AudioCodes Mediant 4000 SBC Скачать руководство пользователя страница 185 | Manualshive

Страница: 185 / 1037

background image

CHAPTER 14 Security

Mediant 4000 SBC | User's Manual

Viewing IDS Alarms

For the IDS feature, the device sends the following SNMP traps:

■

Traps that notify the detection of malicious attacks:

●

acIDSPolicyAlarm:

The device sends this alarm whenever a threshold of a specific IDS

Policy rule is crossed. The trap displays the crossed severity threshold (Minor or Major),
IDS Policy and IDS Rule, and the IDS Policy-Match index.

●

acIDSThresholdCrossNotification:

The device sends this event for each scope (IP

address) that crosses the threshold. In addition to the crossed severity threshold (Minor or
Major) of the IDS Policy-Match index, this event shows the IP address (or IP address:port)
of the malicious attacker.

If the severity level is raised, the alarm of the former severity is cleared and the device
sends a new alarm with the new severity. The alarm is cleared after a user-defined timeout
during which no thresholds have been crossed.

➢

To configure IDS alarm cleared timeout:

1.

Open the IDS General Settings page (

Setup

menu >

Signaling & Media

tab >

Intrusion

Detection

folder >

IDS General Settings

).

2.

From the 'IDS Alarm Clear Period' field (IDSAlarmClearPeriod), enter the timeout (in seconds)
after which the alarm is cleared if no IDS thresholds have been crossed during the timeout.

3. Click

Apply

.

However, this "quiet" timeout period must be at least twice the 'Threshold Window' value
(configured in

Configuring IDS Policies

). For example, if you set IDSAlarmClearPeriod to

20 sec and 'Threshold Window' to 15 sec, the IDSAlarmClearPeriod parameter is ignored
and the alarm is cleared only after 30 seconds (2 x 15 sec).

The figure below displays an example of IDS alarms in the Active Alarms table (

). In this example, a Minor threshold alarm is cleared and replaced by a Major

threshold alarm:

■

acIDSBlacklistNotification event: The device sends this event whenever an attacker (remote
host at IP address and/or port) is added to or removed from the blacklist.

You can also view IDS alarms through CLI:

■

To view all active IDS alarms:

# show voip ids active-alarm all

■

To view all IP addresses that have crossed the threshold for an active IDS alarm:

# show voip ids active-alarm match <IDS Match Policy ID> rule <IDS Rule ID>

The IP address is displayed only if the 'Threshold Scope' parameter is set to IP or IP+Port;
otherwise, only the alarm is displayed.

■

To view the blacklist, see

Viewing IDS Active Blacklist

- 152 -

«
...
183
184
185
186
187
...
»

Содержание Mediant 4000 SBC

Страница 1: ...User s Manual AudioCodes Series of Session Border Controllers SBC Mediant 4000 SBC Version 7 2...

Страница 2: ...services are provided by AudioCodes or by an authorized AudioCodes Service Partner For more information on how to buy technical support for AudioCodes products and for contact information please visi...

Страница 3: ...its accompanying license requires that it be provided in source code as well Buyer may receive such source code by contacting AudioCodes by following the instructions available on AudioCodes website S...

Страница 4: ...d SIP header X AC Action Configuring WebRTC Web path Configuring BroadSoft s Shared Phone Line Call Appearance for Survivability example Automatic Provisioning CLI Script file Configuring RTCP XR IP G...

Страница 5: ...Assigning CSR based Certificates to TLS Contexts Generating Private Keys for TLS Contexts Configuring Underlying Ethernet Devices max Configuring IP Network Interfaces max Configuring Media Realms ma...

Страница 6: ...Call Setup Rules Configuring SBC IP to IP Routing note Configuring SIP Response Codes for Alternative Routing Reasons SBC Wizard screens Auxiliary Files SBC Wizard Viewing IP Connectivity typo Creati...

Страница 7: ...tinations Using Dial Plan Tags for Routing Destinations Disconnecting and Reconnecting HA Viewing the License Key Installing a License Key String Viewing the Device s Product Key Debugging Web Service...

Страница 8: ...UDP Ports using Tag based Routing Updated parameters WebUsers_Password note InterfaceTable_ ApplicationTypes CpMediaRealm_PortRangeStart note removed SIPInterface_UDPPort note removed ProxySet_ Succes...

Страница 9: ...reenshots 42025 Updated with Patch Version 7 20A 158 Updated sections Replacing the Corporate Logo with an Image logo width removed Replacing the Corporate Logo with Text Customizing the Favicon defau...

Страница 10: ...Miscellaneous New AudioCodes logo content removed fom manipulation syntax 42026 Updated to Patch Version 7 20A 200 019 Updated Sections Default OAMP IP Address Configuring Management User Accounts max...

Страница 11: ...ulations_ActionValue ConditionTable_ Condition PreParsingManipulationRules_MessageType PreParsingManipulationRules_ReplaceWith AudioCoders_Sce IpProfile_SBCMediaSecurityMethod 2 removed IPProfile_ SBC...

Страница 12: ...Recording on VoIP Interfaces Updated Parameters SNMPUsers_PrivProtocol 4 and 5 removed InterfaceTable_InterfaceName default Prefix replaced with Pattern for Web parameters and CLI commands and descrip...

Страница 13: ...ction HTTPRemoteServices_NumOfSockets removed HTTPRemoteServices_LoginNeeded removed IPGroup_Tags ProxySet_EnableProxyKeepAlive ProxySet_ProxyRedundancyMode ProxySet_IsProxyHotSwap ProxySet_ProxyLoadB...

Страница 14: ...ndManipulationSet GWOutboundManipulationSet 42033 Updated for software update Version 7 20A 250 Updated sections Alternative Routing Based on SIP Responses 806 updated Fax and Modem Capabilities remov...

Страница 15: ...changed SIPInterface_PreClassificationManipulationSet note if classification fails SBCCDRFormat_FieldType 445 and 446 added GWInboundManipulationSet CLI GWOutboundManipulationSet CLI HaNetworkMonitor...

Страница 16: ...ing Static IP Routes reset removed Configuring Syslog Debug Level typo Configuring Test Call Endpoints Configuring the Device s LDAP Cache typo Configuring the OVOC Server for QoE table renamed Config...

Страница 17: ...T Query HTTP POST Notification CallSetupRules_QueryTarget Web name changed CallSetupRules_AttributesToQuery Web name changed CallSetupRules_ActionType None value added InterfaceTable_ PrefixLength val...

Страница 18: ...tting Acquainted with the Web Interface 17 Computer Requirements 17 Accessing the Web Interface 17 Areas of the GUI 18 Accessing Configuration Pages from Navigation Tree 21 Configuring Stand alone Par...

Страница 19: ...elnet for CLI 55 Enabling SSH with RSA Public Key for CLI 56 Configuring Maximum Telnet SSH Sessions 57 Establishing a CLI Session 58 Viewing Current CLI Sessions 59 Terminating a User s CLI Session 5...

Страница 20: ...ying Ethernet Devices 94 Configuring IP Network Interfaces 96 Networking Configuration Examples 101 Configuring Static IP Routes 104 Configuration Example of Static IP Routes 106 Troubleshooting the S...

Страница 21: ...cies 150 Viewing IDS Alarms 152 Configuring SIP Response Codes to Exclude from IDS 154 15 Media 155 Configuring Voice Settings 155 Configuring Voice Gain Volume Control 155 Configuring Echo Cancellati...

Страница 22: ...204 Avaya UCID 204 Customizing Recorded SIP Messages Sent to SRS 205 RADIUS based Services 207 Enabling RADIUS Services 207 Configuring RADIUS Servers 208 Configuring Interface for RADIUS Communicati...

Страница 23: ...ng HTTP Proxy Servers 263 Configuring HTTP Locations 266 Configuring TCP UDP Proxy Servers 269 Configuring Upstream Groups 272 Configuring Upstream Hosts 274 Configuring HTTP Directive Sets 275 Config...

Страница 24: ...Media Realms 316 Configuring Remote Media Subnets 319 Configuring Media Realm Extensions 321 Configuring SRDs 324 Filtering Tables in Web Interface by SRD 330 Multiple SRDs for Multi tenant Deployment...

Страница 25: ...BC Outbound Manipulation 476 Using Dial Plan Tags for Call Setup Rules 477 Using Dial Plan Tags for Message Manipulation 477 21 SIP Message Manipulation 478 Configuring SIP Message Manipulation 478 Co...

Страница 26: ...IP 3xx 520 Interworking SIP Diversion and History Info Headers 521 Interworking SIP REFER Messages 522 Interworking SIP PRACK Messages 523 Interworking SIP Session Timer 523 Interworking SIP Early Med...

Страница 27: ...dpoints 599 Configuring SBC MoH from External Media Source 601 WebRTC 604 SIP over WebSocket 606 Configuring WebRTC 608 Call Forking 610 Initiating SIP Call Forking 611 Configuring SIP Forking Initiat...

Страница 28: ...v for HA Maintenance Traffic 643 Monitoring IP Entities and HA Switchover upon Ping Failure 643 33 HA Maintenance 648 Maintenance of Redundant Device 648 Replacing a Failed Device 648 Initiating an HA...

Страница 29: ...onfiguration File 688 Saving and Loading CLI Script Files 689 Saving and Loading a Configuration Package File 690 40 Automatic Provisioning 692 Automatic Configuration Methods 692 DHCP based Provision...

Страница 30: ...725 Restoring Defaults through ini File 725 Part IX 726 Status Performance Monitoring and Reporting 726 43 System Status 727 Viewing Device Information 727 Viewing Device Status on Monitor Page 728 44...

Страница 31: ...Configuring RADIUS Accounting 804 Part X 811 Diagnostics 811 52 Syslog and Debug Recording 812 Configuring Log Filter Rules 812 Filtering IP Network Traces 817 Configuring Syslog 817 Syslog Message F...

Страница 32: ...Parameters 859 General Parameters 859 Web Parameters 862 Telnet and CLI Parameters 866 ini File Parameters 868 SNMP Parameters 868 Serial Parameters 874 Auxiliary and Configuration File Name Parameter...

Страница 33: ...ers 950 RTP RTCP and T 38 Parameters 951 Fax and Modem Parameters 956 Answer and Disconnect Supervision Parameters 964 SBC Parameters 966 Supplementary Services 987 IP Media Parameters 987 Services 99...

Страница 34: ...list of IP PBXs unified communications solutions and SIP trunking provider networks The device provides robust protection for the IP communications infrastructure preventing fraud and service theft a...

Страница 35: ...e your device more effectively and easily SBC Application The objective of your configuration is to enable the device to forward calls between telephony endpoints in the SIP based Voice over IP VoIP n...

Страница 36: ...edia traffic with a specific SIP entity IP Group The Media Realm can be associated with the SIP entity by assigning the Media Realm to the IP Group of the SIP entity or by assigning it to the SIP Inte...

Страница 37: ...h the Classification rule is configured IP to IP Routing IP to IP routing rules define the routes for routing calls between SIP entities As the SIP entities are represented by IP Groups the routing ru...

Страница 38: ...maximum number of permitted concurrent calls SIP dialogs per IP Group SIP Interface SRD or user Accounts Accounts are used to register or authenticate a served SIP entity e g IP PBX with a serving SI...

Страница 39: ...ssification rule that is associated with the dialog s SRD and that matches the incoming characteristics of the incoming dialog defined for the rule 3 IP Profile and inbound manipulation can be applied...

Страница 40: ...Part I Getting Started with Initial Connectivity...

Страница 41: ...troduction Mediant 4000 SBC User s Manual 2 Introduction This part describes how to initially access the device s management interface and change its default IP address to correspond with your network...

Страница 42: ...s address to initially access the device from any of its management tools embedded Web server OVOC or Telnet SSH You can also access the device through the console CLI by connecting the device s seria...

Страница 43: ...MP networking address through the Web based management tool Web interface The default IP address is used to initially access the device To change the default OAMP network address through Web interface...

Страница 44: ...ice drop down list select the Ethernet Device that you configured in the previous step d Under the IP Address group change the IP address to correspond with your network IP addressing scheme e Under t...

Страница 45: ...g a terminal emulator program such as HyperTerminal with the following communication port settings Baud Rate 115 200 bps Data Bits 8 Parity None Stop Bits 1 Flow Control None 3 At the CLI prompt type...

Страница 46: ...aste the below ini file table parameter InterfaceTable into the ini file InterfaceTable FORMAT InterfaceTable_Index InterfaceTable_ApplicationTypes InterfaceTable_ InterfaceMode InterfaceTable_IPAddre...

Страница 47: ...CHAPTER 4 Configuring VoIP LAN Interface for OAMP Mediant 4000 SBC User s Manual 9 Access the device using the new OAMP interface address 14...

Страница 48: ...Part II Management Tools...

Страница 49: ...r see Web based Management Embedded Command Line Interface CLI see CLI Based Management Simple Network Management Protocol SNMP see SNMP Based Management Configuration ini file see INI File Based Mana...

Страница 50: ...pages and parameters are available only for certain hardware configurations or software features The software features are determined by the installed License Key see License Key Getting Acquainted w...

Страница 51: ...rname field offers previously entered usernames To disable autocompletion use the WebLoginBlockAutoComplete ini file parameter Depending on your Web browser s settings a security warning box may be di...

Страница 52: ...nce If you make a configuration change that takes effect only after a device reset the button is surrounded by a red colored border as a reminder otherwise your changes revert to previous settings if...

Страница 53: ...ord button to change your login password see Changing Login Password by All User Levels on page 51 Log Out button to log out the Web session see Logging Off the Web Interface 6 Product name of device...

Страница 54: ...rk pane The hierarchical structure and organization of the items in the Navigation tree allow you to easily drill down and locate the required item The Navigation tree consists of the following areas...

Страница 55: ...n invalid row If a folder contains an item with an invalid row or associated with an invalid row the closed folder displays a red colored icon as shown in the following example If you hover your curso...

Страница 56: ...ings to flash memory with a device reset for your changes to take effect When you change such a parameter and then click Apply the Reset button on the toolbar is encircled by a red border If you click...

Страница 57: ...to their previous settings if the device later undergoes a hardware reset a software reset without saving to flash or powers down Therefore make sure that you save your configuration to the device s...

Страница 58: ...le has a child table The child table is opened for the selected row 6 Navigation bar for scrolling through the table s pages see Viewing Table Rows 7 Search tool for searching parameters and values se...

