Professional Documents
Culture Documents
Um Adm V82 35 Ius
Um Adm V82 35 Ius
LIOS
Lawful Interception Operation System
Version 8.2
Issue 35
Confidential
Issued by
Program- and Systems Engineering
Siemensstrasse 88-92, A-1211 Vienna
Copyright Siemens AG 2007
SIEMENS AKTIENGESELLSCHAFT
2/185
A30828-X9410-B082-35-7619
Table of Contents
0
GENERAL INFORMATION....................................................................................7
0.1
References .............................................................................................................................7
0.2
Abbreviations..........................................................................................................................7
0.3
0.4
INTRODUCTION .................................................................................................14
1.1
1.2
LIOS manuals.......................................................................................................................14
1.3
2.1
2.2
LIOS......................................................................................................................................18
Active monitoring in fixed and mobile (wireless) networks .....................................................................18
2.2.1
LIOS general features...........................................................................................................22
2.2.2
LIOS components .................................................................................................................23
2.2.3
LIOS interfaces .....................................................................................................................24
2.2.4
Data safety............................................................................................................................25
2.2.5
LIOS user roles.....................................................................................................................25
3.1
3.1.1
3.1.1.1
3.1.1.2
3.1.1.3
3.1.1.4
3.1.2
3.1.2.1
3.1.2.2
3.1.3
3.1.3.1
3.1.3.2
3.1.3.3
3.1.4
3.2
3.2.1
3.2.2
3.3
3.3.1
3.3.2
3.4
3.4.1
3.4.2
3.4.3
3.4.4
3.4.5
3.4.5.1
3.4.5.2
A30828-X9410-B082-35-7619
3/185
3.4.5.3
3.4.5.4
3.4.5.5
3.4.5.6
3.4.5.7
3.4.5.8
3.4.6
3.4.6.1
3.4.6.2
3.4.6.3
3.4.6.4
3.4.6.5
3.4.6.6
3.4.6.7
3.4.6.8
3.4.6.9
3.4.6.10
3.4.6.11
3.4.6.12
3.4.7
3.4.7.1
3.4.7.2
3.4.7.3
3.4.7.4
3.4.7.5
3.4.7.6
3.4.7.7
3.4.7.8
3.4.7.9
3.4.7.10
3.4.7.11
3.4.8
3.5
3.5.1
3.5.1.1
3.5.1.2
3.5.1.3
3.5.2
3.5.2.1
3.5.2.2
3.5.2.3
3.5.2.4
3.5.2.5
3.5.2.6
3.5.3
3.5.4
3.6
3.6.1
3.6.2
3.7
3.7.1
3.8
3.8.1
3.8.2
3.8.2.1
3.8.2.2
3.8.2.2.1
3.8.2.2.2
4/185
A30828-X9410-B082-35-7619
3.8.2.2.3
3.8.2.2.4
3.8.2.2.5
3.8.2.2.6
3.8.2.2.7
3.8.2.2.8
3.8.2.2.9
3.8.2.2.10
3.8.2.3
3.8.3
3.8.4
3.9
3.9.1
3.10
3.10.1
3.10.2
3.10.3
3.10.3.1
3.10.3.1.1
3.10.3.1.2
3.10.3.1.3
3.10.3.1.4
3.10.3.1.5
0.1.1.1
3.11
3.11.1
3.11.2
3.11.3
3.12
3.12.1
3.13
3.13.1
3.13.2
3.14
3.14.1
3.15
3.15.1
3.15.2
3.15.3
EFD Administration.............................................................................................................135
Filter ....................................................................................................................................137
EFD data wizard .................................................................................................................137
Validate ...............................................................................................................................140
4.1
4.2
Setting up closed user groups (CUGs) for LEAs on EWSD and hiQ/E9200 switches.......142
4.3
4.4
4.5
4.6
4.7
4.8
4.9
4.10
A30828-X9410-B082-35-7619
5/185
4.11
4.12
4.13
Switching support of LI management (HI1) notifications on and off (LIOS.properties file) 147
4.14
4.14.1
4.14.2
4.14.2.1
4.14.2.2
4.14.3
4.15
4.16
4.17
Ticket time stamp conversion according to the time zone of the NE .................................152
5.1
5.1.1
5.1.2
Symmanager ......................................................................................................................154
Overview .............................................................................................................................154
Specifying size and number of internal buffers of the X.25 card ........................................154
5.2
Symmonitor.........................................................................................................................155
5.3
5.3.1
5.3.2
5.3.3
5.3.3.1
5.3.3.2
5.3.3.3
5.3.3.4
5.3.4
5.3.5
5.4
5.4.1
5.4.2
5.4.3
5.4.4
5.4.4.1
5.4.5
6.1
6.2
6/185
A30828-X9410-B082-35-7619
General Information
0.1 References
[1] EWSD/Lawful Interception
Lending an ear to fixed network communication
A30828-X1130-V310-1-7618
Siemens AG
Munich 1999
[2] LIOS System Description
P30308-A9792-A082-*-7619
Siemens AG sterreich, PSE SMC CI
Vienna 2005
[3] ETSI ES 201 671 V2.1.1 (2001-09)
ETSI Standard
Telecommunications security;
Lawful Interception (LI);
Handover interface for the lawful interception of telecommunications traffic
[4] EWSD/Description of Output Data
Lawful Interception
Description of Contents of LI Records and of Call Content Connection
EWSD Version V17
P30308-A8225-V017-04-7617
Siemens AG
Munich 2004
[5] Symdriver-U User Guide
Edition 6.02, Symicron 1999
www.symicron.com
[6] TopSec
Anleitung TopSec Administrator
Version 3.02
Dezember 2002
Rohde & Schwarz
[7] OTOS / PIMS V1.1
Protocol-Independent Messaging System
User Manual
A30828-X9420-A011-1-7619
Siemens AG sterreich, PSE SMC CI
Vienna 2003
0.2 Abbreviations
AEQ
AFI
APQ
BIANCA
BRI
CC
Call Content
CDC
CGI
A30828-X9410-B082-35-7619
7/185
CHAP
CLIP
CMISE
COLP
CP
CSV
Comma-Separated Values
CUG
DB
DataBase
DBMS
DCE
DCF77
long wave time signal (D=Deutschland, C=long wave signal, F=Frankfurt, 77=frequency:
77.5 kHz)
DN
Directory Number
DNS
DSP
Domain-Specific Part
DTE
DTMF
EFD
Event-Forwarding Discriminator
EMN/OS
ETSI
EWSD
FDN
FT
File Transfer
FTAM
FTP
GPRS
GSM
GTP
GUI
HDLC
HICEP
HLR
HTML
HTMLS
HTML Secure
HTTPS
IAP
ICC
IDI
IIS
8/185
A30828-X9410-B082-35-7619
IMEI
IMS
IMSI
INB
INBand
IP
Internet Protocol
IRI
ISDN
ISO
LAC
LAN
LC
LIOS Client
LEA
LEMF
LI
Lawful Interception
LID
LIIN
LI Identification Number
LIM
LIOS
LS
LIOS Server
MAC
MC
Monitoring Center
MD
Mediation Device
MML
MMLCM
MSC
NE
Network Element
NSAP
NT
NTP
OEM
OS
Operating System
OSI
PBX
PC
Personal Computer
PIMS
POTS
PPP
PRI
Q3
A30828-X9410-B082-35-7619
9/185
RAI
RAS
RMI
RPPW
Replay-Protected PassWord
SuB
Systemunabhngige Betriebsfhrung
SVC
SWSG
SoftWare SafeGuarding
TCP
TZ
Technologiezentrum
URL
WAN
WS
WorkStation
X.25
A30828-X9410-B082-35-7619
11/185
12/185
A30828-X9410-B082-35-7619
A30828-X9410-B082-35-7619
13/185
Introduction
Lawful Interception Operation System (LIOS) provides services and applications for the operation of
Lawful Interception (LI) on network elements of different vendors (see Annex 2: LIOS supported
network elements). For an introduction to LI, see [1], for an introduction to LIOS, see [2].
For a summary of the authorized versions of the hardware and software products used,
functional limitations, error corrections and notes to the user, refer to the Handover Document.
14/185
A30828-X9410-B082-35-7619
System description
Throughout the world, legislation and standardization in the field of lawful interception are now compelling
network operators to use call-processing equipment, which enables all types of telecommunication to be
monitored or recorded as required.
Interception was originally done by tapping telephone lines. This, however, was awkward and, since the
build-up of the connection to the law enforcement monitoring facility (LEMF) was often accompanied by
cracking noises, it did not always pass unnoticed.
Meanwhile efforts have been made by switch manufacturers to integrate the interception function in the
hardware and software of the switch e.g. the Lawful Interception (LI) feature. Although expert personnel
could well be aware of the possibility of monitoring taking place, there is no way of finding out which
subscribers are being monitored. Also a wide variety of technical problems have been solved: for
example, now there are no more nailed-up connections or leased lines the necessary monitoring
connections are set up dynamically.
Monitoring Internet traffic is different: the Internet is a more complex network, involving a greater variety
of devices. For efficient monitoring, passive taps and data collectors (combined in groups) are placed at
several locations and the required data is extracted by means of IP triggers.
2.1
The Siemens Lawful Interception solution comprises network elements (for fixed, mobile, nextgeneration, enterprise networks, Internet traffic and e-mail), LIOS (see Chapter 2.2) and the Siemens
Monitoring Center.
LIOS (Lawful Interception Operation System) combined with the LI feature of telecommunications
switches is a state-of-the-art solution for efficient and discreet lawful interception. It offers high flexibility
as regards network organization, geographical locations, and switch types. At the same time it meets the
strictest legal requirements. LIOS and LI adhere to the guidelines on security made by international
standardization bodies (e.g. ETSI). The Siemens Lawful Interception solution includes the Siemens
Monitoring Center, which takes over most of the monitoring work from LEAs.
The LI feature is integrated in the hardware and software of switches. It makes possible a smooth and
discreet functioning of lawful interception on switches and in the telecommunications network. LIOS as a
management system provides functions and a GUI for convenient administration of lawful interception by
the personnel in charge.
LIOS offers the possibility of moving the administration of Lawful Interception away from switches and
setting it up at a central site. LIOS is connected to switches over the telecommunications or IP network.
The flow of information is automatically routed from monitored communication channels to the law
enforcement monitoring facility (LEMF) without affecting normal network operation.
A30828-X9410-B082-35-7619
15/185
NE
LI admin
Telecommunications
network
IRI records
Judge
IRI records
Communication
content
LEMF
Monitoring in enterprise networks (private branch exchanges: PBX Siemens HiPath); see
Monitoring of enterprise networks in Chapter 2.2.
Transfer of call content and IRI records to LEMFs. A LEMF can be provided with both
communication content and IRI records, or only with IRI records (for statistical monitoring).
A subscriber can be monitored by several LEAs simultaneously. Call content and IRI records
can be transmitted to several LEMFs with numerous options available. So each LEA can have its
own settings, e.g. HI3 signaling method (UUS/sub addressing), ticket output format
(ETSI/ASCII/native).
Monitoring of FDNs (foreign directory numbers). FDNs are telephone numbers or their first
digits in transit traffic. NE lines are monitored for the FDNs specified. It is thus possible to observe
all subscribers from or to whom connections are set up via a monitored NE i.e. subscribers
assigned to other NEs or other network providers (e.g. mobile-network subscribers) provided that
calling- and called-line numbers are transmitted in the signaling.
16/185
A30828-X9410-B082-35-7619
Clandestine functioning. LI works without being noticed by subscribers and telephone company
employees, even NE administrators. The only persons aware of it are LIOS personnel and LEA
officials.
Siemens Monitoring Center (MC). This is a comprehensive system offered to law enforcement
agencies; it takes over most of the monitoring work from them, i.e. receiving, processing, evaluating
and storing of intercepted information.
A30828-X9410-B082-35-7619
17/185
2.2
LIOS
While the LI feature covers the overall concept of lawful interception, LIOS deals with its administration
and the forwarding of intercept-related information. The intercepted information itself (call content) does
not reach LIOS; it is routed by the NE directly to the appropriate law enforcement monitoring facility
(LEMF).
LIOS embedding in different networks
LIOS can access different switch types and versions, even of different makes, at the same time. This
allows LI administration (= observation handling) from one uniform GUI.
Active monitoring in fixed and mobile (wireless) networks
This covers PSTN (Public Switched Telephone Network), GSM (Global System for Mobile
Communications) and NGN (Next-Generation Network).
Next-Generation network
LI administration
Mobile
switch
IRI records
IRI records and
alarms
LI admin.
Mobile
network
HI2
(IRI records)
Fixed
network Fixed-
NGN switch
Target of
interception
HI3
HI3
Target of
interception
network
switch
Target of interception
LEMF
Figure 2-2: LIOS network configuration for monitoring of fixed, mobile and next-generation networks
(example)
18/185
A30828-X9410-B082-35-7619
Passive tap
IP network
Data
collector
LI administration
Target of interception
LI admin.
Communication
content
HI2/HI3
Mediation device
LEMF
Figure 2-3: LIOS network configuration for Internet and e-mail monitoring (example)
A30828-X9410-B082-35-7619
19/185
LIOS acting as an
umbrella system
HI2
HI2*
Foreign interception
operation system
LI admin. and HI2
LEMF
HI3
HI3
HI3
* mutually
exclusive
HI2 routes
Telecommunications network
20/185
A30828-X9410-B082-35-7619
HI2
LEMF
LI admin.
LI admin.
Alarms
HI3
IN network
Target of interception
IN@vantage
INAP
Fixednetwork
NGN switch switch
A30828-X9410-B082-35-7619
21/185
HI2
LIOS-HP
LI-BASE
CAP
HI3
LEMF
CAP PC
CSTA
HiPath
HI3
HiPath
CSTA
2.2.1
22/185
A30828-X9410-B082-35-7619
LIOS converts CALEA-compliant CDC messages to ETSI-compliant IRI records. LIOS can handle filenaming methods according to ETSI and country-specific requirements.
Communication with NEs and foreign OSs from a command console for diagnosis and troubleshooting purposes.
LI database synchronization. If the LI database of an NE or a foreign OS on the one hand and the
LIOS database on the other are out of step, they can be automatically synchronized.
Summary suspension of interception measures on NEs or foreign OSs. If an NE or a foreign OS
is overloaded or needs servicing or upgrading, LIOS can summarily suspend (= temporarily cancel) all
interception measures created there. Once the NE or foreign OS is available again, LIOS can
automatically restore all interception measures (resume).
Convenient graphical user interface. Web applications for all LIOS users (MS Internet Explorer).
Various filters support information retrieval. Wizards within applications lead the user through the
steps of standard working procedures. A comprehensive online help is provided.
Security. To prevent misuse, LIOS has been supplied with powerful security features, e.g. a
sophisticated user role model, encryption technology, comprehensive logging, security hardening, IP
Sec and security certificates.
Automatic handling of expired passwords. For the communication with NEs, passwords are
needed. Some of these passwords expire after a certain time. LIOS automatically replaces an expired
password with a new one (cyclic password exchange).
EFDs (event-forwarding discriminators) are used for the automatic sending of IRI records and alarms
from some NE types (Siemens EWSD/hiE9200) to the LIOS server. EFDs concerning lawful
interception can be set up and administered on NEs from LIOS directly, through a Q3 interface.
Not all NE types and foreign OSs support all features listed here.
2.2.2
LIOS components
LIOS
Remote LIOS clients
IRI records
IP/ISDN/X.25
IRI-records
E-mail, CD, floppy . . .
LIOS server
IP or IP/ISDN
LEMF
LAN
PSTN/NGN
IRI records
IP/ISDN/X.25
Call content
LI admin
LIOS server
LIOS client
Intercepted object
NEs
A30828-X9410-B082-35-7619
23/185
NEs and foreign OSs and routes them to LEMFs. If the connection to a LEMF is broken, IRI records can
be delivered by e-mail, CD or floppy. The LIOS server acts as a Web server for LIOS clients and
accommodates all LIOS user software. The LIOS server is always set up in a high-security area.
Owing to its scalable architecture, LIOS can be configured to fit network size. If a network has a great
number of NEs, more observations can be set up and more IRI records must be expected. LIOS servers
can be added to cope with the extra load and to keep system performance high. How far LIOS can be
expanded also depends on the number of ports on NEs and the type of connection.
LIOS clients
LIOS users work on LIOS clients. LIOS clients are regular PCs with standard software and a Web
browser. LIOS users log in on a LIOS client, and communicate with the LIOS server from a Web browser
through HTTPS; the data entered by the users is processed by the LIOS server.
Depending on the needs of a network provider, LIOS clients can be set up within the LIOS high-security
area (centralized) or they can be set up anywhere remote (decentralized). This means that LIOS users
can work hundreds of miles away while security is still maintained (owing to user authentication and
HTTPS).
LIOS standard system and LIOS single system
In a LIOS standard system, servers and connections are duplicated (redundancy concept) if one fails,
the other can take over (hot standby). On customer request, LIOS can be supplied as a single system
(only one LIOS server) although at the expense of reliability.
2.2.3
LIOS interfaces
For optimum integration of LIOS in a telecommunications network, several external interfaces are
provided.
Remot
LIOS
Externa alarmin
throug PIMS
LIOS
Cloc
E-mai
SMS
GU
GPS radio
DCF7
NTP
GU
Externa
Operato
HI
EO
LE M
INI
INI
INI
INI
INI
INI
INI
INI
Foreign interception
operation system
NE
Mediation
24/185
IN
NE
A30828-X9410-B082-35-7619
Interfaces to LEMFs, NEs, Siemens Mediation Devices, IN@vantage and foreign OSs (see
Chapter 2.2.1, LIOS general features)
The external operator interface (EOI) is a command line interface enabling external LI operators to
access LIOS and to manage LIOS functions. The communication protocol used is HTTPS. An
external operator can work with a graphical user interface of another manufacturer or with a
command-line tool.
External alarming through PIMS (Protocol-Independent Messaging System). Systems like LIOS
often operate in a closed area without anybody near. This makes alarming especially important. Apart
from that, it can be useful for LEA personnel to be informed about LIOS activities.
Through PIMS, personnel in charge can be alerted any time and anywhere by SMS or e-mail.
Alarms can be classified according to subject and importance. PIMS can be configured to forward
alarms of different types to different recipients and to use a specific service (SMS or e-mail) for each
recipient. If a recipient wishes to be alerted by e-mail instead of SMS or vice versa, this can easily be
changed, without LIOS being affected.
Time synchronization by means of NTP (Network Time Protocol) or a DCF77 or GPS radio clock. All
LIOS machines receive the same time. NEs and foreign OSs can have different times they are not
synchronized.
2.2.4
Data safety
In a standard LIOS system, LIOS servers and connections are duplicated if one fails, the other can
take over (see LIOS standard system and LIOS single system in Chapter 2.2.2).
LIOS is always equipped with a software RAID; on request, a hardware RAID can be provided.
The LIOS database is synchronized with the databases of NEs and foreign OSs, either automatically
on a regular basis or triggered by hand (not for all NE types).
In case the connection from the LIOS server to a LEMF breaks, an alternative way of delivering IRI
records to the LEMF (e.g. through e-mail, CD-ROM or floppy disk) is provided.
Alarms issued by NEs (not of all types) and by LIOS provide information about irregularities (see
Chapter 3.10).
