Acano X Series & VM 1.6 Release Notes
Transcription
Acano X Series & VM 1.6 Release Notes
Acano solution Acano Server Release 1.6.19 Release Notes April 2015 76-1005-18-Axa Contents Contents 1 Introduction ....................................................................................................................... 4 1.1 Before upgrading...................................................................................................... 4 2 New Features/Changes in R1.6......................................................................................... 6 2.1 New Functionality from R1.6.3 ................................................................................. 6 2.1.1 Programmable MTU for media packets .......................................................... 6 2.1.2 Tenant ID now returned in when retrieving API call leg information ................ 6 2.2 Scalability & Resilience ............................................................................................ 6 2.2.1 Multiple TURN Servers and Web Bridges Supported ..................................... 6 2.2.2 Recommended XMPP server moved to Core server and new Load Balancer on Edge server ....................................................................... 7 2.2.3 Call Bridge Support on Multiple Interfaces ..................................................... 7 2.2.4 coSpace Database Clustering Supported....................................................... 8 2.2.5 XMPP Server clustering ................................................................................. 8 2.3 Hyper-V Virtual Machine Support ............................................................................. 8 2.4 Branding Features.................................................................................................... 9 2.5 TIP Support .............................................................................................................. 9 2.6 Lync Improvements ................................................................................................ 10 2.6.1 Lync Conferencing Support .......................................................................... 10 2.6.2 Lync Federation Support .............................................................................. 10 2.7 Skype Support........................................................................................................ 11 2.8 Client Features ....................................................................................................... 11 2.8.1 Changed WebRTC Client behavior with Firefox ........................................... 11 2.9 In-call Features ...................................................................................................... 12 2.9.1 Participants .................................................................................................. 12 2.9.2 In-call DTMF controls ................................................................................... 12 2.9.3 User-oriented permissions ........................................................................... 13 2.10 Security Enhancements ......................................................................................... 13 2.11 Miscellaneous Improvements ................................................................................. 14 2.11.1 CDR Improvements ..................................................................................... 14 2.11.2 Improvements to telephone number dialing .................................................. 14 2.11.3 LDAP sync improvements ............................................................................ 14 2.11.4 Alarms ......................................................................................................... 14 2.11.5 Logging enhancements ................................................................................ 15 2.11.6 BFCP Client mode support........................................................................... 15 2.11.7 Ability to add SAN names to the MMP command PKI CSR .......................... 15 2.12 Summary of API Additions & Changes ................................................................... 15 2.13 Summary of Web Admin Interface Additions & Changes ........................................ 16 3 Notes on Installing and Upgrading to R1.6 ...................................................................... 17 3.1 New R1.6 Deployments.......................................................................................... 17 3.1.1 Deployments using a single host server ....................................................... 17 3.1.2 Deployments using multiple host servers ..................................................... 17 3.2 Upgrading to Release R1.6 .................................................................................... 18 3.3 Updating the XMPP Configuration for 1.6 ............................................................... 19 3.4 Upgrading from a Previous R1.6 Release with a Database Cluster ........................ 20 Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 2 Contents 3.5 Downgrading .......................................................................................................... 21 4 Resolved Issues .............................................................................................................. 22 Resolved in R1.6.19 ............................................................................................... 22 Resolved in R1.6.18 ............................................................................................... 22 Resolved in R1.6.14 ............................................................................................... 23 Resolved in R1.6.12 ............................................................................................... 24 Resolved in R1.6.11 ............................................................................................... 24 Resolved in R1.6.10 ............................................................................................... 25 Resolved in R1.6.9 ................................................................................................. 26 Resolved in R1.6.8 ................................................................................................. 27 Resolved in R1.6.4 ................................................................................................. 28 Resolved in R1.6.2.2 .............................................................................................. 29 Resolved in R1.6.2 ................................................................................................. 29 Resolved in R1.6.1 ................................................................................................. 29 Resolved in R1.6 .................................................................................................... 30 5 Known Limitations ........................................................................................................... 32 Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 3 1 Introduction This release note describes the new features, improvements and changes in Release 1.6 of the Acano solution software for both Acano Server and virtualized deployments and specifically bug fixes in maintenance release R1.6.19. R1.6 provides much more flexibility in deployment topology than previous releases, therefore be sure to read the Notes on Installing and upgrading to R1.6. Note: XMPP server clustering released as a beta feature in Release 1.6, is being replaced with a revised feature in a future release. Please be advised that the configuration will be different from that previously documented. The current XMPP cluster configuration has been removed from the deployment guide. Until this feature is ready, only enable one XMPP server per domain in your Acano solution. NEW CAUTIONS FOR RELEASE 1.6: XMPP configuration works differently in R1.6; therefore if you upgrade from R1.2 or an early R1.6 Beta the XMPP component name is lost on upgrade, along with its Secret. These need to be configured with the new commands. There is a new Domain field in the XMPP Settings section in the Web Admin Interface Configuration > General page and some previous fields are no longer required. This is described later in these release notes and also in the R1.6 Deployment Guides. See section 6 of the R1.6 Acano Solution Scalability and Resilience Deployment Guide for details on how to configure the XMPP and Load Balancer in a split Core/Edge deployment. Call Bridges can now be set up to listen on more than one interface with the callbridge listen <interface whitelist> command. The procedures for branding and customization have changed for the R1.6 release. The old methods no longer work with R1.6. If you have customized the Acano solution, you need to rename some of the files. 