How To Use The Soft Phone On ShoreTel Communicator

Yes! You can use the ShoreTel system entirely on your PC! You can make and receive calls and talk to people directly with ShoreTel Communicator. This is a great way to let telecommuters work from home without sending a phone, power brick, router, and a bunch of other stuff with them. It’s also the way a lot of call centers are set up to cut costs (headsets are cheaper than $300+ ShoreTel phones).

You need a couple of things before this will work properly.

The first thing you need is SoftPhone Licenses. If you don’t have these, you can still activate it but your server will lock down after 45 days. You can get a quote for these from your partner.

The second thing you need is some sort of headset. You can use the microphone and speakers on your laptop/desktop but the headset makes it a lot less aggravating.

Setting Up A User to Use The Soft Phone

Step 1 – Go to the user’s account under Shoreware Director.

Step 2 – Enable the soft phone for this user.

Step 3 – Save the changes.

 

Use the Soft Phone

Now you’ll need to go to the user’s ShoreTel Communicator and set up the SoftPhone.

Step 1 – Select Softphone from the Extension Assignment Menu. Drop it down, it should show up as the second option. If it doesn’t appear, make sure Communicator is up to date. Sometimes it just needs restarted, especially if you are connected over a VPN connection.

Step 2 – Make sure your headset is plugged in. Communicator will typically default to whatever is the current sound output. You can change it in the Options menu under “Smart Phone”.

If everything is set up right, you should now be able to make calls from ShoreTel Communicator and the call will play over your headset. If you need to send digits to the call (like to select menu options) just right click on the call and select the “Send Digits” option.

 

 

Cyberoam PPTP VPN For Telecommuters

Have recently done some experimenting with the Cyberoam PPTP VPN for road warrior connections. We were having a LOT of instability issues with L2TP VPN. The biggest reason for using L2TP is security as it encrypts all traffic, but if your user’s apps and everything are encrypted anyway, this can cause a bottleneck.

Another issue that comes up with Cyberoam L2TP VPN is that it’s not easy to use their Windows Domain login, or even LDAP login so far as I’ve tested. This isn’t a problem with any OS before Windows 7, but Windows 7 doesn’t always send the correct credentials to the domain. This will cause password dialog boxes to pop up all over the place, many times for no reason.

Set Up Cyberoam PPTP VPN

I have run PPTP and L2TP VPN at the same time but never had much chance to see if they didn’t conflict with each other if people are connecting to both. I think as long as the IP addresses it gives out are different it’s likely not a problem.

Step 1 – Go to the VPN section in the GUI and Click on PPTP. Fill in the form. You’ll want to select a LAN port for the local IP address. You will also need to provide an IP address range, these need to be IP addresses on your local network that won’t be used for anything else.

Fill in your local DNS servers here, not your ISP’s so your users can get access to things on the local network easier.

Step 2 – Go ahead and click OK and then click “Add Members” and select which users you want to be able to use the PPTP VPN connection. These CAN be Windows users from AD. It works fine.

Step 3 – Set up your VPN client. I ran the VPN wizard in windows Vista and the only thing I had to change in the settings to get this to work right was I selected “Optional  Encryption” under the security settings. I also made sure the “Unencrypted password (PAP)” was selected under the “Allow these protocols” section at the bottom.

Keep in mind this method will not encrypt traffic. So you may be blasting login information over the internet. This is a good method to use if you need to connect to already secure services on your network. If it’s encrypted on your LAN it’s encrypted over your PPTP connection too.

Personally I would only use this for a highly locked down username with no access to anything but local network. This is also not a terrible way to connect back to your phone system for VOIP service.

How to set up L2TP VPN in Cyberoam

If you need a super easy VPN that can be used without buying a software client like Cisco VPN Client, then L2TP is definitely the way to go. Windows 7, Vista and XP all have a built-in VPN client that can hook up to it. It’s a really good alternative to traditional IPSEC especially for your road warriors.