If an NE is unable to send IRI records to LIOS (e.g. because of a connection break), it writes them to
an IRI record buffer file, which can be retrieved by LIOS as soon as the connection has been reestablished, or through another connection. (This feature is available for Siemens EWSD/hiE9200.)
2.2.5
A role is assigned to each LIOS user. Each role operator, supervisor and administrator entails its
distinct rights and duties. This renders misuse very difficult and guarantees optimum security and
secrecy.
The difference of user rights and duties is also reflected in the user documentation there is a separate
manual for each user role. Users will not know the details of the work related to the other user roles; apart
from that, they will not be lumbered with information irrelevant to their work.
Remark about LIOS user roles. Customers requirements differ from country to country. Therefore, in
practical operation, not all persons working with LIOS have to exactly fit in one of those user roles. For
instance, the rights related to all three user roles can be given to a privileged person, or the rights of LIOS
operators can be divided among several types of LIOS operators.
A30828-X9410-B082-35-7619
25/185
LIOS operator
LIOS operators are responsible for the handling of interception measures (LI administration) and
occasionally also of LEMF data (e.g. creating or modifying LEMF objects). They are alerted to
irregularities by a comprehensive alarming system. They can communicate with NEs and foreign OSs
from a command console for locating the origin of possible system misbehavior and for providing a
remedy. If entitled to, they can also temporarily cancel (suspend/resume) all observations set up on an
NE (or foreign OS) or remedy LI database discrepancies. The scope of work of the individual operator will
depend on the rights assigned by the LIOS administrator. LIOS operators work under the supervision of a
LIOS supervisor.
LIOS operator tasks can also be performed by external operators (see Chapters 2.2.2 and 2.2.3).
For reasons of security, LIOS operators can be organized into operator groups (each operator has to be a
member of one or several groups). Observations belong to the group, observation-related alarms (group
alarms) are conveyed to the group. Every action, however, is logged individually.
Different rights can be given to different groups. For instance, a selection of NEs can be accessed by one
group, another selection by another, as is shown in the following figure.
Operator
A
Operator
B
Operator
C
Operator
D
NE 3
NE 5
26/185
A30828-X9410-B082-35-7619
You can access LIOS functions from a Web browser Internet Explorer (version 5.5 or higher). Start the
Web browser, move the mouse pointer to the URL line and type the URL of one of the LIOS servers in
your LIOS:
https://<LIOS server>/lios
For <LIOS server> you can enter the name or the IP address.
Save the URL of the default LIOS server as home page and that of the other as bookmark. When
prompted, enter your LIOS user ID and password. The LIOS main page is displayed.
If your password has expired, enter the old password and a new password, and then confirm the new
password.
If the LIOS client is connected to the LIOS server through an ISDN link, ensure that the link is up. For
details consult the Sun Solaris and the Windows XP documentation.
).
The LIOS main page is made up of header, navigation menu, application commands bar and work area.
A30828-X9410-B082-35-7619
27/185
Header
Application
Commands
bar
Navigation
menu
Work
area
3.1.1.1 Header
The header in the top section of the LIOS main page shows you under which LIOS user role and name
you are logged in. To log out properly, click on the Logout command. The word Online on the right
informs you that the connection to the LIOS server is active.
The header also shows your current position on the LIOS website, i.e. which LIOS application and subapplication is open.
On the right there are two fields that show the range of records (size of record set) that has been read
from the database. You can specify the size of a set of records in the Filter form, Maximum number of
rows pull-down list.
The commands on the right have the following effects:
Count. The total of records is calculated and displayed in a separate window.
! (left arrow). The previous set of records is read from the database.
" (right arrow). The next set of records is read from the database.
(arrow back to first page). The records of the first page are retrieved from the database.
Functioning of Next " and Previous !
Since there may be a great amount of data to be read (loaded) from the database, which can take
some time, you have the option to specify how many data records should be read at a time (see
3.1.3.1, maximum number of rows).
Next and Previous start a new database query, through which the next or previous set respectively is
read from the database, following the sorting order specified. Since the data contained in the database
may have changed since the last query, the set of records read may not be exactly adjacent to the set
of records last read.
An example should illustrate this. You have specified that the 30 newest data records should be read
(Filter form, Maximum number of rows pull-down list). After some time you press Next, intending to
view the next 30 data records. The 30 data records next to the newest 30 data records are read from
the database. If, however, in the meantime new records have been written to the database, these new
records are now considered by the system as part of the 30 newest records. Consequently data
records that were then among the 30 newest but are no longer so will be displayed again.
28/185
A30828-X9410-B082-35-7619
A30828-X9410-B082-35-7619
29/185
Table handling
To perform an action on a single record, select the appropriate icon in the Actions column on the right. To
find out the meaning of an icon, move the cursor to the icon; an explaination will appear in a text bubble.
To view the details of a record, select the ID (hyperlink) in the first column.
To perform an action on more than one record, select the checkboxes on the left and then choose the
appropriate command from the application commands bar at the top.
For reasons of ergonomics and system performance, the table contents are not automatically updated. If
the data kept in the database has changed, the Refresh icon ( ) appears at the bottom left. To update
the table contents, click on the Refresh icon or select Refresh from the application commands bar. (Do
not use the refresh functions provided by the Web browser itself.)
Quick sorting: If you click on a column heading, the table is sorted by the content of this column, in
ascending order; this is indicated by an upward arrow ( ). If you click on the same column heading again,
the table is sorted by the content of the column in descending order (downward arrow ). Quick sorting
does not work with all columns.
Generation time information: Below every table there is a line telling you when the data was read from
the LIOS database and the table was generated (Generated on: <date> <time>) scroll down if
necessary.
Leaving the LIOS system. To log out properly, click on the Logout command in the header.
3.1.2
A wizard is a sequence of forms that leads the user through the steps of data input.
Read-only fields
Read-only fields look the same as regular fields. It is possible to copy the content of a read-only field to
the clipboard (copy/paste). If a form serves only to view data, all fields are read-only.
Hyperlinks ()
Some output fields are equipped with a hyperlink () to detailed information. If you, for instance, click on
an arrow next to a LEA name field, details of the LEA are displayed.
3.1.2.1 Shifting items between lists
30/185
>
>>
A30828-X9410-B082-35-7619
<
<<
You can select more than one item from a list by using the mouse in combination with the Ctrl and Shift
keys.
Ctrl: Selection of more than one item.
If you select an item while you are holding down the Ctrl key, the item will be selected in addition to the
items selected already. If you click on a selected item while you are holding down the Ctrl key, the item
will be unselected.
Shift (!): Selection of a range of items.
Select one item, then hold down the Shift key and select another item. The two items including the range
between them will be highlighted (selected).
3.1.2.2 Push buttons
Previous. The previous page of a wizard is displayed. The data you may have entered in the current
page is preserved.
Next. The next page of a wizard is displayed; make your input first.
Finish. The Finish button appears in a single input form and in the last page of a wizard. Your input is
accepted and the form is closed.
OK. Your input is accepted and the form is closed. The OK button appears in some forms.
Refresh. The content of the form is updated.
Close. The form is closed. The Close button is provided when no input is possible, e.g. in connection
with a View command.
Cancel. Your input is discarded and the form is closed
Help. Online help is provided
3.1.3
LIOS provides various filter forms to support information retrieval. In this section general filtering functions
(i.e. functions that are common to most LIOS filter forms) are presented and explained. Applicationspecific fields are dealt with together with the respective applications.
3.1.3.1 General filtering functions
A30828-X9410-B082-35-7619
31/185
First select a time frame and then edit beginning or end point.
Time frame in this context always marks a time period that includes the present moment.
Possible time frames are today, today & yesterday, this week, this week & last week, this month,
this month & last month, this quarter and this year.
If you select a time frame, the From and To input fields are automatically adapted (the To input fields
remain empty because, naturally, the time frames provided go beyond the present moment). You can
however refine the filter settings by editing the values of the From and To fields.
If you wish to include all items up to a certain point of time, fill in the To fields and leave the From fields
empty.
If you wish to include all items not older than a certain point of time, fill in the From fields and leave the To
fields empty.
Flexible input format
Generally speaking, the input format is dd.mm.yyyy and hh:mm:ss. There, however, is a considerable
input tolerance e.g. if your input is incomplete, it is automatically completed to agree with your
presumable intention.
Input made by the user
32/185
A30828-X9410-B082-35-7619
Delimiters:
The delimiters (separators) used by LIOS itself are dots (.) for the date and colons (:) for the time.
However, you can also enter other delimiters (? / , . ; : - _ \) or leave a space, only within a field the
delimiter must be the same.
In the Maximum number of rows pull-down list you can specify how many records will be loaded from the
database at a time.
3.1.3.3 Filter push buttons
Finish. Your input is accepted and the form is closed.
Reset. The filter is reset, which means that the default settings are applied.
Load. Filter settings that have been saved are activated.
Save. For each LIOS sub-application, you can save personal filter settings. To activate saved filter
settings, press Load.
Cancel. Your input is discarded and the filter form is closed.
Help. Online help is provided.
3.1.4
IP address verification
An IP address (Internet Protocol address) is a unique number, similar in concept to a telephone number,
used by network devices (routers, telecom switches, computers, time-servers, ...) attached to a network
to refer to each other when sending information through a LAN (Local Area Network) or a WAN (Wide
Area Network) or the Internet for example. IP version 4 (IPv4) is the current standard protocol for the
Internet. IP addresses consist of 32 bits (for more details see RFC 791). IPv4 addresses are commonly
expressed as a dotted quad: four octets (8 bits) separated by dots. LIOS supports IP version 4 and the IP
address classes A, B and C. IP version 6 will also be supported by LIOS, but no application is available at
present. Some IP addresses are used for multicast, broadcast or loopback traffic. These IP addreses can
not be used for switch and LEA configuration and will be checked by LIOS:
"
"
"
127.0.0.1 allowed
A30828-X9410-B082-35-7619
33/185
As an optional feature, LIOS makes it possible to integrate external operators, who can access LIOS
through an external operator interface. The user administration for external operators is the same as that
for LIOS operators.
LIOS operators can be organized into LIOS operator groups; observations and group alarms belong to a
LIOS operator group and not to an individual operator. Also the authorization for the communication with
NEs and OSs through MML is given to LIOS operator groups (see NE user IDs in Section 3.4.7).
When you start the User Administration, the data displayed reflects the default filter settings. If you wish
to see another selection of data, select the Filter command from the application commands bar. A filter
form appears, where you can specify criteria for the data to be displayed.
34/185
A30828-X9410-B082-35-7619
Table
The table provides you with an overview of user information; it does not contain all details. For a detailed
view, click on the user name (hyperlink) in the first column.
Table columns
User name. Name of LIOS user
Operator/External operator/Supervisor/Administrator. A check mark in the respective column
indicates the user role (an external operator is a LIOS operator who works from a system other than
LIOS).
Alarming state. A check mark means that external alarming is active for the particular user. To show
the Alarming state of an external alarm is an optional feature (depends on the LIOS license).
Actions. These actions affect only the individual record.
Modify user. The user data wizard (see 3.2.2) is started, where you can modify the user
record. The user name cannot be changed the corresponding field is read-only.
Copy user. The user data wizard is started. It contains the values of the selected user record.
You can modify these values at least you have to enter a new user name.
Delete user. The user record is deleted.
Activate/deactivate external alarming. Toggle switch. External alarming is activated or
deactivated.
3.2.1
User filter
If you wish to reduce the number of records to be displayed, you can define a filter. If a field is empty or
not selected, it has no influence on the filtering process.
A30828-X9410-B082-35-7619
35/185
3.2.2
To start the user data wizard, select new user, modify user or copy user.
General and security information
36/185
A30828-X9410-B082-35-7619
Operator rights
Figure 3-9: User data wizard operator rights and group memberships
Other than administrators and supervisors, operators can be authorized to use only a selection of LIOS
applications. Select the appropriate checkboxes (more than one selection is possible).
LEA Administration. Administration of LEA data.
MML Handling. Sending MML commands to NEs and OS servers from the MML console application.
Observation Handling. Creation and administration of observations.
Observation Manager. Synchronizing the LIOS database with the LI database of the NE/OS server,
for aligning the LI database of the NE/OS server with the LIOS database, and for suspending and
resuming observations and LEAs (OBSGRP) on the NE/OS server.
The observation manager is an optional feature (depends on the LIOS license).
If you do not select any checkbox, the operator can still handle alarms (Alarm browser).
Operator group memberships
LIOS operators can be organized into operator groups; observations and group alarms belong to an
operator group and not to an individual operator. The operator group memberships form enables you to
assign one operator to one or more operator groups.
To assign an operator to groups, select the groups from the available operator groups list on the left and
press the > button. The names are shifted to the selected operator groups list.
LIOS operators with Observation Manager rights must be members of all operator groups.
Available operator groups. Groups of which the operator is not a member.
Selected operator groups. Groups of which the operator is a member.
How to shift items between the lists with the arrow push buttons and with the Ctrl and Shift keys is
explained in Section 3.1.2.1.
A30828-X9410-B082-35-7619
37/185
38/185
A30828-X9410-B082-35-7619
A30828-X9410-B082-35-7619
39/185
3.3.1
Group filter
By setting filter criteria you can restrict the data to be displayed. If a field is empty or not selected, it has
no influence on the filtering process.
To open the group data form, select new group, modify group or copy group.
40/185
A30828-X9410-B082-35-7619
General information
Figure 3-13: Group data form, general information and group members
Group name. Name of the LIOS operator group. Maximum length: 25 characters.
Remark. Optional parameter. Maximum length: 60 characters.
Members of operator group
To assign users to a group, select the users from the available users list on the left and press the >
button. The names are shifted to the selected users list.
LIOS operators with Observation Manager rights must be members of all groups. If they are not, they will
lose their Observation Manager rights.
Available users. LIOS users who are not members of the group.
Selected users. Members of the group.
How to shift items between the lists with the arrow push buttons and with the Ctrl and Shift keys is
explained in Section 3.1.2.1.
A30828-X9410-B082-35-7619
41/185
42/185
A30828-X9410-B082-35-7619
Communication settings. The Communication Settings form (see 3.4.1) is displayed, where you can
set the timer and counter values controlling the communication and the CMISE protocol used for the
connection to NEs. The settings affect the whole LIOS system it is not possible to make separate
settings for individual NEs.
Activate NEs. When an NE has been set up, it also has to be activated so that LIOS can
communicate with it (see 3.4.2).
Filter. A filter form (Figure 3-17) is displayed, where you can specify which NEs should be displayed,
and define sorting options.
Select/unselect all. All records in the table are selected (checkboxes in the first column) or, if all have
been selected previously, they are unselected.
Refresh. The data is read from the database and the table is updated.
Print. A printer-friendly HTML page reflecting the data currently displayed is generated. A Print form is
displayed where you can edit printing options and start the printing operation.
Export. Records are exported as a text file in CSV (comma-separated values) format, with each line
representing one application that has been set up for the communication with the NE (see 3.4.4).
Exporting data does not mean removing it from the LIOS database.
Help. Application-specific online help is provided.
Table
The table provides you with an overview of NE information; it does not contain all details. For a detailed
view, click on the NE name (hyperlink) in the first column.
Table columns
NE name. Name of network element.
Active. A check mark (
Running since <date time>. Connection check is in proggess (running). Start date and start
time of the connection check is displayed. After the check is finished the state of the
connection check will be changed. The following states are possible (not OK, OK and Check
not supported)
<date time>. Connection to the NE is not OK. Date and time of the connection check is
displayed.
<date time>. Connection to the NE is OK. Date and time of the connection check is
displayed.
Check not supported. Connection check to the corresponding NE is not supported.
A30828-X9410-B082-35-7619
43/185
Communication Settings
In the Communication Settings form you can set the timer and counter values controlling the
communication and the CMISE protocol used for the connection to NEs. The settings affect the whole
LIOS system it is not possible to make separate settings for individual NEs.
44/185
A30828-X9410-B082-35-7619
3.4.2
NE activation
If it has not been suspended (Locked state). If an NE is in Locked state, observation and LEA
data associated with the NE cannot be modified in any way.
You need not deactivate an NE for modifying it e.g. adding or removing applications.
Table
The column headings Active, NE name, NE type, Port count and Locked refer to NEs, the column
headings State and Reason refer to the last initiated activation or deactivation job, whichever applies. If,
for example, the NE is marked as active (Active column with check mark) and in the State column it
says Failed, it means that the NE is active and an attempt to deactivate the NE has failed. To view the
reason for the failure, click on the hyperlink in the Reason column.
A30828-X9410-B082-35-7619
45/185
If an NE is in Locked state (cross in the Locked column), observation and LEA data associated with the
NE cannot be modified in any way. Locked means that Suspending, Resuming, DB Synchronization or
DB Alignment processing is active or that the NE is in DN modified state.
Activation and deactivation jobs can be in the following states:
Waiting
Processing
OK
Failed
The table at the bottom of the window shows you for each NE type how many ports are covered by the
LIOS license (licensed ports), how many have already been set up (used ports) and how many can still
be set up (free ports). If you exceed the number of ports, the current LIOS license will expire after 20
days; a message is displayed to this effect, and the expiration date is stated.
Push buttons:
Refresh. The data is read from the database and the table is updated.
Activate. The NE selected in the table is activated.
Deactivate. The NE selected in the table is deactivated.
Abort. The activation/deactivation job is aborted. You can abort a job if there is no response from the
NE.
Close. The form is closed.
Help. Application-specific online help is provided.
If NE activation fails, a report icon appears in the Reason column. If you click on the icon, the NEs
response is displayed, which tells you the reason for the failure.
3.4.3
NE filter
If you wish to reduce the number of records to be displayed, you can define a filter. If a field is empty or
not selected, it has no influence on the filtering process.
Export
According to the result of filter settings all records read from the LIOS database are exported (saved) in
CSV (comma-separated values) format. (Also TXT format with tab stops as separators is supported to
be configured in the LIOS properties.)
46/185
A30828-X9410-B082-35-7619
NE and LIOS server data is exported by application for each application set up for an NE or a LIOS
server, a separate NE or LIOS server record is exported.
You can reduce the amount of records to be exported by applying additional filter criteria.
Exporting data does not mean removing it from the LIOS database.
In the form displayed, specify a directory and a file to which the data should be exported.
Export format:
When NE or LIOS server data is exported, each line in the export file corresponds to one application
record. If, for example, 4 applications have been set up for an NE, the export file will contain 4 rows
for the NE. When NE network data is exported, each line in the export file corresponds to one NE
network record.
If a parameter of a record has no value, the field remains empty. Empty fields are rendered through
two consecutive commas.
3.4.5
Setting up NEs
The sequence of forms provided for setting up NEs varies by NE type. The following sections show you
the sequence for each NE type and offer you cross-references to the relevant information.
3.4.5.1 Siemens EWSD and hiQ/E 9200
1. General see 3.4.6.1
2. ETSI Network ID see 3.4.6.3
3. LI NE passwords and specific parameters (for EWSD, hiQ/E9200) see 3.4.6.4
4. Parameters for X.25 see 3.4.6.5
5. Parameters for IP see 3.4.6.6
6. Applications see 3.4.6.12
7. General application data see 3.4.7.1
8. OSI see 3.4.7.2
9. Passwords for EWSD and hiQ/E9200 FT see 3.4.7.3
10. Passwords for EWSD and hiQ/E9200 EFD see 3.4.7.4
11. NE user IDs (MMLCM) see 3.4.7.6
12. NE user ID wizard see 3.4.7.7
13. Authorization data see 3.4.7.8
14. MMLCM authorization data see 3.4.7.9
15. FT authorization see 3.4.7.10
16. FT Authorization form see 3.4.7.11
3.4.5.2 Siemens MSC
1. General see 3.4.6.1
2. LI Options see 3.4.6.2
3. ETSI Network ID see 3.4.6.3
4. Parameters for X.25 see 3.4.6.5
5. Parameters for IP (EWSD, hiQ/E9200, MSC SR11/SR12) see 3.4.6.6
A30828-X9410-B082-35-7619
47/185
NE data wizard
To start the NE data wizard, select new NE, modify NE or copy NE.