1.1 Before upgrading If you are upgrading from a release before 1.2.12 and you have an Acano hardware server with serial number less than 00072 then you need to check your license.dat file, you may need to obtain a replacement license. Follow these steps: 1. SFTP the license.dat file off the Acano server and open license.dat in a text editor 2. Check line 7 of license.dat, if it reads licensed product name=M-Link version=16.0 expires=unlimited options="0” then contact support before the upgrade to obtain a replacement licence.dat file. If line 7 reads: licensed product name=M-Link version=16.9 expires=unlimited options="0” Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 4 you do not need to replace license.dat, proceed with the upgrade Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 5 2 New Features/Changes in R1.6 Note: We rarely add new features in maintenance releases but see section 2.12.7 on the ability to add SAN names to the MMP command PKI CSR. 2.1 New Functionality from R1.6.3 2.1.1 Programmable MTU for media packets From R1.6.3 you can set the maximum transmission unit (MTU) to better match your network. If there's an MTU restriction in your network (or in the network that a specific interface is connected to) then you might configure the MTU value to ensure that the size of outgoing media packets does not exceed this limit. This prevents IP fragmentation which could be less efficient than (a slightly greater number of) un-fragmented packets. Also fragmented packets may not be supported properly by the receiving device, and therefore cause media issues and/or failures. Setting the MTU size is done by signing in to the MMP of your Acano server and using the following command: iface <interface> mtu <value> e.g. iface a mtu 1400 2.1.2 Tenant ID now returned in when retrieving API call leg information When retrieving call leg information via an API GET method for "/callLegs", "/callLegs/<call leg id>" or "/calls/<call id>/callLegs", the response now includes the tenant ID (if applicable) for the call legs in question. 2.2 Scalability & Resilience Notes: There is a new Web Admin Interface Configuration > Cluster page for use with Call Bridge clustering. There is a new Scalability & Resilience Deployment Guide. Use this instead of the Acano solution Deployment Guide to set up a resilient deployment with clustering. 2.2.1 Multiple TURN Servers and Web Bridges Supported R1.6 supports multiple TURN as described in the Scalability & Resilience Deployment Guide. The benefits of being able to configure a Call Bridge to be able to use multiple TURN servers include resilience, scalability and geographical efficiency for media traversal. R1.6 supports multiple Web Bridge servers as described in the Scalability & Resilience Deployment Guide. See the figure below. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 6 Each Web Bridge can be associated with a tenant, which restricts the calls that can be joined via that Web Bridge to those owned by that tenant. (Therefore a signed-in user associated with one tenant can log in as a guest participant using a Web Bridge associated with another tenant.) The multiple TURN and Web Bridge servers are configured through the API with a number of new nodes in the object tree for this. See the API Reference for details. 2.2.2 Recommended XMPP server moved to Core server and new Load Balancer on Edge server In split deployments when using a resilient deployment running R1.6 we recommend that you move the XMPP server to the Core server. Each Edge server should run the new Load Balancer (as shown in the figure above), which provides a single point of contact for clients. You also need to set up a trunk between the Core and the Edge which will carry specific incoming traffic. See the Scalability and Resilience Deployment Guide for details. If you run the XMPP server on the Core server then this Core server now requires an XMPP license; previously only the Edge server needed this license as the server which was running the XMPP server. This is not an issue if your Core server is an Acano Server (X2 or X3) because these models come with an XMPP license pre-installed. However, if you move to a virtualized Core server, you require a new XMPP license because the license is tied to the MAC address – contact support@acano.com with this address. Note: If you are using an Acano client v1.2.x release with R1.6, then certain data is stored on the XMPP server causing presence subscriptions to be lost if the XMPP server is moved to the Core server. These subscriptions are restored automatically on running a R1.3.x client release, or can be manually recovered on a R1.2.x client by toggling the favorite status of the contact. 2.2.3 Call Bridge Support on Multiple Interfaces Call Bridges can now listen on multiple interfaces with the callbridge listen <interface whitelist> command. This allows the Call Bridge to be connected to multiple networks and receive calls from any of them. For example, if one interface is in the DMZ and another interface is on the internal network then calls can be received on either interface without any external traversal solution. This functionality can be used either for calls into coSpaces or for gateway calls. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 7 2.2.4 coSpace Database Clustering Supported In previous releases the coSpace database was automatically configured and therefore there was no need to call it out as a separate component in the Core server. From R1.6 the coSpace database does not have to be (but can be) co-located with the Call Bridge (see the figure below). In addition, R1.6 supports multiple coSpace databases, one of which is the master database (this is a dynamic selection process). The contents of the master are replicated to the other databases in the cluster. The Scalability & Resilience Deployment Guide describes the options and how to set up a coSpace database cluster. Note that each Call Bridge dynamically connects to the master database. 2.2.5 XMPP Server clustering XMPP server clustering will be available in a future release. 2.3 Hyper-V Virtual Machine Support The Acano solution can now be deployed on top of Microsoft Hyper-V hypervisor. Acano supports Hyper-V 2012 and 2012 R2. Further information about deploying Acano with Hyper-V is available in the Acano Solution Virtual Deployment Installation Guide. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 8 2.4 Branding Features A license is now required for some branding features. Contact your Acano reseller for details. As in R1.2, you can customize the WebRTC landing page—and it can be done in the same way: you can still configure one Web Bridge via the Web Admin Interface, and its customization can be configured as before (and any pre-existing configured Web Bridge and its customization works as before). However in 1.6, you can now configure multiple Web Bridges for a Call Bridge to use, and these need to be configured via the API; moreover with the correct license, any APIconfigured Web Bridge can be customized. Customization for these Web Bridges works by specifying an archive file containing all the customization resources needed by the Web Bridge. If you are using multiple Web Bridges we recommend not using the Web Admin Interface for customization at all. Call branding There are two types of call customization controlled by branding licensing: Messages heard and image seen when dialing into an IVR Messages heard and image seen when dialing directly into a coSpace as a SIP (including Lync) call This customization can either be set at a system level or at a more fine-grained level depending on the license in use. See the Acano solution Customization Guidelines document for details and the details about branding profiles in the API Reference. 2.5 TIP Support This feature allows you to make calls to and accept calls from both single- and triple-screen TIP devices. These calls support both presentation and encryption, and in the case of triple-screen systems, new layouts are used that span all three screens. You must enable TIP support: in the Web Admin Interface go to Configuration > Call Settings and set TIP (Telepresence Interoperability Protocol) Calls to Enabled. Then set both SIP Bandwidth Settings to at least 4000000. Currently only Cisco CTS and TX systems running TIPv8 are supported. Equipment from other vendors has not been tested. If your CTS or TX system is using an earlier version of TIP then it will need to be upgraded to a later software release before it will interwork satisfactorily with the Acano solution. