From the menu, click Communication Manager Interface.

  4. Select Switch Connections.

  5. In the Switch Connections window, in the field add the switch name and click Add Connection. The Connection Details window for the new switch appears.

    1. In the Switch Password field, enter the switch password. The switch password must be between 12 - 16 alphanumeric characters and identical to the password assigned to the AES service in the Communication Manager.

    2. In the Confirm Switch Password field, enter the switch password again.

    3. If your Communication Manager supports Processor Ethernet, select Processor Ethernet.

    4. Click Apply. The Switch Connections window reappears.

  6. Click Edit PE/CLAN IPs. The Edit Processor Ethernet IP window appears.

  7. In the field provided, add the IP address of the Processor Ethernet/CLAN board, then click Add/Edit Name or IP.

  8. In the AES menu, click Switch Connections to return to the Switch Connections window.

  9. Click Edit H.323 Gatekeeper. The Edit H.323 Gatekeeper window appears.

  10. In the field provided, enter the IP address of one of the Processor Ethernet/CLAN boards, and click Add Name or IP. Repeat this step for all Processor Ethernet/CLAN boards.

After the CTI link is configured, the administrator should verify that the AES-CTI link connection is active and in a Talking state.

To verify the CTI link:

  1. From the AES webpage, select Status > Status and Control > TSAPI Service Summary.

  2. Check the Status is set for Talking for the relevant AES-CTI link connection.

Step 3: Add a User

The user must be added to the system via the webpage.

This procedure must be performed together with an Avaya administrator. The AES administrator must first prepare the AES-CTI link connection.

At the end of this step, you are required to provide to NICE Professional Services:

  • User credentials.

To add a user:

  1. On the AE Services menu, navigate to User Management > User Admin and click Add User.

  2. In the Add User window, configure the mandatory fields:

    1. User Id

    2. Common Name

    3. Surname

    4. User Password

    5. Confirm Password

    6. Change the CT User setting to Yes.

  3. Click Apply to save the information.

  4. Save these user credentials in the Excel file. Once you have finished entering all the necessary details and prepared your environment, submit the Excel file to NICE Professional Services.

  5. Verify that the User created successfully message appears in the Add User Results window.

  6. Provide unrestricted monitoring for all devices to user:

    1. On the AE Services menu, expand Security > Security Database > CTI Users and click Search Users.

    2. In the Search Users window, search for the user created previously.

    3. Click Search. The new user appears.

    4. Click Edit.

    5. In the Edit CTI User window, in the User Profile area, select Unrestricted Access.

    6. Click Apply Changes.

    7. In the Apply Changes to CTI User Properties, click Apply.

Step 4: Verify the Tlink

In the CTI Connection TSAPI configuration, the Server Name parameter uses the Tlink value.

At the end of this step, you are required to provide to NICE Professional Services:

  • Tlink name

To verify the Tlink:

  1. In the AES webpage, select Security > Security Database > Tlinks.

    The list of Tlinks appears in the Tlink Name column. If your site uses more than one Tlink, make sure you choose the correct Tlink, according to the switch name.

    The Tlink consists of these segments:

    • AVAYA - Vendor

    • # - Separator

    • AVAYA10 - Switch / Connection Name (as defined in Communication Manager Interface> Switch Connections)

    • CSTA/CSTA-S - Non-Secure / Secure Portal

    • AES10 - AES Server Name

  2. Save the correct Tlink name in the Excel file. Once you have finished entering all the necessary details and prepared your environment, submit the Excel file to NICE Professional Services.

  3. If using the secured Tlink, verify that the TLS version is configured in the AES. Navigate to Networking > TCP/TLS Settings.

  4. By default, only Support TLSv1.2 Protocol is enabled. TLSv1.2 Protocol is supported as a sole security protocol.

  5. Since default certificates are no longer provided, the Avaya site engineer must generate the relevant certificate and upload it to the Avaya telephony system in CXone. Navigate to Security > Certificate Management > Server Certificates.

  6. In the Server Certificates window, in the Alias column, select the certificate and click Export.

  7. In the Server Certificate Export window, verify that No, do not export the private key is selected and click Export.

  8. Upload this exported certificate to the Avaya telephony system in Cxone.

Step 5: Create a Secure Connection Using VPN

This step must be performed only in coordination with NICE Professional Services.

At the end this step, by completing the form in the Essential Data for 3rd Party Connectivity Config in CXone Excel file, you will provide the necessary details to NICE Professional Services, who will aid you in establishing a secure VPN connection with CXone.

SIPREC environments only are required to complete additional information in the form, so that SBC can establish a connection between SIPREC and CXone.

  1. NICE Professional Services will provide you with the VPN connect form.

    1. Fill out the provided form with details of your side and the necessary information for CXone Multi-ACD.

    2. NICE Professional Services will coordinate with CXone teams to ensure all fields are appropriately filled out.

    3. Both parties must agree on the form and details.

  2. NICE Professional Services will schedule a collaborative call:

    1. To agree on the form and provided details with CXone Multi-ACD.

    2. With CXone teams for VPN provisioning.

  3. You will set up two VPNs: one for resiliency and one for failover.

  4. Configure routing by setting up BGP over VPN with CXone Multi-ACD firewalls or create static routes to the provided IP addresses.