48/185
A30828-X9410-B082-35-7619
The NE data wizard is provided for adding, modifying and copying an NE record and setting up
applications for an NE.
NOTICE REGARDING EWSD AND hiQ/E9200:
Lower-case letters as parts of MML commands and parameters are not accepted by EWSD and
hiQ/E9200; the only exceptions are passwords.
3.4.6.1 General
A30828-X9410-B082-35-7619
49/185
50/185
A30828-X9410-B082-35-7619
The ETSI standard on Lawful Interception also regulates in which format data has to be contained in the
IRI records. Since data is not received from NEs in ETSI format, data conversion is necessary. This is not
applicable for Siemens IN@vantage and Nortel fixed.
The network ID comprises the operator ID and the NE ID. In this form you can specify how network
operator ID and NE ID should be rendered in LI tickets.
Format here only refers to the format of the NE ID (Address) how the NE communicates with LIOS is
irrelevant in this context. Select a format and enter the NE address according to the format selected.
Operator ID. Mandatory parameter. Network operator of the NE. (The term used for network operator
in a LIOS context is normally network provider.)
Maximal length 5 characters;
Accepted input: a..z, A..Z, 0..9 and %.#*+"!$()<>,_/-?:;=&.
For Huawei fixed:
Maximal length 5 characters;
Accepted input: decimal digits (0-9) and the two special characters #, *.
NE ID. The fields in the NE ID section are optional.
Format. Format here only refers to the format of the NE ID (Address) how the NE
communicates with LIOS is irrelevant in this context. Select a format (E.164, X.25, IP or DNS)
and enter the NE address accordingly. Which formats are actually available, also depends on the
NE type.
Address. Enter the NE ID as it should be output in ETSI-format tickets.
E.164. Number in international format (= country code + LAC + DN). Input depends on the
settings in the lios.properties configuration file:
Decimal digits, 46 characters max. (LIOS properties HostAdmin.ETSI_Hexa = 0 and
TicketRouter.ETSI_AddHeader = 1) or
Hexadecimal digits, 50 characters max. (LIOS properties HostAdmin.ETSI_Hexa = 1 and
TicketRouter.ETSI_AddHeader = 0).
X.25. DTE address in international format. Input depends on the settings in the lios.properties
configuration file:
Decimal digits, 46 characters max. (LIOS properties HostAdmin.ETSI_Hexa = 0 and
TicketRouter.ETSI_AddHeader = 1) or
Hexadecimal digits, 50 characters max. (LIOS properties HostAdmin.ETSI_Hexa = 1 and
TicketRouter.ETSI_AddHeader = 0).
IP. IP address; decimal numbers separated by dots (.).
DNS. DNS (domain name system) address. 25 characters max.
A30828-X9410-B082-35-7619
51/185
Figure 3-21: NE data wizard LI NE passwords and specific parameters (EWSD and hiQ/E9200)
LI NE passwords are needed for the administration of the LI function on EWSD and hiQ/E9200 switches.
LI group command password. For EWSD V12 and higher, and for hiQ/E9200. For controlling most
LI functions on the NE (creating/modifying LEAs and observations) the LI group command password is
needed. To be able to specify or modify the LI group command password, you must know the LI ID
password.
Maximum length and characters allowed depend on the NE type. For EWSD, version V13A and
higher, and for hiQ/E9200, the length has to be from 8 to 15 characters, for EWSD V12 it has to be
from 1 to 15 characters. The following characters are allowed: uppercase and lowercase characters,
digits, and special characters except ~, ^, |, \, [ and ].
LI ID password. For EWSD V12 and higher, and for hiQ/E9200. LI ID password. It is needed for
specifying or modifying the LI group command password and the audit password. The LI ID password
replaces the hard-coded LI password.
Maximum length and characters allowed depend on NE type and version. For EWSD, version V13A
and higher, and for hiQ/E9200, the length has to be from 8 to 15 characters. The following characters
are allowed: uppercase and lowercase characters, digits, and special characters except ~, ^, |, \, [
and ].
LI audit password. For EWSD V13A and higher, and for hiQ/E9200. LI audit password. It is needed
for invoking LI audit functions (e.g. DISPLIMEAS). To be able to specify or modify the audit password,
you must know the LI ID password.
Maximum length and characters allowed depend on NE type and version. For EWSD, version V13A
and higher, and for hiQ/E9200, the length has to be from 8 to 15 characters, for EWSD V12 it has to
be from 1 to 15 characters. The following characters are allowed: uppercase and lowercase
characters, digits, and special characters except ~, ^, |, \, [ and ].
52/185
A30828-X9410-B082-35-7619
Realized as Power Node. For EWSD version V15 and higher, and for hiQ/E9200. This information is
necessary for LIOS to determine the RPPW algorithm (see replay-protected password, Section 3.4.7).
Select checkbox if the NE is a Power Node. To find out, start the MML console and enter the MML
command DISPEXDDAT or ask the administrator of the NE.
CUG indexing activated. For EWSD switches, version V13A and higher, for hiQ/E9200. CUG
indexing is a security feature.
If CUG indexing is activated, it is used on the NE for creating observations. If CUG indexing is to be
used, the CUGs index must be administered on the NE and the corresponding flag must be set in the
LI options on this NE (to find out, start the MML console and enter the MML command DISPLIOPT or
ask the administrator of the NE). On the LIOS side, this flag must be set and, in addition, the CUGs
must be administered with the same index that has been defined on the NE (managing CUGs belongs
to the tasks covered by the LEA Administration).
Ticket buffer management activated. Optional parameter for EWSD switches, version V13A and
higher, and for hiQ/E9200. Ticket buffer management activated refers to the respective NE and not to
LIOS as a whole. Ticket buffer management means that, if LI tickets have not been sent to LIOS for
more than 24 hours because of a broken connection between the NE and LIOS, they are stored in a
ticket buffer file on the NE. As soon as the connection is repaired, the ticket buffer file is retrieved by
LIOS.
Prerequsites for ticket buffer management:
On the NE: the ticket buffer file (= ticket file in EWSD and hiQ/E9200) flag has to be set in the LI
options and a file group has to be created for the ticket buffer file, protected by a file group password.
In the LIOS system: the ticket buffer flag must be set and the FT application data must be
administered for this NE.
Since ticket buffer files are retrieved from the NE via FT (see 3.4.7), general timers and counters can
be set (see 3.4.1).
NE identification number. Optional parameter for NEs of EWSD, version V13A and higher, and for
hiQ/E9200. Value range: 1 to 65535. The NE identification number should be chosen so that it is
unique within the network. The NE identification number is not administered on the NE but it can be
specified in the parameters of an observation. If so, it is contained in the LI tickets of the observation
and it can be used by LEAs to identify the NE from which the LI tickets have originated. See also NE
identification number in LEA Administration, LEA data wizard, Observation parameters.
Do not confuse the NE identification number with the NE ID as part of the ETSI ticket parameters (see
3.4.6.3).
NE directory number. Optional parameter for NEs of EWSD version V13A and higher, and for
hiQ/E9200. It specifies a virtual NE directory number. The NE directory number should be chosen so
that it is unique within the network (it should include the local area code). This number is not
administered on the NE but it can be specified in the parameters of an LEA. If so, it is sent as a CLIP
number to the LEA when the call content is sent. The LEA can immediately identify the NE that is
connecting to the LEA equipment to send call content. 1 to 18-digit hexadecimal number; accepted
values: 0 to 9, A to F, * and #. See also CLIP DN in LEA Administration, LEA data wizard,
Observation parameters.
ETSI V2 allowed. Only for EWSD V17 and V18 / hiE9200 V3 and V3.2. Selection of the ETSI_V2
signaling schemes is allowed. The corresponding LI property must be set on the NE.
TR TKUE 40 active. Only for EWSD V17 and V18 / hiE9200 V3 and V3.2. The NE uses the German
variant of ETSI_V2. If you select this check box, also ETSI V2 signaling must be selected. The
corresponding LI property must be set on the NE.
Transport system
Specify whether IP or X.25 should be used. IP is only supported by EWSD V15 and higher, by hiQ/E9200
and by hiQ4200/8000; for hiQ4200/8000 IP is mandatory. Depending on your selection, the appropriate
input fields are provided.
A30828-X9410-B082-35-7619
53/185
54/185
A30828-X9410-B082-35-7619
A30828-X9410-B082-35-7619
55/185
Figure 3-26: NE data wizard Call content routing properties (Huawei C&C08)
Notifications and alarm messages can be sent by a Huawei C&C08 switch to up to three Huawei
monitoring centers (MC). Call content and LI tickets can be sent to a greater number of LEAs. However,
each LEA set up in the LIOS system has be associated with one of these MCs. For setting up an MC, the
following information is necessary:
56/185
A30828-X9410-B082-35-7619
A30828-X9410-B082-35-7619
57/185
Transport system
The following parameters are mandatory:
IP address. This IP address is used for communication LIOSNE.
IP port. This port number is used for the communication LIOSNE.
Accepted input: 165535
The following three parameters (Huawei NE ID, User name and Password) are necessary for
authentication:
Huawei NE ID. Enter a user-defined Huawei NE ID.
Maximum length: 40 decimal digits. Accepted input: 0..9.
User name. Enter a user-defined user name. Maximum length: 32 characters.
Accepted input: 0..9, a...z, A...Z, %, ., #, *, +, ", !, $, (, ), <, >, _, /, -, ?, :, ;, =, &.
Password. Enter a user-defined password. Maximum length: 32 characters.
Accepted input: 0..9, a...z, A...Z, %, ., #, *, +, ", !, $, (, ), <, >, _, /, -, ?, :, ;, =, &.
Authorization data
To give a LIOS operator group access to the NE, select the corresponding checkbox in the Access
permitted column next to the Operator group. To deny access, unselect the checkbox.
The none group is always selected (you cannot unselect it); it is needed by the LIOS services.
3.4.6.10 Parameters for IP (Siemens IN@vantage)
58/185
A30828-X9410-B082-35-7619
Communication parameters
All parameters are mandatory:
IP address. IP address used for LIOSNE communication.
Accepted input: IP address format (4 times 0255 separated by dots, e.g.: 155.12.0.104).
IP port. Port number used for LIOSNE communication.
Accepted input: 165535.
Allowed incomming IPs. IP addresses used for NELIOS communication; separate IP addresses with a
comma. If the NE uses only one IP address for LIOSNE and NELIOS communication you can leave
this field empty.
Transaction timer (sec). Maximum time in seconds that LIOS will wait for the response to a
command sent to the switch.
Accepted input: 303600.
Server path. HTTP context string, which will be used to create an URL for communication with the
Siemens IN@vantage switch. In the URL this string appears after the IP address and IP port.
Maximum length: 256 characters.
Accepted input: a...z, A...Z, 0..9, /_.
Authorization data
To give a LIOS operator group access to the NE, select the corresponding checkbox in the Access
permitted column next to the Operator group. To deny access, unselect the checkbox.
A30828-X9410-B082-35-7619
59/185
The none group is always selected (you cannot unselect it); it is needed by the LIOS services.
3.4.6.11 Authorization data (Nortel/LIM)
To give a LIOS operator group access to the NE, select the corresponding checkbox in the access
permitted column next to the operator group name. To take away access, unselect the checkbox.
The none group is always selected (you cannot unselect it). It is needed by the LIOS services.
3.4.6.12 Applications
60/185
A30828-X9410-B082-35-7619
LID. Lawful Interception Data, to be configured for an NE to enable the NE to send LI tickets and LI-NE
alarms to LIOS. If LIOS is running in Admin mode, LID is used only for the sending of LI-NE alarms.
FT. File Transfer, to be configured for an NE (EWSD, version V13A and higher, and hiQ/E9200) to enable
LIOS to retrieve the data stored in LI ticket buffer files from the NE. Ticket buffer files contain LI tickets
that could not be sent to LIOS through the LID application, e.g. because of a broken connection.
EFD. Only for Siemens EWSD and hiQ/E9200. Event-forwarding discriminator, to be configured for an NE
to enable LIOS administrators to manage EFDs on the NE. EFDs are used to determine the primary and
the secondary LIOS server. Once EFDs have been defined, LIOS servers can receive LI tickets and LI
NE alarms.
If LIOS is running in Admin mode, EFD is used only for sending LI NE alarms.
3.4.7
A30828-X9410-B082-35-7619
61/185
62/185
A30828-X9410-B082-35-7619
A30828-X9410-B082-35-7619
63/185
64/185
A30828-X9410-B082-35-7619
All NE user IDs must also be configured by the NE administrator on the NE.
First enter an NE user ID (account), then enter the password and the password options.
Password / Confirm. Password for the NE user ID. Maximum length and characters allowed depend
on the NE type. For EWSD, version V13A and higher; for hiQ/E9200; and MSC, the length has to be
from 4 to 24 characters, with the following characters allowed: uppercase and lowercase characters,
digits, and the special characters % . # * + " ! $ ( ) < > , _ / - ? : ; = &. The NE password has to
contain at least one letter, one digit and one special character.
For Alcatel S12, the length has to be from 6 to 12 characters, with the following characters allowed:
uppercase and lowercase characters, digits, and the special characters % . # * + " ! $ ( ) < > , _ / - ? :
; = &. There is no special constraint on the content of the NE password.
How to add a password: enter a password, repeat it and press the Add button; finally press OK.
How to modify a password: select the option button in the Order column; the password is
automatically copied to the Password and Confirm fields; edit the password in both fields; finally
press OK.
Replay-protected password enabled. See replay-protected password enabled, above.
Cyclic password change enabled. To enable cyclic password change, select this checkbox.
Cyclic password changing
To log in to an EWSD, hiQ/E9200, MSC or S12 switch, an NE user ID and a password are required.
The password has to be changed after some time, according to the settings of the NE.
A30828-X9410-B082-35-7619
65/185
Cyclic password changing lets LIOS do the password changing for you. For each NE enter the initial
password (to be obtained from the NE administrator) and at least three passwords of your own choice.
Select the Cyclic password change enabled checkbox. When LIOS receives a password expired
answer when accessing the NE, it automatically replaces the password with the next password in the
list; when it has arrived at the last password in the list, it starts again with the first one (leaving out the
initial password).
A check mark in the Valid column identifies the password that is currently valid on the NE. A checkmark in the Initial column identifies the password that was first provided by the NE administrator.
With the push button functions you can manage passwords. The Show passwords button enables
you to view the passwords.
Push buttons:
Add. The password entered in the Password field is added to the table.
Modify. The password entered in the Password field replaces the selected password.
Remove. The selected password is removed.
Set valid. The selected password will be the valid password.
Set initial. The selected password will be marked initial.
As a rule, the initial password will be the password originally provided by the NE administrator.
The initial password will be used for cyclic password changing.
Show passwords/Hide passwords (toggle button). Passwords are displayed in clear text.
Press this button before you make any modifications and hide passwords after that again.
OK. Your input is accepted and the form is closed.
Cancel. Your input is discarded and the form is closed.
Help. Online help is provided.
3.4.7.8 Authorization data
66/185
A30828-X9410-B082-35-7619
Since LIOS normally uses two LIOS servers, you can define two NE user IDs for each LIOS operator
group this will enable both LIOS servers to send MML commands simultaneously, which enhances
system speed.
It is recommended to use different NE user IDs for different LIOS operator groups.
Type here refers to the communication with the NE by means of MML. Single type means that only one
NE user ID has been specified for each LIOS operator group, regardless of the actual number of LIOS
servers in the system. Parallel type means that two NE user IDs have been specified for each LIOS
operator group.
If you are working with a single LIOS system (one LIOS server), you only need one NE user ID for each
LIOS operator group.
3.4.7.9 MMLCM authorization data
A30828-X9410-B082-35-7619
67/185
3.4.7.10
FT authorization
FT Authorization form
68/185
All NE user IDs must also be configured by the NE administrator on the NE.
A30828-X9410-B082-35-7619
3.4.8
Reset passwords
A30828-X9410-B082-35-7619
69/185
70/185
A30828-X9410-B082-35-7619
Table
The table provides you with an overview of OS information; it does not contain all details. For a detailed
view, click on the OS server name (hyperlink) in the first column.
Table columns
OS server name. Name of the server of the operation system which is to communicate with LIOS.
Active. OS server activation information.
OS server activated.
OS server not activated.
OS server need not to be activated.
OS server type. Type of operation system.
OS server version. Version of operation system.
Connection checked. State of the connection check.
Running since <date time>. Connection check is in proggess (running). Start date and start
time of the connection check is displayed. After the check is finished the state of the
connection check will be changed. The following states are possible (not OK, OK and Check
not supported)
<date time>. Connection to the NE is not OK. Date and time of the connection check is
displayed.
<date time>. Connection to the NE is OK. Date and time of the connection check is
displayed.
Check not supported. Connection check to the corresponding NE is not supported.
Actions. These actions affect only the individual record. The scope of actions available depends on
the OS server type you are working with.
Modify OS server. The OS Server data wizard (see 3.5.1) is started, where you can modify
the OS server record.
Copy OS server. The OS Server data wizard is started. It contains the values of the selected
OS server record. You can modify these values at least you have to enter a new OS server
name.
Delete OS server. The OS server record is deleted.
Before the record is actually deleted, you will be prompted for confirmation.
3.5.1
Setting up OS servers
The sequence of forms provided for setting up OS servers varies by OS server type. The following
sections show you the sequence for each type and offer you cross references to the relevant information.
3.5.1.1
KCC LIM
A30828-X9410-B082-35-7619
71/185
3.5.1.3
Utimaco IMS
72/185
A30828-X9410-B082-35-7619
3.5.2
The OS Server data wizard is provided for creating and for modifying an OS server record.
73/185
Figure 3-47: NE data wizard, transport system - Mediation Device (Siemens IP)
Transport system
All parameters are mandatory:
IP address. IP address of the Mediation Device (MD) - used for LIOSMD communication.
Accepted input: IP address format (4 times 0255 separated by dots, e.g.: 155.12.0.104).
IP port. Port number used for LIOSMD communication.
Accepted input: 165535
OS server user IDs. It specifies the ID under which the selected LIOS operator group will communicate
with the mediation device (= NE).
Minimum length: 1 character.
Maximum length: 20 characters.
Accepted input: 0..9, a...z, A...Z and % . # * + " ! $ ( ) < > , _ / - ? : ; = &.
Password. Enter a user-defined password. Maximum length: 32 characters.
Minimum length: 1 chaacters.
74/185
A30828-X9410-B082-35-7619
Figure 3-48: OS server data wizard Transport system and OS server user IDs (IMS)
Transport system
IP address. IP address of the primary OS server (IMS) to open a RAI connection.
IP port. Port number of the primary OS server to open a RAI connection.
Backup IP address. IP address of the backup IMS server (secondary OS server) to open a RAI
connection.
Backup IP port. Port number of the backup IMS server (secondary OS server) to open a RAI
connection.
