How to use UCM RemoteConnect
This blog was originally posted on Grandstream.com
Brian Van Meter, Marketing Manager
It is impressive to think how technology has changed the way we interact with the electronics around us. The list of devices we can manage from cloud-based interphases is steadily growing and doesn’t show signs of slowing down. Lights, home appliances, and much of the technology we use on a day-to-day basis can be managed remotely in one way or another. The solutions that we make at Grandstream are no different. With the creation of the Grandstream Device Management System, a Grandstream solution can be configured, provisioned, monitored, and troubleshot from the cloud. UCM RemoteConnect takes this a step further by enabling remote management of a UCM6300 series as well as easily enabling remote work.
The Basics of UCM RemoteConnect
UCM RemoteConnect is a powerful tool for any Grandstream installer to have in their offering. It expands the UCM6300 Ecosystem with two critical functions, UCM6300 series cloud management and NAT firewall traversal to a UCM6300 for remote users. Together, these two features make cloud management of an entire deployment a possibility. For the installer or IT manager, this helps revolutionize not only the provisioning and deployment process of a Grandstream solution but also the ongoing management of one. In order to begin working with UCM RemoteConnect, an account needs to be created first on Grandstream Device Management System. This can be done at GDMS.Cloud. It is important to note that UCM RemoteConnect is in Beta until early 2022, and information regarding possible plans is subject to change.
Registering a UCM6300 IP PBX
Once a Grandstream Device Management System account has been created, UCM RemoteConnect can be accessed and UCM6300 series IP PBXs can be added and managed. From the GDMS dashboard, navigate the left bar menu and click on the “UCMRC” tab. There are three options.
- UCM Device – Add, configure, and manage UCM6300 IP PBXs
- UCM Backup – Backup UCM configurations to ensure easy rollbacks of any UCM6300 IP PBX
- Call Quality – Monitor call quality of remote VoIP devices that are using UCM RemoteConnect’s NAT firewall traversal to connect to a central UCM6300 IP PBX
For this section, we’re going to look into the first two options, UCM Device and UCM Backup. Adding a UCM6300 IP PBX can easily be done either individually or in bulk. To add a UCM6300 IP PBX in both cases, the device’s name (used for organizational purposes), MAC address, initial password, and desire Site are required. A UCM’s MAC address can be found either on the device’s physical label or within the UCM’s web GUI under the System Status > System Information > Network page. The UCM’s initial password is the randomized original password assigned to every UCM6300 IP PBX, which can be view via the UCM’s LCD or on the UCM’s label. Once this information is provided, a GDMS Site must be selected to associate the IP PBX to. A “Site” is GDMS’ method of bulking together Grandstream devices and organizing them into their deployments.
Viewing, Configuring, and Managing a UCM6300 UCM IP PBX
Now that the UCM6300 IP PBX is registered to UCM RemoteConnect and organized into one of your sites, it can now be viewed, configured, and managed. Through the UCM Device tab on GDMS, an installer can view all the UCM6300’s that they have deployed and registered to UCM RemoteConnect. While viewing GDMS synced UCM6300s under the UCM Device tab, the majority of management options are available under the “Options” column for each UCM IP PBX. Accessing the UCM, automating firmware updates, viewing usage reports, rebooting, backing up the current configuration, restoring configurations, and viewing call quality statistics are all accessible from here.
Managing and configuring a UCM6300 from UCM RemoteConnect is a very straightforward process from here. Via the UCMRC menu and the UCM Device tab, choose the UCM that you’d like to access after you’ve added it to UCM RemoteConnect. In the Edit Device window, you may choose either a Personal URL or Custom Domain option for remote access. The personal URL option enables the admin to customize the beginning URL structure of the UCM that they will be accessing, _________.b.gdms.cloud. If the Custom Domain option is selected, the network admin can instead enter a full URL as the custom server address, configure the private keys, and certificate. Once this is done, the UCM IP PBX can be accessed via the login option on the UCM Device tab. Once the button is clicked, a new web page will be opened with the UCM’s web UI login page that can then be accessed via the typical login credentials.
More information on adding, configuring, and managing a UCM IP PBX on UCM RemoteConnect can be found in our technical documentation here.