  5. Configure NAT. NAT your endpoint behind a public IP, either advertised via BGP or using static routing.

  6. Configure firewall settings:

    1. Allow inbound traffic from the provided IP addresses (2) into the CTI Endpoint.

    2. Open the required ports. See Ports and Protocols by Application for more information.

    3. For High Availability environments, the ports mentioned above in step b must be open for all servers, active and standby.

  7. NICE Professional Services will coordinate with CXone teams to:

    • Ensure the VPN form is correctly filled out.

    • Schedule a time with CXone teams for VPN provisioning and routing setup.

    • Test VPN tunnel, routing, and connectivity.

Prepare Avaya AES DMCC Environment

This section describes how to prepare the Avaya Device Media Call Control (DMCC) environment for CXone Multi-ACD.

The supported Avaya AES DMCC versions are 8.1.3 and 10.1.

Avaya site engineer is responsible for all procedures in the Avaya environment. The procedures described in this section are by recommendation only!

For comprehensive information about configuring the Avaya switch, see the Avaya documentation.

Workflow

Use this workflow to set up Avaya DMCC active recording with CXone Multi-ACD.

Before beginning this workflow, you must ensure that site components are configured.

Step 1: Configure Virtual Extensions to Capture Audio

Step 2: Configure SRTP

Step 3: Prepare information for NICE Professional Services

Before You Begin

Before integrating the Avaya DMCC environment with CXone Multi-ACD, gather the required information and enter it in the Essential Data for 3rd Party Connectivity Config in CXone Excel file you downloaded. Once you have finished entering all the necessary details and prepared your environment, submit the Excel file to NICE Professional Services.

Configure Virtual Extensions to Capture Audio

Use these procedures to prepare the Avaya Communication Manager for a site using virtual extensions for audio capture.

When using virtual extensions to capture your audio, verify you have enough licenses for the NICE CTI.

  1. Log in to the AES Server. The Application Enablement Services page appears.

  2. From the menu, select Licensing > WebLM Server Access.

  3. Log in to WebLM Server.

  4. Select Licensed products > Application Enablement from the panel on the left, and verify that sufficient licenses are defined for DMCC DMC.

Before the DMCC Server can register the emulated (virtual) extensions on the Media Gateway, define the extensions on the switch.

Each virtual extension must be separately defined and requires a DMCC license. Make sure the total number of DMCC licenses match the maximum number of agents operating concurrently. However, it is recommended to maintain DMCC licenses at least 20% above the maximum call volume.

When your site is configured for Single Step Conference, you must define the virtual extensions on the AES in the same group as the extensions observed via Single Step Conference. Otherwise, the user will be granted unrestricted access to the security database.

To define the virtual extensions for recording on the switch:

  1. On the switch, open a console window and type this:

    • Extension Type: 4624

      ExtensionType 4624 represents all soft phones.

    • IP Softphone: Y (Yes)

    • Security Code: The Security Code value is the extension password. When configuring the CTI in CXone Multi-ACD, you enter this value in the Password field.

    • COR: Ensure that the selected COR (Class of Restriction) is configured to enable Service Observation. See the following step.

  2. Display the COR (Class of Restriction) definitions and define Can be a Service Observer? as Y. This enables all configured virtual extensions or soft phones to observe and record.

The Avaya AES Server supports up to 16 simultaneous C-LAN connections. This allows the AES Server to provide load balancing across multiple connections and a C-LAN failover mechanism.

You configure the symbolic name, or Connection Name, on the Avaya AES Server. The symbolic name represents multiple C-LANs on the Avaya Media Gateways. This allows the recording system to implement redundancy and load sharing over multiple C-LANs by communicating with the symbolic name. Multiple C-LANs are required in implementations of over 300 Avaya DMCC channels.

The symbolic name is the Connection Name on the AES, and is case sensitive.

To configure the symbolic name:

  1. From the AES webpage, select Communication Manager Interface > Switch Connections.

  2. Select the required Connection Name and click Edit PE/CLAN IPs.

  3. Enter the host name or IP address of the C-LAN or/and PE for AES connectivity, and then click Add/Edit Name or IP. Repeat for each C-LAN or PE attached to this connection.

  4. In the Switch Connections window, click Edit H.323 Gatekeeper.

    To use the symbolic name feature, the H.323 gatekeeper must be specified. The C-LAN configuration alone is not sufficient. The H.323 IP list can be different from the C-LAN IP list.

  5. Select the required Name or IP Address, or type in the host name or IP address of the H.323 Gatekeeper and click Add Name or IP.