3.5.2.4
To add an OS server user ID, press New; to modify an OS server user ID, select an OS server user ID
and press Modify: the OS server user ID form is displayed. To delete an OS server user ID, press Delete.
A30828-X9410-B082-35-7619
75/185
A30828-X9410-B082-35-7619
password in the list; when it has arrived at the last password in the list, it starts again with the first one
(leaving out the initial password).
A check-mark in the Valid column identifies the password that is currently valid on the OS server. A
check-mark in the Initial column identifies the password that was first provided by the OS server
administrator.
With the push button functions you can manage passwords. The Show passwords button enables you to
view the passwords.
Push buttons:
Add. The password entered in the Password field is added to the table.
Modify. The password entered in the Password field replaces the selected password.
Remove. The selected password is removed.
Set valid. The selected password will be the valid password.
Set initial. The selected password will be marked initial.
As a rule, the initial password will be the password originally provided by the OS server
administrator.
The initial password will be used for cyclic password changing.
Show passwords/Hide passwords (toggle button). Passwords are displayed in clear text.
Press this button before you make any modifications and hide passwords after that again.
3.5.2.5
A30828-X9410-B082-35-7619
77/185
Type here refers to the communication with the OS server by means of MML. Single type means that
only one OS server user ID has been specified for each LIOS operator group, regardless of the actual
number of LIOS servers in the system. Parallel type means that two OS server user IDs have been
specified for each LIOS operator group.
If you are working with a single LIOS system (one LIOS server), you only need one OS server user ID for
each LIOS operator group.
Figure 3-51: OS server data wizard MMLCM authorization data form (IMS)
In this form you can establish a logical connection between OS server user IDs and LIOS operator
groups.
If a LIOS operator group has active observations on an OS server, you cannot remove the connection of
the LIOS operator group with the OS server user ID.
LIOS operator group. Mandatory parameter, which identifies the LIOS operator group.
Each LIOS user can send individual MML commands to the OS server. For this purpose the MML
console is provided. In this context, LIOS uses the group none to get access to the OS server,
regardless of the group the LIOS operator belongs to. This means that you have to add an OS server
user ID and an OS server password also for the LIOS group none.
OS server user ID. Mandatory parameter. The OS server user ID is normally used for the
communication with the OS server from the primary LIOS server.
3.5.2.6
78/185
A30828-X9410-B082-35-7619
To assign a new IMS LEA name, enter the name in the input field (115 characters; all characters
accepted except comma (,), double quote (), tab stop and blank) and press Define: the name is copied to
the list below.
To modify an IMS LEA name, select the record (radio button) you wish to modify the IMS LEA name is
automatically copied to the IMS LEA name field enter the new name into the input field and press
Modify: the old name is replaced with the name you have just entered.
To delete an IMS LEA name, select the record and press Delete. You can delete an IMS LEA name only
if there are no observations on the OS server which refer to it.
3.5.3
Activate/Deactivate OS servers
Waiting
Processing
OK
Failed
The table at the bottom of the window shows you for each OS server type how many ports are covered by
the LIOS license (licensed ports), how many have already been set up (used ports) and how many can
A30828-X9410-B082-35-7619
79/185
still be set up (free ports). If you exceed the number of ports, the current LIOS license will expire after 20
days; a message is displayed to this effect, and the expiration date is stated.
Push buttons:
Refresh. The data is read from the database and the table is updated.
Activate. The OS server selected in the table is activated.
Deactivate. The OS server selected in the table is deactivated.
Abort. The activation/deactivation job is aborted. You can abort a job if there is no response from the
OS server.
Close. The form is closed.
Help. Application-specific online help is provided.
If OS server activation fails, a hyperlink appears in the Reason column. If you click on the hyperlink, the
OS servers response is displayed, which tells you the reason for the failure.
3.5.4
OS server filter
If you wish to reduce the number of records to be displayed, you can define a filter. If a field is empty or
not selected, it has no influence on the filtering process.
80/185
A30828-X9410-B082-35-7619
A30828-X9410-B082-35-7619
81/185
OS Server data wizard). Specify each application separately for each LIOS server to be set up.
Delete LIOS servers. Selected LIOS servers are deleted.
Before you can use this command, you must select LIOS server records. Records will only be deleted
upon confirmation.
Filter. A filter form is displayed, where you can specify which LIOS servers should be displayed, and
define sorting options.
Select/unselect all. All records in the table are selected (checkboxes in the first column) or, if all have
been selected previously, they are unselected.
For the commands Refresh, Print, Export and Help see general application commands in Section
3.1.1.3.
Table
The table provides you with an overview of LIOS server information; it does not contain all details. For a
detailed view, click on the LIOS server name (hyperlink) in the first column.
Table columns
LIOS server name.
Transport systems. Transport system through which the LIOS server can communicate with NEs and
OSs. IP, X.25 or both.
Packet size. Maximum packet size at which flow control negotiation will start when an X.25
connection is established. Default value is 1024.
Window size. Maximum window size at which flow control negotiation will start. Default value is 7.
Reverse charging. This field specifies who pays for an X.25 connection. As a rule, the party who has
initiated the connection pays for it. If LIOS is operated by an organization other than the telephone
company who owns the NE, reverse charging can possibly be set to On. Default is Off.
Actions. These actions affect only the individual record.
Modify LIOS server. The LIOS server data wizard (see 3.6.1) is started, where you can
modify the LIOS server record. The LIOS server name cannot be changed the corresponding
field is read-only.
Copy LIOS server. The LIOS server data wizard is started. It contains the values of the
selected LIOS server record. You can modify these values at least you have to enter a new
LIOS server name.
Delete LIOS server. The LIOS server record is deleted..
3.6.1
To start the LIOS server data wizard, select new LIOS server, modify LIOS server or copy LIOS
server.
The LIOS server data wizard enables you to add, modify or copy a LIOS server record and to set up
applications for the LIOS server.
The LIOS server data wizard enables you to set LIOS server communication parameters according to the
applications used. Specify the local communication parameters for the applications MMLCM, LID and
EFD (for the configuration of remote parameters use the NE data wizard, Section 3.4.6). Specify each
application separately for each LIOS server that uses the application.
The LIOS server data wizard contains three forms for the administration of the local connection data.
Data that was entered for setting up an application and that is also needed for another application is
automatically taken over to the respective forms and need not be entered again.
82/185
A30828-X9410-B082-35-7619
General data
A30828-X9410-B082-35-7619
83/185
APPLICATIONS
84/185
A30828-X9410-B082-35-7619
General section
Specify the application you wish to set up. In addition, you specify a port number of the Symicron X.25
links on the LIOS server that should be used for outgoing connections.
Application. Mandatory parameter. It identifies the application type (MMLCM, EFD, LID). Select an
application from the list provided.
Port number for LIOS server. Mandatory parameter (only for MMLCM and EFD). It identifies the port
number of the Symicron X.25 link on the LIOS server that should be used for outgoing connections
(default is port 0).
OSI section
Enter the OSI parameters for the application with relevance to the NE/OS server: transport selector,
session selector, presentation selector and application entity title. Make sure that you enter exactly the
same parameters that have been specified on the NE/OS server.
The following selector addresses are mandatory OSI layer parameters for the NE/OS server
communication through Q3 (for MMLCM, EFD and LID):
Transport selector. Mandatory parameter. It identifies the transport layer (OSI layer 4).
Accepted input:
Hexadecimal: maximum length: 4 digits.
Session selector. Mandatory parameter. It identifies the session layer (OSI layer 5).
Accepted input:
Hexadecimal: maximum length: 4 digits.
Presentation selector. Mandatory parameter. It identifies the presentation layer (OSI layer 6).
Accepted input:
Hexadecimal: maximum length: 4 digits.
Application entity title. Mandatory parameter for the application layer (OSI layer 7). The application
entity title uniquely identifies an application (MMLCM, LID or EFD) within the system. It consists of the
application process title (mandatory, containing system title and APQ application program
qualifier, 4 digits max.) and the AEQ (application entity qualifier, optional, decimal number, 4 digits
max.).
The system title contains an object identifier consisting of decimal numbers separated by dots (.);
value range: 0 to 9999999. 10 components max, 2 components min. Value range: for 1st component:
0, 1, 2; for 2nd component: 0 to 39. Maximum lengths: 30 digits.
For the whole application entity title (system title + APQ + AEQ): 10 components max.
Network element
Version
Siemens EWSD
Version 1, 3, 3.2
Siemens IN@vantage
Version 7.5 FN
Version 3.5
Huawei GSM
85/185
From LIOSs point of view, NEs can be organized in NE networks. NE networks are essential for
observing mobile-network subscribers; they are also needed for the monitoring of foreign directory
numbers (FDN) or inside an intelligent network (IN) on fixed-network elements. NE networks allow LIOS
operators to set up observations on each NE of the entire NE network specified by issuing only a single
observation.
An NE network can only contain NEs of the same type. It can, however, contain NEs of different versions.
An NE that is shared by several providers cannot be added to an NE network.
LIOS operator groups that have access to the NE network must have been set up as MMLCM users on
each NE of the NE network (see 3.4.7). Please also bear this in mind when you add an NE to an existing
NE network.
A Siemens EWSD version 13A can only be added to a network if such a network contains no active INobservation.
If an NE has been a member of this NE network before and, for some reason, still has child observations
pertaining to the NE network, the child observations must be canceled first. This can only be done by a
LIOS operator who is a member of the LIOS operator group that owns the NE network observations.
The NE network data form (see 3.7.1) is displayed, where you can specify NE network type, NE network
name, NE network members and NE network user authorization.
For more information see Host Administration, NEs (Section 3.4).
When you start Host Administration, NE Networks, the data displayed reflects the default filter settings. If
you wish to see another selection of data, select the Filter command from the application commands bar.
A filter form appears where you can specify criteria for the data to be displayed.
A30828-X9410-B082-35-7619
For the commands Refresh, Print, Export and Help see general application commands in Section
3.1.1.3.
Table
The table provides you with an overview of NE network information; it does not contain all details. For a
detailed view, click on the NE network name (hyperlink) in the first column.
Table columns
NE network name. Name of NE network.
NE network type. The NE network types listed in the pull-down menu depend on the license. It can be
e.g. Siemens Fixed (comprising EWSD and hiQ/E9200), Siemens Mobile (MSC),
Actions. These actions affect only the individual record.
Modify NE network. The NE network data form (see 3.7.1) is opened, where you can modify
the NE network record. The NE network name cannot be changed the corresponding field is
read-only.
Copy NE network. The NE network data form is opened. It contains the values of the selected
NE network record. You can modify these values at least you have to enter a new NE network
name.
Delete NE network. The NE network record is deleted. An NE network can only be deleted if it
contains no NEs.
3.7.1
To open the NE network data form, select new NE network, modify NE network or copy NE network.
A30828-X9410-B082-35-7619
87/185
NE network type. The NE network types listed in the pull-down menu depend on the license. It can be
e.g. Siemens Fixed (comprising EWSD and hiQ/E9200), Siemens Mobile (MSC),
Select a type from the pull-down list.
Table columns
Member. If the checkbox is selected (check mark), the NE is a member of the NE network. To
add or remove an NE, select or unselect the checkbox.
If an NE is added to an NE network, child observations of observations set up on the NE network
are automatically created on the NE.
If an NE is removed from the NE network, child observations of observations set up on the NE
network are automatically canceled (cleaned) on the NE.
NE name. It shows the names of all NEs of the selected NE type which are active and have just
one provider assigned.
Operator groups. All LIOS operator groups that have access to the NE are shown here.
Access to NE network. LIOS operator group who is authorized to access the NE network.
Restrict button. The Access to NE network form is displayed, where you can restrict NE network
access to only a selection of LIOS operator groups.
However, if a LIOS operator group still owns network observations, NE network access rights cannot
be taken from it (observations should be taken over by another LIOS operator group).
88/185
A30828-X9410-B082-35-7619
A30828-X9410-B082-35-7619
89/185
Application commands
New LEA. The LEA data wizard (see 3.8.2) is started, where you can enter the data for the new LEA
to be set up.
Delete LEAs. Selected LEAs are deleted.
Before you can use this command, you must select one or more LEA records. Records will only be
deleted upon confirmation.
A LEA record can only be deleted if there are no active and no archived observations associated with
it. Observations can only be deleted by the LIOS supervisor.
Communication settings. The Communication Settings form (Figure 3-85) is displayed, where you
can set timers and counters for further attempts of LI ticket transfer to LEAs in case of error. The
communication settings control the transfer to all LEAs; settings for individual LEAs are not possible.
Filter. A filter form (Figure 3-64) is displayed, where you can specify which LEAs should be displayed,
and define sorting options.
Select/unselect all. All records in the table are selected (checkboxes in the first column) or, if all have
been selected previously, they are unselected.
For the commands Refresh, Print, Export and Help see general application commands in Section
3.1.1.3.
Table
The table provides you with an overview of LEA information; it does not contain all details. For a detailed
view, click on the LEA name (hyperlink) in the first column.
The name of a default LEA (see 3.8.2) is rendered in bold print.
Table columns
LEA name. LEA name.
Phone. LEA phone number provided in case ticket routing to the LEA is not working.
Address. LEA address provided in case ticket routing to the LEA is not working.
LEA ID on NEs/OSs. Number (generated by LIOS) by which a LEA is known to NEs and OSs. 6-digit
decimal number.
Actions. These actions affect only the individual record.
Modify LEA. The LEA data wizard (see 3.8.2) is started, where you can modify the LEA
record. The LEA name cannot be changed the corresponding field is read-only.
Copy LEA. The LEA data wizard is started. It contains the values of the selected LEA record.
You can modify these values at least you have to enter a new LEA name.
Delete LEA. The LEA record is deleted.
Check LEA modification. The result of a LEA modification on NEs and OSs is checked and
presented in a report. (See 3.8.4.)
3.8.1
LEA filter
If you wish to reduce the number of records to be displayed, you can define a filter. If a field is empty or
not selected, it has no influence on the filtering process.
90/185
A30828-X9410-B082-35-7619
The LEA data wizard is provided for creating, modifying and copying LEA records.
NOTICE REGARDING EWSD AND hiQ/E9200:
Lower-case letters as parts of MML commands and parameters are not accepted by EWSD and
hiQ/E9200; the only exceptions are passwords.
3.8.2.1 LEA identification
A30828-X9410-B082-35-7619
91/185
92/185
A30828-X9410-B082-35-7619
3.8.2.2.1
Figure 3-67: LEA data wizard EWSD and hiQ/E9200 observation parameters
LEA identification on NEs. Read-only field. Number (generated by LIOS) by which a LEA is known to
NEs. 6-digit decimal number.
DN of LEA (call content). Mandatory parameter. Nationally significant directory number (LAC and DN) of
the LEA for the transmission of the call content.
1 to 24 hexadecimal digits accepted, where B is interchangeable with * and C is interchangeable with #.
DN of ticket connection. Mandatory parameter. Nationally significant directory number (LAC and DN) of
the LEA. 1 to 24 hexadecimal digits accepted, where B is interchangeable with * and C is interchangeable
with #.
Remark: Since LI tickets are not sent directly from an NE to a LEA, this number is not used for sending LI
tickets but it serves as a unique identification for a LEA in the LIOS system. This number is sent together
with the LI ticket from an NE to LIOS and enables LIOS to identify the LEA that should get the LI ticket (LI
tickets are sent from LIOS to the LEA through FTAM or FTP by using the OSI and X.25 addresses or the
IP address specified in the Transfer Protocol and Transport System forms). It is recommended to enter
here the same number as for the DN of LEA field. Once the LEA has been created, this parameter
cannot be modified.
Overflow DN (call content). Optional parameter. Nationally significant directory number (LAC and DN) of
the overflow destination for call content data. 1 to 24 hexadecimal digits accepted. Once the LEA has
been created, this parameter cannot be modified.
Length of LAC. Number of LAC digits; only for charging purposes.
Version of LI tickets. Version of the LI tickets: RECV12 (EWSD V12 and higher, hiQ9200 V4 and higher,
and hiE9200 V1 and higher), RECV13 (EWSD V13A and higher, hiQ9200 V4 and higher, and hiE9200 V1
and higher), RECV14 (EWSD V14A and higher, hiQ9200 V4 and higher, and hiE9200 V1 and higher) and
RECV17 (EWSD V17/V18 and hiE9200 V3/V3.2).
REMARK: For referring to ticket (record) layout, other names are used: record version 1 (corresponds to
RECV12), record version 2 (RECV13), record version 3 (RECV14) and record version 4 (RECV17). For
details see [4].
Version of signaling (call content). Version of signaling information in the call content connection:
SUBADD-SIGV12 (EWSD V12 and higher, hiQ9200 V4 and higher, and hiE9200 V1 and higher),
SUBADD-SIGV13 (EWSD V13A and higher, hiQ9200 V4 and higher, and hiE9200 V1 and higher),
A30828-X9410-B082-35-7619
93/185
SUBADD-ETSIV2 and UUS1-ETSIV2 (the latter two only for EWSD V17/V18 and hiE9200 V3/V3.2).
For SUBADD-ETSIV2 and UUS1-ETSIV2 the appropriate LI properties have to be set on the NE.
CUG name. Optional parameter. To assign the LEA to an LI CUG, select an LI CUG name from the pulldown list. If the CUG indexing activated flag has been set in the NE data, the LI CUG is referenced by an
index; if not, it is referenced by the LI CUG parameters interlock code and the network identification code.
Ticket output format. Ticket Conversion is an optional feature. It enables ticket output in the formats
Native (i.e. Siemens binary), Siemens ASCII, ETSI V2.1 (i.e. ticket format according to ETSI Standard
ES 201 671 V2.1), ETSI V2.12 National D (i.e. ETSI V2.12 with national parameters for Germany, based
on ETSI TS 101 671 V2.12.1 (2005-08)), ETSI V2.1 National A (i.e. ETSI V2.1 with national parameters
for Austria and with file naming method A applied) or Ticket Header V1. Not all ticket formats may be
available in the LIOS system you are working with (license-specific restriction). If Ticket Conversion is not
available, tickets are output as Siemens binary, which is the EWSD and hiQ/E9200 ticket format.
Transmission (Transmission mode):
Choose whether intercept-related information should be sent to the LEA through Q3 as LI tickets or in
band (INB).
Q3. Intercept-related information will be sent to the LEA as LI tickets through a Q3 interface.
ETSI HI3 encoding for EWSD V15&V16. If the network provider has EWSD V15 (hiE9200 V1) or EWSD
V16 (hiE9200 V2) switches and the call content is to be transmitted to the LEA in ETSI format, select
this checkbox. HI3 encoding can only be activated in connection with Q3.
INB (in-band IRI transmission). Transport of IRI (intercept-related information) and call content through
the same channel. If INB is used, no LI tickets are generated and there is no link for LI tickets between
LIOS and the LEA the intercept-related information is sent by the NE to the LEA together with the call
content over ISDN.
For EWSD V12, in-band IRI transmission is optional, for EWSD V11 and lower it is mandatory.
Inband RP 1. Inband reduced protocol 1 (specified for EWSD V.11). Before you can select INBRP1, you
must select INB.
Inband RP 2. Inband reduced protocol 2 (specified for EWSD V.10) with additional information
concerning the call identity used. Before you can select INBRP2, you must select INB.
NE identification number. If this checkbox is selected, the NE identification number (see Host
Administration, NE data wizard) will be transmitted to the LEA, as part of the LI ticket. For NEs of the type
Siemens EWSD, version V13A and higher, and hiQ/E9200.