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 9 2.6 Lync Improvements There have been a number of Lync improvements and functional enhancements 2.6.1 Lync Conferencing Support Acano R1.6 supports the ability to participate in Lync conferences set up (for example) by: a Lync user in a point-to-point call (e.g. with another Lync user) dragging in/adding another call leg (either an ad hoc destination or a pre-configured favourite) that needs the Acano solution's involvement (e.g. a SIP “gatewayed” destination) a Lync user selecting a group of other users (e.g. from their Favorites) and starting a multiparty call In these cases, a Lync conference starts on the Lync system (e.g. AVMCU), and any call legs involving the Acano solution are set up via a conference invitation from Lync; the Acano solution then making connection(s) to the Lync conference. The Acano Call Bridge does not host the conference, but performs any necessary interop functionality to enable non-native Lync call legs (for example, standard SIP connections or Acano client calls) to be present in the Lync conference hosted on the AVMCU. This feature works with both Lync 2010 and Lync 2013 conferencing, other Lync features such as application sharing and IM work normally in these calls. Note: However, if you try and add a coSpace, this would cause a cascade between two conferences. This is not currently support because the user experience would be poor. A future release may include functionality to set up the layouts properly and share the roster lists (for example) have the cascade work seamlessly, but for now this feature supports single endpoints and Acano users only, not coSpaces. 2.6.2 Lync Federation Support In previous releases it was necessary to add dial plan rules for all external Lync domains; this is no longer the case. The R1.6 release adds support for federation with Microsoft Lync. This allows calls to be made from the Acano server to any Lync domain and vice versa. To allow inbound calls you must: 1. create the DNS SRV record _sipfederationtls._tcp.domain.com that points to the FQDN of the Acano server. This step is required as Call Bridge will need to have a public IP, and NAT is not supported in this scenario. 2. add a DNS A record that resolves the FQDN of the Acano server to a public IP address. 3. upload a certificate and certificate bundle to the Acano server that complies with the following: a. the certificate must have the FQDN as the CN, or if using a certificate with a SAN list then ensure that the FQDN is also in the SAN list. Note: if the certificate contains a SAN list, then Lync will ignore the CN field and only use the SAN list. b. the certificate must be signed by a real CA. c. the certificate bundle must contain the Root CA’s certificate and all intermediate certificates in the chain in sequence, so that a chain of trust can be established. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 10 Note: for more information on certificates refer to the Introduction in the Acano Certificate Guidelines. 4. Open the appropriate Firewall ports as stated in the Acano Deployment Guide for example: TCP 5061, UDP 3478, UDP 32768-65535, TCP 32768-65535 For outbound calls from Acano: 1. create an outbound dial rule, leave the Domain and SIP proxy fields blank, and set Trunk type as Lync. Also set the appropriate Local contact domain and the Local from domain fields. 2.7 Skype Support The R1.6 version of the Acano Solution supports audio, IM and presence between Skype users and the Acano system. This allows for a user to call the Acano system from Skype, or to be called from the Acano system when on Skype. This feature requires configuration of Skype to Lync integration. To configure Skype integration, you must provision details of the Acano Edge server and your domains on Microsoft’s systems. For more details see their documentation here and here. 2.8 Client Features The Acano solution R1.6 provides a number of Acano client enhancements, for example coSpace chat deletion. If you use R1.6 with an Acano R1.3.x client (currently PC Client only) a Delete messages button is displayed to signed-in users who have permissions to delete messages. These permissions are set in the API; see the API Reference Guide and the Acano Client R1.3.x release notes. All messages for the coSpace displayed when the button is pressed are deleted and are removed from view for every coSpace member. The action is audited in the logs. 2.8.1 Changed WebRTC Client behavior with Firefox From R1.6, the WebRTC client behaves differently: If you follow a web link to join a call in Firefox If the Acano PC Client is installed, Firefox will launch the PC Client because it is more stable and allows screen sharing (WebRTC on Firefox does not support screen sharing) If the PC client is not installed, Firefox takes you into the call using WebRTC so you enter the call as quickly as possible, but without screen sharing functionality If you are a registered user, you can click Sign in in Firefox, instead of Join call, and from here you can sign into the WebRTC client and join a call When following a web link, you can enter the call in WebRTC even if you have the PC Client installed: In the Firefox web page, enter your call details and click Join call When the Launch Application dialog appears, click Cancel Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 11 Go back to Firefox and click Help me to join the call You see a button Join in browser. Click this to enter the call in Firefox 2.9 In-call Features 2.9.1 Participants R1.6 introduces the new API object type and the concept of a "participant" alongside the existing "callLeg" objects. A participant comprises one or more call legs related to the same user for example in some Lync calls. With this new object each Call Bridge involved in a distributed meeting (one hosted by more than one Call Bridge) has the complete picture of the participant list, including participants hosted on another Call Bridge. This information is available via the API: For participants hosted on the Call Bridge being queried, you can retrieve a participant’s call legs For participants hosted on a "remote" Call Bridge, querying a participant provides the ID of the Call Bridge on which their call legs are hosted so you can In addition, using the API callProfile object you can set a limit on the number of participants for a meeting; then meetings for whom the callProfile is in force will have the limit enforced: callProfiles can be attached at the system-wide, tenant-wide or on an individual coSpace level, with the most specific taking effect if a meeting's participantLimit has been reached, no new participants can be added even if the meeting's participantLimit has been reached, new call legs for existing participants can be added; for example, presentation call legs in addition to an existing audio / video call leg When a limit is reached, the API returns the appropriate "failureReason" in an error response. See the API Reference for details. 2.9.2 In-call DTMF controls In R1.6, SIP endpoint users (including those on audio-only connections) can perform various functions via DTMF, i.e. numeric sequences dialed with a keypad: Mute/unmute their audio Mute/unmute all but themselves End a meeting (i.e. disconnect everyone including themself) Using the API, you set up dtmfProfile objects that define which sequences correspond to which user-initiated operations. The dtmfProfiles can be applied at the system level or per-tenant. If you are working with any third party products set the profile to use the DTMF sequences it sends and expects. The operations that any endpoint is allowed to perform are controlled by the callLegProfile in use, as described below. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 12 2.9.3 User-oriented permissions R1.2 introduced the presentationContributionAllowed flag that applied per call leg via the API. Those call legs for which this ends up being "false" cannot contribute a new presentation to other participants in its call. This mechanism is being extended for R1.6 via the call leg profile: A presentationViewingAllowed flag per call leg to control the ability to see any active presentation media. If set to false, this call leg’s participant doesn't see any presentation currently happening in the meeting Whether a call leg’s participant is "allowed to send/receive video" within a call; if set to false, then the participant sends and receives audio-only experience even when using a videocapable Acano client or SIP endpoint In addition it is possible to configure which DTMF operations any participant can use via configuration of: An endCallAllowed flag to control the ability to end the meeting. If set to false, this call leg’s participant cannot use DTMF to end the meeting A muteOthersAllowed flag to control the ability to mute other participant. If set to false then this call leg’s participant cannot use DTMF to mute other participants The DTMF tones for the operations are controlled by the dtmfProfile as described above. 2.10 Security Enhancements There are a number of new security features in R1.6. All of these are described in the Acano solution MMP Command Reference. Additional password rules; for example, user rule max_failed_logins <true|false>, user rule max_idle <number> and user rule min_digits <number> Creation of simple firewall rules for both the media and admin interfaces. (Note that this is not intended to be a substitute for a full standalone firewall solution.) Firewall rules must be specified separately for each interface The XMPP certificate MUST contain the domain name as a SAN within the certificate otherwise PC Clients will fail to connect. (In previous releases we recommended having the Common Name in the certificate being the same as the FQDN. In R1.6 you must define that — plus a Subject Alternative Name added with the domain listed.) If this is not the case then the PC Client will pop up a warning, but allow the user to continue Using audio and video DSCP values for RTCP New settings and values for compatibility (see the SIP Settings section in the Configuration > Call Settings page Resource Priority: allows you to configure a value for SIP’s “Resource-Priority” field DSCP Mode: whether the assured or non-assured DSCP values should be used for outgoing audio and video streams Presentation Video Channel Operations: whether the Acano Call Bridge advertises presentation capabilities; in rare cases this may need to be disabled for legacy compatibility reasons Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 13 2.11 Miscellaneous Improvements 2.11.1 CDR Improvements Reporting in callLegEnd records now shows: Whether main video was active during that call leg's lifetime, and, if so, for what proportion of the call leg's lifetime. Main video contribution and main video viewing are reported separately Whether presentation video was active during that call leg's lifetime, and, if so, for what proportion of the call leg's lifetime. Presentation contribution and presentation viewing are reported separately The CDR receiver URL is no longer set in the Web Admin Interface Configuration > API page but in the Configuration > CDR page. See the CDR Reference for details. 2.11.2 Improvements to telephone number dialing Previously, the Telephone Dialing section in the Web Admin Interface Configuration > Outbound calls page controlled how dialed numbers were transformed (typically to make them "external" / international for use through an outbound PSTN gateway). Specifically, you could set what would be added to the front of any such dialed number and / or what to replace a "+" with. In R1.6, that section has been replaced by a Dial Transforms section with fields to match the parameters you can now also set via the API. Therefore from R1.6, telephone numbers: can use regular expressions can be managed via the API as well as the Web Admin Interface are in the coSpace database (coSpace database cluster if one has been set up) 2.11.3 LDAP sync improvements For LDAP syncs started via the API, in R1.6 additional sync status information is available, even after the sync has completed (if requested when starting the sync). See the API Reference. 2.11.4 Alarms In R1.6 the Acano solution generates more alarm types. This has necessitated changing the alarm handling to make it more scalable and therefore the format of alarms returned by the API has changed. For example, it returns a "total" value in the API response so that you know whether there are more alarms active than are returned in a single response. Similarly, the Web Admin Interface page rendering of alarms now allows you to navigate through multiple pages of active alarms. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 14 2.11.5 Logging enhancements When you enable detailed logging, a number of new messages are captured to improve analysis. 2.11.6 BFCP Client mode support Previously, the Acano solution only supported BFCP server mode, from R1.6 the solution can also act as a BFCP client. For example, previously when working with the Codian MCU without any interworking, no content could be exchanged because neither could assume the 'client' role. 2.11.7 Ability to add SAN names to the MMP command PKI CSR The MMP command pki csr <key/cert basename> [<attribute>:<value>] now takes subjectAltName as an attribute. This was Feature Requests 5874 and 7055. IP addresses and domain names are supported for subjectAltName in a comma separated list. For example: pki csr test1 CN:example.exampledemo.com subjectAltName:exampledemo.com pki csr test1 CN:example.exampledemo.com C:US L:Purcellville O:Example OU:Support ST:Virginia subjectAltName:exampledemo.com pki csr test3 CN:example.exampledemo.com C:US L:Purcellville O:Example OU:Support ST:Virginia subjectAltName:exampledemo.com,192.168.1.25, xmpp.exampledemo.com,server.exampledemo.com,join.exampledemo.com, test.exampledemo.com Keep the size of certificates and the number of certificates in the chain to a minimum; otherwise TLS handshake round trip times will become long. 2.12 Summary of API Additions & Changes From R1.6 you no longer set API authentication credentials via the Web Admin Interface, but in the MMP using the commnd user add <username> (admin|crypto|audit|appadmin). This command prompts for the user’s password; see the MMP Command Reference for details The reply to a GET on "/api/v1/system/status" now includes the software version The callLegProfile object has more fields: presentationViewingAllowed: whether affected call legs are allowed to view active presentations videoMode: whether video is allowed in a call leg endCallAllowed: whether call legs using this call leg profile can end the meeting for everyone muteOthersAllowed: whether call legs using this call leg profile can change the mute status of other participants New profile objects: callProfile: allows per-call parameters to be set callBrandingProfile: allows branding of "in-call" behaviour Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 15 ivrBrandingProfile: allows branding of for IVR voice prompts and the IVR background image clientCallBrandingProfile: allows branding at a per-coSpace level for Acano clients (note this feature is still in development) dtmfProfile: allows configuration of DTMF command sequences at a system-wide or pertenant level userProfile: allows permissions to be per user New object tables (turnServers and webBridges) Clustered Call Bridge support: New callBridges table outbound dial plan rules can now be set to apply to specific individual Call Bridges (via their ID in the callBridges table) Multiple IVR numbers linked to specific tenants or customizations (e.g. for multi-language support) inboundDialPlanRules can now apply to IVR URIs (as well as coSpaces and users) new edge and trunk commands for the Proxy and TLS Trunk 2.13 Summary of Web Admin Interface Additions & Changes New Domain field in the Configuration > General page XMPP Server Settings section and some fields are no longer required New SIP Settings section in Configuration > Call Settings page New Target IVRs in the Calls matching table in Configuration > Incoming Calls Dial Transform section replaces Telephone Dialing section in Configuration > Outbound Calls New Configuration > CDR Settings page New Configuration > Cluster page New options in the renamed Logs > Detailed Trace page Configuration > API Settings page removed Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 16 3 Notes on Installing and Upgrading to R1.6 CAUTION: Before upgrading to R1.6 you must take a configuration backup using the backup snapshot <filename> command and save the backup safely on a different device. See the MMP Command Reference document for full details. 