Страница 59: ...thods Selecting a referenced row from the drop down list Scroll down to the desired item and click it Search for the item by entering in the field the first few characters of the desired row and then...

Страница 60: ...t to its previous size Modifying Table Rows The following procedure describes how to modify edit the configuration of an existing table row Remember that a gray colored dot icon displayed next to a pa...

Страница 61: ...eld is surrounded by a colored border as shown in the example below If you hover your mouse over the field a pop up message appears providing the valid values If you enter a valid value the colored bo...

Страница 62: ...with a parameter that references Proxy Set 0 which is configured with an invalid value Invalid Reference Line icons are displayed for the IP Groups table as shown below Invalid icon display in drop d...

Страница 63: ...e Navigation Bar Description Item Description 1 Navigation buttons to view previous table rows Displays the previous table page Displays the first table page i e page with at least the first index row...

Страница 64: ...n header so that the rows are sorted in ascending order e g 0 1 2 and so on 2 Select the row that you want to move 3 Do one of the following To move one index up e g from Index 3 to 2 Click the up arr...

Страница 65: ...arch is unsuccessful no rows are displayed 4 To quit the Search tool and continue configuring rows click the icon located in the Search box Searching for Configuration Parameters You can search in the...

Страница 66: ...avigation path link to the page on which the parameter appears Parameter s name Parameter s value Brief description of parameter 3 Click the link of the navigation path corresponding to the required f...

Страница 67: ...36 Web browser Favicon see Customizing the Favicon Login welcome message see Creating a Login Welcome Message The product name also affects other management interfaces In addition to Web interface cus...

Страница 68: ...ensitive suffix AdminPage to the device s IP address e g http 10 1 229 17 AdminPage 3 Log in with your credentials the Admin page appears 4 On the left pane click Image Load to Device the right pane d...

Страница 69: ...zing the Browser Tab Label You can customize the label that appears on the tab of the Web browser that you use to open the device s Web interface By default the tab displays AudioCodes You can change...

Страница 70: ...ings To replace the default text UseWebLogo 1 WebLogoText your text for example Hello To restore the default text AudioCodes UseWebLogo 0 2 Load the ini file using the Auxiliary Files page see Loading...

Страница 71: ...that you are using to access the device s Web interface 2 In your browser s URL address field append the case sensitive suffix AdminPage to the device s IP address e g http 10 1 229 17 AdminPage 3 Lo...

Страница 72: ...reate an ini file that includes the WelcomeMessage table parameter Use the parameter to configure your message where each index row is a line in your message for example WelcomeMessage FORMAT WelcomeM...

Страница 73: ...ed management interfaces The following procedure describes how to configure additional management interfaces through the Web interface You can also configure it through ini file AdditionalManagementIn...

Страница 74: ...on HTTP and HTTPS or HTTPS Only depends on the configuration of the global parameter HTTPSOnly see Configuring Secured HTTPS Web Configuring Management User Accounts The Local Users table lets you con...

Страница 75: ...read only privileges per Web page for Monitor Administrator and Security Administrator user levels For more information see Customizing Access Levels per Web Page on page 47 The device provides the fo...

Страница 76: ...st be configured with a unique index Username user WebUsers_Username Defines the Web user s username The valid value is a string of up to 40 alphanumeric characters including the period underscore _ a...

Страница 77: ...last remaining Security Administrator The first Master user can be added only by a Security Administrator user Additional Master users can be added edited and deleted only by Master users If only one...

Страница 78: ...ivity Timer see Configuring Web Session and Access Settings These users can only log in to the Web interface if their status is changed to New or Valid by a System Administrator or Master Note The Ina...

Страница 79: ...through REST CLI Session Limit cli session limit WebUsers_ CliSessionLimit Defines the maximum number of concurrent CLI sessions allowed for the specific user For example if configured to 2 the same...

Страница 80: ...ls Monitor Administrator or Security Administrator per page in the device s Web interface These rules override the default read write and read only privileges of the user levels as described in Config...

Страница 81: ...e Administrator and Security Administrator are also assigned read only privileges TLS Contexts Security Administrator Security Administrator Assigns read write privileges to Security Administrator use...

Страница 82: ...rator default 200 Security Administrator Read Only Access Level WebPagesAccessLevel_ ROAccessLevel Defines the minimum user level to which you want to assign read only access privileges for the select...

Страница 83: ...for example The following information is displayed Username e g Admin of currently logged in user User level e g Security Administrator of currently logged in user Duration of the current Web session...

Страница 84: ...ement User Accounts Session Timeout Duration in minutes of inactivity i e no actions are performed in the Web interface of a logged in user after which the Web session expires and the user is automati...

Страница 85: ...in password 1 On the top bar of the Web interface click the username that is displayed for the currently logged in user e g Admin the following appears 2 Click Change Password the following appears 3...

Страница 86: ...ique number When the user performs actions i e POST method on that page e g configures parameters the token is included to verify that the authenticated user is the one performing the actions To enabl...

Страница 87: ...ce as the first authorized IP address in the Access List If you configure any other IP address access from your computer will be immediately denied If you configure network firewall rules in the Firew...

Страница 88: ...enable a secured Telnet that uses Secure Socket Layer SSL where information is not transmitted in clear text If SSL is used a special Telnet client is required on your PC to connect to the Telnet int...

Страница 89: ...er grade security Follow the instructions below to configure the device with an administrator RSA key as a means of strong authentication To enable SSH and configure RSA public keys for Windows using...

Страница 90: ...in Step 4 5 Connect to the device with SSH using the username Admin RSA key negotiation occurs automatically and no password is required To configure RSA public keys for Linux using OpenSSH 4 3 1 Run...

Страница 91: ...cure SHell SSH The device can be accessed through its Ethernet interface by the SSH protocol using SSH client software A popular and freeware SSH client software is Putty which can be downloaded from...

Страница 92: ...show users 0 console Admin local 0d00h03m15s 1 telnet John 10 4 2 1 0d01h03m47s 2 ssh Alex 192 168 121 234 12d00h02m34s The current session from which this show command was run is displayed with an a...

Страница 93: ...nal window length the MORE prompt is not displayed To configure the number of displayed output lines by dragging terminal window 1 Establish a CLI session with the device 2 Access the System menu conf...

Страница 94: ...ayed encrypted the word obscured appears after the password To enable obscured password display in CLI config system cli settings cli settings password obscurity on Below shows two examples of passwor...

Страница 95: ...and then reset the device with a save to flash for your settings to take effect Configuring SNMP Community Strings SNMP community strings determine the access privileges read only and read write of S...

Страница 96: ...t the device with a save to flash for your settings to take effect To delete a community string delete the configured string click Apply and then reset the device with a save to flash for your setting...

Страница 97: ...lid value is a string of up to 30 characters that can include only the following Upper and lower case letters a to z and A to Z Numbers 0 to 9 Hyphen Underline _ For example Trap comm_string1 The defa...

Страница 98: ...SNMP trap manager with an FQDN see Configuring an SNMP Trap Destination with FQDN Table 8 2 SNMP Trap Destinations Table Parameters Description Parameter Description check box SNMPManagerIsUsed_x Ena...

Страница 99: ...nation with an FQDN 1 Open the SNMP Community Settings page Setup menu Administration tab SNMP folder SNMP Community Settings 2 Under the Misc Settings group in the Trap Manager Host Name field SNMPTr...

Страница 100: ...b activity 1 Open the SNMP Community Settings page Setup menu Administration tab SNMP folder SNMP Community Settings 2 Under the Misc Settings group from the Activity Trap drop down list EnableActivit...

Страница 101: ...figured with a unique index User Name username SNMPUsers_ Username Name of the SNMP v3 user The name must be unique Authentication Protocol auth protocol SNMPUsers_ AuthProtocol Authentication protoco...

Страница 102: ...ing for example If you have customized an alarm that has subsequently been sent by the device and you then delete the rule when the alarm is still active the device doesn t send the alarm again for th...

Страница 103: ...alarm that you want to customize Note The CLI and ini file use the last digits of the alarm s OID as the name For example configure the parameter to 12 for the acActiveAlarmTableOverflow alarm OID is...

Страница 104: ...n the Original Severity parameter For example if you want to change the severity of the acCertificateExpiryAlarm alarm from Minor to Major then configure the Original Severity parameter to Minor and t...

Страница 105: ...ple severity levels based on conditions configure the Original Severity parameter to the severity that you don t want the device to send For example if you don t want the device to send the acProxyCon...

Страница 106: ...name parameter name value parameter name value this is a comment line for example System Parameters SyslogServerIP 10 13 2 69 EnableSyslog 1 For general ini file formatting rules see General ini File...

Страница 107: ...in the Data lines are interpreted according to the order specified in the Format line The double dollar sign in a Data line indicates the default value for the parameter The order of the Data lines is...

Страница 108: ...st be enclosed with inverted commas e g CallProgressTonesFileName cpt_usa dat The parameter name is not case sensitive The parameter value is not case sensitive except for coder names The ini file mus...

Страница 109: ...o the device s non volatile memory flash Before you load an ini file to the device make sure that the file extension name is ini Secured Encoded ini File The ini file contains sensitive information th...

Страница 110: ...rds the passwords are ignored By default the format is obscured passwords thus enabling their full recovery in case of configuration restore or copy to another device Regardless of the configured pass...

Страница 111: ...d the resource s state and to create update and delete the resources respectively Resource state is described in JSON format and included in the HTTP request or response bodies For security it is reco...

Страница 112: ...accessing each resource menu you can access it directly using the full URL path e g api v1 alarms active For more information on REST API refer to the document REST API for Mediant Devices When access...

Страница 113: ...Part III General System Settings...

Страница 114: ...ages received from the NTP server Authentication is done using an authentication key with the MD5 cryptographic hash algorithm When this feature is enabled the device ignores NTP messages received wit...

Страница 115: ...e g 27 Time Hours in 24 hour format e g 4 for 4 am Minutes in mm format e g 57 Seconds in ss format e g 45 3 Click Apply the date and time is displayed in the UTC Time read only field If the device i...

Страница 116: ...up menu Administration tab Time Date and then scroll down to the Time Zone group 2 From the Day Light Saving Time DayLightSavingTimeEnable drop down list select Enable 3 From the DST Mode drop down li...

Страница 117: ...hostname first 16 characters only instead of the device type CLI The CLI prompt displays the hostname instead of the device type The device s SNMP interface s SysName object under MIB 2 is set to the...

Страница 118: ...Part IV General VoIP Configuration...

Страница 119: ...hem giving you a better understanding of your network topology and configuration You can use the Network view as an alternative to configuring the entities in their respective Web pages or you can use...

Страница 120: ...P Interface as desired and then click Apply the IP Interfaces table closes and you are returned to the Network View displaying the newly added IP Interface For more information on configuring IP Inter...

Страница 121: ...Configure the Ethernet Group as desired and then click Apply the Ethernet Groups table closes and you are returned to the Network View For more information on configuring IP Interfaces see Configurin...

Страница 122: ...work View button to refresh the connectivity status display of the Ethernet ports Configuring Physical Ethernet Ports The Physical Ports table lets you configure the device s Ethernet ports This inclu...

Страница 123: ...ities folder Physical Ports 2 Select a port that you want to configure and then click Edit the following dialog box appears 3 Configure the port according to the parameters described in the table belo...

Страница 124: ...When two ports are assigned to an Ethernet Group 1 1 Ethernet port redundancy can be implemented in your network In such a configuration one port can be active while the other standby or both ports ca...

Страница 125: ...t is selected or select a different port Two different MAC addresses are assigned to the Ethernet ports one to ports GE 1 4 upper ports and another to ports GE 5 8 lower ports If you configure an Ethe...

Страница 126: ...net Group can receive and transmit packets This option is applicable only to the Maintenance interface for High Availability HA deployments For more information see Network Topology Types and Rx Tx Et...

Страница 127: ...N ID 1 Ethernet Group GROUP 1 Tagging Policy Untagged MTU 1500 The pre configured Ethernet Device is associated with the default IP network interface ie OAMP in the IP Interfaces table The Untagged po...

Страница 128: ...et Output Device field see Configuring Static IP Routing VLAN ID vlan id DeviceTable_ VlanID Defines a VLAN ID for the Ethernet Device The valid value is 1 to 3999 The default is 1 Note Each Ethernet...

Страница 129: ...MTU of the first Ethernet Device untagged VLAN For example if the untagged VLAN is configured with MTU of 100 bytes you can configure a tagged VLAN with an MTU value of either 100 bytes or less If yo...

Страница 130: ...h Availability IP address IPv4 or IPv6 and subnet mask prefix length Default Gateway Traffic from this interface destined to a subnet that does not meet any of the routing rules local or static are fo...

Страница 131: ...ame must be configured mandatory and must be unique for each interface Each network interface must be assigned an Ethernet Device For IPv4 addresses the Interface Mode column must be set to IPv4 Manua...

Страница 132: ...nterface for HA mode you must reset the device for your changes to take effect To view configured IP network interfaces that are currently active click the IP Interface Status Table link located at th...

Страница 133: ...Interfaces Ethernet Device underlying dev InterfaceTable_ UnderlyingDevice Assigns an Ethernet Device to the IP interface An Ethernet Device is a VLAN associated with a physical Ethernet port Ethernet...

Страница 134: ...ss blocks it uses the variable length subnet masking technique to allow allocation on arbitrary length prefixes The valid value of the prefix length depends on the IP address version IPv4 0 to 30 defa...

Страница 135: ...Control and one for RTP Media and each with a different VLAN ID and default gateway Inde x Name Applic ation Type Eth ernet Device Inter face Mode IP Address Prefix Lengt h Default Gateway 0 Managemen...

Страница 136: ...plication is configured through the ini file to serve as OAMP applications EnableNTPasOAM 1 Configure Layer 2 QoS mapping in the QoS Mapping table Packets sent with the configured DiffServ get the con...

Страница 137: ...not located behind the Default Gateway that is specified for an IP network interface in the IP Interfaces table from which the packets are sent Before sending an IP packet the device searches the Sta...

Страница 138: ...eter Description Index StaticRouteTable_ Index Defines an index number for the new table row The valid value is 0 to 29 Note Each row must be configured with a unique index Description description Sta...

Страница 139: ...ration Example of Static IP Routes An example of the use for static routes is shown in the figure below In the example the device needs to communicate with a softswitch at IP address 10 1 1 10 However...

Страница 140: ...with the static route The same destination has been configured in two different static routing rules More than 30 static routes have been configured If a static route is required to access OAMP applic...