COLP (connected line identification presentation) feature. If this checkbox is selected, the call
content connection will be protected through the COLP feature.
Explanation: Before the EWSD or hiQ/E9200 switch routes the call content to the LEA, it checks whether
the directory number to receive the call content is indeed identical with the number entered under DN of
LEA (call content). If the DN of the LEA has been rerouted or if a switching error has occurred, the call
content will not be sent.
Single connection (call content). If this checkbox is selected, the call content information will be
transmitted via a single 64-kbit connection to the LEA as the sum of information of the call contents of
user A and user B. If the checkbox is not selected, the A-side and B-side call content information will be
transmitted separately through two 64-kbit connections. (If the version of signaling is SUBADD-ETSIV2
or UUS1-ETSIV2, single connection is not possible.)
CLIP (calling line identification presentation) DN. For NEs of the type Siemens EWSD, version V13A
and higher, and for hiQ/E9200. This parameter specifies whether a virtual directory number (incl. LAC) of
the NE is to be displayed on the LEA telephone set.
94/185
A30828-X9410-B082-35-7619
3.8.2.2.2
A30828-X9410-B082-35-7619
95/185
3.8.2.2.3
96/185
A30828-X9410-B082-35-7619
Call identification. To each intercepted call a unique number (call identification) will be given. This
number will be added to the call content and LI tickets, thus enabling the LEA to put call content and
tickets together (correlation information). Enhanced signaling must be active. Call identification is
recommended.
Unrestricted digital info. Unrestricted digital information 64 kbit. The transmission of unrestricted 64-kbit
digital information in a call to the LEA is supported. Check if any type of ETSI signaling is used (LI option
UDI has to be activated on the used NE).
DTMF (dual tone multi frequency) tones. DTMF tones allowed in call content transmitted to LEA.
Interception of DTMF in tickets (call data channel CDC).
This feature enables a law enforcement agency (LEA) to receive on the call data channel digits dialed by
the monitored subscriber. These post-cut-through digits are digits dialed or signaled by the intercepted
subject after the initial call setup is completed and the call path is cut-through in both directions at the IAP
(internet access provider) switch.
Select this checkbox if the LEA terminal can handle DTMF.
ETSI signaling. Not applicable for SR9. Optional parameter. If ETSI signaling is checked, ETSI handover
interface (ETSI V2) will be used for call content and for the IRI records. For ETSI signaling type, choose
one of the following options:
User to user service information (UUS1-ETSIV2).
Subaddressing (SUBADRR-ETSIV2).
Note: If ETSI is used, the LI option ETSIHI has to be active on the NE. If Enhanced signaling is turned
on, ETSI signaling can not be used.
Location area Code(s). This parameter defines all LACs in which a LEA is allowed to monitor
intercepted subscribers. Maximum of 25 LACs can be entered (one by one with & sign or in an interval
with && sign or value X for all LACs of the related NE.
Use this parameter only if on the relevant NEs the feature Location dependant interception is activated.
Forwarded to number country code. Intercepted calls forwarded through GMSC (Gateway MSC) can
be monitored only if the LEA has the appropriate country code assigned. If you leave this parameter
blank, such calls will not be monitored. Maximum of 30 country codes can be assigned to one LEA (one
by one with & sign or in an interval with && sign). For assigning all country codes value X has to be
entered for this parameter.
Use this parameter only if Location dependant interception is activated on the relevant NEs
3.8.2.2.4
97/185
98/185
A30828-X9410-B082-35-7619
The observation group ID of a LEA is unique within the system. A LEA is identified through the same
observation group ID by all EWSD, hiQ/E9200 and MSC switches .
The TAXDN is kept on the individual S12 switch and has to be entered in the LIOS system.The DN
of virtual subscriber is different on every Alcatel S12 switch, although it identifies the same LEA.
Enter the DNs of virtual subscribers for all switches that should have a connection with the LEA you
are setting up. The field names in this form correspond to the S12 switches that have been created in
the Host Administration. A DN must comprise at least 4 digits and as a maximum 16 digits; each digit
must be in the range of 0 to 9 and A to E. The DN of virtual subscriber must be in national format, i.e.
with area code but without area code prefixes (such as a leading 0). It is used for charging purposes,
i.e. to charge the LEA for the call content (CC) links.
A DN of virtual subscriber can be modified only if there are no active observations associated with it.
3.8.2.2.6
Huawei Fixed
For the delivery of notifications and alarm messages, Huawei C&C08 switches can handle a maximum
of three LEAs, referred to as Huawei monitoring centers. Up to three Huawei monitoring centers
(MC0, MC1 and MC2) have been set up on every Huawei C&C08 switch for this purpose (by the LIOS
administrator, with the NEs sub-application of the Host Administration). For the delivery of call content
and LI tickets, Huawei switches can handle far more LEAs. Each LEA, however, has to be associated
with a Huawei monitoring center, which actually receives notifications and alarms messages.
Huawei Fixed observation parameters
A30828-X9410-B082-35-7619
99/185
LIOS server. This is the server that receives IRI records from the Huawei switch. Choose one of the
LIOS servers from the combo box.
HI2 IP address. This field is read-only and is automatically filled with IP address of the chosen HI2
server.
Other LEA-specific settings, e.g. COLP, concern the Huawei monitoring center itself. They cannot be
made in this form but in the LIOS Host Administration/NEs sub-application (by a LIOS administrator).
3.8.2.2.7
Huawei LEA ID. Read-only field. Number (generated by LIOS) by which a LEA is known to NEs.
DN of LEA (call content). Mandatory parameter. Nationally significant directory number (LAC and
DN) of the LEA for the transmission of the call content.
Maximum length: 30 decimal digits.
Accepted input: 0..9.
DN of LEA (video content). Optional parameter. Nationally significant directory number (LAC and
DN) of the LEA for the transmission of the video content.
Maximum length: 30 decimal digits.
Accepted input: 0..9.
Ticket output format. ETSI and Native format are supported. ETSI is the standard format. Native is
the original ticket format as received from the Huawei GSM switch. The entries in the pull-down menu
of the output format depend on the License.
Output mode. It is possible to select Combined or Split. Combined means that the call content
information will be transmitted to the LEA as the sum of information of the call contents of user A and
user B. Split means that the A-side and B-side call content information will be transmitted separately to
the LEA.
100/185
A30828-X9410-B082-35-7619
3.8.2.2.8
Figure 3-75: LEA data wizard Mediation Device (Siemens IP) observation parameters
This form is provided for specifying the delivery data of the LEA, i.e. IP address, port and protocol to be
used.
LEA ID. Name of the LEA. Read only.
The following parameters are optional:
User. Enter a user name.
Maximum length: 32 characters.
Accepted input: a...z, A...Z, 0..9, %.#*+"!$()<>,_/-?:;=&.
Password. Enter a user-defined password.
Maximum length: 20 characters.
Accepted input: a...z, A...Z, 0..9, %.#*+"!$()<>,_/-?:;=&.
Confirm. Retype the password.
The following parameters are mandatory:
IP address. LEA IP address to which the data will be delivered.
Accepted input:
IP port. Port through which the data will be sent to the LEA.
Accepted input: 165535.
Protocol. Protocol used for data delivery.
One record can be specified for the protocol XML_GE.
Five records can be specified for the protocols Siemens_Proprietary and ETSI_IP.
Select one of the following protocols:
A30828-X9410-B082-35-7619
101/185
ETSI_IP
Directory. A valid FTP address for delivering tickets.
Maximum length: 40 characters.
Accepted input: a...z, A...Z, 0..9, %.#+!$(),_-;=&.
Add. Enter IP address, IP port and select a protocol. Press Add. The data you have entered is copied
into the list below.
Modify. You can modify the IP address and the IP port. The Protocol can not be modified. Select the
delivery data record you wish to modify (radio button). Enter IP address, IP port. Press Modify. The
selected delivery data record will be replaced with the data entered in the input fields above.
Delete. Select the delivery data record you wish to delete. Press Delete. The selected delivery data
record will be deleted (the number on the left will remain visible).
3.8.2.2.9
Figure 3-76: LEA data wizard Nortel Fixed (LIM) observation parameters
DN of LEA (call content). Mandatory parameter. Call content destination. Nationally significant
directory number (LAC and DN) of the LEA for the transmission of the call content.
1 to 24 hexadecimal digits accepted, where B is interchangeable with * and C is interchangeable with
#.
DN of LEA 2 (call content). Optional parameter. Alternative number, which can be used as LEA
identification (COLP feature).
1 to 24 hexadecimal digits accepted, where B is interchangeable with * and C is interchangeable with
#.
Ticket output format. The ticket format provided is ETSI V2.1 National A (i.e. ETSI V2.1 with
national parameters for Austria).
LIM LEA ID. LEA identification in the LIM system. Mandatory parameter; must be unique. Accepted
input: A-Z and 0-9. Length: 4-16 characters.
3.8.2.2.10
102/185
A30828-X9410-B082-35-7619
The communication data you enter on this page will be sent to IMS telling it where the intercepted
information should be sent. For the routing of IRI records (tickets), IMS uses its own mediation function
IRI records do not reach LIOS.
Transport of IRI records. Choose a transfer protocol and a transport system from the pull-down list.
Depending on your choice, additional fields will be displayed.
The options are FTAM/X.25, FTAM/IP and FTP. Additional fields depending on your choice will be
displayed (see Figure 3-78, Figure 3-79 and Figure 3-80).
Transport of data. This parameter is needed for an observation to be created in a GSM network. It is
automatically set to GTP* (GPRS Tunnelling Protocol) over IP.
IP address. Optional parameter. IP address of the LEAs data recording device.
Transport of voice. This parameter is needed for an observation to be created in a GPRS network. It is
automatically set to ISDN.
DN of LEA. Optional parameter. Nationally significant directory number (LAC and DN) of the LEA for the
transmission of the call content.
1 to 25 hexadecimal digits accepted.
CUG name. If you have entered a DN of LEA for the voice delivery, you can specify a CUG name; select
one from the pull-down list.
FTAM over X.25
Figure 3-78: LEA data wizard IMS, IRI records per FTAM/X.25
User ID. Mandatory parameter with a maximum of 32 characters; all characters accepted except
comma (,), double quote (), tab stop and blank.
Parameter needed for user authentication for the file transfer connection to the LEA. You have to enter
the same user ID that has been specified on the LEA terminal. The file transfer connection from IMS
and the LEA will be opened with this user ID.
Password. Mandatory parameter with a maximum of 32 characters; all characters accepted except
comma (,), double quote (), tab stop and blank.
Parameter needed for user authentication for the file transfer connection to the LEA. You have to enter
the same password that has been specified on the LEA terminal. The file transfer connection to the
LEA will be opened with this password.
Confirm. Retype the password.
Transport selector. Mandatory parameter. It identifies the transport layer (OSI layer 4).
Accepted input:
ASCII: all characters except comma (,), double quote (), tab stop and blank; length: 1 to 19
A30828-X9410-B082-35-7619
103/185
characters.
Hexadecimal: Hexadecimal digits; length: 1 to 38 digits.
Session selector. Mandatory parameter. It identifies the session layer (OSI layer 5).
Accepted input:
ASCII: all characters except comma (,), double quote (), tab stop and blank; length: 1 to 19
characters.
Hexadecimal: Hexadecimal digits; length: 1 to 38 digits.
Presentation selector. Mandatory parameter. It identifies the presentation layer (OSI layer 6).
Accepted input:
ASCII: all characters except comma (,), double quote (), tab stop and blank; length: 1 to 19
characters.
Hexadecimal: Hexadecimal digits; length: 1 to 38 digits.
Selector editing. Select ASCII mode or Hexadecimal mode.
Input format for ASCII: all printable characters except comma (,), double quote (), tab stop and blank.
Input format for Hexadecimal: 0-9, a-f, A-F.
You can also switch to the other editing mode if the selector fields have already been filled in the
character strings are instantly converted. (If non-printing characters are involved, switching between
editing modes may not work.)
Application entity. Mandatory parameter. The application entity title uniquely identifies an application
(here FTAM) within the system (OSI layer 7). The application entity title consists of application title and
AEQ. Accepted characters: decimal digits and dots; maximum length: 24 characters.
DTE (data terminal equipment) address. Mandatory parameter. Specifies the X.25 address for
routing. Maximum input: 25 digits.
FTAM over IP
Figure 3-79: LEA data wizard IMS, IRI records per FTAM/IP
The FTAM parameters are described above.
IP address. Mandatory parameter. IP address of the LEA terminal (LEMF) for IRI record reception.
FTP
104/185
A30828-X9410-B082-35-7619
Figure 3-80: LEA data wizard IMS, IRI records per FTP
User ID. Mandatory parameter with a maximum of 32 characters; all characters accepted except
comma (,), double quote (), tab stop and blank.
Parameter needed for user authentication for the file transfer connection to the LEA. You have to enter
the same user ID that has been specified on the LEA terminal. The file transfer connection to the LEA
will be opened with this user ID.
Password. Mandatory parameter with a maximum of 32 characters; all characters accepted except
comma (,), double quote (), tab stop and blank.
Parameter needed for user authentication for the file transfer connection to the LEA. You have to enter
the same password that has been specified on the LEA terminal. The file transfer connection to the
LEA will be opened with this password.
Confirm. Retype the password.
IP address. Mandatory parameter. IP address of the LEA terminal (LEMF) for IRI record reception.
IRI record subdirectory on LEA terminal. Optional parameter. Subdirectory on the LEA terminal
(LEMF) to which IRI records will be written. All characters are accepted except backslash (\).
3.8.2.3
The following forms are only visible if a profile has been defined for Siemens Fixed (e.g. EWSD,
hiQ/E9200), Siemens Fixed (hiQ4200/8000), Siemens Mobile, Alcatel Fixed or Nortel Fixed (LIM), ).
Transfer protocol and authentication
A30828-X9410-B082-35-7619
105/185
A30828-X9410-B082-35-7619
A30828-X9410-B082-35-7619
107/185
Communication settings
If the sending of LI tickets to LEAs fails (e.g. connection problem), LIOS will make further attempts. In the
Communication Settings form you can set timers and counters for the transfer of LI tickets in case of
error. The communication settings control the transfer to all LEAs; settings for individual LEAs are not
possible.
Ticket retry timer (min). Waiting time (in minutes) before another file transfer will be attempted. Range:
1 to 100.
Ticket time period (hours). Length of time (in hours) during which file transfer attempts will be made.
Range: 1 to 70.
108/185
A30828-X9410-B082-35-7619
3.8.4
A LEA modification affects all NEs/OS servers on which there are observations that regard the LEA (an
MML command is sent to all NEs/OS servers involved). It can happen, however, that the modification has
not taken effect on all NEs/OS servers so that there are different versions of the LEA at the same time.
The Check LEA modification command enables you to perform a check and, in most cases, offers you a
repair operation.
. The LEA modification command is waiting for being processed by the NE/OS server.
A30828-X9410-B082-35-7619
109/185
. The current LEA state was received from the NE/OS server and will be
Processing. Processing refers to the state of a LEA modification on the NE/OS server.
The percentage displayed reflects the progress of the operation (successful or unsuccessful).
OK
Failed
110/185
A30828-X9410-B082-35-7619
Table
The table provides you with an overview of CUG information; it does not contain all details. For a detailed
view, click on the CUG name (hyperlink) in the first column.
Table columns
CUG name. CUG name.
NE type. NE type for which the LI CUG can be used.
Remark. Remark entered.
Actions. These actions affect only the individual record.
Modify CUG. The CUG data form (see 3.9.1) is opened, where you can modify the CUG
record. The CUG name cannot be changed the corresponding field is read-only.
Copy CUG. The CUG data form is opened. It contains the values of the selected CUG record.
You can modify these values at least you have to enter a new CUG name.
Delete CUG. The CUG record is deleted.
Display LEAs. The LEAs contained in the selected LI CUG are displayed. To assign a LEA to
an LI CUG, start the LEA data wizard (see 3.8.2). With regard to Alcatel S12, a LEA cannot be
assigned to an LI CUG because on Alcatel S12 the observation itself is assigned to an LI CUG.
3.9.1
To open the CUG data form, select new CUG, modify CUG or copy CUG.
The CUG data form is provided for creating, modifying and copying LI CUG records.
CUG parameters
A30828-X9410-B082-35-7619
111/185
The format of the entered data specifies for which NE type the LI CUG can be used. If the LI CUG
satisfies validation conditions for all NE types, then it can be used without constraints by all observations.
The following conditions apply to the specific NE types:
To assign members to a closed user group, use the Observation form, NE-specific parameters, of the
LEA data wizard (see 3.8.2).
CUG NE type. Mandatory parameter. Select an NE type for the CUG. The CUG parameters vary
depending on the NE type.
CUG name. Mandatory parameter. Name of LI closed user group. The CUG name must be unique in
the LIOS system.
EWSD, hiQ/E9200, MSC and Utimaco IMS: 15 characters max., all characters incl. special characters
accepted.
Alcatel S12: 8 characters max.
The LI CUG name must be unique in the LIOS system.
CUG index. EWSD, hiQ/E9200 and MSC: Mandatory parameter. Closed user group index; 2
characters max., decimal numbers, range: 1 to 15. Whether an LI CUG index can be used, depends
on the configuration of the NE.
Alcatel S12 and Utimaco IMS: not used.
CUG ILC. CUG interlock code. EWSD, hiQ/E9200, MSC and Utimaco IMS: Mandatory parameter.
Closed user group interlock code for the call content connection between the intercepting NE and the
LEAs access. If no call content connection is established, this entry is without any effect. Decimal
number. Range: 0 to 65535 (EWSD and hiQ/E9200); 1 to 65535 (Siemens Mobile and Utimaco IMS).
Alcatel S12: not used.
CUG DNIC. CUG data network ID. EWSD, hiQ/E9200 and MSC: Optional parameter. Closed user
group data network identification code for the call content connection between the intercepting NE and
the LEAs access; range: decimal number, 1 to 9999.
For Utimaco IMS mandatory. For Alcatel S12: not used.
Remark. Optional parameter. Maximum length: 50 characters.
112/185
A30828-X9410-B082-35-7619
Format: A-BBB-NNNNN
Alarm number
Subgroup
I for interception
Main group
Alarm origin
A for alarm
Alarm origin
The alarm origin is identified by three letters.
The 1st letter (main group) identifies the originating system:
O
for Interception
A30828-X9410-B082-35-7619
113/185
closed
Open. An alarm has occurred but no LIOS user has dealt with it yet.
In progress. The alarm is being dealt with by a LIOS user; the LIOS user has taken over the alarm
(1). The name of the LIOS user appears in the Responsible field.
Closed. The error underlying the alarm was corrected; the LIOS user responsible has closed the
alarm (2 and 3). The name of the LIOS user appears in the Responsible field.
3.10.3 Alarm categories
3.10.3.1 LI NE alarms
LI NE alarms are generated by the NEs (not by all NE types) and concern the LI functionality of the NE.
Most LI NE alarms are group alarms, i.e. they refer to a specific observation or LIOS operator group (a
LIOS operator can only view group alarms that address his own group). Exceptions are A-EIM-00002
(Massive DN modification) and A-EID-00008 (LI database lost), which are global alarms, i.e. they reach
all LIOS operator groups.
If certain LI NE alarms are not shown in the browser, they may have been precluded on system level from
being processed by LIOS (for details see the LIOS User Manual Administrator, Section 4.6).