3.1 New R1.6 Deployments 3.1.1 Deployments using a single host server If you are installing the Acano solution for the first time on a single host server (a “combined” deployment), we recommend that you read and follow the documentation in the following order: 2. Appropriate Installation Guide for your Acano Server or virtualized host. 3. The Acano solution R1.6 Deployment Guide enabling all the solution components on the single host. 3.1.2 Deployments using multiple host servers If you are installing the Acano solution for the first time on multiple host servers the documentation to read and follow depends on your deployment type. We recommend that: All new split Core/Edge installations using R1.6, deploy the XMPP server on the Core server and deploy the new Load Balancer on the Edge server. Read and follow the documentation in the following order: a. Appropriate Installation Guide for your Acano server or virtualized deployment b. The Acano solution R1.6 Deployment Guide enabling all the solution components except the XMPP server and Load Balancer on the appropriate host c. Section 6 of the Acano Solution R1.6 Scalability and Resilience Deployment Guide for details on how to configure the XMPP and Load Balancer in a split Core/Edge deployment Customers already using split Core/Edge deployments prior to R1.6 who are now migrating to R1.6 should move the XMPP server to the Core server because this is the tested configuration for R1.6. Read section 6 of the Acano Solution R1.6 Scalability and Resilience Deployment Guide for details on how to configure the XMPP server and Load Balancer in a split Core/Edge deployment. Be sure to read the caution at the beginning of that section Customers deploying a scalable or resilience solution for the first time (that is deployments with multiple Core and/or Edge servers) should read and follow the documentation in the following order: a. Appropriate Installation Guide for your Acano Server or virtualized host (or both installation guides if you are using both Acano Servers and virtualized hosts). b. The Scalability & Resilience Deployment Guide. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 17 3.2 Upgrading to Release R1.6 The instructions in this section apply to both Acano Server and virtualized deployments with a previous Acano solution release already installed. Upgrading the firmware is a two-stage process: first, upload the upgraded firmware image; then issue the upgrade command. (This restarts the Acano solution: the restart process interrupts all active calls running on the Acano solution; therefore, this stage should be done at a suitable time so as not to impact users − or users should be warned in advance. To install the latest firmware on the Acano server follow these steps: 1. Obtain the upgrade image from the secure partner section of the Acano website. You should have obtained a file called upgrade.img. If this is not the case – rename the file to upgrade.img. Note: If you are using WinSCP for the file transfer, ensure that the transfer setting is ‘binary’ not ‘text’. Using the incorrect setting results in the transferred file being slightly smaller than the original – and this prevents successful upgrade. CAUTION: After upgrading from R1.1.x you must check your Outbound Calls dial plan rules. 2. Using a SFTP client, log into the MMP using its IP address. The login credentials will be the ones set for the MMP admin account. If you are using Windows, we recommend using the winSCP tool. Note1: You can find the IP address of the MMP’s interface with the ipv4 admin command or the equivalent ipv6 command. Note2: The SFTP server runs on the standard port, 22. Note3: After copying the upgrade.img file, you will not be able to see it listed as being in the file system; this is normal. 3. Copy the software to the Acano Server/ virtualized server. 4. To apply the upgrade, issue the upgrade command. a. Establish a SSH connection to the MMP and log in. b. Initiate the upgrade by executing the upgrade command. upgrade The Acano Server/ virtualized server restarts automatically: allow 10 minutes for the process to complete. 5. Verify that the Acano solution is running the upgraded image by re-establishing the SSH connection to the MMP and typing: version 6. Check the Configuration > Outbound Calls rules updating the Local Contact Domain field and completing the new Local From Domain field if necessary. 7. Update the customization archive file when available. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 18 8. Only if you are deploying a scaled or resilient deployment (with more than one server host— Acano server, virtualized host or a combination) read the Scalability & Resilience Deployment Guide and plan the rest of your deployment order and configuration. 9. Go on to the next section. 3.3 Updating the XMPP Configuration for 1.6 XMPP configuration works differently in R1.6; therefore if you upgrade from R1.2 some of the configuration settings are lost and you must use the new procedure to set up the XMPP server again. After upgrading the firmware, 1. Sign into the XMPP server host server’s MMP. 2. Configure the XMPP server with the following commands: xmpp disable xmpp domain <domain-name> The following is an example where domain-name is example.com. xmpp domain example.com xmpp enable 3. To allow a Call Bridge to access the XMPP server (after configuration), provide a name for the Call Bridge to use e.g. cb_london: xmpp callbridge add <callbridge name> for example xmpp callbridge add cb_london A secret is generated; you see: acano>xmpp callbridge add cb_london Added callbridge: Secret: aB45d98asdf9gabgAb1 4. Note the domain, call bridge name and secret generated in the previous steps because they are required later when you the Web Admin Interface to configure the Call Bridge access to the XMPP server. (If you lose the details use the xmpp callbridge list command.) 5. Log in to the Web Admin Interface and configure the XMPP server settings as follows: a. Go to Configuration > General. b. Set the following in the XMPP Server Settings section, (where example.com is replaced with your domain): Unique Call Bridge name = cb_london Domain = example.com Server Address = localhost:5223 Notes: If you are using DNS to locate the XMPP servers it is not necessary to configure the server address Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 19 If you are using a two Acano Server deployment or a split virtual deployment use the IP address of the Edge server/virtualized server. See section on split deployments in the deployment guide. Shared Secret = the component secret generated in earlier by the mmp command If the Authentication Suffix was previously configured to a value other than * (star) then this field is shown. It should be configured = * (star) c. Click Submit at the bottom of this page. 6. Go to Status > General and verify the server connection. You should see details similar to the following: 3.4 Upgrading from a Previous R1.6 Release with a Database Cluster If you are upgrading from a previous R1.6 release and running a database cluster, you must upgrade the database schema. Note: These instructions do not apply when you first set up database clustering, but these steps must be run after every subsequent Core server software update; otherwise the Call Bridges the clustered coSpace databases that they attach to will be out-of-step with regards to the database schema. The upgrade path for a clustered system is: 1. Upgrade each database node one by one, ensuring each node is up and the database cluster status command reports full connection to the cluster, BEFORE upgrading the next one. At this stage database cluster status should report healthy on all nodes, but the Call Bridges may not be operating correctly and will show database errors. 2. Use the command database cluster status again to identify the master node. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 20 3. Log into this master node and issue the command database cluster upgrade_schema. 4. Verify that the operation was successful by using database cluster status. A status of Enabled means success, whereas Error indicates an issue. 3.5 Downgrading To return to the older version of R1.6, use the regular upgrade procedure to “upgrade” to the appropriate version, and then restore the configuration backup for that version. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 21 4 Resolved Issues Resolved in R1.6.19 Reference Issue Summary 7537 A crash could occur when trying to detect in-band DTMF tones Fixed in R1.6.19. 7744 Passcode entry can fail when using a single URI and different passcodes to differentiate between access methods to a coSpace. Fixed in R1.6.19. 