State of knowledge

April 2024

estos ProCall 8 Enterprise from version 8.1

Introduction

Since ProCall Enterprise version 8.1, web proxy support of the UCServer is now available, which makes it possible to establish secure and efficient communication to the internet.

A web proxy is a network service that mediates between a client and the internet. The client's requests are sent to the web proxy, which then forwards them to the requested web servers on behalf of the client and returns the servers' responses to the client. The main advantage of a web proxy is that it improves network security, as the proxy monitors the connection to the Internet and can thus prevent unwanted access and malware attacks. In addition, a web proxy also enables efficient use of network resources, since frequently requested data can be stored in the proxy's cache and quickly delivered when needed.

Requirements

  • UCServer from version 8.1.x
  • UCServer Installer from version 8.1.x
  • Web proxy without user authentication (DNS/IP address and port)

Components

Excerpt of components that require an internet connection and optionally support a web proxy.

Not a complete listing.

Configuration required in the Windows system:

  • UCServer installer (MSI package) (tick)
  • Configuration of the UCConnect connection in the UCServer administration (tick)
  • Generally the overview page in the UCServer administrator for online licensing (tick)

Configuration required in UCServer:

  • UCConnect connection (tick)
  • Push connection (tick)
  • Teams presence integration (tick)

Components that may communicate to the internet but do not have web proxy (http proxy) support because they do not use HTTP as a protocol.:

  • SIP connection to the internet provider (minus)
  • (s)RTP media flows (minus)
  • STUN/TURN service (minus)
  • and other components not listed above

Further information

Setup

Before and during installation/update

Before installing/updating the UCServer, make sure that a web proxy (for http) is stored in the system: Use a proxy server in Windows: Use a proxy server in Windows

Note that this setting must be available to the installer user and UCServer administration.

This is necessary so that the UCServer installation program can perform the online licensing check.

Then start the installation program (MSI) of the UCServer installation from version 8.1.

When the installation or update is complete, the "UCServer Server Setup" will start automatically. after configuring the network interfaces, you can set up a web proxy.

To do this, enter the DNS name or IP address and the port of the web proxy, e.g.: 192.168.1.253:1234

Example screenshot: Network interfaces – Proxy settings – Hostname/IP (port)

The requests described above are forwarded to this address and port.

Authentication is not an enabled feature.
However, you can use the configuration to test whether basic authentication works in your environment.

As exceptions you can enter addresses that should not be routed via the proxy.
Normally, "localhost" should be entered so that the UCServer makes requests to its own local WebService directly and is not routed via the proxy (which does not "know" the WebService).

Finish the installation or update in the usual way.

Helpful information on this:

In operation

After installation, you can adjust the settings in the UCServer administration in "Menu → Tools → Network interfaces → Tab: Proxy settings". Note that after making changes to these settings, a UCServer service restart should be performed.

Please also check the complete function of the components that are to communicate to the internet:

  • Licenses (Online licenses item)

  • Push service (point online licenses or push notifications)
  • Integration in Microsoft Teams
  • and more

Microsoft Teams presence integration

If you have already set a web proxy for integration with Microsoft Teams manually via the configuration file "msteams.cfg" in older versions, you can dispense with this setting.
There is only the above described general configuration of the UCServer left.

Restrictions

  • Proxy authentication is not a released feature.
  • Part of the configuration is done in the Windows system. (see description above)