The LI NE alarms that are of interest to LIOS are mentioned in the following chapters.
Alarm code
A-EIA-00010
A-EID-00008
Short text
No answer from
LEA
LEA busy
LEA connection
failure
LI database lost
A-EIG-00005
CUG error
A-EIB-00009
A-EIC-00011
114/185
Long text
No answer from LEA. Contact the NE system administrator.
LEA is busy. Contact the NE system administrator.
LEA connection failure. Contact the NE system administrator.
All LI data is lost; the NE is locked. Please launch the Observation Manager
and effect DB Alignment.
User data transmission problems: CUG error. Contact the NE system
administrator.
A30828-X9410-B082-35-7619
Short text
DN modification
A-EIK-00007
Lack of resources
A-EIL-00001
A-EIM-00002
Massive DN
modification
A-EIM-00004
A-EIO-00006
COLP error
A-EIR-00000
DN removed
A-EIS-00012
A-EIU-00013
A-EID-00014
A-EID-00015
Activate switch
Long text
Modification of subscriber number. The state of the observation has been set
to ABORTED.
User data transmission problems (lack of resources). Contact the NE system
administrator.
Intercepted subscriber has new location on the NE. The observation is still
active. For details contact the NE system administrator.
Massive modification of subscriber numbers. The observations concerned
are still active on the NE. To synchronize the NE and the LIOS databases
(i.e. update the subscriber numbers in the LIOS database) start the
Observation Manager and effect DN Synchronization. Until the
synchronization has finished, the NE is locked for any other operation.
New multiple subscriber number (MSN). Contact the NE system
administrator.
User data transmission problems: COLP error. Contact the NE system
administrator.
Intercepted subscriber deleted/removed. The state of the observation has
been set to ABORTED.
General LEA setup failure. Contact the NE system administrator.
User-to-User3 overflow. Contact the NE system administrator.
Switch changes state to Soft isolation. Switch LI database is not cleared. No
new call is triggered, but calls in progress are not affected.
Switch changes state from Suspended or Soft Isolation to Ready.
A-LIM-01203
A-LIM-01204
A-LIM-01205
A-LIM-01206
A-LIM-01207
Short text
Unknown NE
Unknown DN
No answer from LEA
LEA is busy
LEA connection
failure
LI database lost
CUG error
DN modification
Lack of resources
New location for DN
Massive DN
modification
New MSN creation
COLP error
DN removed
LEA setup failure
User-to-User3
overflow
NE currently not
reachable
Line equipment
number - Site not
found
CLLI not found
Line equipment
number - Site is not
of the Type DN
ADD command on
switch failed
SURV ACT
command on switch
failed
SURV DEACT
A30828-X9410-B082-35-7619
Long text
Unknown NE
Unknown DN
No answer from LEA
LEA is busy
LEA connection failure
LI database lost
CUG error
DN modification
Lack of resources
New location for DN
Massive DN modification
New MSN creation
COLP error
DN removed
LEA setup failure
User-to-User3 overflow
NE currently not reachable
Line equipment number - Site not found.
115/185
A-LIM-01208
A-LIM-01209
A-LIM-01210
A-LIM-01211
A-LIM-01212
A-LIM-01213
A-LIM-01214
A-LIM-01215
A-LIM-01216
Short text
command on switch
failed
DEL command on
switch failed
Connection to NE
failed
Too may
observations on this
NE
DN does not match
Line equipment
number - Site
NE reports error
Connection to LIOS
lost
Internal LIM Error
LISTObservation
command on switch
failed
Observation is not
active
Long text
NE reports error
Connection to LIOS lost; some StatusObervation failed
Internal LIM Error
LISTObservation command on switch failed
Short text
Switch can not
establish call content
link towards LEA
Long text
It is not possible to set up CC link towards LEA. A failure reason is provided
in alarm description
Short text
Too many
observations
Forbidden attempt
detected
Long text
The maximum number of administrated observations has been reached.
The cache configuration differs from the actual one. This can result in
inconsistencies in the database.
Short text
Mediation Device critical error!
Mediation Device
error!
Mediation Device warning
Mediation device LI
info
Long text
The Mediation Device has detected an critical error during execution of a
message.
The Mediation Device has detected an error during execution of a
message.
The Mediation Device has detected awarning during execution of a
message.
The Mediation Device has sent LI interface relevant information
116/185
A30828-X9410-B082-35-7619
0.1.1.1
LIOS alarms
LIOS alarms are generated by the LIOS system, owing to errors detected during the running of LIOS
itself. LIOS alarms have the letter O (standing for operation system) at the second position of the alarm
code.
Most LIOS alarms are global alarms, i.e. they reach LIOS operators of all operator groups. An exception
is A-OIF-00008 (Observation error), which is a group alarm.
LIOS alarms are the following:
Alarm code
A-OIF-00001
Short text
File transfer
connection error
A-OIF-00003
A-OIF-00004
A-OIF-00007
A-OIF-00008
A-OIF-00009
A-OIF-00011
A-OIF-00012
A-OIF-00013
A-OIF-00014
Unknown NSAP
received
A-OIF-00015
Observation group
authorization failed
Important ticket
routing message
Received ticket file
cannot be saved into
LIOS
Ticket file cannot be
created
A-OIF-00016
A-OIF-00017
A-OIF-00018
A-OIF-00019
A-OIF-00020
A-OIF-00021
Problem with
processing of the
observation
Security activation
problem.
Could not identify NE.
A30828-X9410-B082-35-7619
Long text
File transfer connection to the LEA failed: received LI tickets (LI records)
could not be transferred to the LEA because of a connection error. Please
check the transport system and OSI parameters for the specified LEA (LEA
Administration). If the parameters are correct, check if the responder on the
remote system (LEA) is available. For further instructions see also the LIOS
Trouble-Shooting Guide.
File transfer to LEA has failed. Please check the transfer protocol of the
LEA (LEA Administration). Make sure that user ID and password used for
file transfer are correct. For further analyses see also the LIOS TroubleShooting Guide.
File transfer failed to send file to MC. Please check the transport system
parameters of the MC (MC Administration). Make sure that user ID and
password used for file transfer are correct.
LEA data not found in database (LEA data inconsistency): the received LI
ticket (LI record) contains a DNREC (DN of the record connection) which
cannot be related to any LEA entry in the database. This can happen when
the LIOS and the NE databases are not in line or when LIOS has received
an LI ticket of an observation which has not been created by LIOS
Observation state has been changed to Aborted. See Archived
Observations for more details.
An LI ticket (LI record) was received which refers to an LI observation
which cannot be found in the database. The reason could be that the LI
observation was not administered through LIOS. If a default LEA has been
specified, the LI ticket is routed to this LEA.
An LI ticket buffer file ('ticket file') has been detected on one NE. File
transfer has been started to retrieve the ticket buffer file.
Information: the ticket buffer file was successfully transferred from the NE
and will be processed.
The file transfer from the NE ended with an error. Please check the X.25
parameters, the OSI parameters and the user authorization parameters of
the FT application for the specified NE (Host Administration). If the
parameters are correct, check whether the FT responder on the remote
system (NE) is available.
A remote system tries to connect to a LIOS server through the LID
application by sending an NSAP (network service access point). The
NSAP, however, cannot be identified within LIOS. Please check if all NE
communication data for the LID application is administered correctly. If the
NSAP is valid, update the respective NE communication data or, if
necessary, add a new NE entry.
Observation group (OBSGRP) password is invalid. Enter the correct
password. If you need help, contact the NE system administrator.
Important message sent from ticket routing service.
The ticket file received by LIOS is either corrupted, has wrong file name or
it is not a ticket file. This file cannot be handled as ticket and was moved
into the ERROR directory (/opt/li/data/ERROR-files)
Ticket file that should be sent to the LEA cannot be created. Ticket
mediation failure or insufficient filesystem permissions prevents the file
creation.
One of the MML commands required for the observation has failed. See the
observation details to identify possible problem. Start the observation check
or repeat the action if necessary.
There is a problem with the security activation on the switch. Please
perform the activation manually.
LIOS received data from an unknown NE. Probably some NE has not
117/185
Short text
A-OIJ-00014
A-OIX-00001
A-OIX-00002
A-OIX-00004
A-OIX-00007
A-OIX-00009
A-OIX-00013
A-OIX-00014
A-OIX-00015
A-OIX-00016
A-OIX-00017
A-OIX-00018
A-OIX-00019
A-OIX-00022
A-OIX-00030
Test alarm
Not enough disk
space
Connection request
rejected by NE
LIOS is running in
single database mode
Observation
inconsistent between
NE and LIOS
Database replication
warning
Long lasting database
lock detected
Frozen database
session detected
In-doubt distributed
transaction detected
Reboot of computer
LIOS license was
modified
A-OIX-00031
A-OIX-00032
LIOS license
exceeded
A-OIX-00033
A-OIX-00043
DB synchronization
failed
Suspend failed during
sending of
ENTROBSID
command
Not enough swap
space
Unauthorized access
Modification of
network observation
failed
Cancellation of
network observation
failed
Creation of network
observation failed
Takeover of network
observation failed
Update of the
observation failed
Modification of an
network observation
A-OIX-00044
A-OIX-00045
A-OIX-00050
A-OIX-00051
A-OIX-00052
A-OIX-00053
A-OIX-00054
A-OIX-00055
A-OIX-00056
118/185
Long text
configured IP address correctly.
General Job Server failure.
X.25 Link state changed. Please check the X.25 link on the LIOS servers
as described in the LIOS Trouble-Shooting Guide
LIOS has switched to single database mode. Switch LIOS back to double
mode! For instructions see the LIOS Trouble-Shooting Guide.
Distributed write error: write operation to all DBs failed. Contact the LIOS
administrator to solve the problem.
Alarm for testing purposes.
Not enough disk space. Contact the LIOS administrator.
The connection request sent to the NE was rejected by the NE because of
a wrong parameter concerning the Application layer. Please check the
corresponding Application Entity Title of the OSI data (Host Administration).
LIOS is running in single database mode. Switch LIOS back to double
mode! Consult the LIOS Trouble-Shooting Guide for instructions.
Observation was inconsistent between NE and LIOS. Consequently the
observation data or state kept in LIOS was modified to match the
observation on the NE.
Possible problem with database replication detected. Please resolve
problem. For instructions see the LIOS Trouble-Shooting Guide.
Long lasting lock was detected. To find out whether the problem was
automatically resolved by LIOS, see the alarm details.
Frozen database session was detected and automatically resolved by
LIOS.
In-doubt distributed transaction was detected and forced either commit or
rollback.
Computer was rebooted.
Creation and modification of observations is not possible because LIOS
license entries were modified. Please contact the LIOS program vendor to
obtain a new LIOS license.
Creation and modification of observations is not possible because LIOS
license entries were deleted. Please contact the LIOS program vendor to
obtain a new LIOS license.
You have exceeded the scope of the LIOS license. You have 20 days to
contact the LIOS program vendor and upgrade the license. Otherwise after
20 days creation and modification of observations will no longer be
possible.
Your LIOS license has expired. Creation and modification of observations
is not possible. Please contact the LIOS program vendor and have the
license upgraded.
DB synchronization failed. For more in-detail information please refer to the
DB synchronization report.
Audit, ID and Group passwords might be lost. Start the Admin Console and
set the NE to 'LIDB lost' state. Otherwise, retry suspend.
A30828-X9410-B082-35-7619
A-OIX-00061
A-OIX-00071
A-OIX-00100
A-OIX-00101
A-OIX-00102
A-OIX-00103
A-OIX-00104
A-OIX-00200
A-OIX-00201
A-OIX-00202
A-OIX-00203
A-OIX-00204
A-OIX-00205
A-OIX-00207
A-OIX-00200
A-OIX-00201
A-OIX-00202
A-OIX-00203
A-OIX-00204
A-OIX-00205
A-OIX-00207
A-OIN-01001
Short text
cannot be performed
Observation does not
exist on the switch.
External Alarming
Identifier <name> is
unknown in External
Alarming
Transfer error to
External Alarming.
Change call data IP
address
Alarm from Huawei
CC08 switch.
Change HI2
processing server for
LEAs (in Huawei
Fixed profile).
Change HI1
processing server for
NEs (in Huawei Fixed
profile).
Modification of
parameters of
MCCFG entity failed.
Modification of
general parameters
failed.
Multiple interception
impossible
Too many subscriber
for this IMS LEA
New password not
allowed
Login failed
User locked
Feature not enabled
MC in use
Multiple interception
impossible
Too many subscriber
for this IMS LEA
New password not
allowed
Login failed
User locked
Feature not enabled
MC in use
HTTP Server not
started
Long text
Observation does not exist on the switch.
The corresponding External Alarming Identifier is unknown in the External
Alarming application and the state for this External Alarming Identifier is set
to inactive. Please contact the External Alarming Administrator to check the
name.
The connection to the External Alarming application failed, please check
the states of the External Alarming processes.
It is not possible to received tickets on one LIOS server. Please modify call
data IP address of LEAs so that it corresponds to other LIOS server.
Huawei CC08 switch has generated an alarm. Please see alarm
description for alarm details.
It is not possible to receive tickets on one LIOS server. Please modify HI2
processing server of LEAs so that it corresponds to other LIOS server.
A30828-X9410-B082-35-7619
119/185
LIOS alarms that do not refer to a specific task or operator group are so-called global alarms. All other
alarms, which refer to operator groups, are group alarms.
Alarm browser sub-applications
Alarms. Viewing and handling of all global alarms and group alarms (see 3.10.1) kept in the LIOS
system.
Alarm types. Alarm types (with alarm codes and short text). In the Alarm types sub-application (see
3.11.3) a LIOS administrator can determine which alarm types should have a high priority. All LIOS
users will be reminded as long as high-priority alarms (VIP alarms) are still pending (i.e. in Open
state). For an explanation of alarm type, see 3.10.1.
Alarm Reminder. If high-priority alarms occur, you are alerted instantly by an exclamation mark ( )
appearing at the bottom left. In fact, the exclamation mark tells you that there are still high-priority alarms
pending (i.e. in Open state or in progress). If you click on an exclamation mark, the Alarm browser is
opened.
Which alarm types should be covered by the Alarm Reminder, can be configured by a LIOS administrator
with the change priority command of the Alarm types sub-application.
If you cannot deal with the alarms immediately and you feel disturbed by the exclamation marks
appearing, switch the Alarm Reminder off (Alarm Reminder on/off command).
120/185
A30828-X9410-B082-35-7619
are about to deal with the underlying problem. The icon will change to
more than one alarm at the same time.
Close alarms. The alarm state is set to Closed. You can apply this command to alarms that are in In
progress state ( icon) and Open state ( icon) where the problems underlying them have been
solved. The icon will change to . Your user name will appear in the Responsible field. You can
change the states of more than one alarm at the same time.
Alarm Reminder on/off. Toggle switch command. The Alarm Reminder is switched on or off.
Filter. A filter form (Figure 3-92) is displayed, where you can specify which alarms should be
displayed, and define sorting options.
Select/unselect all. All records in the table are selected (checkboxes in the first column) or, if all have
been selected previously, they are unselected.
For the commands Refresh, Print, Export and Help see general application commands in Section
3.1.1.3.
Table
The table provides you with an overview of alarm information; it does not contain all details. For a detailed
view (Figure 3-91), click on the alarm ID (hyperlink) in the first column.
Table columns
Alarm ID. Sequential number that identifies the individual alarm instance.
Time. Date and time when the alarm was generated.
State. State of the alarm.
(For detailed information see 3.10.2.)
Responsible. LIOS user who has taken over or closed the alarm.
Alarm type. Alarm code that identifies the alarm type (for an explanation of alarm type see 3.10.1).
Short text. Brief alarm information.
External alarming state (optional): State of the alarm message with respect to external-alarming. If
the field is empty, the alarm was not handled by PIMS. The external-alarming state can be:
Sent. The alarm message was sent to the PIMS application for all external-alarming identifiers
that are administered for this alarm type.
Error. The alarm message could not be sent to the PIMS application.
Partly. The alarm message was sent to the PIMS application for some, but not for all externalalarming identifiers administered.
No recipient defined. No external-alarming identifier has been defined for this alarm type.
Note: The PIMS application has a possibility to log all messages that are sent for an external-alarming
identifier.
Annotated. A check ( ) in this field means that an annotation has been made to the alarm. To read
the annotation, click on the alarm ID, to edit the annotation, click on the Annotation ( ) icon in the
Actions column.
Actions. These actions affect only the individual record.
Annotation. The Annotation form is displayed, where you can read and edit an annotation
made to an alarm or add one yourself. The annotation is saved in the database. An annotation to
an alarm can be made by any LIOS user, not only by the one identified in the Responsible field.
Take over alarm. The alarm state is changed to In progress. You can apply this command to
an alarm that is in Open state ( icon) if you are about to deal with the underlying problem.
A30828-X9410-B082-35-7619
121/185
Close alarm. The alarm state is changed to Closed. You can apply this command to an alarm
that is in In progress state ( icon) and Open state ( icon) where the problems underlying
them have been solved.
122/185
A30828-X9410-B082-35-7619
It is possible to filter for global alarms and for group alarms of an operator group.
For group alarms select a specific operator group in the Operator group field (only the
alarms of the selected operator group are shown).
A30828-X9410-B082-35-7619
123/185
124/185
A30828-X9410-B082-35-7619
Table columns
Alarm type. Alarm code that identifies the alarm type (for an explanation of alarm type see 3.10.1).
Short text. Brief alarm information.
High priority. A check mark in this column indicates that the alarm type has high priority: High-priority
alarms are covered by the alarm reminder.
Actions. These actions affect only the individual record.
Change priority. Only for LIOS administrators. Toggle switch command. The priority of the
alarm type is changed from high to low and vice versa.
By clicking on the Alarm type in the Alarm browser the details of the alarm type are shown.
A30828-X9410-B082-35-7619
125/185
126/185
A30828-X9410-B082-35-7619
queued
aborted
canceled
4
running
3
7
finished
undefined
Queued. The MML command is queued in the LIOS system and waits for session establishing (1).
Running. The MML command has been sent to the NE and is being processed on the NE (2).
Finished (final state). The MML command has been successfully processed on the NE (3).
Canceled (final state). The MML command was canceled by the NE because of some errors (e.g. invalid
parameters etc.) (4).
Aborted (final state). The MML command was aborted by LIOS because of a fatal error (e.g. connection
problems) (5 and 6).
Undefined. The communication with the NE was interrupted after the command was submitted LIOS
has not received a response from the NE. (7).
A30828-X9410-B082-35-7619
127/185
Selection form
Define a filter in the Filter field (wild-cards: * and ?) and press Reload. Then select an NE or OS
server from the list provided.
Finally press Next. The form is closed and a connection for the MML console is established.
128/185
A30828-X9410-B082-35-7619
console window. To switch between different connections use the Connected to NE/OS server pulldown list.
Table
Each command you submit during the current session of the MML console is listed in the table of the
MML console.
If you close and reopen a connection to an NE/OS server, the MML console table and the Command
history list are empty again.
If you wish to see the NEs/OSs response, click on the job ID of the respective MML command (Figure
3-99).
The table of MML commands in the MML console window shows only the MML commands entered within
one MML session. This means that after closing and reopening the MML console, the table of MML
commands is empty again. However, all previously sent MML commands are listed in the MML browser
window (see 3.14). (All MML commands are also written to a log file which can be inspected by the LIOS
supervisor.)