7874 Connection drops when presenting content from WebRTC Chrome client (42.0.2311.39 beta-m) Dialling from the WebRTC Chrome client into a coSpace and presenting content, initially connects ok, but then the connection fails. Fixed in R1.6.19. 7920 OpenSSL vulnerable to a denial of service attack This issue is reported as Security Alert 022.. Fixed in R1.6.19. 7921 Server crashes due to memory corruption resulting from Lync presentation sharing Fixed in R1.6.19 by updating RDP connection code. Resolved in R1.6.18 Reference Issue Summary 6546 Multiple participants can appear in a single pane in large distributed calls In large distributed conferences multiple participants can appear in a single pane in large distributed calls, this is due to a bug in the pane placement code for distributed calls. This is fixed in R1.6.18. 6567 Flickering video seen on Cisco EX series endpoint when it is in the same call with a Lync client Too frequent resolution changes can be seen on an Cisco EX series endpoint when it is in the same call with a Lync client, this is due to the Lync client changing resolution frequently and the result is an annoying flicker on the EX60 as the resolution changes. In R1.6.18 a code change on the Acano server reduces the frequency of the changes passed onto the EX series endpoint. 6758 coSpace can be activated with Guest only user when Lync chat is initiated from non-Lync user In R1.6.12 and earlier is was sometimes possible for a coSpace to become activated with Lync chat user using a guest access method rather than a host method. This is fixed in R1.6.18. 7702 H263 encoder crash A bug in the media code can cause the H263 encoder to crash restarting a media module, this is fixed in R1.6.18 7804 Callbridge crash when placing a Lync or Skype call Under certain circumstances Callbridge can crash when placing a Lync or Skype call, this is a rare occurrence seen under stress testing. This is fixed in R1.6.18 7855 Security issue #20. Remote access to the database using postgres default null credentials is possible An Acano server connected to a database cluster (not a member of the cluster) will, after a reboot, have the database enabled on port 5432. Remote access to the database using postgres default null credentials is then possible. This is fixed n R1.6.18. see Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 22 http://acano.com/wp-content/uploads/2013/08/Acanosolution-Security-Alert-Information.pdf Releases R1.6.15 – R1.6.17 not published Resolved in R1.6.14 Reference Issue Summary 7403 Firefox 35 WebRTC client cannot connect to coSpace The WebRTC client tries 'connecting' for a while but eventually gives up. This is fixed in R1.6.14 7171 Media problems between WebRTC clients in a distributed conference Two WebRTC clients connecting on different call bridges in a distributed call, results on media attempting to load, but continues in a loop with ICE negotiation. Adding a second participant to either bridge (WebRTC, SIP, thick client) causes the issue to go away. This problem is resolved in R1.6.14 7435 Load balancer fails after upgrade to a later version of 1.6 software After upgrading from a release earlier than R1.6.9 to a later release, some customers have found that the load balancer stops working if they chose to configure the load balancer on port 3999. This was due to a conflict on the use of port 3999 for an internal function and is resolved in release 1.6.14 7472 Lync client does not receive media In some deployments and only sometimes, the Acano server is not sending the 200OK as the server does not think ICE has completed for the Video channel. This issue is fixed in R1.6.14 7557 Skype calls fail after 30 seconds to direct federated Lync servers While incoming Lync calls are fixed in R1.6.12 calls from a Skype client might not be, this is now fixed in R1.6.14 7667,7786 Server crash in distributed conferencing configuration This crash has been seen occasionally in deployments using distributed conferencing. It can occur if a call is being placed at the exactly the same time as the database is in the process of re-electing a master node. This crash is fixed in R1.6.14 7707 WebRTC client does not work with Chrome version 41.0.2272.64 beta-m (64-bit) For those customers testing this latest Chrome beta, we have fixed an interop issue that was preventing WebRTC clients from working with this beta version of Chrome. This is fixed in R1.6.14 7770 When a SIP endpoint dialed in as host, puts the call on hold, the guests are deactivated from the call When a SIP endpoint dials into the "host" URI and a guest is using the "guest" uri, when the host puts the call on hold, the guest is immediately disconnected from the call. This is fixed in R1.6.14 Release R1.6.13 – not published Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 23 Resolved in R1.6.12 Reference Issue Summary 6323 Database out of sync alarm occurring for up to 5 minutes for no apparent reason on deployments with clustered databases In R1.6.11 and earlier the Database sync alarm is too sensitive and can trigger even when there is no reason to, this has been fixed in R1.6.12. 7313 Callbridge crash resulting in all calls being dropped Fixed in R1.6.12 7430 Acano Server webadmin interface Status>General Page Not Loading On Server, happens after a few days of restarting the server. Other webadmin interface pages load ok, but the status>general page does not load. This was triggered by trying to display a long list of warning messages on this page. This is fixed in R1.6.12 7471 CVE-2015-0235 - Ghost vulnerability This issue was reported as Security alert 017 and is fixed in R1.6.12. 7485 Unable to join coSpace on Web Bridge with Firefox This issue can be seen whether joining as a guest or signing in to the WebRTC Client as a user and is fixed in R1.6.12. 7557 Lync calls fail after 30 seconds to direct federated Lync servers in 1.6.11 Fixed in R1.6.12. 7560 Direct calls from CUCM could connect but with video and audio muted. This could happen with slow connections. This issue is fixed in R1.6.12. Resolved in R1.6.11 Reference Issue Summary 6482 No indication if the database cluster certificate has expired This is now shown in the output of the database cluster status command and the issue is fixed in R1.6.11. 6676 Error when setting up the first database in a cluster The MMP command database cluster initialize could return errors under some certificate checking scenarios. This issue is fixed in R1.6.11. 6913 Unexpected PLIs received from Lync 2013 This could occur when sending H264UCwith more PLIs being received than can be due to packet loss. A number of changes were made and this issue is fixed in R1.6.11 but only in packet pacing delay mode. Note: This mode should only be enabled under the guidance of Acano Support and is controlled by the new Lync Packet Pacing Mode setting on the Configuration > Call Settings page of the Web Admin Interface. The options are “default” and “delay”; leave the setting as default unless instructed otherwise by Acano Support. 7160 Content sharing being sent as video between Call Bridges in distributed calls Content could be sent as the main video channel on the distributed links between Call Bridges if content sharing started before the distributed link was established. This issue is fixed in R1.6.11. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 24 7253 Chat on Lync 2013 for iPad/iPhone incorrectly reported chat message sender This could occur in release 1.6.9 and has been fixed in R1.6.11. 7265 A second Lync call from a user could be rejected if the first call was not terminated cleanly This issue is fixed in R1.6.11. 7302 Large numbers of presence subscriptions could cause new SIP calls (including Lync) to fail This issue is fixed in R1.6.11. 7312 pcap file truncated or the MMP command shell could become unresponsive after running pcap This issue is fixed in R1.6.11. 7345 No presentation across Call Bridge link when presentation starts before the link is established This could occur when a coSpace was instantiated on one Call Bridge with a participant contributing content, and a call was made into the same coSpace but on another Call Bridge subsequently. This issue is fixed in R1.6.11. 7401 1.6.10 in TIP mode could cause audio and video issues This could occur when using the Call Bridge as a gateway in TIP calls and this issue is fixed in R1.6.11. 7420 Open URL redirection vulnerability could be exploited to gather credentials from an unsuspecting user This issue was reported as Security Incident 017 and is fixed in R1.6.11. 