Lets Encrypt SSL Certificate setup for Avaya IPOCC Windows with IP Office

IPOCC with LetsEncrypt Certificates

Using Lets Encrypt Certificates for Signed Certificates in

IP Office Contact Center

The purpose of this document is to provide guidelines for configuring Lets Encrypt certificates in IP Office Contact Center (IPOCC) and enable automatic updates to provide Signed Certificate validation for clients

Steps

Requirements

Before you Begin

DNS Records

Web Server Installation

Using Apache Tomcat as the Web Server

Using Internet Information Server as the Web Server

Installing OpenSSL

Installing Win-ACME service for Lets Encrypt

Creating the Certificates

Creating Certificates using IIS

read more

Ports used by IP Office/IPOCC

IP Office Ports

* Indicates that the port and or protocol can be changed.

Port Protocol Function
TCP 25* SMTP Email system alarms from the IP Office to SMTP server. For IP Office 4.2 also used for Voicemail Email on Embedded Voicemail.
UDP 37 Time Time requests from the IP Office to a Time Server (RFC868).
UDP 53 DNS Domain Name Service responses.
UDP 67 BOOTP/DHCP DHCP server operation.
UDP 68 BOOTP/DHCP DHCP client operation.
UDP 69 TFTP File requests to the IP Office.
UDP 161* SNMP From SNMP applications.
UDP 162* SNMP Trap To addresses set in the IP Office configuration.
UDP 500 IKE Key exchange for IPSec protocol.
TCP 389* LDAP Lightweight Directory Access Protocol.
UDP 520 RIP To and from the IP Office to other RIP devices. For RIP1 and RIP2 (RIP1 compatible) the destination address is a subnet broadcast, eg. 192.168.42.255. For RIP2 Multicast the destination address is 224.0.0.9.
UDP 520 RIP
UDP 1701 L2TP Layer 2 tunneling protocol.
UDP 1718 H.323 H.323 Discovery
UDP 1719 H.323 RAS H.323 Status. VoIP device registering with the IP Office.
UDP 1720 H.323/H.245 H.323 Signalling. Data to a registered VoIP device.
UDP 2127 UDP PC Wallboard to CCC Wallboard Server.
UDP 3478 SIP Port used for STUN requests from the IP Office to the SIP provider.
UDP/TDP* 5060 SIP SIP Line Signalling
TCP 8080 HTTP Browser access to the Delta Server application.
UDP 8089 Enconf From the IP Office to the Conferencing Center Server Service. User access to the conference center is direct via HTTP sessions.
TCP 8888 HTTP Browser access to the IP Office ContactStore (VRL) application.
UDP 49152-53247* RTP/RTCP Dynamically allocated ports used during VoIP calls for RTP and RTCP traffic. The port range can be adjusted through the System | Gatekeeper tab.
UDP 50791 IPO Voicemail To voicemail server address.
UDP 50793 IPO Solo Voicemail From IP Office TAPI PC with Wave drive user support.
UDP 50794 IPO Monitor From the IP Office Monitor application.
UDP 50795 IPO Voice Networking Small Community Network signalling (AVRIP) and BLF updates. Each system does a broadcast every 30 seconds. BLF updates are sent required up a maximum of every 0.5 seconds.
UDP 50796 IPO PCPartner From an IP Office application (for example Phone Manager or SoftConsole). Used to initiate a session between the IP Office and the application.
UDP 50797 IPO TAPI From an IP Office TAPI user PC.
UDP 50798 (UDP) IP Office Manager and UpgradeWizard
UDP 50799 IPO BLF Broadcast to the IP Office LAN and the first 10 IP addresses registered from other subnets.
UDP 50800 IPO License Dongle To the License Server IP Address set in the IP Office configuration.
UDP 50801 EConf Conference Center Service to IP Office.
TCP 50802 Discovery IP Office discovery from Manager.
TCP 50804* HTTP IP Office configuration settings access.
TCP 50805* HTTPS TLS Secure
TCP 50808* HTTP IP Office system status access.
TCP 50812* HTTP IP Office security settings access.
TCP 50813* HTTPS TLS Secure

IPOCC Ports

Pictures work better, so here are the listing of parts that IPOCC uses to communicate.  Used_TCP_Ports_IPOCC

read more