All commands are sent within one NE/OS server session.
Table columns
Job ID. Unique MML job identification. If you click on the job ID of a command, a form with the
NEs/OSs response to the MML command appears (Figure 3-99).
CP ID. Sequential number given to the MML command by the coordination processor (CP) of the
NE/OS server.
MML command. Name of the MML command.
NE/OS server name. Name of the NE or OS to which the MML command was sent.
Time. Date and time when the command was sent.
State. State of MML command.
The state can be Queued, Running, Finished, Canceled, and Aborted.
(For detailed information see 3.12.1.)
LIOS user. LIOS user who has issued an MML command via Console.
Operator group. Group to which the operator belongs.
Observation ID. Not relevant.
Actions. Not relevant.
A30828-X9410-B082-35-7619
129/185
A30828-X9410-B082-35-7619
In this way you can also have the NE/OS server guide you through the input procedure: enter the
command without parameters and without closing semicolon and press Send. This can come in handy if
you are entering a complex MML command.
A30828-X9410-B082-35-7619
DISPSLNACC
DISPSUB
DISPTGRP
DISPTIME
DISPTRUNK
DISPUSERID
DISPV5IF
DISPX25DTE
DISPX25LINK
DISPX25ROUTE
DMPOSITRAC
DMPX25TRAC
ENDSESSION
ENTRCUG
ENTROBSID
ENTRSERVCUG
MODFGRP
MODLIOPT*
MODSUB
MODUSERID
SELMOBS
SETFGRPPW
STATBA
STATDIU
STATDLU
STATDLUMOD
STATDLUPORT
STATLTG
STATPBXLN
STATPORT
STATSSP
STATSUB
STATTRUNK
STATX25DAT
STOPJOB
TESTSUB
131/185
DISPDBSIZE
DISPDLUPORT
DISPPSWDAT
DISPSERVCUG
MODOBSID*
MODPSW
Alcatel S12
DISPLAY-ACTIVE-ALARMS
DISPLAY-CUG
KCC LIM
TESTLIM
This command is automatically converted by LIOS to XML, which is the format used for the
communication with LIM.
Utimaco IMS
MCLIST
Huawei Fixed
SET GP
LST GP
MOD HI2CFG
LST HI2CFG
Huawei GSM
STARTLEA
CLOSELEA
EXITLEA
TEST
For detailed information about MML commands see the documentation of the respective switch or
operation system.
132/185
A30828-X9410-B082-35-7619
All MML commands of an Administrator user sent during current and previous sessions via MML
console.
A30828-X9410-B082-35-7619
133/185
134/185
A30828-X9410-B082-35-7619
The LIOS EFD Administration renders the management of EFDs convenient and gives you a good
overview of EFDs created on the NEs that are connected with the LIOS system.
To manage the communication with an NE and to set up applications for this purpose, use the LIOS Host
Administration. The Host Administration also enables you to set up the EFD application, which is
prerequisite for the LIOS EFD Administration to work.
EFD types
LIOS EFDs. EFDs that have been created by the LIOS EFD Administration and are kept in the LIOS
database; foreign EFDs that have been taken over by the LIOS EFD Administration. LIOS EFDs
always have lawful interception as their objective.
Foreign EFDs. EFDs that were not created by LIOS and that were not taken over by LIOS.
Foreign EFDs can have lawful interception as their objective (i.e. forwarding of LI tickets or NE
alarms); in this case they can be taken over by the LIOS EFD Administration.
Foreign EFDs that have been created for purposes other than lawful interception can be displayed in
the LIOS EFD Administration for informational purposes, but cannot be manipulated.
Whether you can view and handle foreign EFDs, depends on the functional scope of the LIOS system
you are working with (license key).
When you start the EFD Administration, the data displayed reflects the default filter settings. If you wish to
see another selection of data, select the Filter command from the application commands bar. A filter form
appears, where you can specify criteria for the data to be displayed.
A30828-X9410-B082-35-7619
135/185
Application commands
New EFD. The EFD data wizard (see 3.15.2) is started, where you can enter a new EFD to be
created. The EFD can be created on one or more NEs at the same time.
The newly-created EFDs are automatically marked as LIOS EFDs they can subsequently be
administered through the EFD Administration.
As EFDs are being set up on the NEs one by one, there state changes to OK or, in case of failure, to
Undefined. You are also advised through a summary message whether the creation of EFDs has been
successful.
To find out what has gone wrong with individual EFDs, invoke a Validate operation.
Delete EFDs. Selected EFDs are deleted.
You can only delete LIOS EFDs, i.e. EFDs which were created by the LIOS EFD Administration or
taken over. You can also delete an EFD record which exists in the LIOS database but not on the NE
(Not on NE state).
You will be asked if you really want to delete EFDs. Finally a message confirming the deletion is
displayed.
Ignore EFDs. If EFDs do not interest you, select them and choose Ignore EFDs. EFDs are set to
Ignored state. If you apply Ignore EFDs on LIOS EFDs, they become foreign EFDs and can no longer
be manipulated with the LIOS EFD Administration.
If you have used Ignore EFDs erroneously, you can undo the action with Take over EFDs.
Take over EFDs. Foreign EFDs are taken over and are henceforth LIOS EFDs they can be
manipulated with the LIOS EFD Administration as if they had been created by it.
You can apply Take over only on foreign EFDs that have Lawful Interception (LI) as their objective, i.e.
forwarding of LI tickets or NE alarms. If EFDs have got lost in the LIOS DB and are still kept on the
NE, they are foreign EFDs from the LIOS point of view, although they may have been created by the
LIOS EFD Administration. You can recover them by using Take over.
Validate NEs. LIOS checks whether the EFD is consistent with the EFD currently active on selected
NEs (see 3.15.3).
Filter. A filter form (Figure 3-104) is displayed, where you can specify which EFDs should be
displayed, and define sorting options.
Select/unselect all. All records in the table are selected (checkboxes in the first column) or, if all have
been selected previously, they are unselected.
For the commands Refresh, Print, Export and Help see general application commands in Section
3.1.1.3.
Table
The EFD Administration table provides you with an overview of the EFDs that were created on the NEs
set up in the LIOS system. The table provides you with an overview of EFD information; it does not
contain all details. For a detailed view, click on the EFD ID (hyperlink).
Table columns
EFD ID. Automatically generated by LIOS. It uniquely identifies the EFD within the entire LIOS system.
Discriminator ID. Identifier of EFD, unique on the NE.
NE name. Network element where the EFD has been set up.
Active destination. Currently valid primary address to which events are sent by the NE.
Backup. Fall-back target address for events in case the destination cannot be reached. (In case of
foreign EFDs, it can be more than one address.)
Forwarding. Forwarded events: tickets, NE alarms or both. n/a indicates that the EFD is not a LIOS
EFD.
State. The state of an EFD can be OK, Not in DB, Not on NE, DB != NE; Error, Undefined,
Ignored and Processing.
136/185
A30828-X9410-B082-35-7619
LIOS EFD. A checkmark indicates that the EFD is a LIOS EFD, i.e. it has lawful interception as its
objective and has been created or taken over by LIOS. Otherwise it is a foreign EFD.
This field can be modified only indirectly, through Take-over and Ignore.
Actions. These actions affect only the individual record.
Validate. LIOS checks whether the EFD is consistent with the EFD currently active on the NE
(see 3.15.3).
Modify. The EFD data wizard (see 3.15.2) is started, where you can modify the destination
and the backup destination(s) of the EFD You can only modify LIOS EFDs.
Delete. The EFD record is deleted.
Synchronize. The EFD data is read from the NE and written to the LIOS database (DB). If a
Validate operation has revealed discrepancies between NE and LIOS DB, you can apply
Synchronize if the NE data is correct and the LIOS data is faulty.
You can apply Synchronize only on LIOS EFDs.
Align. EFD data is read from the LIOS database (DB) and written to the NE. If a Validate
operation has revealed discrepancies between NE and LIOS DB, you can apply Align if the LIOS
DB data is correct and the NE data is faulty.
You can apply Align only on LIOS EFDs.
Take over. The EFD is taken over.
Ignore. The EFD is ignored.
3.15.1 Filter
Select the view or views you wish to appear in the main window. By setting filter criteria you can restrict
the data to be displayed. If a field is empty or not selected, it has no influence on the filtering process.
137/185
138/185
A30828-X9410-B082-35-7619
EWSD-specific parameters
Figure 3-106: EFD data wizard parameters for EWSD and hiQ/E9200
Active destination. Read-only field. LIOS server to which events are being sent by the NE:
application entity title of the LID application set up on the LIOS server.
Destination. LIOS server to which events are normally forwarded: application entity title of the LID
application set up on the primary LIOS server (see 3.6.2). Input format: decimal numbers separated by
dots (e.g. 0.2.262.1.1.9202.16).
Backup destination. LIOS server (fall-back destination) to which events are forwarded if the primary
LIOS server cannot be reached by the switch: application entity title of the LID application set up on
the secondary LIOS server. Input format: decimal numbers separated by dots. (Some foreign EFDs
can have more than one backup destination.)
Tickets (checkbox). If selected, LI tickets (LI records) are/will be forwarded through the EFD.
NE alarms (checkbox). If selected, NE alarms (LI infos) are/will be forwarded through the EFD.
Object class. Read-only field. Object IDs generated by the switch for EFDs..
Name binding. Read-only field. EFD attribute.
Package list. Read-only field. EFD attribute.
A30828-X9410-B082-35-7619
139/185
Confirmed mode. If activated, user requests are confirmed by the NE after execution. Confirmed
mode should always be activated.
Administrative state. Read-only field. The EFD can be in the following administrative states:
Unlocked: processing of the information by the discriminator is permitted by a managing system.
Locked: processing of the information by the discriminator is prohibited by a managing system.
Shutting down: the EFD is not operational owing to a shutdown of the NE.
Operational state. Read-only field. The EFD can be in the following operational states:
Disabled: the discriminator is not operational.
Enabled: the discriminator is operational
3.15.3 Validate
LIOS checks whether EFDs kept in the LIOS database are consistent with EFDs currently active on NEs.
If you wish to validate one or several EFDs, select them. If you wish to invoke a global validation, unselect
all EFD records in the table.
At such a global validation, the following actions are taken:
All NEs available are asked (polling) whether they have EFDs set up on them. The result is compared
with the LIOS database. As regards a LIOS EFD, the discrepancies between an NE and LIOS DB can be
as follows:
1. The EFD is kept on the NE, but not in the LIOS database the Synchronize button is available; the
EFD will be entered in the LIOS database and an annotation will be added which states that the EFD
was originally kept only on the NE.
2. The EFD is kept in the LIOS database but not on the NE the Align button is available; an annotation
will be added which states that the EFD was originally kept only on the NE.
3. The EFD is kept on the NE and in the LIOS database, but its values are not identical the
Synchronize and Align buttons are available; an annotation will be added which states that EFD data
is not identical.
If you use Validate on foreign EFDs, the LIOS database is updated. If the Take-over command is
available, the EFD has lawful interception as its objective and can be taken over.
140/185
A30828-X9410-B082-35-7619
For more detailed information and troubleshooting advice see the LIOS Troubleshooting
Guide.
A30828-X9410-B082-35-7619
141/185
4.2 Setting up closed user groups (CUGs) for LEAs on EWSD and hiQ/E9200
switches
To prevent LEAs from being intentionally blocked by external calls and from being objects of observation,
you can set them up as closed user groups (CUG).
CUGs must be set up on NEs by an ISDN administrator. A CUG for a particular LEA must be set up on
the NE on which the ISDN connection of the LEA is administered.
Up to 15 CUGs can be predefined on each NE. Administration of CUGs for each LEA must be possible by
selecting one of the predefined CUGs in the Observation form of the LEA data wizard (LEA
Administration see 3.8.2).
To set up and administer CUGs proceed as follows:
Checking CUG properties in the LI options (NE administration task)
In EWSD version V13A and higher, and hiQ/E9200, it is possible to define up to 15 LI-specific CUGs on
an NE. Whether this feature can be used depends on the NE configuration. This configuration is defined
on each NE in the properties of the LI options. The value of these parameters can only be modified during
installation phase. The following CUG properties can be set in the LI options:
CUG_USAGE_ALLOWED:
If this property is set, the CUG functionality is allowed.
CUG_ADMIN_MAND:
If this property is set, the CUG functionality must be used (otherwise LI MML command CROBSGRP
will be rejected).
CUG_USAGE_VIA_INDEX:
If this property is set, the CUG functionality must be used with the index method.
142/185
A30828-X9410-B082-35-7619
CUGIND:
Specifying the CUG index by using the CUGIND parameter (CUGILC and CUGDNIC are not
used). The CUG index is related to the CUG data predefined in the LI options on the NE. If no
CUG data is administered in the LI options for this index, the command is rejected.
CUGILC and CUGDNIC:
Specifying the CUG interlock code and the CUG data network identification code by using
parameters CUGILC and CUGDNIC (CUGIND is not used).
If there is a CUG assigned to a LEA in the LEA Administration, this CUG is specified also in the MML
commands for creating and modifying observation groups: if the flag CUG indexing activated for a
specified NE is set, the CUGIND parameter is used, if the flag is not set, the parameters CUGILC and
CUGDNIC are used. If there is no CUG assigned to a LEA, the CUG parameters are not used in the MML
commands for creating and modifying observation groups.
If the LEA CUGs set up in the LIOS system do not correspond with the parameters and
properties set on the NE, the MML commands for creating and modifying observation groups
will be rejected by the NE.
A30828-X9410-B082-35-7619
143/185
Hour2Execute = 22
Minute2Execute = 00
SyncLength = 5
TimeCriteria = 7
If you modify the settings for cyclic DB synchronization, you have to do so on each LIOS server.
Meaning
Amount of time in seconds which must pass between the arrival of
an alarm and the start of the synchronization. Default: 900.
Indicates whether automatic DN synchronization should run after
arrival of an alarm at all.
0 Automatic DN synchronization is not used (default).
1 Automatic DN synchronization is used.
144/185
A30828-X9410-B082-35-7619
145/185
(only if before upgrading, the NE had version EWSD V12 or higher or hiQ/E9200 depends also on the
LI property settings).
Proceed as follows: (1) Enter the new NE version (LIOS Host Administration, NE data wizard see
3.4.6). (2) Ask a LIOS operator with Observation Manager rights to perform Align DB. This will
automatically restore LI passwords and observations on the NE.
0
1
TicketRouter.ETSI_AddHeaderToE164
0
1
Meaning
Regulates which characters can be entered in the ETSI form of the
NE data wizard to specify NE IDs in the X.25 format.
Decimal numbers accepted (default).
Hexadecimal numbers accepted.
Regulates which characters can be entered in the ETSI form of the
NE data wizard to specify NE IDs in the E.164 format.
Decimal numbers accepted (default).
Hexadecimal numbers accepted.
Regulates whether NE IDs entered in the X.25 format will be
coded according to Q.763 (i.e. whether a 2-byte header will be
added).
NE ID strings will be used in LI tickets as they have been entered
no header will be added.
NE IDs will be coded according to Q.763 a header will be added
(default).
Regulates whether NE IDs entered in the E.164 format will be
coded according to Q.763 (i.e. whether a 2-byte header will be
added).
NE ID strings will be used in LI tickets as they have been entered
no header will be added.
NE IDs will be coded according to Q.763 a header will be added
(default).
Usually the LIOS administrator will enter the X.25 or E.164 address and will leave the 2-byte header
according to ETSI to be added by the LIOS system. This is reflected in the default property settings
(decimal numbers and automatic addition of header). However, a LIOS administrator may wish to enter
headers manually, which necessitates the input of hexadecimal characters. He will enter the header in the
Address field and then the X.25 or E.164 address. The property settings for this situation are:
hexadecimal characters and no automatic addition of header. This means, if add header is ON,
hexadecimal should be OFF and vice versa.
Decimal
Hexadecimal
YES
NO
NO
YES
146/185
A30828-X9410-B082-35-7619
For FTP to LEAs and MCs it is also possible to use the passive mode.
The following solution has been implemented:
The communication to NEs is always done through the active FTP mode.
The communication to LEAs and MCs is done by default through the passive FTP mode. To change it
to the active FTP mode, you have to edit the lios.properties file.
passive FTP (default):
FTP.ConnectModeActive = 0
active FTP:
FTP.ConnectModeActive = 1
These settings are generally valid, i.e. for the communication to all LEAs and MCs.
TicketRouter.parallelSending = 1
TicketRouter.parallelSending = 0
The settings affect ticket sending to all LEAs that are connected with the LIOS system.
A30828-X9410-B082-35-7619
147/185
To switch the support of LI management (HI1) notifications off or on, edit the lios.properties configuration
file (how to access the lios.properties configuration file is described in Section 4.3).
HI1 support is ON:
TicketRouter.ETSI_HI1 = 1
TicketRouter.ETSI_HI1 = 0
NTP is not used: Rely on the LIOS-proprietary time synchronization as it was prior to LIOS 7.4.
NTP is used:
The NTP server is some computer outside of LIOS. Both LIOS servers are configured as NTP
clients. The LIOS-proprietary time synchronization must be turned off (see the Section 4.15) or
One of LIOS servers will act as NTP server and other as NTP client. The LIOS-proprietary time
synchronization must be turned off.
If NTP is going to be used, please refer to the next section for information how to configure NTP server
and client. It is enough to create some configuration files and place them into the respective directory.
These files will be automatically read by Solaris after reboot.
4.14.1 Multicast/Broadcast synchronization (automatic)
Multicast/Broadcast synchronization can be used when broadcasting (multicasting) over the network is
possible.
Step-by-step configuration:
23. NTP server configuration
Insert the authentication key into the file in the format <key> <type> <password>
(the key identifies a line in the file and consists of <key> <type> <password>, this key id (and
password) is checked by an NTP client when receiving a broadcasted time packet from the
server)
key key ID, numeric value, e.g. 1
type one of S (64bit DES), N (64bit NTP number), A (1-8 characters ASCII), M (1-8 characters
MD5)
password any password
e.g. 1 M mypass
At least one line with the command server <address> has to exist to identify the address of the
time source
e.g. server 127.127.1.0 for local computer clock source (clock can also be on any other server)
A line with the command broadcast <address> key <key#> ttl <ttl#> has to exist, with proper
values set (see above creation of key)
address multicast or broadcast address
key# key ID to sign packets
ttl# number of maximum network hops from NTP server to client
e.g. broadcast 224.0.1.1 key 1 ttl 10
148/185
A30828-X9410-B082-35-7619
Create or copy and modify the file etc/inet/ntp.keys with exact key line as configured on the NTP
server (see above). Only the key which is used in the broadcast command in the ntp.conf file on
the server, is needed.
In a closed network, where only LIOS servers exist and where there is no danger of an attack with false
time packets, it is also possible not to create a file ntp.keys (on both server and client) and not to fill in
any information about authorization keys (commands broadcast and trustedKey).
