Skip to main content link. Accesskey S
  • Help
  • HCL Logo
  • HCL Sametime wiki
  • THIS WIKI IS READ-ONLY. Individual names altered for privacy purposes.
  • HCL forums and blogs
  • Home
  • Product Documentation
  • Community Articles
  • Learning Center
Search
Community Articles > Sametime Gateway > Sametime Gateway deployment scenarios > Deploying an IBM Sametime 8.5.2 Network Address Translation environment
  • Share Show Menu▼
  • Subscribe Show Menu▼

Recent articles by this author

Creating a “Schedule meeting” option using persistent rooms in IBM Sametime 8.5 Meeting Server
This article describes an application with which you can create, manage, and delete a persistent meeting room to create a schedule online meeting rooms option. Using the application, you can realize all the advantages of the Ajax-based meeting room of IBM Sametime Meeting Server 8.5, along with ...

Clustering an IBM Sametime 8.5.2 Gateway environment
This article explains how to cluster an IBM® Sametime® 8.5.2 Gateway environment, detailing the process for installing and configuring the Sametime Gateway Session Initiation Protocol (SIP) proxy and the cluster process for a two-node horizontal cluster.

Installing a telephony control server for IBM Sametime Unified Telephony 8.5.2 in a virtual environment
Learn the detailed steps for installing a telephony control server (TCS) for IBM Sametime Unified Telephony (SUT) 8.5.2 in a virtual machine (VM) environment.

Deploying an IBM Sametime 8.5.2 Network Address Translation environment
This article explains how to deploy an IBM® Sametime® 8.5.2 Network Address Translation (NAT) environment, including details on the infrastructure, software stack, the environment structure, and key references to the product documentation.

Coexistence of multiple IBM Sametime 8.5.2 products in an IBM WebSphere Application Server instance
Beginning with version 8.5.2 of IBM® Sametime®, it is possible to install and run multiple Sametime products side-by-side within the same IBM WebSphere® Application Server instance; in other words, to have coexistence. This article walks you through the steps required to set up a sample ...
Community articleDeploying an IBM Sametime 8.5.2 Network Address Translation environment
Added by ~Rebecca Bubveluzen | Edited by ~Alexis Prereplopings on September 1, 2011 | Version 7
  • Actions Show Menu▼
expanded Abstract
collapsed Abstract
This article explains how to deploy an IBM® Sametime® 8.5.2 Network Address Translation (NAT) environment, including details on the infrastructure, software stack, the environment structure, and key references to the product documentation.
ShowTable of Contents
HideTable of Contents
  • 1 Overview
    • 1.1 Software stack components
  • 2 Full Sametime 8.5.2 NAT test environment
    • 2.1 Detailed system requirements
  • 3 Deploying NAT on Sametime 8.5.2
  • 4 Troubleshooting
  • 5 Conclusion
  • 6 Resources
  • 7 About the author

Overview


This article explains a scenario for deploying an IBM® Sametime® 8.5.2 Network Address Translation (NAT) environment.

When the IBM Sametime Gateway cluster and Session Initiation Protocol (SIP) proxy is configured for a NAT, the NAT environment requires that the SIP Proxy's external fully qualified DNS name (FQDN), as known to external communities, be the same as its internal FQDN .

Traversing a NAT environment is a known issue in the SIP domain. Currently, the IBM WebSphere® SIP infrastructure does not provide a solution to this problem because it does not support any of the Internet Engineering Task Force (IETF) standards. Therefore, any SIP application deployed on WebSphere Portal must develop its own solution.

The scenario provided here assumes that you have the following elements in your deployment:
  • A clustered environment, with one more more clustered servers
  • A SIP proxy server federated to the cluster
  • All cluster members (including the SIP proxy server) deployed within the same subnet
  • A static NAT that is defined in the NAT or firewall; the public IP address should be mapped to the SIP Proxy server's internal IP address.

Software stack components


The software stack includes:
  • Sametime Community Server 8.5.2
  • Lotus® Domino® Server 8.5
  • Sametime Media Manager Server 8.5.2
  • Sametime Gateway Server 8.5.2
  • Sametime Proxy Server 8.5.2
  • Sametime System Console 8.5.2
  • DB2® UDB Edition v9.5
  • WebSphere Application Server 7.0.0.3
  • WebSphere Application Server 7.0.0.3 Network Deployment
  • IBM Tivoli® Directory Server 6.1
  • Network Dispatcher: IBM Edge Components of IBM WebSphere Application Server 7.0
  • Load Balancer: IBM Edge Components of IBM WebSphere Application Server 7.0
Figure 1 shows how the basic environment is set up.

Figure 1. Diagram of the environment


Note these limitations:
  1. Only static NAT is supported.
  2. In this case a single SIP Proxy deployment was tested; a multiple-SIP Proxy deployment was never tested but can be applied with the same setting.
  3. Single-server deployment is not supported, but a clustered deployment that contains only one server is supported.