  6. Select Networking > Ports.

  7. Ensure that the DMCC Server port is enabled.

The codec set defined in CXone Multi-ACD must match the codec set defined on the switch.

  1. In Avaya Site Administration, enter display ip-codec-set <n> where <n> is the codec set associated with the IP network region of the extensions that you need to observe.

  2. In the Audio Codec column, review the list of compression types. These are the codecs that the switch allows.

    Make sure that the CodecList you define in CXone Multi-ACD contains at least one of the compression types defined here.

  3. Enter display ip-network-region <n> where <n> is the network region of the extensions that you need to observe.

  4. Verify that the defined Codec Set is the ip-codec-set you confirmed above.

Verify that the silence suppression feature is enabled on Avaya Media Server for audio codecs. This conserves bandwidth by not transmitting audio packets during periods of silence. Silence suppression may cause audio clipping.

  1. In Avaya Site Administration, enter the display ip-codec-set <n> command, where <n> is the number of the codec set associated with the IP network region of the extensions that you need to observe.

  2. In the IP Codec Set window, in the Codec Set section, for each codec listed you can set in the Silence Suppression column:

    • Enable silence suppression, define Silence Suppression as y.

    • Disable silence suppression, define Silence Suppression as n.

  3. Press Esc and then e to submit your changes.

Configure SRTP

Use these procedures when your site requires SRTP configuration.

  1. Log in to the Avaya Aura Media server.

  2. Under the System Configuration menu, go to Media Processing > Media Security.

  3. Verify that:

    • Security Policy is set to BEST EFFORT.

    • Best Effort Mode is set to CAPABILITY.

  4. Under Crypto Suites, enable:

    • AES_CM_128_HMAC_SHA1_80

    • AES_CM_128_HMAC_SHA1_32

  5. For each of them, select SRTP encryption and SRTP Authentication.

  6. Go to Configuring Avaya Switch Encryption for the IP Network Region.

SRTP encryption is configured on two levels: the signaling (H.323) and the media stream (SRTP).

This section describes how to enable SRTP and signaling encryption on Avaya Communication Manager.

At the end of this procedure, you are required to provide to NICE Professional Services:

  • Encryption used on site: HMAC32 or HMAC80.

To configure encryption:

  1. In Avaya Site Administration, enter the display ip-codec-set <n> command, where <n> is the codec-set associated with the IP network region of the extensions that you need to observe.

  2. Verify if the site has:

    • Avaya Media Servers with G Series gateway/s. aes can be supported only with G-series gateways.

    • Avaya Media Servers, use either 2-srtp-aescm128-hmac32 or 1-srtp-aescm128-hmac80.

  3. In the IP Codec Set screen, in the Media Encryption section, enter one or more of the Media Encryption types.

    • 2-srtp-aescm128-hmac32

    • 1-srtp-aescm128-hmac80

    • aes - not supported if using Avaya Media Server

      The Avaya site engineer must inform NICE Professional Services which encryption is used on site: HMAC32 or HMAC80.

      Save the encryption information in the Excel file. Once you have finished entering all the necessary details and prepared your environment, submit the Excel file to NICE Professional Services.

  4. In Avaya Site Administration, enter the display ip-network-region <n> command, where <n> is the network region of the extensions that you need to observe.

  5. In the network region, enter the IP Codec Set you edited previously.

  6. When you configure CLAN/Medpro: In the Network Region, enter the region you configured for encryption. In the example in this procedure, to enable SRTP in the Network Region, enter 2.

Prepare information for NICE Professional Services

Before you can begin your CXone CTI configuration, you require specific information.

Ask the Avaya site engineer to verify the information below is entered in the Excel file. Submit the Excel file to NICE Professional Services.

step

parameter

Where is this configured?
1 Avaya DMCC port number: Check the Avaya DMCC port number for a secure connection and an unsecure connection. On the AES Server.
  Verify the DMCC ports are enabled. On the AES Server.
2 Verify the CXone Multi-ACD username and password for Avaya DMCC as defined on AES. On the AES Server.
   

For Virtual Extensions:

  • List of Virtual Extensions

  • Verify that each Virtual Extension is set to type 4624.

  • Verify that the IP Softphone? is set to y

  • Verify the security code of the Virtual Extension/s.

4 Verify the Avaya DMCC symbolic name.

On the AES Server.

In the Switch Connections area, verify the Connection Name. The Connection Name is also known as the Symbolic Name.

5 Verify the Observation Code in the Service Observing Listen Only Access Code field. On the Communication Manager (CM).
6 Verify the list of supported codecs. On the Communication Manager (CM), verify the codecs that the organization is using.
7 Verify the list of supported encryption algorithms (AES_128_ Counter (aes)/ No Encryption / AES_128_ HMAC). If AES_128_ HMAC is supported, the CXone Multi-ACD engineer must be informed whether to use HMAC32 or HMAC80. On the Communication Manager (CM).
  The Avaya site engineer must inform the CXone Multi-ACD engineer which encryption is used on site: HMAC32/HMAC80.