 L2TP Connection Setup

  1. Log into your Cyberoam and click “VPN” on the left hand side.
  2. Select L2TP and fill in the blanks.
    1. The Local IP address should be the one corresponding to the LAN port on your Cyberoam.
    2. “Assign IP” should be a range of UNUSED IP addresses on your Local Network. I selected a range of 10. For example if 192.168.1.100 through 192.168.1.110 were not used for anything on your network and could be reserved for this, place those IP addresses in these field.
    3. The DNS server blanks should be your internal network DNS servers so that your users can hit your internal servers without IP addresses. Please see the note below on client set up as I’ve run into a couple of issues with this.
    4. You can add a WINS server, but who uses WINS anymore?
  3. Once you’re done there click on save, then click the policy tab.
  4. You can use the Default L2TP policy, I know it works just fine.
    Capture of Cyberoam L2TP settings
  5. Select pre-shared key in the drop down and put in a good strong passkey for your connection. Cyberoam will typically recommend a simple number sequence for testing purposes and to insure you confirmed it correctly on both ends. You can start out with something like “12345678” but please change this after you’ve tested it.
  6. The WAN port should be the internet facing IP address your users will be entering into Windows. Please note that if you don’t have a static IP address for your internet connection, you’ll need to use a dynamic DNS service or configure Cyberoam’s dynamic DNS service.
  7. I usually check the “Allow NAT Traversal” checkbox. This helps if your end users are behind a router somewhere.
  8. Set Remote LAN Network to “Any” as you might not know how the other end’s network is set up.
  9. Leave remote ID like it is.
  10. Leave the Quick Mode Selecters as default (it should look like the picture above), unless you know you need a different port.
  11. Click Save, and activate the connection.

L2TP users

I like using Active Directory Integration anywhere I can but for some reason the Cyberoam doesn’t like LDAP users authenticating to it over VPN. I might have a setting wrong, but I’ve never gotten this to work right anywhere I’ve installed one. If  you have LDAP/AD integration set up, you’ll just need to add extra users in the Cyberoam for L2TP access. If you imported all your users manually then you can just go into users you want to give access and select the L2TP enable box.

Setting Up Windows VPN

I assume Windows 7 for this. Vista directions are almost identical, XP should be easy to figure out. I would imagine Windows 8 uses the same basic wizard as Vista/7.

  1. Go into your network and sharing center and click “Set up a new connection or network”.
  2. Select “Connect to a Workplace” in the next window. Click Next.
  3. Select “Use my Internet Connection (VPN)”
  4. Type in the IP address you selected in step 6 when you set up the L2TP connection on the Cyberoam. You can also put a DNS name here if you want (Like if you use dynamic DNS or have a DNS record set up on the internet for this IP). Name the Destination. I also will typically select the “Allow other people to use this connection” if multiple usernames will be used on the target computer. Click Next.
  5. Put the username and password in on the next window. These are the Cyberoam user names. Again if you use LDAP you may or may not be able to use your normal Windows login credentials here. I typically don’t send the Domain if I set up Cyberoam specific usernames for this. Click Next.
  6. It will attempt to connect, but you want to skip that because you need to enter a pre-shared key into the Windows settings.
  7. Go back into Network and Sharing Center and click on “Change Adapter Settings”.
  8. You’ll see the VPN connection you just set up here. Right click on it and hit properties.
  9. Everything on the General Tab should be fine. Click on the Options tab. I typically uncheck “Send Windows Domain” since you are logging in with a Cyberoam account. Click on PPP Settings and make sure the bottom two boxes are unchecked.
  10. Click on the Security Tab. Change “Type of VPN” at the top to “L2TP”, this will save a LOT of login wait time. Click the Advanced button under the drop down and select “Use preshared key for authentication”. Enter the same key you put into the Cyberoam in step 5.
  11. Under Data encryption I will select “Optional Encryption” for testing purposes. Required encryption works fine though.
  12. Select “Unencrypted password (PAP)” under the allowed protocols. I usually just do this to test the connection, I take it off for production.
  13. Click the Networking tab. It’s a good idea to manually enter the DNS servers under the IP4 properties. For some reason the DNS servers aren’t always transmitted to the client.
  14. Click OK.

You should be able to connect just fine. Remember you’ll need to test this outside your own LAN. The only problem I’ve had with this method is that the connection occasionally needs to be reset by de-activating and re-activating it under the L2TP connections tab in the Cyberoam. I wouldn’t use this for more than a few users.

The main reason you won’t be able to connect is if you typed the pre-shared key incorrectly. The second reason is usually an incorrect user/password combination. The third biggest reason is the connection needs to be reset as mentioned above. Also I’ve never been able to get more than one remote user per site to be able to connect successfully. So don’t do this and send teams of people to one place on a shared internet connection and expect them all to be able to connect.