Страница 141: ...ding to its IP address configured in the IP Interfaces table The figure below illustrates the NAT problem faced by SIP networks when the device is located behind a NAT Configuring NAT Translation per...

Страница 142: ...pecified network interface are NAT ed By default no value is defined To configure IP network interfaces see Configuring IP Network Interfaces Source Start Port src start port NATTranslation_ SourceSta...

Страница 143: ...ress is a local address the device considers the endpoint as located behind NAT In this case the device sends the SIP messages to the endpoint using the packet s source IP address Otherwise or if you...

Страница 144: ...o the private IP address port of the UA and not the public address of the NAT server and therefore the media will not reach the UA When the UA is located behind NAT although the UA sends its private I...

Страница 145: ...from the LAN to the WAN through the firewall If the firewall blocks T 38 packets sent from the termination IP fax the fax fails To overcome this problem the device sends No Op no signal packets to ope...

Страница 146: ...he receipt of STUN binding requests for connectivity checks of ICE candidates and responds to them with STUN responses Note that in the response to the INVITE message received from the remote endpoint...

Страница 147: ...er of continuous media packets that need to be received from a different source s before the channel can latch onto this new incoming stream Period msec during which if no packets are received from th...

Страница 148: ...e expense of other traffic types By prioritizing packets DiffServ routers can minimize transmission delays for time sensitive packets such as VoIP packets You can assign DiffServ to the following clas...

Страница 149: ...ervices to Application Types OAMP Control Depends on traffic type Control Control Premium Management Bronze To configure DiffServ Layer 3 QoS values per CoS 1 Open the QoS Settings page Setup menu IP...

Страница 150: ...ccording to the DiffServ value in the IP header of the packet Layer 2 802 1Q frames have a 2 byte field called Tag Control Information The three most significant bits of this 2 byte field represents t...

Страница 151: ...ring ICMP Messages Internet Control Message Protocol ICMP is one of the core protocols of the Internet Protocol suite It is used by network devices such as routers to send error messages indicating fo...

Страница 152: ...e Internal SRV Table Configuring Default DNS Servers The device provides two default DNS server addresses primary and secondary which you can modify The default primary DNS server s address is 8 8 8 8...

Страница 153: ...DNS table the device performs a DNS query with an external third party DNS server whose address is configured for the associated IP network interface in the IP Interfaces table see Configuring IP Netw...

Страница 154: ...translated Configuring the Internal SRV Table The Internal SRV table lets you configure up to 10 SRV rows The table is used to resolve hostnames into DNS A Records You can assign three different A Rec...

Страница 155: ...ame Srv2Ip_ InternalDomain Defines the hostname to be translated The valid value is a string of up to 31 characters By default no value is defined Transport Type transport type Srv2Ip_ TransportType D...

Страница 156: ...e priority By default no value is defined Port 1 3 port 1 2 3 Srv2Ip_Port1 2 3 Defines the TCP or UDP port on which the service is to be found By default no value is defined IP Multicasting The device...

Страница 157: ...ity and authenticity between two communicating applications over TCP IP The device is shipped with a default TLS Context Index 0 and named default which includes a self generated random private key an...

Страница 158: ...ontext assigned to the Proxy Set is used To configure Proxy Sets see Configuring Proxy Sets b SIP Interface If the Proxy Set is either not configured for TLS i e the Transport Type parameter is set to...

Страница 159: ...haracters Note The parameter value cannot contain a forward slash The default TLS Context Index 0 is named default TLS Version tls version TLSContexts_TLSVersion Defines the supported SSL TLS protocol...

Страница 160: ...s determined at compile time and is normally ALL EXPORT LOW aNULL eNULL SSLv2 Strict Certificate Extension Validation require strict cert TLSContexts_ RequireStrictCert Enables the validation of the e...

Страница 161: ...page appears 3 Under the Certificate Signing Request group fill in the following information a Distinguished Name DN fields uniquely identifies the device In the Common Name CN field enter the common...

Страница 162: ...ERTIFICATE header 7 Scroll down to the Upload Certificates Files From Your Computer group click the Browse button corresponding to the Send Device Certificate field navigate to the cert txt file and t...

Страница 163: ...Provisioning mechanism using the HTTPSCertFileName parameter Viewing Certificate Information You can view information of TLS certificates installed on the device per TLS Context To view certificate in...

Страница 164: ...rocedure describes how to assign an externally created private key to a TLS Context To assign an externally created private key to a TLS Context 1 Obtain a private key in either textual PEM PKCS 7 or...

Страница 165: ...Send Device Certificate file text 8 After the files successfully load to the device save the configuration with a device reset 9 Verify that the private key is correct a Open the TLS Contexts table b...

Страница 166: ...the device acts as a CA The Issuer e g Issuer CN ACL_ 5967925 and Subject e g Subject CN ACL_5967925 fields of the self signed certificate have the same value The device is shipped with a default TLS...

Страница 167: ...the configuration with a device reset for the new certificate to take effect Importing Certificates into Trusted Root Certificate Store The device provides its own Trusted Root Certificate store This...

Страница 168: ...click the Trusted Root Certificates link located below the table the Trusted Certificates table appears 3 Click the Import button and then browse to and select the certificate file 4 Click OK the cert...

Страница 169: ...ates table certificate root store so that the device can authenticate the client see Importing Certificates into Trusted Root Certificate Store Make sure that the TLS certificate is signed by a CA tha...

Страница 170: ...LS Context whereby the device periodically checks the validation date of installed TLS server certificates You can also configure the device to send an SNMP alarm acCertificateExpiryAlarm at a user de...

Страница 171: ...e call terminates Therefore it is unnecessary to configure specific firewall rules to allow traffic through specific ports For example if you have configured a firewall rule to block all media traffic...

Страница 172: ...ives the incoming packet The valid range is 0 to 65535 The default is 0 Note When set to 0 this field is ignored and any source port matches the rule Prefix Length prefixLen AccessList_ PrefixLen Mand...

Страница 173: ...Any to 255 The default is Any Note The parameter also accepts the string value HTTP which implies selection of the TCP or UDP protocols and the appropriate port numbers as defined on the device To sp...

Страница 174: ...example the actual traffic rate is 45000 bytes sec then this allowance would be consumed within 10 seconds after which all traffic exceeding the allocated 40000 bytes sec is dropped If the actual tra...

Страница 175: ...raffic from the LAN voice interface and limits bandwidth Rule 5 Blocks all other traffic Configuring Firewall Rules to Allow Incoming OVOC Traffic If the device needs to communicate with AudioCodes OV...

Страница 176: ...on figured for file trans fer Allo w 0 0 0 N 5 QoE OV OC IP addre ss 5000 32 0 0 tcp Enabl e inter face con figured for QoE Allo w 0 0 0 N 6 QoE secur ed OV OC IP addre ss 5001 32 0 0 tcp Enabl e inte...

Страница 177: ...s required see Configuring TLS Certificate Contexts 2 Assign the TLS Context to a Proxy Set or SIP Interface see Configuring Proxy Sets and Configuring SIP Interfaces respectively 3 Configure a SIP In...

Страница 178: ...age e g by entering meaningless or wrong information with the goal of exploiting a buffer overflow at the target Such messages can be used to probe for vulnerabilities at the target Message flow tampe...

Страница 179: ...he WAN DEFAULT_PROXY IDS Policy for proxy server DEFAULT_GLOBAL IDS Policy with global thresholds You can edit and delete the default IDS Policies If the IDS Policies table is empty i e you have delet...

Страница 180: ...equired IDS Policy row and then click the IDS Rule link located below the table the IDS Rule table opens 6 Click New the following dialog box appears The figure above shows a configuration example If...

Страница 181: ...ote authentication SIP 401 407 is sent if original message includes authentication 4 Dialog establish failure SIP dialog establishment e g INVITE failure which includes the following Classification fa...

Страница 182: ...hold interval in seconds during which the device counts the attacks to check if a threshold is crossed The counter is automatically reset at the end of the interval The valid range is 1 to 1 000 000 T...

Страница 183: ...malicious attacks from specified subnet addresses You can configure up to 20 IDS Policy Matching rules The following procedure describes how to configure the IDS Match table through the Web interface...

Страница 184: ...f a Proxy Set has multiple IP addresses the device considers the Proxy Set as one entity and includes all its IP addresses in the same IDS count Subnet subnet IDSMatch_Subnet Defines the subnet to whi...

Страница 185: ...rm Clear Period field IDSAlarmClearPeriod enter the timeout in seconds after which the alarm is cleared if no IDS thresholds have been crossed during the timeout 3 Click Apply However this quiet timeo...

Страница 186: ...invalid msg len Any SIP parser error malformed parse error Message policy match malformed message policy Basic headers not present malformed miss header Content length header not present for TCP malf...

Страница 187: ...as reasons for SIP dialog establishment failures To configure SIP responses to exclude from IDS 1 Open the IDS General Settings page Setup menu Signaling Media tab Intrusion Detection folder IDS Gener...

Страница 188: ...d signal 3 Click Apply Configuring Echo Cancellation The device supports adaptive linear line echo cancellation according to G 168 2002 Echo cancellation is a mechanism that removes echo from the voic...

Страница 189: ...o configure echo cancellation 1 Configure line echo cancellation a Open the Voice Settings page Setup menu Signaling Media tab Media folder Voice Settings b From the Echo Canceller drop down list Enab...

Страница 190: ...nables Aggressive NLP at the first 0 5 second of the call Fax and Modem Capabilities This section describes the device s fax and modem capabilities and corresponding configuration The fax and modem co...

Страница 191: ...tion see RFC 2833 ANS Report upon Fax Modem Detection Adaptations refer to automatic reconfiguration of certain DSP features for handling fax modem streams differently than voice T 38 Fax Relay Mode I...

Страница 192: ...packets from the internal network To resolve this problem the device should be configured to send CNG packets in T 38 upon CNG signal detection CNGDetectorMode 1 Automatically Switching to T 38 Mode w...

Страница 193: ...ly without its headers i e includes only fax data in the sent RTP packet RFC 4612 The T 38 over RTP method also depends on call initiator Device initiates a call The device always sends the SDP offer...

Страница 194: ...re INVITE with G 711 VBD with the following adaptations Echo Canceller on Silence Compression off Echo Canceller Non Linear Processor Mode off Dynamic Jitter Buffer Minimum Delay 40 Dynamic Jitter Buf...

Страница 195: ...ype parameter to Enable Bypass V22ModemTransportType 2 Set the V 23 Modem Transport Type parameter to Enable Bypass V23ModemTransportType 2 Set the V 32 Modem Transport Type parameter to Enable Bypass...

Страница 196: ...100 X NSE 8000 The Cisco gateway must include the following definition modem passthrough nse payload type 100 codec g711alaw To configure NSE mode 1 On the Fax Modem CID Settings page do the followin...

Страница 197: ...or to 13 and to enable echo cancellation for fax and disable it for modem To configure fax modem transparent mode 1 On the Fax Modem CID Settings page do the following Set the Fax Transport Mode param...

Страница 198: ...38 see Relay Mode for T 30 and V 34 Faxes To configure whether to pass V 34 over T 38 fax relay or use Bypass over the High Bit Rate coder e g PCM A Law use the V 34 Fax Transport Type parameter V34F...

Страница 199: ...e do the following Set the Fax Transport Mode parameter to T 38 Relay FaxTransportMode 1 Set the V 22 Modem Transport Type parameter to Disable V22ModemTransportType 0 Set the V 23 Modem Transport Typ...

Страница 200: ...1 i e relay 5 Set the ini file parameter T38MaxDatagramSize to 560 default The T 38 negotiation should be completed at call start according to V 152 procedure as shown in the INVITE example below T 38...

Страница 201: ...ilities is exchanged in the outgoing SDP These capabilities include whether VBD is supported and associated RTP payload types gpmd SDP attribute supported codecs and packetization periods for all code...

Страница 202: ...egular intervals in order to produce continuous speech As long as delays in the network do not change jitter by more than 10 msec from one packet to the next there is always a sample in the buffer for...

Страница 203: ...ype defines the RTP redundancy packet payload type according to RFC 2198 3 Click Apply Configuring RTP Base UDP Port You can configure the range pool of local UDP ports from which the device allocates...

Страница 204: ...RTP RTCP Settings 2 In the RTP Base UDP Port field configure the lower boundary of the UDP port range 3 Click Apply and then reset the device with a save to flash for your settings to take effect The...

Страница 205: ...using the G 711 coder The X Detect header is used for event detection as follows X Detect header in the INVITE message received from the application server requesting a specific event detection X Dete...

Страница 206: ...ps AMD based Detection The device uses its beep detector that is integrated in the AMD feature You can configure the beep detection timeout and beep detection sensitivity level for more information se...

Страница 207: ...95240 To sipp sip sipp 172 22 2 9 5060 tag 1 Call ID 1 29758 172 22 2 9 CSeq 1 INFO Contact sip 56700 172 22 168 249 Supported em timer replaces path resource priority Allow REGISTER OPTIONS INVITE AC...

Страница 208: ...END d The application server sends its message to leave on the answering message Example 2 This example shows a SIP call flow for event detection and notification of the beep of an answering machine a...

Страница 209: ...yed by an answering machine at the end of its greeting message For more information see Detecting Answering Machine Beeps The device s default AMD feature is based on voice detection for North America...

Страница 210: ...nsitivity level that is more sensitive to human than machine In addition this allows you to tweak your sensitivity to meet local regulatory rules designed to protect consumers from automatic dialers w...

Страница 211: ...Calls Success Rate for Answering Machine 0 Best for Answering Machine 72 97 1 77 96 2 79 95 3 80 95 4 84 94 5 86 93 6 87 92 7 88 91 8 90 89 9 90 88 10 91 87 11 94 78 12 94 73 13 95 65 14 96 62 15 Bes...

Страница 212: ...ed parameters see IP Media Parameters Automatic Gain Control AGC Automatic Gain Control AGC adjusts the energy of the output signal to a required level volume This feature compensates for near far gai...

Страница 213: ...P requires a cryptographic key exchange mechanism to negotiate the keys To negotiate the keys the device supports the Session Description Protocol Security Descriptions SDES protocol according to RFC...

Страница 214: ...ypto 1 AES_CM_128_HMAC_SHA1_80 inline PsKoMpHlCg b5X0YLuSvNrImEh dAe a crypto 2 AES_CM_128_HMAC_SHA1_32 inline IsPtLoGkBf9a c6XVzRuMqHlDnEiAd The device also supports symmetric MKI negotiation whereby...

