Mediation Engine Connection List
For a Probe machine type, the Mediation Engine Connection List page allows you to configure which Mediation Engines the Operations Monitor Probe connects to.
The following figure shows the ME Connection List page.
The Operations Monitor Probe can connect to one or more Mediation Engines, using TLS encryption, or with some configurations, also cleartext. Likewise, a Mediation Engine can connect to more than one Operations Monitor Probe (as well as Session Border Controller Probes).
On the Mediation Engine, cleartext connections are usually on port 4741 and encrypted connections on port 4742. For encrypted connections, the Operations Monitor Probe and the Mediation Engine need to be able to verify the certificate of the other party.
The Mediation Engine machines by default only accept encrypted connections (unless the Mediation Engine and Probe are on the same machine); for unencrypted connections the check box Accept insecure connections from remote probes on the Trusted Certificate page must be checked.
The following figure shows the Trusted Certificate page.
Typical Connection Scenarios
Mediation Engine and Operations Monitor Probe Are on the Same Machine
For setups with a Mediation Engine machine with an embedded Probe, a cleartext connection is automatically added to the ME connection list. For cleartext connections, no certificates are exchanged.
One Mediation Engine and Two Operations Monitor Probes
For setups with one Mediation Engine and two Operations Monitor Probes, the self-signed server certificates of both Operations Monitor Probes are uploaded as trusted certificates on the Mediation Engine, and the self-signed server certificate of the Mediation Engine is uploaded on both Operations Monitor Probes as a trusted certificate. On each Operations Monitor Probe, the IP of the Mediation Engine is added to the ME connection list with TLScheck box selected.
The following table describes the actions to configure the connections between one Mediation Engine and two Operations Monitor Probes.
Table 4-1 One Mediation Engine and Two Operations Monitor Probes
| Machine | Action |
| Mediation Engine |
|
| Operations Monitor Probe 1 |
|
| Operations Monitor Probe 2 |
|
Two Mediation Engines and One Operations Monitor Probe
For setups with two Mediation Engines and one Operations Monitor Probe, the self-signed server certificate of the Operations Monitor Probe is uploaded as trusted certificate on both Mediation Engines, and the self-signed server certificates of the Mediation Engine are uploaded on the Operations Monitor Probe as a trusted certificate. On the Operations Monitor Probe, the IPs of the Mediation Engines are both added to the ME connection list with TLScheck box selected.
The following table describes the actions to configure the connections between two Mediation Engines and one Operations Monitor Probe.
Table 4-2 Two Mediation Engines and One Operations Monitor Probe
| Machine | Action |
| Mediation Engine 1 |
|
| Mediation Engine 2 |
|
| Operations Monitor Probe |
|
All Other Scenarios
For setups with more than two Operations Monitor Probes or Mediation Engines, Oracle recommends that you use PKI (Public Key Infrastructure) with root certificates as described in Oracle Communications Session Monitor Security Guide.