7421 XSS vulnerability could result in execution of javascript to create a popup with the text xss after clicking through authentication (successful or not) This issue was reported as Security Incident 018 and is fixed in R1.6.11. 7436 No audio heard after hold/resume This could occur in Lync calls. However audio could be sent. This issue is fixed in R1.6.11. 7451 API GET call to the node /participants can show participants who have disconnected This issue is fixed in R1.6.11. Resolved in R1.6.10 Reference Issue Summary 3445 Lync client calls to coSpace with PIN did not connect reliably. This affected all Lync clients When dialing from any Lync client using a Lync server which had SupportEncryption or RequireEncryption set, then after you enter the coSpace PIN, the result could be unreliable. The call could connect perfectly, or audio and/or video may not have been sent. This issue is fixed in R1.6.10. 6239 Active participant count was not correctly displayed in clients when using distributed Call Bridges The client only knew about active participants when it was connected to a Call Bridge hosting some of the active calls. When all calls were to other Call Bridges it did not show the meeting as active. This issue is fixed in R1.6.10. 6409 Multiple TIP endpoints cannot present simultaneously When a second TIP endpoint presented before the first stopped presenting, the first endpoint was not Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 25 stopped from presenting. This issue is fixed in R1.6.10. 6511 Issues with TIP endpoint hold/resume behavior The functionality for both holding and resuming a TIP call have been changed and call stability improved. This issue is fixed in R1.6.10. 6655 No 1080p to TIP endpoints In previous 1.6.x releases 720p30 was the maximum resolution transmitted, even though TIP endpoints could send us 1080p30. This issue is fixed in R1.6.10 and 1080p30 will be sent when the call conditions allow it. 6901 Skype integration not working for some deployments The far end would hang up the call after approximately 5 seconds. This issue is fixed in R1.6.10. 6947 SIP call connects when dialing an unknown Lync URI A SIP endpoint registered to a VCS could dial out to an non-existent participant and the call could connect and display the logo. A software loop has been removed and this issue is fixed in 1.6.10. 7042 Corrupt pcap log file from Acano X series servers Log files from 1.6.x builds could be corrupted and would not open. This issue is fixed in 1.6.10. 7118 Lync calls with video only no audio When running release 1.6.9 on a public network for direct Lync federation, a Lync client calling into a coSpace on could receive no audio decoded but video. A work round was to perform a hold and resume call from the Lync client side. This issue is fixed in 1.6.10 and calls connect with both video and audio. 7132 Call setup issues with Avaya SM 6.1.7 A call could fail with a message “INFO : sip parse: tag too large”. This issue is fixed in 1.6.10. 7158 Cisco CTS endpoint call drops after a reInvite In release 1.6.8 a CTS connecting via an SBC could cause the Call Bridge to disconnect the call after it sent a reInvite. This issue is fixed in 1.6.10 and calls are stable. 7185 API allowed invalid LDAP filters causing Sync failures When performing LDAP syncs via the API, filters that were rejected by the Web Admin Interface LDAP Sync function were allowed, and the sync failed. The API filter testing has been improved and this issue is fixed in 1.6.10 with an error message being displayed for invalid filters before the Sync starts. 7251 NTP vulnerabilities A number of issues were raised as Security alert 014 and are fixed in 1.6.10. 7252 Roll enforcement security issue Only MMP account users with admin and appadmin roles should be able to login to the Web Admin Interface but this was not enforced. This issue was raised as Security alert 015 and is fixed in 1.6.10. Resolved in R1.6.9 Reference Issue Summary 6204 All active calls are dropped Calls being dropped when component connection from the Call Bridge to the XMPP server dropped because invalid XML was sent from the client. This issue was raised as Security issue 013, and is fixed in R1.6.9. 6525 TIP calls generate inaccurate high round trip time messages This issue is fixed in R1.6.9. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 26 6573 Polycom RealPresence Group unit fails to receive content if joining the call after the presentation has started. This issue is fixed in R1.6.9. 6683 3rd party SIP applications display error message “Unsupported: timer”. This issue is fixed in R1.6.9 by not including “Require:Timer” as a header field in SIP request messages. 6923 Lync AVMCU calls disconnected at 16 minutes Lync AVMCU calls to SIP endpoints disconnected at 16 minutes. This issue is fixed in R1.6.9. 6964 After a Call Bridge reset, TURN server may need resetting Occasionally after a Call Bridge reset, a TURN server failed to reconnect, and required resetting in order to reconnect to the Call Bridge. This issue is fixed in R1.6.9. 6972 Slave database fails to sync with master database in a database cluster following reconnection after network failure. This issue is fixed in R1.6.9. Note: 3-node clusters are recommended as a minimum for resiliency. 6973 Old DHCP addresses not cleared from server. This issue is fixed in R1.6.9. If the DHCP address for a server changes, the old address is now removed. 7009 Unencrypted calls could join coSpaces requiring encryption, by using PIN code. This issue is fixed in R1.6.9. 7059 Alarm limit and offset not working in API alarm handling calls This issue is fixed in R1.6.9. Resolved in R1.6.8 Release 1.6.5, 1.6.6 and 1.6.7 were not published. Reference Issue Summary 6231 Unable to login to Web Bridge with delays of approximately 550ms. This issue is fixed in R1.6.8 6643/6748 Two matching search rules from VCS to Acano Call Bridge resulted in an error This issue is fixed in R1.6.8 6646 Significant amounts of jitter could be experienced in TIP calls TIP systems interpret proper spacing of RTP packets according to transmit bandwidth as jitter. A workaround has been implemented and this issue is fixed in R1.6.8 6668 Directory Search Locations failed when tenants were set This issue is fixed in R1.6.8 6690 Server crash This issue is fixed in R1.6.8 6725 Previously used backup script no longer worked This issue is fixed in R1.6.8 and the new script is described in the 1.6 Support FAQs. 6728 Connection from Call Bridge to Web Bridge issues seen when connecting by WebRTC Client from OS X Safari This issue is fixed in R1.6.8 6741 Misleading message displayed for mismatching key/cert pair The error message has been changed and this issue is fixed in R1.6.8 Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 27 6755 First few seconds of the video stream get fragmented With MTU set for an interface when making a call the MTU determination took a few seconds. This issue is fixed in R1.6.8. 6758 coSpace activated in error by guestinitiated chat A coSpace could be activated by a guest if a Lync client user is a guest in the coSpace. This issue is fixed in R1.6.8 6763 “syscall error” messages appeared in log The harmless message has been removed from the logs and this issue is fixed in R1.6.8. 6764 Denial of Service by using slave devices This issue is fixed in R1.6.8 6767 Out of Memory issue This issue is fixed in R1.6.8 6819 Acano clients and WebRTC clients unable to log in This was caused by a momentary failure of the Call Bridge to connect to the master coSpace database during the login process. This issue is fixed in R1.6.8 6858 SSH autocompletes with tab showing only some possible command options Autocomplete now shows all possible command options and this issue is fixed in R1.6.8 Resolved in R1.6.4 Release 1.6.3 was not published. Reference Issue Summary 6662 No single screen TIP video displayed on multi-screen TIP endpoint This issue is fixed in R1.6.4. 4564 LDAP sync failed with duplicated meeting id This issue is fixed in R1.6.4. 5483 Improvements to the GPU H.264uc decoder This issue is fixed in R1.6.4. 6235 Content fails SIP calls through Codian ISDN GW Content could fail to stop and cause lip sync issues. This is fixed in R1.6.4. 6412 Server API in /calls returns TenantID For Billing Purposes This is fixed in R1.6.4. 6463 CDR CallStart record didn’t include TenantID This is fixed in R1.6.4. 6475 Lync Content failing in Citrix HDX VDI Setup When Lync user in this VDI sent Content, it sent it with a different Conversation ID to that of the main call. This caused the server to reject the content. This is fixed in R1.6.4. 