Страница 215: ...ween WebRTC client and peer For more information on WebRTC see WebRTC In contrast to SDES DTLS key encryption is done over the media channel UDP not signaling Thus DTLS SRTP is generally known as secu...

Страница 216: ...and for the IP Group associated with the SIP entity assign it the TLS Context for DTLS using the DTLS Context parameter IPGroup_ DTLSContext 3 Open the IP Profiles table see Configuring IP Profiles an...

Страница 217: ...addresses of the DHCP address pool the DHCP server detects this condition using an Address Resolution Protocol ARP request and temporarily blacklists the duplicated address You can also configure the...

Страница 218: ...ional DHCP Options in the DHCP Option table they override the default ones which are configured in the DHCP Servers table For example if you configure Option 67 in the DHCP Option table the device use...

Страница 219: ...dotted decimal format of the IP address pool range used by the DHCP server to allocate addresses The default value is 192 168 0 149 Note The IP address must belong to the same subnet as the associated...

Страница 220: ...e IP address IPv4 of the primary NTP server that the DHCP server assigns to the DHCP client The value is sent in DHCP Option 42 Network Time Protocol Server The default value is 0 0 0 0 NTP Server 2 n...

Страница 221: ...verride router address DhcpServer_ OverrideRouter Defines the IP address IPv4 in dotted decimal notation of the default router that the DHCP server assigns the DHCP client The value is sent in DHCP Op...

Страница 222: ...ough the Web interface You can also configure it through ini file DhcpVendorClass or CLI configure network dhcp server vendor class To configure DHCP Vendor Class Identifiers 1 Open the DHCP Servers t...

Страница 223: ...ini file DhcpOption or CLI configure network dhcp server option The additional DHCP Options configured in the DHCP Option table override the default ones which are configured in the DHCP Servers table...

Страница 224: ...below 0 ASCII Default Plain text string e g when the value is a domain name 1 IP address IPv4 address 2 Hexadecimal Hexadecimal encoded string For example if you set the Value parameter to company com...

Страница 225: ...nt with a different IP address upon each IP address lease renewal request the DHCP server assigns the client the same IP address For DHCP clients that are not listed in the table the DHCP server assig...

Страница 226: ...ring of up to 20 characters The format includes six groups of two hexadecimal digits each separated by a colon The default MAC address is 00 90 8f 00 00 00 Viewing and Deleting DHCP Clients The DHCP C...

Страница 227: ...to confirm deletion SIP based Media Recording The device can record SIP based media call sessions traversing it The media recording support is in accordance with the Session Recording Protocol SIPRec...

Страница 228: ...h of the Communication Session CS to a Session Recording Server SRS at the recording equipment The device functions as the SRC sending recording sessions to a third party SRS as shown in the figure be...

Страница 229: ...e SRSs For SRS redundancy the device sends SIP signaling to all SRSs active and standby but sends RTP only to the active SRSs If during a recorded call session the standby SRS detects that the active...

Страница 230: ...One standalone SRS SIPREC 10 Two standalone SRSs SIPREC 20 One active standby redundancy pair SIPREC 10 SIPRECRED 10 Two active standby redundancy pairs SIPREC 20 SIPRECRED 20 One standalone SRS and t...

Страница 231: ...in real life scenarios INVITE sip VSRP 1 9 64 253 SIP 2 0 Via SIP 2 0 UDP 192 168 241 44 5060 branch z9hG4bKac505782914 Max Forwards 10 From sip 192 168 241 44 tag 1c505764207 To sip VSRP 1 9 64 253 C...

Страница 232: ...182052092 session 0000 0000 0000 0000 00000000d0d71a52 nameID aor 182052092 voicelab local nameID associate time 2010 01 24T01 11 57Z associate time recv 00000000 0000 0000 0000 1CF23A36C4E3 recv send...

Страница 233: ...re up to 30 SIP based media recording rules A SIP Recording rule defines call routes that you want to record For an overview of the feature see SIP based Media Recording To view the total number of cu...

Страница 234: ...IP Group recorded ip group name SIPRecRouting_ RecordedIPGroupName Defines the IP Group participating in the call and the recording is done on the leg interfacing with this IP Group To configure IP G...

Страница 235: ...ll IP Groups are defined Any Caller caller SIPRecRouting_Caller Defines which calls to record according to which party is the caller 0 Both Default Caller can be peer or recorded side 1 Recorded Party...

Страница 236: ...see Configuring Message Condition Rules on page 484 click New and then configure a Message Condition rule with the following properties Index 0 Name CallRec Condition srctags record 3 In the SIP Reco...

Страница 237: ...s sends its proprietary X Genesys CallUUID header which identifies the session in the first SIP message typically in the INVITE and the first 18x response If the device receives a SIP message with Gen...

Страница 238: ...ules see Configuring SIP Message Manipulation on page 478 to add them to these INVITE messages The following examples describe how to configure this using Message Manipulation rules Example 1 Adding a...

Страница 239: ...regular expression with manipulation rules for extracting each header a comma is used to separate headers Parameter Value Index 0 Name Store headers in var session Manipulation Set ID 11 Message Type...

Страница 240: ...IP Group of the SRS configure the Outbound Message Manipulation Set parameter to 12 i e rules configured in Index 1 2 and 3 RADIUS based Services The device supports Remote Authentication Dial In Use...

Страница 241: ...or RADIUS based accounting By setting the relevant port authentication or accounting to 0 disables the corresponding functionality If both ports are configured the RADIUS server is used for authentica...

Страница 242: ...three servers per service type and per local port up to 2 local ports For example 402 201 2 concurrent RADIUS requests can be sent for Authentication and 402 201 2 for Accounting The following proced...

Страница 243: ...diusServers_ SharedSecret Defines the shared secret password for authenticating the device with the RADIUS server This should be a cryptically strong password The shared secret is also used by the RAD...

Страница 244: ...r To configure the RADIUS Vendor ID 1 Open the Authentication Server page Setup menu Administration tab Web CLI folder Authentication Server 2 Under the RADIUS group in the RADIUS VSA Vendor ID field...

Страница 245: ...Third Party RADIUS Server Configure the device as a RADIUS client for communication with the RADIUS server see Configuring RADIUS Authentication Setting Up a Third Party RADIUS Server The following pr...

Страница 246: ...User Password 123456 Service Type Login User ACL Auth Level ACL Auth UserLevel 4 Record and retain the IP address port number shared secret code vendor ID and VSA access level identifier if access le...

Страница 247: ...gured but connectivity with the server is down if the server is up the device authenticates the user with the server Always First attempts to authenticate the user using the Local Users table but if n...

Страница 248: ...responses in its local cache The cache is used for subsequent queries and or in case of LDAP server failure For more information see Configuring the Device s LDAP Cache If connection with the LDAP ser...

Страница 249: ...use different LDAP service accounts for user authentication and user authorization Management type LDAP server This LDAP server account is used only for user authentication For more information about...

Страница 250: ...the CLI privileged mode To enable LDAP based login authentication 1 Open the Authentication Server page Setup menu Administration tab Web CLI folder Authentication Server 2 Under the LDAP group from...

Страница 251: ...nagement Service type LDAP Server Group instead of for the Management type LDAP Server Group The following procedure describes how to configure an LDAP Server Group through the Web interface You can a...

Страница 252: ...archDnsMethod Defines the method for querying the Distinguished Name DN objects within each LDAP server 0 Sequential Default The query is done in each DN object one by one until a result is returned F...

Страница 253: ...first configure at least one LDAP Server Group in the LDAP Server Groups table see Configuring LDAP Server Groups To configure an LDAP server 1 Open the LDAP Servers table Setup menu IP Network tab RA...

Страница 254: ...LDAP server By default no value is defined and the device uses the default TLS Context ID 0 To configure TLS Contexts see Configuring TLS Certificate Contexts Note The parameter is applicable only if...

Страница 255: ...nnection with the LDAP server uses TLS 0 No Default No certificate verification is done 1 Yes The device verifies the authentication of the certificate received from the LDAP server The device authent...

Страница 256: ...es the LDAP server s bind Distinguished Name DN or username LDAP based SIP queries The DN is used as the username during connection and binding to the LDAP server The DN is used to uniquely name an AD...

Страница 257: ...ault is 0 i e if there is no activity on the connection the device does not send abandon requests and the LDAP server may disconnect Note The parameter is applicable only to LDAP connections that are...

Страница 258: ...groups of which the user is a member The LDAP query is based on the following LDAP data structure Search base object distinguished name or DN e g ou ABC dc corp dc abc dc com The DN defines the locat...

Страница 259: ...user is a member and you have configured different access levels for some of these groups the device assigns the user the highest access level For example if the user is a member of two groups where...

Страница 260: ...name the user is assigned the corresponding access level and login is permitted otherwise login is denied Once the LDAP response has been received success or failure the LDAP session terminates The f...

Страница 261: ...handling of LDAP queries using the device s LDAP cache is shown in the flowchart below If an LDAP query is required for an Attribute of a key that is already cached with that same Attribute instead of...

Страница 262: ...ollowing procedure describes how to configure the device s LDAP cache through the Web interface For a full description of the cache parameters see LDAP Parameters To enable and configure the LDAP cach...

Страница 263: ...o refresh the LDAP cache per LDAP Server Group 1 Open the LDAP Settings page Setup menu IP Network tab RADIUS LDAP folder LDAP Settings 2 Under the Cache Actions group do the following a From the LDAP...

Страница 264: ...igned to the user is also determined by the Local Users table This feature is applicable to LDAP and RADIUS This feature is applicable only to user management authentication To use the Local Users tab...

Страница 265: ...ies to LDAP based user login authentication and authorization access level and assumes that you are familiar with other aspects of LDAP configuration e g LDAP server s address The LDAP server s entry...

Страница 266: ...Mediant 4000 SBC User s Manual Management Attribute memberOf The attribute contains the member groups of the user Management Group mySecAdmin The group to which the user belongs as listed under the me...

Страница 267: ...management is enabled in the LDAP Server Groups table see Configuring LDAP Server Groups The DN is configured in the LDAP Server Search Base DN table see Configuring LDAP DNs Base Paths per LDAP Serv...

Страница 268: ...nt LDAP Groups table see Configuring Access Level per Management Groups Attributes Enabling LDAP Searches for Numbers with Characters Typically the device performs LDAP searches in the AD for complete...

Страница 269: ...iness Typically companies wishing to deploy Microsoft Skype for Business formerly known as Lync are faced with a complex call routing dial plan when migrating users from their existing PBX or IP PBX t...

Страница 270: ...ing as a primary key instead of the one defined in MSLDAPPBXNumAttributeName It requests the attributes which are described below 2 If the primary query is not found in the AD and the Secondary Key is...

Страница 271: ...sed on the LDAP query result The device routes the call according to the following priority a Private line If the query is done for the private attribute and it s found the device routes the call acco...

Страница 272: ...procedure describes how to configure outbound IP routing based on LDAP queries To configure LDAP based IP routing for Skype for Business 1 Configure the LDAP server parameters as described in Configur...

Страница 273: ...AP server by setting the Destination Type field to LDAP for denoting the IP address of the LDAP server d For alternative routing enable the alternative routing mechanism and configure corresponding SI...

Страница 274: ...Overview The LCR feature enables the device to choose the outbound IP destination routing rule based on lowest call cost This is useful in that it enables service providers to optimize routing costs f...

Страница 275: ...ting table and each one is assigned a different Cost Group as listed in the table above then the rule assigned Cost Group D is selected Note that for one minute Cost Groups A and D are identical but d...

Страница 276: ...st it is selected as the cheapest route Index 4 Cost Group B is only second matched rule Index 1 is the first Example 3 This example shows how the cost of a call is calculated if the call spans over m...

Страница 277: ...through the Web interface You can also configure it through ini file CostGroupTable or CLI configure voip sip definition least cost routing cost group To configure a Cost Group 1 Open the Cost Groups...

Страница 278: ...le lets you configure Time Bands per Cost Group A Time Band defines a day and time range e g from Saturday 05 00 to Sunday 24 00 and a fixed call connection charge and call rate per minute for this in...

Страница 279: ...UN MON TUE WED THU FRI or SAT hh and mm denote the time of day where hh is the hour 00 23 and mm the minutes 00 59 For example SAT 22 00 denotes Saturday at 10 pm End Time end time CostGroupTimebands_...

Страница 280: ...y status includes the following IP Group Connectivity Status is reported when the keep alive mechanism enabled for the associated Proxy Set detects that the IP Group is unavailable or when CAC thresho...

Страница 281: ...eb service 1 Open the Remote Web Services table Setup menu IP Network tab Web Services folder Remote Web Services 2 Click New the following dialog box appears 3 Configure a remote Web service accordin...

Страница 282: ...tus and Topology Status services If you do no configure the parameter to QoS the device sends QoS reports to the Topology server Path rest path HTTPRemoteServices_Path Defines the path prefix to the R...

Страница 283: ...oup that has the highest priority e g Group 0 becomes available again the device sends the traffic to the host in this group 2 Sticky Next The device initially attempts to send traffic to the group of...

Страница 284: ...ifyCertificate Enables certificate verification when connection with the host is based on HTTPS 0 Disable Default No certificate verification is done 1 Enable The device verifies the authentication of...

Страница 285: ...TP REST keep alive messages are sent by the device if no other messages are sent Keep alive messages may be required for HTTP services that expire upon inactive sessions For Remote Web Service whose T...

Страница 286: ...s link located below the table the HTTP Remote Hosts table appears 3 Click New the following dialog box appears 4 Configure an HTTP remote host according to the parameters described in the table below...

Страница 287: ...PRemoteHosts_ Port Defines the port of the host The valid value is 0 to 65535 The default is 80 Interface rest interface HTTPRemoteHosts_ Interface Assigns one of the device s IP network interfaces th...

Страница 288: ...ices The Routing server can be used to handle SBC Tel to IP and IP to Tel calls Employing a Routing server replaces the need for the device s routing tables IP to IP Routing table for SBC calls to det...

Страница 289: ...Routing server is through the device s embedded Representational State Transfer RESTful API The RESTful API is used to manage the routing related information exchanged between the Routing server RESTf...

Страница 290: ...uting server If 3xx is received for any of the forked destinations the device handles it after all the forked INVITEs have been terminated Call Status The device can report call status to the Routing...

Страница 291: ...er local remote MOS local remote audio bandwidth Rx Tx video bandwidth Rx Tx and total bandwidth Rx Tx The device collects QoS metrics for both incoming call traffic and outgoing traffic from the remo...