Full Sametime 8.5.2 NAT test environment


Figure 2 displays in more detail the full test environment configuration.

Figure 2. Full environment configuration


Detailed system requirements


The IBM Support document, #7109598, “Detailed System Requirements - Sametime Standard 8.5.2,” contains a list of “supported components that have undergone compatibility testing by IBM. IBM recommends that customers always use operating systems, Web browsers, devices or applications listed in the application's system requirements; any variance has some level of risk because the combination has not been tested, and is not supported by IBM.”

Deploying NAT on Sametime 8.5.2


The Lotus Sametime 8.5.2 Product Documentation on the Wiki contains detailed, step-by-step instructions for installing and deploying NAT on Sametime 8.5.2. For best results, follow all instructions in the following links completely and in the order in which they are presented in the Information Center:
  1. Configuring the Gateway cluster and SIP proxy for a NAT environment
    Configure a cluster of IBM® Sametime Gateway servers to operate in a NAT (Network Address Translation) environment. The NAT environment configuration requires that the SIP Proxy's external Fully Qualified DNS Name (FQDN), as known to external communities, be the same as its internal FQDN.
  2. Installing Sametime TURN Server
1. Installing the Sametime TURN Server files
Deploying IBM Sametime TURN Server involves installing a Java™ Run-time Environment (JRE) plus some additional files. Unlike other Sametime servers, the TURN Server does not require IBM WebSphere® Application Server.

2. Enabling NAT traversal
Enable the NAT traversal feature by editing the stavconfig.xml file on the IBM Sametime Media Manager’s Conference Manager component.

3. Configuring firewalls and opening ports
If the IBM Sametime TURN Server and the Sametime Media Manager are separated from clients by firewalls, you must open ports in the firewalls to enable communications.

4. Configuring the Media Manager to use the TURN Server
Configure the IBM Sametime Media Manager to work with the Sametime TURN Server.

5. Deploying a load balancer with Sametime TURN Servers
Although IBM Sametime TURN Server cannot be clustered for high availability, you can provide some additional service by deploying multiple TURN Servers with a load balancer to distribute the workload.
3. Configuring a SIP proxy server
Configure the Session Initiation Protocol (SIP) proxy server for a cluster of IBM® Sametime® Gateway servers. There is no need to configure external domains in the SIP proxy server; this is done through the Sametime Gateway configuration.

Troubleshooting


Detailed tips on troubleshooting each of the following products/areas can be found in the Sametime 8.5.2 Installation and Administration Troubleshooting topic in the Wiki:

NOTE: If your IBM Sametime deployment experiences problems with NAT traversal, begin by troubleshooting the Sametime TURN Server.
  • Sametime Connect client
  • Sametime System Console
  • Sametime Community Server
  • Sametime Proxy Server
  • Sametime Media Manager
  • Sametime Bandwidth Manager
  • Sametime TURN Server
  • Sametime Meeting Server
  • Lotus Sametime Gateway Server
  • Installation or uninstallation
  • Log file locations
  • Directory conventions

Conclusion


You should now be able to successfully configure NAT for Sametime 8.5.2.

Resources


Refer to the Product Wiki for more information on:
  • NAT traversal terms
  • Port allocations for NAT traversal


About the author


Desmond McCann is a Chartered Engineer working on the Sametime Verification Test team. He has been with IBM since 2010, focusing on integration and interoperability across Lotus Sametime products.

  • Actions Show Menu▼


expanded Attachments (0)
collapsed Attachments (0)
Edit the article to add or modify attachments.
expanded Versions (7)
collapsed Versions (7)
Version Comparison     
VersionDateChanged by              Summary of changes
This version (7)Sep 1, 2011, 8:19:38 PM~Alexis Prereplopings  
6Sep 1, 2011, 8:12:11 PM~Bella Umfoovitch  
5Sep 1, 2011, 8:07:56 PM~Bella Umfoovitch  
4Sep 1, 2011, 4:53:16 PM~Michelle Kinimarnivu  
3Sep 1, 2011, 2:54:31 PM~Bella Umfoovitch  
2Aug 30, 2011, 4:37:28 PM~Phil Xanveluvitchoopsi  
1Aug 30, 2011, 4:32:23 PM~Phil Xanveluvitchoopsi  
expanded Comments (0)
collapsed Comments (0)
Copy and paste this wiki markup to link to this article from another article in this wiki.
Go ElsewhereStay ConnectedAbout
  • HCL Software
  • HCL Digital Solutions community
  • HCL Software Support
  • BlogsDigital Solutions blog
  • Community LinkHCL Software forums and blogs
  • About HCL Software
  • Privacy
  • Accessibility