Configuring UCM RemoteConnect’s NAT Firewall Traversal Feature
The second major feature of UCM RemoteConnect is built-in NAT Firewall Traversal. The benefit of this feature is straightforward and very impactful for deployments that need to account for remote users. Remote devices can utilize the NAT Firewall Traversal to seamlessly connect to a deployed UCM6300 as if the phone was deployed within the same LAN as the UCM. This allows the installer or IT manager to painlessly configure and manage the device in the same way they would for any device within the communications deployment. Best of all, it bypasses the need to set up complicated VLANs or VPNs in order to have a hybrid on-site and remote work solution. With this feature, a business can have the easy infrastructure of a cloud communications solution with the customizability and control of an on-site device.
To get started with UCM RemoteConnect’s NAT Firewall traversal feature, a network admin needs to first add the UCM6300 IP PBX that they will be using to UCM RemoteConnect. Once this is done, the network admin will need to obtain the UCM6300’s:
- Stun Address
- Public Address
- Public TLS Port
These can be found by logging into the UCM web GUI either directly or via UCM RemoteConnect, navigating to Valued-added Features on the UCM’s web GUI menu, then clicking the UCM RemoteConnect option. Now that the UCM’s Stun Address, Public Address, and Public TLS Port have been obtained, an installer can begin configuring their IP phones to utilize the NAT firewall traversal service.
Below is a table of the project plans for UCM RemoteConnect once it has finished its Beta process in 2022. These are subject to change.
Important Note: UCM RemoteConnect is in Beta until early 2022, more detailed information on pricing is not available at this time and is subject to change.
Configuring an IP Phone to use UCM RemoteConnect’s NAT Firewall Traversal Feature
The easiest way to configure an IP phone to use the NAT firewall traversal feature is through Grandstream Device Management System (GDMS). While configuring a deployment and adding Grandstream devices into the deployment site, an installer/IT admin can easily configure the device’s NAT firewall traversal settings. Through the VoIP Account menu item, select the SIP account option. From here, a new “server” can be created and the UCM public address that was configured prior will be available as SIP server option. This can then be assigned to each phone that has been added to GDMS, which will enable the phone to connect directly with the UCM6300 series IP PBX via UCM RemoteConnect. This can also be done by batches of phones. It is important to note that when configuring the UCM RemoteConnect server address to the phone, the system will automatically configure the phone’s SIP transport as TLS and the STUN server will automatically be configured as the address of the UCM’s TURN service. If a device is not compatible with GDMS, it cannot be configured in this way and will need to be configured manually to utilize UCM RemoteConnect.
Configuring a non-GDMS compliant remote device to utilize UCM RemoteConnect and to be able to register to a UCM6300 series device requires a few extra steps. When configuring your IP phone, enter the UCM Public Address and Public TLS Port for the SIP server, adjust the device’s NAT Traversal to STUN, and configure the SIP transport of the device to be TLS. Minimum and Maximum TLS version for the phone needs to be adjusted to the value 1.2 in order for a connection to be successful. Finally, be sure to configure the STUN server for the IP phone to be the same as the UCM’s STUN Address that was set up previously on UCM RemoteConnect. Once this is completed, the device should utilize UCM RemoteConnect to create a connection and be registered to the UCM IP PBX.
More information on UCM RemoteConnect’s NAT Firewall Traversal feature.
Ongoing Management of UCM RemoteConnect
With the UCM6300 IP PBX added to UCM RemoteConnect and remote devices registered and connected to the UCM via the NAT firewall traversal feature, all that is left is to monitor and manage UCM RemoteConnect. There are a variety of features and capabilities with both GDMS and UCM RemoteConnect that enables an IT team or installer to monitor networks and troubleshoot problems as they arrive. GDMS can set up a variety of automated alerts that have a diverse and completely customizable notification system. From the UCM RemoteConnect portion of GDMS, it is possible to view call statistic reports for each registered UCM’s NAT Firewall Traversal feature. This includes total calls, maximum simultaneous remote users, call types, and more.
Combining the Best of Cloud and On-Premise Solutions
UCM RemoteConnect bridges the gap between an on-premise solution and cloud-based use/management. Installers and IT teams can take advantage of the system’s tool to configure, manage, and monitor their UCM6300 series IP PBXs across all of their deployment sites. The NAT Firewall Traversal feature then enables remote devices to be seamlessly connected and registered to a corresponding UCM. With so much on-site technology being integrated and compatible with cloud management, it should come as no surprise that our backend communications infrastructure adapts as well. Ready to take the next step and try out UCM RemoteConnect yourself? Click the button below to head to GDMS.Cloud and create your free account. Manage your UCM’s, remote devices, and Grandstream deployments all from one easy-to-use portal.