Страница 292: ...P server the device adds the value of the HTTP response body Alice to the From header in the outgoing SIP message To configure an HTTP GET operation 1 Open the Remote Web Services table and then confi...

Страница 293: ...Dec 2017 14 35 21 GMT Server nginx 1 8 1 Content Length 6 Connection keep alive Alice 4 Outgoing SIP message INVITE sip 2000 10 7 7 246 user phone SIP 2 0 Via SIP 2 0 UDP 10 7 7 246 5060 branch z9hG4...

Страница 294: ...s retrieve their configuration and firmware files from remote file servers Upstream Hosts and where the device HTTP Proxy intermediates between the two The HTTP hosts are located in the cloud and the...

Страница 295: ...NAT that are managed by the AudioCodes OVOC server For more information see Configuring an HTTP based OVOC Service on page 278 Enabling the HTTP Proxy Application Before you can configure HTTP based p...

Страница 296: ...y DNS Server IP field enter the IP address of your main DNS server 3 Optional In the Secondary DNS Server IP field enter the IP address of the secondary DNS server 4 Click Apply Configuring HTTP Proxy...

Страница 297: ...he row in other tables The valid value is a string of up to 40 characters By default no value is defined Note Each row must be configured with a unique name The parameter is mandatory The parameter va...

Страница 298: ...configure TLS Contexts see Configuring TLS Certificate Contexts on page 124 Note The NGINX directives for this parameter is tls context ssl_ certificate ssl_certificate_key ssl_ciphers ssl_protocols...

Страница 299: ...received from the keep alive the device checks connectivity with the next resolved IP address and so on until a response is received Configuring HTTP Locations The HTTP Locations table lets you config...

Страница 300: ...RL Pattern Type parameter see below The NGINX directive for this parameter is location modifier pattern URL Pattern Type url pattern type HTTPLocation_ URLPatternType Defines the type of URL pattern u...

Страница 301: ...s see Configuring Upstream Groups on page 272 Note The NGINX directive for this parameter is proxy_pass scheme upstream Upstream Path upstream path HTTPLocation_ UpstreamPath Defines a path to prepend...

Страница 302: ...f ok allows communication with the HTTPS location If authentication fails the device denies communication i e handshake fails The device can also authenticate the certificate by querying with an Onlin...

Страница 303: ...is mandatory Additional Directive Set directive set TcpUdpServer_ AdditionalDirectiveSet Assigns an NGINX Directive Set for the HTTP service To con figure HTTP Directive Sets see Configuring HTTP Dire...

Страница 304: ...and ssl_password_file Upstream Parameters Upstream Group upstream group TcpUdpServer_ UpstreamGroup Assigns a group of servers Upstream Group to which to forward connection requests To configure Upst...

Страница 305: ...ails The device can also authenticate the certificate by querying with an Online Certificate Status Protocol OCSP server whether the certificate has been revoked This is also configured for the associ...

Страница 306: ...value is defined Note Each row must be configured with a unique name The NGINX directive for this parameter is upstream name The parameter is mandatory The parameter value cannot contain a forward sla...

Страница 307: ...stream Group Up to 5 Upstream Hosts can be configured per Upstream Group The following procedure describes how to configure Upstream Hosts through the Web interface You can also configure it through i...

Страница 308: ...e valid range is 1 to 100 The default is 1 i e each host in the Upstream Group has equal weight Note The NGINX directive for this parameter is server ip port weight n Max Connections max connections U...

Страница 309: ...he device is configured with an HTTP Directive Set for rate limiting This directive ensures that priority is given to network traffic carrying SIP signaling and media over HTTP traffic It is highly re...

Страница 310: ...e up to 500 HTTP Directives The table is a child of the HTTP Directive Sets table see Configuring HTTP Directive Sets on page 275 The following procedure describes how to configure HTTP Directives thr...

Страница 311: ...listed below 1 Enable the HTTP Proxy application see Enabling the HTTP Proxy Application 2 Configure two local listening IP network interfaces one for OVOC and one for the IP Phones see Configuring I...

Страница 312: ...default no value is defined Note Each row must be configured with a unique name The parameter is mandatory Device Device Login Interface device login interface OVOCService_ DeviceLoginInterface Assig...

Страница 313: ...ificate store associated with the assigned TLS Context see Device Login TLS Context parameter above and if ok allows communication with the client If authentication fails the device denies communicati...

Страница 314: ...the trusted root certificate store associated with the assigned TLS Context see OVOC Interface TLS Context parameter above and if ok allows communication with OVOC If authentication fails the device...

Страница 315: ...ng with the previous valid NGINX configuration unless the device is restarted in which case it applies and uses the modified configuration In addition if an NGINX validation error exists during config...

Страница 316: ...siness environment and the E9 1 1 emergency provider The ELIN feature for E9 1 1 is a license based feature and is available only if it is included in the License Key installed on the device For order...

Страница 317: ...for Business and E9 1 1 Microsoft Skype for Business enables Enterprise voice users to access its unified communications platform from virtually anywhere and through many different devices This togeth...

Страница 318: ...ess Control MAC address Depends on network connectivity Wireless access point WAP Basic Service Set Identifier BSSID Link Layer Discovery Protocol Media Endpoint Discovery LLDP MED chassis ID and port...

Страница 319: ...rt ChassisID PortIDSubType PortID Description Location CompanyName HouseNumber HouseNumberSuffix PreDirectional StreetName StreetSuffix PostDirectional City State PostalCode Country Switch ChassisID D...

Страница 320: ...address match in the ALI database lookup The ERL defines a specific location at a street address for example the floor number of the building at that address The geographical size of an ERL is accordi...

Страница 321: ...numbers into ELIN numbers sent toward the PSAP The device handles the received E9 1 1 calls as follows 1 The device identifies E9 1 1 calls if the incoming SIP INVITE message contains a PIDF LO XML me...

Страница 322: ...The SIP Content Type header indicating the PIDF LO and the NAM field listing the ELINs are shown in bold typeface INVITE sip 911 phone context Redmond 192 168 1 12 user phone SIP 2 0 From voip_911_us...

Страница 323: ...LocationPolicyTagID 2008 user tagid LocationPolicyTagID ms msftE911PidfExtn status timestamp 1991 09 22T13 37 31 03 timestamp tuple presence _NextPart_000_4A6D_01CAB3D6 7519F890 Pre empting Existing C...

Страница 324: ...e call to the E9 1 1 caller and instead either sends it as a regular call or most likely rejects it if there are no matching routing rules However if another E9 1 1 caller has subsequently been proces...

Страница 325: ...s Configuring the E9 1 1 Callback Timeout The PSAP can use the ELIN to call back the E9 1 1 caller within a user defined time interval in minutes from when the initial call established with the PSAP h...

Страница 326: ...ce are Skype for Business users and John makes or receives a call on a mobile device Alice is able to see that John is in a call even though the call is not on a native Skype for Business endpoint Onc...

Страница 327: ...ID 1284896643279201635736 10 33 221 57 CSeq 1 PUBLISH Via SIP 2 0 TLS 10 33 221 57 5061 alias received 10 33 221 57 ms received port 48093 ms received cid 4900 SIP ETag 2545777538 1 1 Expires 600 Con...

Страница 328: ...the Skype for Business Topology as a Trusted Application Detailed configuration of Skype for Business Server is beyond the scope of this document Before performing the below procedure make sure that...

Страница 329: ...cmdlet to publish and enable your new topology Enable CsTopology Configuring the Device for Skype for Business Presence The following procedure describes how to configure the device for notifying Skyp...

Страница 330: ...d then in the Presence Publish IP Group ID field enter the IP Group ID of the Skype for Business Server that you configured in Step 4 above 6 Configure the Skype for Business LDAP server Active Direct...

Страница 331: ...ttr ipPhone ldap attr ipPhone 8 Configure routing rules to route the calls in the network 9 Configure IP Groups to represent your call party entities and assign them the group of Call Setup Rules Set...

Страница 332: ...gs on the device and on OVOC are identical OVOC uses the following default settings Trap port 162 SNMPv2 public for the read community string private for read write community string and trapuser for t...

Страница 333: ...or normal HA mode when both OVOC servers are in the same subnet a single OVOC server global virtual address is used for all network components OVOC clients and managed devices In such a setup you need...

Страница 334: ...DNs the device uses only the first DNS resolved IP address from each FQDN Secondary OVOC Address secondary server name QOESettings_ SecondaryServerName Defines the address of the secondary OVOC server...

Страница 335: ...e certificate has been revoked This is configured for the assigned TLS Context Note The parameter is applicable only if the Use TLS parameter is configured to Enable Verify Certificate Subject Name ve...

Страница 336: ...rt to OVOC see Configuring Quality of Experience Profiles Configuring Quality of Experience Profiles Quality of Experience Profiles enable you to effectively monitor the quality of voice calls travers...

Страница 337: ...that indicates changes from Green or Red to Yellow Major Threshold Red Higher threshold that indicates changes from Green or Yellow to Red The device also uses hysteresis to determine whether the thre...

Страница 338: ...Depending on the crossed threshold type you can configure the device to reject calls to the destination IP Group or use an alternative IP Profile for the IP Group For more information see Configuring...

Страница 339: ...ity Level sensitivity level QOEProfile_ SensitivityLevel Defines the pre configured threshold profile to use 0 User Defined Need to define thresholds per monitored parameter in the Quality of Experien...

Страница 340: ...s described below 1 Low Pre configured low sensitivity threshold values Thus reporting is done only if changes in parameters values are significant 2 Medium Default Pre configured medium sensitivity t...

Страница 341: ...s configured by the Major Hysteresis Red parameter see below The valid threshold values are as follows MOS values are in multiples of 10 For example to denote a MOS of 3 2 the value 32 i e 3 2 10 must...

Страница 342: ...es that bandwidth utilization has exceeded total bandwidth Bandwidth Profiles let you configure bandwidth thresholds which when crossed changes the color coded state for bandwidth utilization Green Ye...

Страница 343: ...Yellow Minor alarm The change occurs if the current bandwidth crosses the configured Major threshold with hysteresis 57 600 Kbps 64 000 10 x 64 000 Yellow to Green alarm cleared The change occurs if...

Страница 344: ...er tables The valid value is a string of up to 20 characters Note The parameter value cannot contain a forward slash Egress Audio Bandwidth egress audio bandwidth BWProfile_ EgressAudioBandwidth Defin...

Страница 345: ...value is used Decrease in severity Red to Green or Yellow to Green This value is used with the hysteresis configured by the Hysteresis parameter see below Note The parameter applies to all your config...

Страница 346: ...rnative Routing Reasons and the device rejects a call it searches in the IP to IP Routing table for an alternative routing rule When the device rejects calls to an IP Group based on a Quality of Servi...

Страница 347: ...applies if the metric s threshold is crossed 0 Voice Quality Default The device calculates MOS of calls and if the threshold is crossed i e poor quality the configured action see Rule Action parameter...

Страница 348: ...arameter to Major you can configure the parameter to any option When configured to Alternative IP Profile and the threshold is crossed the device changes the IP Profile for the entire IP Group for all...

Страница 349: ...d the device can reject any new new calls on this Media Realm To configure Bandwidth Profiles see Configuring Bandwidth Profiles The Media Realms table provides the following child tables Remote Media...

Страница 350: ...configured with a unique name The parameter value cannot contain a forward slash Topology Location topology location CpMediaRealm_ TopologyLocation Defines the display location of the Media Realm in...

Страница 351: ...f media sessions for the configured port range By default no value is defined Port Range End port range end CpMediaRealm_ PortRangeEnd Read only field Displays the ending port for the range of media i...

Страница 352: ...TP traffic on a specific Media Realm Each Remote Media Subnet can be assigned different call quality Quality of Experience Profile and bandwidth utilization Bandwidth Profile profiles These profiles a...

Страница 353: ...alms table see Configuring Media Realms 2 Select the Media Realm row for which you want to add Remote Media Subnets and then click the Remote Media Subnet link located below the table the Remote Media...

Страница 354: ...is 0 0 0 0 QoE Profile qoe profile RemoteMediaSubnet_ QOEProfileName Assigns a Quality of Experience Profile to the Remote Media Subnet By default no value is defined To configure QoE Profiles see Con...

Страница 355: ...ons could be configured whereby one allocates 25 media sessions on interface LAN 1 and another 10 sessions on interface LAN 2 The Media Realm associated with these Media Realm Extensions would be assi...

Страница 356: ...d to assign the Media Realm Extension with an IPv4 network interface IPv6 Interface Name MediaRealmExtension_ IPv6IF Assigns an IPv6 network interface configured in the IP Interfaces table to the Medi...

Страница 357: ...ce is split into multiple logical devices For more information on multi tenant architecture see Multiple SRDs for Multi tenant Deployments As the device is shipped with a default SRD DefaultSRD at Ind...

Страница 358: ...ology of Version 7 0 Below are the main changes in configuration topology when upgrading to Version 7 0 The SIP Interface replaces the associated SRD in several tables due to support for multiple SIP...

Страница 359: ...ameter value cannot contain a forward slash Sharing Policy type SRD_SharingPolicy Defines the sharing policy of the SRD which determines whether the SRD shares its SIP resources SIP Interfaces Proxy S...

Страница 360: ...ingHeaders SBCRemoteMultipleEarlyDialogs If the SBC Operation Mode parameter is configured in the IP Groups table the SBC Operation Mode parameter in the SRDs table is ignored SBC Routing Policy sbc r...

Страница 361: ...s 1 which means that the number of allowed user registrations is unlimited User Security Mode block un reg users SRD_BlockUnRegUsers Defines the blocking reject policy for incoming SIP dialog initiati...

Страница 362: ...hat have not been authenticated by a proxy registrar server due to proxy down and thus re routed to a User type IP Group In normal operation scenarios in which the proxy server is available the device...

Страница 363: ...et to values associated with the filtered SRD The SRD filter also affects display of number of configured rows and invalid rows by status icons on table items in the Navigation tree The status icons o...

Страница 364: ...olated SRDs are more relevant when each tenant needs its own separate dedicated routing table for non bleeding topology Separate routing tables are implemented using Routing Policies In such a non ble...

Страница 365: ...automatically associated with the viewed tenant i e SRD name The display of tables and show running configuration commands display only rows relevant to the viewed tenant and shared tenants The show...

Страница 366: ...uting Policy is also cloned and its clone is associated with the SRD clone All configuration entities associated with the original Routing Policy are also cloned and these clones are associated with t...