4.14.2 Configuration check
4.14.2.1
NTP server
Example:
ntpq>associations
ind assID status conf reach auth condition last_event cnt
===========================================================
1 46388 9614
yes
yes none sys.peer
reachable 1
2 46389 c000
yes
no
Example:
A30828-X9410-B082-35-7619
149/185
filtoffset=
filterror=
4.14.2.2
0.00
10.06
0.00
11.03
0.00
12.01
0.00
12.99
0.00
13.96
0.00
14.94
0.00
15.91
0.00,
16.89
NTP client
Example:
ntpq> assoc
ind assID status conf reach auth condition last_event cnt
===========================================================
1 36407 7600
no
yes
ok
sys.peer
Example:
XType Device
RefID
Description
------------------------------------------------------1
local
LCL
Undisciplined Local Clock
2
trak
GPS
TRAK 8820 GPS Receiver
3
pst
WWV
PSTI/Traconex WWV/WWVH Receiver
4
wwvb
WWVB
Spectracom WWVB Receiver
5
true
TRUE
TrueTime GPS/GOES Receivers
150/185
A30828-X9410-B082-35-7619
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
6
7
8
9
10
11
12
13
15
17
18
19
20
22
23
24
25
26
27
irig
chu
parse
mx4200
as2201
arbiter
tpro
leitch
*
datum
acts
heath
nmea
atom
ptb
usno
*
hpgps
arc
IRIG
CHU
---GPS
GPS
GPS
IRIG
ATOM
*
DATM
ACTS
WWV
GPS
PPS
TPTB
USNO
*
GPS
MSFa
151/185
# command: broadcastclient
# set the NTP client to broadcast client
#broadcastclient
# Specify that authentication and broadcast listening are enabled
enable auth bclient
# Specify keys file
keys /etc/inet/ntp.keys
#Selected valid key, from which are time-packets accepted by this client
trustedkey 1
ExportFormat = CSV
ExportFormat.extension = csv
ExportFormat.delimiter = ,
ExportFormat.surround = "
For the modifications to take effect, you have to stop and restart the LIOS services (see 4.3).
4.17 Ticket time stamp conversion according to the time zone of the NE
The tickets generated by NEs of Type EWSD and hiQ/E9200 contain always GMT time and not the local
time where the NE is located. This could be a problem if the NEs connected to LIOS are located in
152/185
A30828-X9410-B082-35-7619
different time zones. To avoid this the time stamp can be converted in LIOS to the correct time based on
the time zone the NE is located. To activate this feature set the following LIOS property:
TicketRouter.TimeZone = 1
Additionally for each NE concerned the correct time zone has to be set in LIOS Host administration ->
NEs -> General by the LIOS Administrator.
E.g.: NE provides ticket with GMT time: 2006/12/18 11:06:28
1. example:
NE is located in time zone 'Europe/Istanbul': GMT+2 (= +2 hours)
LIOS converts the time stamp to GMT+2:
2006/12/18 13:06:28
2. example:
NE is located in time zone 'Australia/Sydney': GMT+10 + 1 hour DST (= +11 hours)
LIOS converts the time stamp to GMT+11:
2006/12/18 22:06:28
A30828-X9410-B082-35-7619
153/185
System configuration
Root permission on the LIOS servers is needed for performing the system configuration tasks described
in this chapter. All tasks described here should not be carried out during normal operation.
For more detailed information and troubleshooting advice see the LIOS Troubleshooting
Guide.
5.1 Symmanager
5.1.1
Overview
Symmanager is an administration tool for configuring X.25 cards. It enables you to do the following:
Specifying X.25 parameters, e.g.:
X.25 timer
Usually the default values are sufficient. It may be necessary to adapt the channel number space or size
and number of internal buffers (see 5.1.2).
To start Symmanager, log in as root and type symmanager. For further information see [5].
5.1.2
The values to be specified for the size (DTSX INTERNAL BUFFER SIZE) and number (MAXIMUM
BUFFERS/VC TRIGGER) of internal buffers depend on the X.25 packet size used.
When setting the two parameters, observe the following rules:
The value range for this parameter is between 256 and 1024.
The following examples show how optimum or necessary values for the two parameters above are
defined with respect to the X.25 packet size used.
154/185
A30828-X9410-B082-35-7619
Example 1:
Only the X.25 packet size 1024 is used:
DTSX INTERNAL BUFFER SIZE = 1024
Because the maximum X.25 packet size of 1024 lies within the permissible range of values, the value can
be used.
MAXIMUM BUFFERS/VC TRIGGER = 3
The maximum TPDU size accepted by LIOS is 2048 and the minimum X.25 packet size is 1024.
Example 2:
Only the X.25 packet size 128 is used:
DTSX INTERNAL BUFFER SIZE = 256
Because the maximum X.25 packet size of 128 lies below the permissible range of values, the lower limit
of the range of values(256) is used.
MAXIMUM BUFFERS/VC TRIGGER = 17
The formula yields the value 17 if the LIOS TPDU size of 2048 is used.
5.2 Symmonitor
Root permission on the LIOS servers is needed for performing the operations described in this section.
Symmonitor enables you to localize problems in the transport system (X.25) located between LIOS and
the NEs. With Symmonitor you can view the X.25 communication on the OSI layers 1 to 3.
Proceed as follows:
1. Login as root on the LIOS server which has problems with the X.25 communication.
2. Enter symmon. A self-explaining window is displayed which enables you to trace the X.25
communication over the Symicron card. For details see [5]. Make sure you have selected the correct
port to be traced.
Transfer of event tickets from NE, when delivery of event tickets via Q3 is not possible.
A30828-X9410-B082-35-7619
155/185
The standard software products HSI software, Solstice X.25, Solstice OSI and Solstice FTAM must
be installed.
Configuring Solstice X.25 software (see 5.3.3). The Solstice X.25 software provides X.25 for the
data link layer and network layer (layers 2 and 3) of the OSI reference model.
Configuring Solstice OSI software (see 5.3.4). The Solstice OSI software provides the transport
layer, session layer, presentation layer and part of the application layer (layers 4 to 7) of the OSI
reference model.
Configuring Solstice FTAM software (see 5.3.5). The Solstice FTAM software provides an FTAM
implementation for the application layer (layer 7) of the OSI reference model. This FTAM
implementation satisfies the ISO (International Systems Organization) requirements for an FTAM
application.
5.3.2
Before starting FTAM file transfer administration, the necessary X.25 configuration data for the local X.25
Link listed in Table 5-1 should be collected.
Configuration parameter Explanation
local NSAP address
local DTE address
Logical channel numbers
(start/end point)
Request Size Negotiation
Defines the range of logical channel used in layer 3 of the OSI reference model. The
start and end points must be the same for the local LLC Link and the corresponding
port of the ISDN router.
Negotiate packet size and window size = yes/no
This parameter permits both partners to negotiate an optimum packet size and window
size. This option must be activated or deactivated for both partners: LIOS and network
elements.
MAC address of the TCP/IP port of the ISDN Router. This MAC address can be
determined by the following commands:
1. ping to the IP address of the ISDN router
2. Reading of the ARP cache of the LIOS server by arp a'
MAC address of the TCP/IP port of the LIOS server. This address can be determined
with the following command: ifconfig hme0.
156/185
A30828-X9410-B082-35-7619
5.3.3
The configuration of the Solstice X.25 software is divided into two sections, the administration of the X.25
Link and of the LLC2 Link.
For configuring the Solstice X.25 software, log in to the LIOS server under the root user ID.
1. Start of the Solstice X.25 configuration program: enter the following command:
/opt/SUNWconn/bin/x25tool
The X.25 Administration Tool main window is displayed:
Figure 5-1: X.25 Administration Tool of the Solstice X.25 software Main window
A30828-X9410-B082-35-7619
157/185
Figure 5-2: Solstice X.25 software X.25 Link Link Editor window
In the Link Editor window enter the following parameters:
Link Number
<link number>
Unique number for identifying the X.25 link.
Link Type
WAN
Device
HSIP
Port Number
<number of used port of X.25 card (1-4)>
The HSI card connects the LIOS server to the X.25 network via this port.
Tx Clock:
External. The Clock is usually generated by the connected modem.
Interface
DTE
LAP Protocol
LAPB
Local X.121 Address <DTE address of HSI port>
Version
1984
Packet Size
Here the collected values for the X.25 Packet Size (default and maximum) are to be
entered.
Logical Channel
The collected values for SVC-Channel Range are to be entered. These values must
Range
correspond to the X.25 link of the network provider.
Confirm the settings with Apply and OK.
158/185
A30828-X9410-B082-35-7619
OSI
Local NSAP Address
Figure 5-4: Solstice X.25 software Closed User Group and Facilities window
A30828-X9410-B082-35-7619
159/185
Closed User Group (CUG) is an optional X.25 feature. It should only be selected, you want to use it for
your FTAM connection to the Partner System.
For LIOS select the following settings:
Closed User Group
CUG Format
Basic
Size Negotiation
Figure 5-5: Solstice X.25 software Throughput Class and Window Size window
Enter the collected values for X.25 Window Size.
Confirm the settings with Apply and OK.
160/185
A30828-X9410-B082-35-7619
A30828-X9410-B082-35-7619
161/185
Figure 5-7: Solstice X.25 software: LLC2 Link Link Editor window
In the Link Editor window, enter the following parameters:
Link Number
<link number>
Unambiguous number for identifying the LLC2 link. It will be used for the X.25
routing table later in this section.
Link Type
LAN
Device
HME
Port Number
0
Interface
DTE
LAP Protocol
LAPB
Local X.121 Address This entry must not be changed! Otherwise the LLC2 Link will not work!
Version
1984
Packet Size
Enter the collected values for the X.25 Packet Size (default and maximum) here.
Logical Channel
Enter the collected values for SVC-Channel Range. These values must correspond
Range
to the LLC2 Link of the ISDN router.
Confirm the settings with Apply and OK.
LLC2 and Addressing must not be changed for the requested configuration.
162/185
A30828-X9410-B082-35-7619
Figure 5-8: Solstice X.25 software: LLC2 Link Closed User Group and Facilities window
Closed User Group (CUG) is an optional X.25 feature. It must not be selected for the LLC2 Link.
For the LLC2 Link, select the following settings:
Size Negotiation
3. Link Modes:
To administer Link Modes parameters for the LLC2 link, select the Link Modes button. The Link Mode
Parameters for link #1 window is opened:
A30828-X9410-B082-35-7619
163/185
Figure 5-9: Solstice X.25 software: LLC2 Link Closed User Group and Facilities window
For configuring the LLC2 Link, select the following parameters:
Keep X.121 address in Call Request to LAN
Confirm the settings with Apply and OK.
YES.
164/185
A30828-X9410-B082-35-7619
Figure 5-10: Solstice X.25 software Throughput Class and Window Size window
Enter the collected Values for X.25 Window Size.
Confirm the settings with Apply and OK.
5.3.3.3 Administration of the X.25 routing table
This task must only be executed, when the network element is connected to LIOS via X.25/ISDN. In this
case the X.25 software has to decide whether an X.25 connection has to be established via the X.25 Link
or via the LLC2 Link depending on the called DTE address. Therefore a routing table is necessary.
In the main window of x25tool choose Services -> Routing to get the routing table.
A30828-X9410-B082-35-7619
165/185
X.121 default
Link Number
Comment:
Any comment describing the default entry.
Confirm the settings with Apply and OK.
166/185
A30828-X9410-B082-35-7619
X.121 host
Link Number
X.121 Address
MAC Address
Comment:
The configuration of a host route must be repeated for every connected NE!
5.3.3.4 Activation of the X.25 configuration
After configuring the necessary X.25 links (X.25 and LLC2 if necessary), activate the configuration:
167/185
Messages like the following are written into the output area of the window:
<07/15/98
<07/15/98
<07/15/98
<07/15/98
<07/15/98
<07/15/98
<07/15/98
<07/15/98
11:18:21>
11:18:21>
11:18:22>
11:18:22>
11:18:22>
11:18:22>
11:18:22>
11:18:32>
This was the last task of the X.25 Configuration. Now you can stop the X.25 Configuration program.
5.3.4
To configure the Solstice OSI software, carry out the following steps:
1. Login to the LIOS server with root user ID.
2. Check whether the osinetd process is running. If not, start it:
/etc/rc2.d/S90osinetd start
The Solstice OSI software you can configure as follows:
Figure 5-13: OSI Administration Tool main window (Solstice OSI software)
2. Stack configuration:
To configure the local OSI stack, select the Stack Manager icon.
The Stack Manager window is opened:
168/185
A30828-X9410-B082-35-7619
3. Device configuration:
Select Devices from the Configuration pull-down list.
The Device Configuration window is opened:
A30828-X9410-B082-35-7619
169/185
Connection Pool
SNPA Address
local DTE address of HSI port
Confirm the settings with Apply and Save and close the Device Configuration window.
170/185
A30828-X9410-B082-35-7619
Figure 5-17: Stack Manager in Solstice OSI software Configuration of Transport over CONS
Perform the following administration tasks:
Max PDU Size
4096
Class Options
Class 0 Only
A30828-X9410-B082-35-7619
171/185
172/185
A30828-X9410-B082-35-7619
Confirm the entries with Apply and close the Network Layer Addresses window.
5. Route Manager:
Configure the route manager of the OSI Stack for two kinds of partner systems, LEA and NE.
For FTAM to LEA, you must configured the routing software of the OSI Stack in such a way that the DTE
address of a partner system is derived from the NSAP address. Therefore you must configure prefix
routes.
For FTAM to NE a routing entry for each NE is necessary. Therefore you must configure host routes.
To define the routing entries of the OSI Stack, select the Route Manager icon in the main window of
Ositool.
A30828-X9410-B082-35-7619
173/185
For X.25 Link Type you must select the value 1988 or 1984. For Addressing Mode you must
select CONS-84/88. Otherwise deriving of the DTE address from the NSAP address will not work.
174/185
A30828-X9410-B082-35-7619
For each routing entry to be configured, select Direct Route and define NSAP (NSAP address) and
SNPA (DTE address).
In addition, define the X.25 Service... parameters for each entry:
If the entries made are not saved before Ositool is stopped, all changes will be lost!
A30828-X9410-B082-35-7619
175/185
Figure 5-24: FTAM Configuration Tool of Solstice FTAM software main window
3. Configuration of local Initiator:
In the main window of the FTAM Configuration Tool, select the Local Initiator icon. The Local
Initiator Configuration window is opened:
176/185
A30828-X9410-B082-35-7619
The Responder function of Solstice FTAM is not used for LIOS, so you need not configure the Local
Responder. The Remote Systems Database is not configured by the ftamtool. This is done by the
LIOS applications Host Administration and LEA Administration, which allow partner administration from
remote hosts (NEs and LEAs).
This finishes the configuration of the local FTAM Stack.
Overview
The Siemens TopSec System is used for Encryption of User Data in ISDN B Channel between two
Communication Partners. It contains the following products:
TopSec 702(703)
TopSec 730
For LIOS one TopSec 730 is installed between BinTec Bianca XL2 and the Network Terminator. The
TopSec 702 (or TopSec 703) are placed between the Network Terminator and the ISDN Terminaladapter.
The following picture gives a short overview about the hardware configuration of the TopSec Boxes in
combination wit LIOS:
A30828-X9410-B082-35-7619
177/185
LIO S client
LIO S server
( X.25)
X25/ISD N Router
BinTec Bianca XL2
TopSec
730
N etwork
term inators
TopSec
703 (702)
5.4.2
The Installation of the administration software has to be done on one of the LIOS Servers.
The following steps have to be executed:
1. Install the administration software as described in [6], Section 2.
2. Initialize the administration software and define an administrator password as described in [6],
Section 5.
3. Login to the System as described in [6], Section 5.1 and create a Key Backup as described in [6],
Section 5.2 on a floppy disk. With this Key Backup file it is possible to login to the administration
software if you have forgotten your administrator password.
4. Define the system configuration of the administration program as described in [6], Section 5.4.
178/185
A30828-X9410-B082-35-7619
Parameter
Parameter value
Always encrypted
Not selected
Always encrypted
Not selected
Membership
Group 1
Layer Activity
A30828-X9410-B082-35-7619
179/185
5.4.3
Before any TopSec Box can be used in the administered system it has to be initialized. The initialization
of the TopSec Boxes can only be done via a serial port, Initialization via ISDN is not possible. To connect
the LIOS server with the given TopSec Box, the serial cables delivered with the administration software
have to be used:
TopSec 730: Connect the serial cable with a free serial port of the LIOS server and the serial port
placed on the front side of the TopSec 730 Box
TopSec 702 (703): Connect the serial cable with a free serial port of the LIOS server and the middle
S0 Port (RJ45) of the TopSec 702 (703) Box.
To add a new TopSec Box to the system you have to do the following:
1. Connect the new box to the serial port of the LIOS server as described above
2. Generate a new entry in the Device table as described in [6], Section 5.5.3
The following parameters have to be entered in addition to the default configuration:
Parameter
Parameter value
Device ID
Dial Number
Description
180/185
A30828-X9410-B082-35-7619
After this initialization task the TopSec box can be put to its operating destination and plugged into the
ISDN connection. Any further configuration task can be done via ISDN if necessary.
5.4.4
A30828-X9410-B082-35-7619
181/185
For test purposes or if there are problems with the encrypted data transfer on the ISDN connection, it is
possible to switch from encrypted to plain data transfer. Therefore you have to do the following:
1. Select every TopSec Box you want to modify and change the following two parameters
Parameter
Parameter Value
Always clear
Selected
182/185
A30828-X9410-B082-35-7619
Figure 5-31: Device Configuration of TopSec Box for plain data transfer
For proper functioning of the whole LIOS configuration you have to change this behavior for every
Box, that is involved.
2. Select every TopSec Box, that has to be updated.
3. Change to the Jobs form and select Parameter Update.
4. Start the Parameter Update by pressing on Start Selected Job
To configure the functionality back (from plain to encrypted) you have to execute the same steps with the
original parameter values.
A30828-X9410-B082-35-7619
183/185
If external alarming has been purchased, it is possible to send alarms as a message via the PIMS
application to external targets. The PIMS application sends the alarm message to the recipients as email
or SMS. The next sections describe the look of a message for each medium.
The creation time of the alarm (format: <d.m hh:mm>). This parameter is mandatory.
The hostname of the LIOS server on which the alarm was processed. This parameter is mandatory.
NE to which the observation belongs (in case of observation-related alarms). This parameter is only
mandatory for group alarms.
LIOS operator to whom the observation belongs. This parameter is only mandatory for group alarms.
LIOS operator group to which the observation belongs. This parameter is only mandatory for group
alarms.
Unique observation identifier. This parameter is only mandatory for group alarms.
Description of the alarm. This parameter is mandatory.
Example:
5.5 23:59
Host1
NE:EWSD1
User:op1
Group:opgroup1
OBSid:123
Desc:Error
The alarm name followed by the separator (:) and the creation time of the alarm (format: <d.m
hh:mm>). These parameters are mandatory.
The hostname of the LIOS server on which the alarm was processed. This parameter is mandatory.
NE to which the observation belongs (in case of observation related alarms). This parameter is only
mandatory for group alarms.
LIOS operator to whom the observation belongs. This parameter is only mandatory for group alarms.
LIOS operator group to which the observation belongs. This parameter is only mandatory for group
alarms.
Unique observation identifier. This parameter is only mandatory for group alarms.
Description of the alarm. This parameter is mandatory.
Example:
184/185
A-OIF-00004:5.5 23:59
Host1
NE:EWSD1
User:op1
Group:opgroup1
OBSid:123
Desc:Error
A30828-X9410-B082-35-7619
Network element
Version
Siemens EWSD
Versions 11 - Version 18
Version 4
Siemens IN@vantage
Version 7.5 FN
Version 3.5
Alcatel S12
MODEL 1400
Huawei C&C08
Version C&C08
Huawei GSM
Version OES-D
Utimaco IMS
RAI 2.0
A30828-X9410-B082-35-7619
185/185