6500 Chat history not deleted for a guest user in a call The message board didn't clear for a guest user logged in when another coSpace user deleted messages. This is fixed in R1.6.4. 6551 Server crash This was due to a timing issue and is fixed in R1.6.4. 6583 cospaces/<ID>/cospaceusers?filter= not working All the users were returned irrespective of a filter being applied in the API call. This issue is fixed in R1.6.4. 6584 Server crash This issue is fixed in R1.6.4. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 28 6596 No video to Polycom DMA We have improved our handling of parameters in the H.264 advertisement parsing code and this issue is fixed in R1.6.4. 6628 Issue with API AccessMethods This issue is fixed in R1.6.4. Resolved in R1.6.2.2 Reference Issue Summary 6574 Security Alert 009 – CVE-2014-3513: OpenSSL denial of service vulnerability New OpenSSL libraries are in this build. OpenSSL has been 1.0.1i replaced by OpenSSL 1.0.1j and this incident is closed in R1.6.2.2. Note:R1.6.2.1 was not published. Resolved in R1.6.2 Reference Issue Summary 4050 Server crash This could happen if a very rare race condition occurred. This is fixed in R1.6.2. 6067 Customized IVR image appears pixelated to Lync 2013 in full-screen mode This was an issue with h264uc and is fixed in R1.6.2. 6486 Audio to left and right positions in TIP calls did not always work In some calls audio was not transmitted in the left and right channels to TIP capable endpoints. This is fixed in R1.6.2. 6495 Audio only participant count not working across distributed call instances The number shown was the count on the local Call Bridge not across the cluster. This issue is fixed in R1.6.2. 6501 Video issues with TX9000s The video shown on the TX9000 screens could freeze for short intervals and then come back. This issue is fixed in R1.6.2. Resolved in R1.6.1 Reference Issue Summary 5358 A failure of the database to read configuration data could lead to a reboot cycle Connection attempts are now retried until successful. 6437 WebRTC background colour is lighter In 1.6.1 the colour of WebRTC background used in call has been altered to match native clients 6439 Unable to add license file to Acano Server (as opposed to virtualized deployment) With R1.6 a license file is required for most branding. In 1.6.0 this file could not be uploaded over SFTP to Acano Servers. This is resolved in 1.6.1 6448 TIP not negotiated with connected devices In 1.6.0 it was possible to add a TIP capable device via the Connect Device functionality. However TIP was not negotiated to these devices. This has been resolved in 1.6.1 Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 29 6451 Lync content sharing not working In some situations attempts to share content from Lync to R1.6.0 failed. This is resolved in 1.6.1 Resolved in R1.6 Reference Issue Summary 1197 A reboot of a module could lead to reboots of other modules This only occurred when using custom background images.This is fixed in R1.6. 2449 Lync Edge clients lose audio/video after hold/resume If you dial a Lync 2010 client into a coSpace and hold/resume the call a few times, it can end up with either no audio or no video or no media at all after a call resume. This is resolved in R1.6 6132 Crash when using certain regex expressions in LDAP synchronizations This is fixed in R1.6. 6134 Rebooting a node in a clustered database throws too many errors and warnings These messages were normal but could lead readers to believe there was an issue and therefore they are no longer displayed. This is fixed in R1.6. 6153 Occasional Lync calls failing This was caused by a NOTIFY message with zero length. This is no longer transmitted and therefore is fixed in R1.6. 6172 Low frame rate/bandwidth used in calls. Leakage of custom background image object could lead to additional load resulting in low frame rate/bandwidth video being transmitted This is fixed in R1.6. 6185 Alarm required if a database cluster node is out of sync This is fixed in R1.6. 6190 Branding profile calls could show blank logo This is fixed in R1.6. 6256 Inconsistent errors with API for required parameters The message reported when blank strings were passed for mandatory parameters could vary. This is fixed in R1.6. 6279 databaseClusterNodeOutOfSync not shown on webadmin correctly This is fixed in R1.6. 6313 Lync Front End pool limited to 8 servers In cases where a customer has a pool of more than 8 FE servers only the first 8 were used. This limit has been increased to 32 in R1.6 6340 Reboot of server when decoding corrupted media A decode of a bad CABAC bitstream could lead to an infinite loop. This is resolved in R1.6 6352 TIP failure to present from TX9000 Improved negotiation with CUCM has fixed this issue in R1.6. 6353 No Left / Right audio received from TX9000 When listening to either a single screen or three-screen system on the TX9000 audio was only received from the middle microphone. The same audio stream is now played on all three microphones and this issue is fixed in R1.6. 6375 Module crash in H.264 call. The presence of an invalid temporal layer in the H.264 bitstream could lead to a memory corruption which would result in a later crash. This issue is fixed in R1.6 Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 30 6378 No video in some SIP calls This only was present when TIP was enabled, and was caused by stalled TIP negotiation. This issue is fixed in R1.6 Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 31 5 Known Limitations If you encounter any of the following issues, contact support@acano.com because we are likely to have test builds to send you with fixes for many or all of them by the time you find them. Reference Issue Summary 3965 Unable to stop pcap capture on serial/ssh Occasionally users running pcap from the serial console for a few minutes are unable to stop the capture with a Ctr+C. If this happens try Ctr+\ or contact Acano support. 4132 Prevent logging in to the Web Admin Interface By going to the Web Admin Interface login page, clicking OK to login and then holding down F5, all the sessions will be “used” without even logging in. This prevents anyone else from logging in until those sessions expire. This issue will be addressed in a future release. 5228 No DNS failover for AD sync Although the initial problem of the Call Bridge not falling back to a second AD server address after the LDAP connection to the first failed has been fixed in R1.2, there remains the issue that trying to connect to a nonexistent/non-responding remote address can take a long time to time out. 6446 Backup rollback may cause server to lose some XMPP configuration To avoid losing XMPP configuration, make a copy of the data before undertaking a backup rollback. This issue will be fixed in the next maintenance release. 7372 Issues with video from Firefox WebRTC client (34.0.5) You may have experienced lack of video or poor quality video when calling between the WebRTC client and SIP endpoints. Audio was unaffected. 7675 Occasional video corruption in WebRTC client using Firefox 35.0.1 Occasional video corruption in the direction of the client to the server using WebRTC client on Firefox 35.0.1. 7888 Calls requiring TURN server fail If your TURN server is configured with a username containing a non-alpha numeric character such as “@” Chrome attempts to do a DNS lookup on your turn password. For Acano server recommend only using alpha numeric characters in the TURN Username or password. This is fixed in the next maintenance release. 7999 WebRTC client does not work with Chrome 43 beta For those customers testing the latest Chrome 43 beta, there is an interop issue that prevents WebRTC clients from working with this version of Chrome. 8037 Backup rollback may cause server to crash When performing a backup rollback, the server may crash. However, after rebooting, the server will be operational. This issue will be fixed in the next maintenance release. © 2015 Acano (UK) Ltd. All rights reserved. This document is provided for information purposes only and its contents are subject to change without notice. This document may not be reproduced or transmitted in any form or by any means, for any purpose other than the recipient’s personal use, without our prior written permission. Acano and coSpace are trademarks of Acano. Other names may be trademarks of their respective owners. Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 32 Acano Solution: Acano Server R1.6.19 Release Notes 76-1005-18-Axa Page 33