Страница 367: ...IP Interface represents a Layer 3 network in your deployment environment by defining a local listening port number and type e g UDP and assigning an IP network interface for SIP signaling traffic For...

Страница 368: ...uting rules for specifying the destination SIP Interface to where you want to route Tel to IP calls For more information see Configuring Tel to IP Routing Rules IP to Trunk Group Routing rules for spe...

Страница 369: ...automatically assigns the name SIPInterface_ row index e g SIPInterface_1 when added to Index 1 Note The parameter value cannot contain a forward slash Topology Location topology location SIPInterfac...

Страница 370: ...ter than 6999 Each SIP Interface must have a unique signaling port i e no two SIP Interfaces can share the same port no port overlapping TLS Port tls port SIPInterface_TLSPort Defines the device s lis...

Страница 371: ...use the SIP Interface s Additional UDP Ports Mode parameter below The parameter s port range value must not overlap with the UDP port configured by the UDP Port parameter SIPInterface_UDPPort For exam...

Страница 372: ...the Account s Serving IP Group or forwards a registration request from a user IP Group to a proxy Server type IP Group This option is applicable only to dynamic port allocation where a port is alloca...

Страница 373: ...eRetry Used By Routing Server used by routing server SIPInterface_UsedByRoutingServer Enables the SIP Interface to be used by a third party routing server for call routing decisions 0 Not Used default...

Страница 374: ...to defend the device against such attacks is to not send a SIP reject response to these unclassified calls so that the attacker assumes that no device exists at such an IP address and port Note The pa...

Страница 375: ...of a REGISTER request when the source IP Group doesn t allow registers from the IP Group IPGroup Registration Mode Configuration Call Setup Rules Set ID call setup rules set id SIPInterface_CallSetup...

Страница 376: ...n direct media the device does not interfere in the SIP signaling such as manipulation of IP addresses which is necessary for calls between LAN and WAN To enable direct media for all calls use the glo...

Страница 377: ...locking reject policy for incoming SIP dialog initiating requests e g INVITE messages from registered and unregistered users belonging to the SIP Interface 1 Not Configured Default The corresponding p...

Страница 378: ...istrar server due to proxy down and thus re routed to a User type IP Group In normal operation scenarios in which the proxy server is available the device forwards the REGISTER request to the proxy an...

Страница 379: ...more information and recommended security guidelines see the parameter s description later in this section Classification of incoming SIP dialog initiating requests e g INVITE messages to IP Groups ba...

Страница 380: ...table Setup menu Signaling Media tab Core Entities folder IP Groups 2 Click New the following dialog box appears 3 Configure an IP Group according to to the parameters described in the table below 4 C...

Страница 381: ...group of users such as IP phones and softphones where their location is dynamically obtained by the device when REGISTER requests and responses traverse or are terminated by the device These users are...

Страница 382: ...the IP Group Therefore routing to this IP Group is possible only once a REGISTER request is received i e IP Group is registered with the device If a REGISTER refresh request arrives the device update...

Страница 383: ...m sessions on a specific interface for media traffic associated with the IP Group By default no value is defined To configure Media Realms see Configuring Media Realms Note If you delete a Media Realm...

Страница 384: ...up was created by a third party routing server 0 No 1 Yes For more information on the third party routing server feature see Centralized Third Party Routing Server Used By Routing Server used by routi...

Страница 385: ...1 Enable Default The device searches the Proxy Sets table for a Proxy Set that is configured with the same source IP address as that of the incoming INVITE if host name then according to the dynamical...

Страница 386: ...es as a back to back user agent B2BUA changing the call identifiers and headers between the inbound and outbound legs 1 Call Stateful Proxy Device operates as a Stateful Proxy passing the SIP message...

Страница 387: ...message s Via and Contact headers This is typically used to define an FQDN as the host name The device uses this string for Via and Contact headers in outgoing INVITE messages sent to a specific IP G...

Страница 388: ...Default The device sends SIP requests according to the settings of the global parameter SIPNatDetection 1 Yes The device sends SIP requests and responses to the source IP address received in the previ...

Страница 389: ...meter for routing the call For example if set to To the URI in the To header of the incoming INVITE is used as a matching characteristic for classifying the call to an IP Group in the Classification t...

Страница 390: ...rface ID e g 10 33 3 3 5010 1 Key 2 The second key contains the incoming REGISTER message s URI user host of the Contact header source IP address port only if UDP and SIP Interface ID e g user host co...

Страница 391: ...fault no value is defined To configure TLS Contexts see Configuring TLS Certificate Contexts Keep Original Call ID sbc keep call id IPGroup_ SBCKeepOriginalCallID Enables the device to use the same ca...

Страница 392: ...termines whether the incoming SIP dialog is sent to this IP Group The parameter is used when IP to IP Routing rules are configured for destinations based on tags i e Destination Type parameter configu...

Страница 393: ...r manipulation rule Manipulation Set ID to the IP Group as an Outbound Message Manipulation Set see the IPGroup_OutboundManSet parameter when the IP Group is the destination of the call Outbound Messa...

Страница 394: ...s are not applied to the OPTIONS messages 1 Enable The following IP Group settings are applied if configured to the proxy keep alive SIP OPTIONS messages The IP Group s SIP Group Name parameter see ab...

Страница 395: ...se of proxy load balancing there is no certainty to which IP address the request is routed 1 Enable The device always routes SIP requests INVITEs SUBSCRIBEs and REGISTER refreshes received from the us...

Страница 396: ...tion for SBC User Database registrar stickiness is supported only when the user initiates the REGISTER request Therefore you must configure the Registration Mode parameter of the IP Group User type to...

Страница 397: ...fter an HA switchover This feature is applicable only if the user initiates registration i e user sends the REGISTER request In other words the Registration Mode parameter of the IP Group of the user...

Страница 398: ...and password then the device authenticates the user with the credentials in the User Information table see Configuring SBC User Information on page 447 If you have not configured any username and pas...

Страница 399: ...service IPGroup_OAuthHTTPService Assigns a Remote Web Service to the IP Group The Remote Web Service represents the OAuth Authorization server which the device uses to authenticate incoming SIP reque...

Страница 400: ...table a child of the Proxy Sets table configured as IP addresses in dotted decimal notation and or DNS hostnames FQDN Each Proxy Set supports up to 15 DNS resolved IP addresses Each Proxy Set support...

Страница 401: ...ple IP Groups belonging to the same SRD It is recommended to classify incoming SIP dialogs to IP Groups based on Classification rules see Configuring Classification Rules on page 535 instead of based...

Страница 402: ...table To configure SRDs see Configuring SRDs General Index configure voip voip network proxy set ProxySet_Index Defines an index number for the new table row Note Each row must be configured with a un...

Страница 403: ...se the default TLS Context ID 0 is used Outgoing calls If the Transport Type parameter is set to TLS and the outgoing call is sent to an IP Group that is associated with this Proxy Set this TLS Contex...

Страница 404: ...CRLF Keep Alive feature using the UsePingPongKeepAlive parameter If you enable proxy keep alive using SIP OPTIONS messages Using OPTIONS you can also enable the device to apply various settings e g SI...

Страница 405: ...ful response from the proxy it sends another 1st keep alive after 5 seconds and if successful sends another 2nd keep alive after 5 seconds and if successful sends another 3rd keep alive after 5 second...

Страница 406: ...roxy Address table below Proxy Hot Swap is proxy hot swap ProxySet_ IsProxyHotSwap Enables the Proxy Hot Swap feature whereby if the device sends a SIP message INVITE or REGISTER to the proxy and the...

Страница 407: ...e order of the IP address entries in the list occurs all load statistics are erased and balancing starts over again 2 Random Weights The outgoing requests are not distributed equally among the proxy s...

Страница 408: ...1 1 1 5070 and the parameter is configured to IP Address Port Transport Type classification to the correct IP Group is achieved Therefore when classification is by Proxy Set pay attention to the conf...

Страница 409: ...APTR NAPTR query is done If successful an SRV query is sent according to the information received in the NAPTR response If the NAPTR query fails an SRV query is done according to the configured transp...

Страница 410: ...esses it is highly recommended to configure each Proxy Set with a unique IP address Configuring multiple Proxy Sets with the same IP address can cause problems classifying incoming SIP requests to sou...

Страница 411: ...arameter Proxy Random Weight weight ProxyIp_Weight Defines the weight of the proxy The valid value is 0 to 65535 where 0 is the highest weight and 65535 the lowest The default is 0 Note The parameter...

Страница 412: ...e LAN Indicates the internal network e g inside the company To modify a demarcation name do the following 1 Click the demarcation name the name becomes editable in a text box as shown in the example b...

Страница 413: ...using the following SIP Interface titled icon which includes the name and row index number If you hover your mouse over the icon a pop up appears displaying the following basic information example If...

Страница 414: ...If you hover your mouse over the icon a pop up appears displaying the following basic information example If you click the icon a drop down menu appears listing the following commands Edit Opens a di...

Страница 415: ...s or as when no IP Groups exist on a topology border or as when there are no IP Groups at all The IP Groups table opens with a new dialog box for adding a IP Group to the next available index row 2 Co...

Страница 416: ...red SBC configuration Classification Opens the Classification table where you can configure Classification rules see Configuring Classification Rules Number Manipulation Opens the Outbound Manipulatio...

Страница 417: ...use specific coders or coder settings e g packetization time for different calls entities you need to configure a Coder Group for each entity and then assign each Coder Group to an IP Profile see Conf...

Страница 418: ...sing the narrowband Opus coder Alternatively if one leg uses a wideband coder e g G 722 and the other leg uses the Opus coder the device maintains the wideband coder flavor by using the wideband Opus...

Страница 419: ...es how many coder payloads are combined into a single RTP packet For ptime see Supported Audio Coders Rate rate AudioCoders_rate Defines the bit rate in kbps for the coder For rates see Supported Audi...

Страница 420: ...6 60 8 80 9 90 10 100 12 120 Rate kbps Payload Type Silence Suppression G 711 A law g711 alaw 1 10 20 default 30 40 50 60 80 100 120 90 64 8 0 Disable default 1 Enable G 711 U law g711 ulaw 2 10 20 d...

Страница 421: ...ble only to rate 56 kbps payload can be changed G 723 1 g723 1 0 30 default 60 90 120 150 7 5 3 default 11 6 3 4 0 Disable default 1 Enable G 726 g726 5 10 20 default 30 40 50 60 80 43 16 57 24 64 32...

Страница 422: ...41 15 85 48 18 25 49 19 85 53 23 05 55 23 8 default Dynamic 0 Disable 1 Enable iLBC ilbc 19 20 default 40 60 80 100 120 39 15 default Dynamic default 65 0 Disable 1 Enable 30 default 60 90 120 34 13 S...

Страница 423: ...ach Allowed Audio Coders Group you can configure up to 10 audio coders The coders can include pre defined coders and user defined string coders for non standard or unknown coders Allowed Audio Coders...

Страница 424: ...as the lowest priority For more information see Prioritizing Coder List in SDP Offer The Allowed Audio Coders Group for coder restriction takes precedence over the Coder Group for extension coders In...

Страница 425: ...in other tables The valid value is a string of up to 40 characters Note Each row must be configured with a unique name The parameter value cannot contain a forward slash Allowed Audio Coders Table Ind...

Страница 426: ...ce of the coders listed in the Allowed Video Coders Group determines the priority preference of the coders in the SDP offer The device arranges the SDP offer s coder list according to their order in t...

Страница 427: ...roups_ Name Defines a descriptive name which is used when associating the row in other tables The valid value is a string of up to 40 characters Note Each row must be configured with a unique name The...

Страница 428: ...e IP Profiles table have a corresponding global parameter For calls that are not associated with any IP Profile the settings of the global parameters are applied You can also use IP Profiles when usin...

Страница 429: ...and SRTP media lines are removed from the incoming offer answer 3 Both Each offer answer is extended if not already to two media lines one RTP and the other SRTP If two SBC legs after offer answer ne...

Страница 430: ...kEklu4kSJyl3wCtYeZLq1 QFuxw 2 31 1 1 If the device selects a crypto line that does not contain the MKI parameter then the MKI parameter is not included in the crypto line in the SDP answer even if the...

Страница 431: ...the following for the SIP entity TLS Context for DTLS see Configuring TLS Certificate Contexts The server cipher Cipher Server must be configured to All IpProfile_SBCMediaSecurityBehaviourMedia config...

Страница 432: ...ty associated with the IP Profile The SDP field defines the lifetime of the master key as measured in maximum number of SRTP or SRTCP packets using the master key 0 No Default The device retains the l...

Страница 433: ...or 183 for forwarding early media to the caller for the SIP entity associated with the IP Profile 0 Transparent Default All early media response types are supported the device forwards all responses a...

Страница 434: ...Device sends the multiple SDP answers with different To header tags to the SIP entity In other words the SIP entity supports standard multiple SDP answers with different To header tags In this case th...

Страница 435: ...her the destination UA can play a local ringback tone 0 No UA does not support local ringback tone The device sends 18x with delayed SDP to the UA 1 Yes Default UA supports local ringback tone For the...

Страница 436: ...Payload Types to Handle as Valid Packet and Forward Invalid RTP Packets to Forward Packets Note To implement transcoding you must configure the number of required DSP channels for transcoding using th...

Страница 437: ...ee Restricting Coders Allowed Video Coders allowed video coders group name IpProfile_ SBCAllowedVideoCodersGroup Name Assigns an Allowed Video Coders Group This defines permitted video coders when for...

Страница 438: ..._ SBCRFC2833Behavior Defines the handling of RFC 2833 SDP offer answer negotiation for the SIP entity associated with the IP Profile 0 As is Default The device does not intervene in the RFC 2833 negot...

Страница 439: ...using both the SIP INFO and RFC 2833 methods for the same call on the leg to which this IP Profile is associated The RFC 2833 method sends out of band DTMF digits using the RTP protocol while the SIP...

Страница 440: ...ods i e Send Multiple DTMF Methods is configured to Enable The configured Message Manipulation rules for this example are shown below Index 1 Message Type reinvite request Condition body sdp regex m a...

Страница 441: ...ing to the coder type narrowband or wideband If narrowband it sends the telephone event as 8000 if wideband it sends it as 16000 An example when the parameter is configured to Enable is shown below wh...

Страница 442: ...sion sbc use silence supp IpProfile_ SBCUseSilenceSupp Defines silence suppression support for the SIP entity associated with the IP Profile 0 Transparent Default Forward as is 1 Add Enable silence su...

Страница 443: ...f the SIP entity does not support RTP redundancy Note To enable the device to generate RFC 2198 redundant packets use the IPProfile_RTPRedundancyDepth parameter To configure the payload type in the SD...

Страница 444: ...associated with the IP Profile ICE is a methodology for NAT traversal employing the Session Traversal Utilities for NAT STUN and Traversal Using Relays around NAT TURN protocols to provide a peer wit...

Страница 445: ...iplexing is not enabled the device uses different but adjacent ports for RTP and RTCP packets With the increased use of NAT and firewalls maintaining multiple NAT bindings can be costly and also compl...

Страница 446: ...edback Off Default The device does not send the feedback flag F in SDP offers answers that are sent to the SIP entity If the SDP m attribute of an incoming message that is destined to the SIP entity i...

Страница 447: ...uffer Dynamic Jitter Buffer Minimum Delay jitter buffer minimum delay IpProfile_JitterBufMinDelay Defines the minimum delay in msec of the device s dynamic Jitter Buffer The valid range is 0 to 150 Th...

Страница 448: ...Optional PRACK is optional If required the device performs the PRACK process on behalf of the SIP entity 2 Mandatory PRACK is required for this SIP entity Calls from endpoints that do not support PRAC...

Страница 449: ...ersion to the Diversion header depends on the SBCDiversionMode parameter For more information on interworking of the History Info and Diversion headers see Interworking SIP Diversion and History Info...

Страница 450: ...ng on whether the device can bridge the media between the endpoints 1 Supported only with SDP re INVITE is supported but only with SDP If the incoming re INVITE arrives without SDP the device creates...

Страница 451: ...ile_ SBCKeepVIAHeaders Enables interworking SIP Via headers between SIP entities The parameter defines the device s handling of Via headers for messages sent to the SIP entity associated with the IP P...

Страница 452: ...r sbc keep user agent IpProfile_ SBCKeepUserAgentHeader Enables interworking SIP User Agent headers between SIP entities The parameter defines the device s handling of User Agent headers for response...

Страница 453: ...sbc max call duration IpProfile_ SBCMaxCallDuration Defines the maximum duration in minutes per SBC call that is associated with the IP Profile If the duration is reached the device terminates the ca...

Страница 454: ...ion time is according to the global parameter SBCUserRegistrationTime or IP Profile parameter IpProfile_SBCUserRegistrationTime NAT TCP Registration Time sbc usr tcp nat reg time IpProfile_ SBCUserBeh...

Страница 455: ...ix c The device replaces the host part in the Request URI with the host from the REFER contact The special prefix remains in the user part for regular classification manipulation and routing The spe c...

Страница 456: ...ing INVITEs containing the Replaces header for the SIP entity which does not support the header associated with the IP Profile The Replaces header is used to replace an existing SIP dialog with a new...

Страница 457: ...of the transfer target to where the transferee is being transferred 0 No Default 1 Yes Typically the transferee hears a ringback tone only if the transfer target sends it early media However if the tr...

Страница 458: ...o that the re route request is sent through the device The device changes the URI in the Contact header of the received SIP 3xx response to its own URI and adds a special user prefix T R_ which is the...

Страница 459: ...The corresponding global parameter is SBC3xxBehavior SBC Hold Remote Hold Format remote hold Format IPProfile_ SBCRemoteHoldFormat Defines the format of the SDP in the SIP re INVITE or UPDATE for call...

Страница 460: ...e Play Held Tone parameter is set to Internal or External Play Held Tone play held tone IpProfile_SBCPlayHeldTone Enables the device to play Music on Hold MoH to call parties that are placed on hold T...

Страница 461: ...If a coder in the incoming offer from the calling fax matches a coder in the SBCFaxCodersGroupID the device uses this coder If no match exists the device uses the first coder listed in the Coders Grou...

Страница 462: ...SIP entity fully supports fax renegotiation upon fax detection 1 Only on Answer Side The SIP entity supports fax renegotiation upon fax detection only if it is the terminating answering fax and does...

Страница 463: ...detect a broken RTP connection if silence compression is disabled for the RTP session If during a call the source IP address from where the RTP packets are received by the device is changed without n...

Страница 464: ...ANAT 2 4 If you configure the parameter to a prefer option the outgoing SDP offer contains two medias which are the same except for the c field The first media is the preferred address type and this...

Страница 465: ...sensitivity levels from 0 to 7 This AMD Parameter Suite is provided by the AMD Sensitivity file which is shipped pre installed on the device 1 1 Parameter Suite based 1 on North American English with...

Страница 466: ...ding global parameter is AMDMaxPostGreetingSilenceTime Local Tones Local RingBack Tone Index local ringback tone index IPProfile_LocalRingbackTone Defines the ringback tone that you want to play from...

Страница 467: ...n the device using a loadable Prerecorded Tones PRT file which is created using AudioCodes DConvert utility When you create the PRT file each recorded tone file must be added to the PRT file with the...

Страница 468: ...a SIP 401 Unauthorized in response to a sent INVITE the device checks for a matching serving and served entry in the Accounts table If a matching row exists the device authenticates the INVITE by prov...

Страница 469: ...tartup enables the device to unregister and then re register Accounts upon a device reset The following procedure describes how to configure Accounts through the Web interface You can also configure i...

Страница 470: ...e the device sends the SIP REGISTER requests if enabled for registration and authentication of the Served IP Group Note By default only IP Groups associated with the SRD to which the Served IP Group i...

Страница 471: ...ular registration For more information see Regular Registration Mode 2 GIN The device performs registration for legacy PBXs using Global Identification Number GIN For more information see Single Regis...

Страница 472: ...gistration process for the Account sending the message to one of the registrar servers according to the Proxy Set of the Account s Serving IP Group This option can used for example in scenarios where...

Страница 473: ...specification The device receives a SIP 408 480 or 403 response from the Serving IP Group in response to an INVITE The transaction timeout expires for an INVITE sent to the Serving IP Group The device...

Страница 474: ...message containing the Event header with the value reg Event reg Whenever a change occurs in the registration binding state the registrar notifies the device by sending a SIP NOTIFY message 0 Disable...

Страница 475: ...UDPPorts associated with the Proxy Set of the Account s Serving IP Group Traffic between the Serving IP Group and device is sent from and received on the assigned unique local port If enabled for othe...

Страница 476: ...mber GIN registration method is used according to RFC 6140 The device performs GIN based registration of users to a SIP registrar on behalf of a SIP PBX In effect the PBX registers with the service pr...

Страница 477: ...Stickiness feature use the following parameters in the Accounts table Registrar Stickiness Enables the feature Registrar Search Mode Defines the method for choosing an IP address registrar in the Prox...

Страница 478: ...istrar Proxy server may also require authentication for client registration A proxy replies to an unauthenticated INVITE with a 407 Proxy Authorization Required response containing a Proxy Authenticat...

Страница 479: ...ed The method type is REGISTER Using SIP protocol sip Proxy IP from ini file is 10 2 2 222 The equation to be evaluated is REGISTER sip 10 2 2 222 The MD5 algorithm is run on this equation and stored...

Страница 480: ...his section describes User Information configuration Enabling the User Information Table Before you can use the User Information table you need to enable the User Information functionality To enable U...

Страница 481: ...gured in the IP Group s Username and Password parameters However if the user appears in the User Information table and configured with a username and or password then the device authenticates the user...

Страница 482: ...o value is defined Note The parameter is mandatory Username SBCUserInfoTable_ Username Defines the username for registering the user when authentication is necessary The valid value is a string of up...

Страница 483: ...nDee sbc user info 1 activate exit To delete a specific user use the no command sip def proxy and reg no user info sbc user info index e g 1 To import users from a file configure voip config voip sip...

Страница 484: ...ser Information table The users must be configured in comma separated value CSV file format You can create the file using any standard text based editor such as Notepad or alternatively a CSV based pr...

Страница 485: ...lementing simple or complex script like rules that can be used for Lightweight Directory Access Protocol LDAP based routing as well as other advanced routing logic requirements such as manipulation Th...

Страница 486: ...e 247 If a response is expected from the server the query is sent as an HTTP GET or HTTP POST request configurable If no response is required from the server i e to notify the server of a specific con...

Страница 487: ...uring the Action Type field to Exit If for example you want to exit the Call Setup Rule Set ID with true when LDAP query result is found and false when LDAP query result is not found Incorrect this ru...

Страница 488: ...the Dial Plan To specify a Dial Plan use the Request Target parameter see below 3 ENUM The Call Setup rule performs a query with an ENUM E 164 Number to URI Mapping server for retrieving a SIP URI add...

Страница 489: ...page 247 To configure the key use the Request Key parameter see below Request Key request key CallSetupRules_ AttributesToQuery Defines the key to query For LDAP the key string is queried on the LDAP...

Страница 490: ...et in order for this rule to be performed 0 Use Current Condition The Condition configured for this rule must be matched in order to perform the configured action default 1 Use Previous Condition The...

Страница 491: ...er called number param call src user calling number param call src name calling name param call redirect redirect number param call src host source host param call dst host destination host srctags so...

Страница 492: ...l srctags http response body application x www form urlencoded for HTTP Content Type header in HTTP requests true if the Action Type is set to Exit false if the Action Type is set to Exit Call Setup R...

Страница 493: ...Example 3 The example configures the device to route the incoming call according to whether or not the source number of the incoming call also exists in the AD server The device queries the AD server...

Страница 494: ...ction Subject dsttags Action Type Modify Action Value ldap attr ofiSBCrouting IP Groups table Call Setup Rules Set ID 4 IP to IP Routing table Index 1 Destination Tag dep sales Destination IP Group SA...

Страница 495: ...t checks the SRD If a Dial Plan is assigned to the IP Group or SRD the device first searches the Dial Plan for a dial plan rule that matches the source number and then it searches the Dial Plan for a...

Страница 496: ...fic character set Most constrained implies that the dial plan pattern that has the fewest possible matches for a digit is matched first For example if one rule contains the x wildcard character which...

Страница 497: ...rule with tag A is chosen and for incoming calls with prefix number 32144 the rule with tag B is chosen Prefix Tag 321xxx A 321 B For incoming calls with prefix number 5324 the rule with tag B is chos...

Страница 498: ...u can configure up to 10 000 of dial plan rules in total where all can be configured for one Dial Plan or configured between different Dial Plans The following procedure describes how to configure Dia...

Страница 499: ...ription Index index DialPlanRule_RuleIndex Defines an index number for the new table row Note Each row must be configured with a unique index Name name DialPlanRule_Name Defines a descriptive name whi...

Страница 500: ...0 Suffix 123 130 455 766 780 790 Note The ranges and the single numbers in the syntax must have the same amount of digits For example each number range and single number in the example above consists...

Страница 501: ...u choose Import the following dialog box appears 3 Use the Browse button to select the Dial Plan file on your PC and then click OK The file import feature only imports rules of Dial Plans that already...

Страница 502: ...orting and Exporting Dial Plans You can create the file using any text based editor such as Notepad or Microsoft Excel The file must be saved with the csv file name extension To configure Dial Plans i...

Страница 503: ...of a specific Dial Plan 1 Open the Dial Plan table 2 Select the required Dial Plan and then click the Dial Plan Rule link the Dial Plan Rule table opens displaying the rules of the selected Dial Plan...

Страница 504: ...configure two routing rules where each is assigned a unique tag representing a group of local area codes and the destination IP Group associated with the SIP Trunk servicing them Source and destinatio...

Страница 505: ...oming SIP dialog for a Dial Plan rule whose Prefix parameter is configured with the same called prefix number as the SIP dialog e g 102 If found the device inspects the tags in the Tag parameter e g C...

Страница 506: ...ere the tag Country England is used to send calls to IP Group ENG and the tag Country Belgium is used to send calls to IP Group BEL To configure routing to destination IP Groups based on Dial Plan tag...

Страница 507: ...ue include it as well In our example we will configure three IP Groups Parameter Index 0 Index 1 Index 2 Name HQ ENG BEL Dial Plan Dial Plan 1 Tags Country England Country Belgium 3 In the IP to IP Ro...

Страница 508: ...s belonging to the IP Group Set Dial Plan Backward Compatibility This section is for backward compatibility only It is recommended to migrate your Dial Plan configuration to the latest Dial Plan featu...

Страница 509: ...e as required 4 Configure a manipulation rule to remove the prefix tags before the device sends the message to the destination a Open the Outbound Manipulations table see Configuring IP to IP Outbound...

Страница 510: ...suitable IP to IP Routing rule in the IP to IP Routing table You can configure Call Setup rules to query the Dial Plan table for a specified key prefix in a specified Dial Plan to obtain the correspo...

Страница 511: ...urs only after the routing process inbound message manipulation is done first then outbound number manipulation see Configuring IP to IP Outbound Manipulations and then outbound message manipulation F...

Страница 512: ...age Apply conditions per rule the condition can be on parts of the message or call s parameters Multiple manipulation rules using the same condition The following figure shows a configuration example...

Страница 513: ...assigned to the source IP Group and Rule 2 to the destination IP Group Parameter Rule 1 Rule 2 Message Type Invite request Invite request Condition Header Unkown_header contains unknown_ value Header...

Страница 514: ...IP headers you must apply your manipulation rule Manipulation Set ID to the IP Group as an Outbound Message Manipulation Set IPGroup_OutboundManSet when the IP Group is the destination of the call If...

Страница 515: ...anipulation condition configured by the Condition parameter to use for the rule 0 Use Current Condition Default The condition configured in the table row of the rule is used 1 Use Previous Condition T...

Страница 516: ...ject MessageManipulations_ ActionSubject Defines the SIP header upon which the manipulation is performed The valid value is a string case insensitive You can use the built in syntax editor to help you...

Страница 517: ...ipulations table see Configuring IP to IP Outbound Manipulations Message Condition rules are configured using the same syntax as that used for Conditions when configuring Message Manipulation rules in...

Страница 518: ...in syntax editor to help you configure the field Click the Editor button located alongside the field to open the Editor and then simply follow the on screen instructions Note User and host parts must...

Страница 519: ...e Policy rule to calls you need to assign it to the SIP Interface associated with the relevant IP Group see Configuring SIP Interfaces The following procedure describes how to configure Message Policy...

Страница 520: ...default is 1 024 Max Num Headers max num headers MessagePolicy_ MaxNumHeaders Defines the maximum number of SIP headers The valid value is any number up to 32 The default is 32 Note The device suppor...

Страница 521: ...is allowed the others are rejected Malicious Signature Malicious Signature Database signature db enable MessagePolicy_ UseMaliciousSignatureDB Enables the use of the Malicious Signature database signa...

Страница 522: ...rsing manip sets Pre Parsing Manipulation Rules table ini file PreParsingManipulationRules or CLI configure voip message pre parsing manip rules To configure Pre Parsing Manipulation Sets 1 Open the P...

Страница 523: ...requests any request The rule is applied to any request SIP Method request The rule is applied to the specified SIP Method e g invite request SIP responses any response The rule is applied to any res...

Страница 524: ...TER 21 SIP Message Manipulation Mediant 4000 SBC User s Manual Parameter Description For more information on regex refer to the Syntax for SIP Message Manipulation Reference Guide Precedence Ring Tone...

Страница 525: ...Part V Session Border Controller Application...

Страница 526: ...ions may be rejected based on values of incoming SIP INVITE message and other Layer 3 characteristics Packets not belonging to an authorized SIP dialog are discarded RTP Opening pinholes ports in the...

Страница 527: ...and host name manipulations Coder transcoding B2BUA and Stateful Proxy Operating Modes The device can operate in one or both of the following SBC modes Back to Back User Agent B2BUA Maintains independ...

Страница 528: ...oming SIP headers retained in the outgoing INVITE message Some of the reasons for implementing Stateful Proxy mode include B2BUA typically hides certain SIP headers for topology hiding In specific set...

Страница 529: ...ly limited support The following features are not supported when in Stateful Proxy mode Alternative routing Call forking Terminating REFER 3xx If Stateful Proxy mode is enabled and any one of the unsu...

Страница 530: ...d host parts of the URLs can be used as matching rule characteristics for classification message manipulation and call routing All SIP requests e g INVITE except REGISTER Source URL Obtained from the...

Страница 531: ...IP Group i e from where the SIP dialog request originated The classification process is based on the SRD to which the dialog belongs the SRD is determined according to the SIP Interface For more info...

Страница 532: ...figured destination User Registration The device provides a registration database for registering users Only users belonging to a User type IP Group can register with the device User type IP Groups re...

Страница 533: ...ation request The same contact cannot belong to more than one AOR Contacts with identical URIs and different ports and transport types are not supported same key is created Multiple contacts in a sing...

Страница 534: ...xclude ports from the comparison For more information see the description of the SBCURICom parisonExcludedParams parameter General Registration Request Processing The device s general handling of regi...

Страница 535: ...en the device receives a successful unregister response 200 OK from the registrar proxy server This is useful in scenarios for example in which users SIP user agents such as IP Phones erroneously send...

Страница 536: ...the negotiated media capabilities mainly performed by the remote user agents However it does examine and may take an active role in the SDP offer answer mechanism This is done mainly to anchor the me...

Страница 537: ...the Media Realm associated with each leg The Media Realm assigned to the leg s IP Group in the IP Groups table is used If not assigned to the IP Group the Media Realm assigned to the leg s SIP Interf...

Страница 538: ...calls The SIP Interface can also enable direct media for users located behind the same NAT For more information see Configuring SIP Interfaces Direct Media Tag You can enable direct media between use...

Страница 539: ...is defined as a foreign user example follow me service located in the WAN while the other is located in the LAN calls between these two users cannot be established until direct media is disabled for t...

Страница 540: ...r has been chosen between the legs but where coder transrating is required For example the coders may use different coder settings such as rate and packetization time G 729 at 20 ms to G 729 at 30 ms...

Страница 541: ...ders listed in the incoming SDP offer The device must have available DSPs for both legs inbound and outbound The incoming SDP offer must have at least one media line that is audio m audio The device a...

Страница 542: ...P 0 8 18 96 96 a rtpmap 0 PCMU 8000 a rtpmap 8 PCMA 8000 a rtpmap 18 G729 8000 a rtpmap 96 G726 32 8000 a fmtp 4 annexa no a rtpmap 96 telephone event 8000 a fmtp 96 0 15 a ptime 20 a sendrecv b The d...

Страница 543: ...between the two legs To configure the transcoding mode use the global parameter TranscodingMode or the IP Profile parameter IpProfile_TranscodingMode parameter If the transcoding mode is configured t...

Страница 544: ...offer answer negotiation one SBC leg uses RTP while the other uses SRTP the device performs RTP SRTP transcoding To translate between RTP and SRTP the following prerequisites must be met At least one...

Страница 545: ...device adds RFC 2833 only if the incoming offer does not include RFC 2833 2 the device removes RFC 2833 from the incoming offer SBCAlternativeDTMFMethod the device s first priority for DTMF method at...

Страница 546: ...nsparently without transcoding or it can handle the fax as follows Allow interoperability between different fax machines supporting fax transcoding if required Restrict usage of specific fax coders to...

Страница 547: ...tion methods are described in the subsequent subsections SIP Authentication Server Functionality The device can function as an Authentication server for authenticating received SIP message requests ba...

Страница 548: ...according to draft sterman aaa sip 01 Based on this standard the device generates the nonce in contrast to RFC 5090 where it is done by the RADIUS server RADIUS based on draft sterman aaa sip 01 opera...

Страница 549: ...My00NjNhLWExY2ItMTgzMz A5YzlhNzBjIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyIqIl0sInJlYWxtX2FjY 2VzcyI6eyJyb2xlcyI6WyJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNj ZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsib...

Страница 550: ...bute When it exists the device compares it to the AOR of the SIP message For REGISTER requests the AOR is taken from the To header for all other requests the AOR is taken from the From header If the u...

Страница 551: ...e and then configure an HTTP Remote Host Parameter Value Comment Address oauth example com Address of the Authentication server Port 443 Port number of the Authentication server Transport Type HTTPS S...

Страница 552: ...sultant INVITE Traversing Device The device can handle SIP 3xx responses so that the new INVITE message sent as a result of the 3xx traverses the device The reasons for enforcing resultant INVITEs to...

Страница 553: ...new destination address e g RequestURI sip Prefix_User IPPBX 5070 transport tcp param a 6 The device removes the user prefix from the Request URI and then sends this Request URI to the new destination...

Страница 554: ...History Info Header Mode IPProfile_SBCHistoryInfoMode defines the device s handling of the History Info header The handling of the SIP Diversion and History Info headers is described in the table bel...

Страница 555: ...iversion Diversion removed Not present Present Diversion Header Mode Remove History Info Header Mode Remove Present Present Both removed Not present Not present Interworking SIP REFER Messages The dev...

Страница 556: ...CK handling is configured using the IP Profile parameter SBC Prack Mode Optional PRACK is optional for these UAs If required the device performs the PRACK process on behalf of the destination UA Manda...

Страница 557: ...hat require early media such as playing ringback tone Early Media Response Type The device supports the interworking of different SIP provisional response types between UAs for forwarding the early me...

Страница 558: ...CHAPTER 22 SBC Overview Mediant 4000 SBC User s Manual Figure 22 2 SBC Early Media RTP 18x without SDP Figure 22 3 SBC Early Media RTP 18x with SDP 525...

Страница 559: ...ges is configured by the IP Profile parameter SBC Remote Update Support Interworking SIP re INVITE to UPDATE The device enables communication between endpoints IP Groups that do not support re INVITE...

Страница 560: ...he User Agent headers received in the incoming SIP request response from the other side Employing IP Profiles you can configure this interworking feature per SIP entity using the IpProfile_SBCKeepUser...

Страница 561: ...behind the device the call dialog information sent by the application server reflects only the dialog between the device and itself not that of the involved SIP clients This is due to for example the...

Страница 562: ...local tag 1c137249965 remote tag CCDORRTDRKIKWFVBRWYM referred by sip bob is not here vm example net referred by local identity display Jason Forster sip jforsters home net identity target uri sip ali...

Страница 563: ...resence of tokens in the bucket Tokens in the bucket are removed cashed in for the ability to process each dialog If there are no tokens the device rejects the dialog request with a SIP 480 Temporaril...

Страница 564: ...the outgoing leg is performed within each alternative route iteration This is accessed from two places during initial classification routing and during alternative routing CAC does not apply to Test C...

Страница 565: ...es the type of SIP dialog initiating request to which you want to apply the rule not to subsequent requests which can be of different type and direction 0 All default 1 INVITE 2 SUBSCRIBE 3 Other All...

Страница 566: ...m the bucket If a SIP dialog is received by the device and the token bucket is empty the device rejects the SIP dialog Alternatively if the bucket is full for example 100 tokens and 101 SIP dialogs ar...

Страница 567: ...ls when they exceed their reserved capacity For example assume that the reserved capacity for an SRD and its associated IP Groups are as follows SRD reserved call capacity 40 IP Group ID 1 reserved ca...

Страница 568: ...ault SRD Default_SRD when only one SRD is required the device automatically assigns it to the Classification rule Action Defines the action that is done if the incoming call matches the characteristic...

Страница 569: ...oxy Set This classification is applicable only to Server type IP Groups and is done only if classification based on Proxy Set is enabled see the Classify By Proxy Set parameter in the IP Groups table...

Страница 570: ...also with SIP message characteristics to increase the strictness of the classification process The reason for preferring classification based on Proxy Set when the IP address is unknown is that IP ad...

Страница 571: ...lso configure it through ini file Classification or CLI configure voip sbc classification To configure a Classification rule 1 Open the Classification table Setup menu Signaling Media tab SBC folder C...

Страница 572: ...IP dialog The default is Any i e all SIP Interfaces belonging to the SRD assigned to the rule Note The SIP Interface must belong to the SRD assigned to the rule see the SRD parameter in the table Sour...

Страница 573: ...e For REGISTER requests the source URI is obtained from the To header Source Host src host Classification_SrcHost Defines the prefix of the source URI host name as a matching characteristic for the in...

Страница 574: ...ts requiring different routing and manipulation rules for specific calls pertaining to the same SRD In such scenarios you need to configure multiple Classification rules for the same SRD where for som...

Страница 575: ...IP Groups table to which the SIP dialog is classified Therefore assigning an IP Profile during classification allows you to assign different IP Profiles to specific users calls that belong to the sam...

Страница 576: ...ength 0 1 In the Classification table add the following classification rules Index Source Username Pattern Destination Username Pattern Destination Host Source IP Group 0 333 1 1 1111 2000 10 10 10 10...

Страница 577: ...the tag from the Call Setup Rule name value or value only and if found classifies the dialog to that IP Group Classification based on tags is done only if classification based on user registration an...

Страница 578: ...IP Group Selection Tagged IP Group IP Group Tag Name Country Note Enter the tag s name only If the tag only has a value then enter default 5 Open the IP Groups table see Configuring IP Groups on page...

Страница 579: ...ation is the address configured for the Proxy Set associated with the IP Group IP Group Set the destination can be based on multiple IP Groups for load balancing where each call may be sent to a diffe...

Страница 580: ...on on Routing Policies see Configuring SBC Routing Policy Rules The IP to IP Routing table also provides the following features Alternative Routing In addition to the alternative routing load balancin...

Страница 581: ...is not assigned a Cost Group the device can select it as the preferred route over other matched routing rules that are assigned Cost Groups according to the default LCR settings configured for the as...

Страница 582: ...e routing rule using the tag as the source and destination number matching characteristics and a destination for the calls For more information see Using Dial Plan Tags for Matching Routing Rules Dial...

Страница 583: ...routing rule or an alternative routing rule to the rule defined directly above it in the table 0 Route Row Default Main routing rule the device first attempts to route the call to this route if the i...

Страница 584: ...ication table see Configuring Classification Rules The default is Any i e any IP Group Note The selectable IP Group for the parameter depends on the assigned Routing Policy in the Routing Policy param...

Страница 585: ...configured in the associated Dial Plan The valid value is a string of up to 70 characters By default no value is defined You can configure the parameter with up to five tags where each tag is separat...

Страница 586: ...untry Ireland Land Scotland The tag is case insensitive To configure prefix tags see Configuring Dial Plans Note Make sure that you assign the Dial Plan in which you have configured the prefix tag to...

Страница 587: ...see Interworking SIP 3xx Redirect Responses and Interworking SIP REFER Messages respectively The parameter functions together with the Call Trigger parameter in the table The default is Any i e any IP...

Страница 588: ...r s to query 9 Routing Server Device sends a request to a third party routing server for an appropriate destination next hop for the matching call 10 All Users Device checks whether the Request URI i...

Страница 589: ...the received SIP dialog and an AOR registration record in the device s database If found the device sends the SIP dialog to the IP address specified in the database for the registered contact By defau...

Страница 590: ...the address of the ENUM service for example e164 arpa e164 customer net or NRENum net The device sends the ENUM query containing the destination phone number to an external DNS server configured in th...

Страница 591: ...ontain up to 20 members In other words up to 20 routing rules can be configured for the same Forking Group Cost Group cost group IP2IPRouting_ CostGroup Assigns a Cost Group to the routing rule for de...

Страница 592: ...device sends to the sender of the incoming SIP dialog instead of sending the call to another destination The parameter is applicable only when the Destination Type parameter in this table is configur...

Страница 593: ...xample on how to configure fax rerouting To configure fax rerouting 1 Open the Fax Modem CID Settings page Setup menu Signaling Media tab Media folder Fax Modem CID Settings a In the Fax Detection Tim...

Страница 594: ...P Routing Rule 0 to route voice calls from IP Group 0 to IP Group 1 Match Source IP Group HQ IP Group 0 Call Trigger Initial Only ReRoute IP Group Voice IP Group 1 Action Destination Type IP Group Des...

Страница 595: ...u want assigned to each SIP entity IP PBX from the SIP Interface port range The following procedure describes how to configure the device to use a specific local UDP port per SIP entity on the leg int...

Страница 596: ...SBC Advanced Call Setup Rules Set ID 1 Tags Type PBX Port 6001 IP Group for the second IP PBX Type and Port tags are later used to identify the IP PBX and assign it a local UDP port 6002 on the leg in...

Страница 597: ...le Set ID 1 Action Action Subject srctags Type Action Type Modify Action Value param ipg src tags Type If the source tag name Type equals PBX i e SIP message from an IP Group belonging to one of the I...

Страница 598: ...Rule Set ID 1 Condition srctags Type ITSP Action Action Subject dsttags Port Action Type Modify Action Value message incoming local port 4 Open the IP to IP Routing table see Configuring SBC IP to IP...

Страница 599: ...nfiguring the response codes described in this section you need to configure the following A Proxy Set with one or more addresses proxy servers and whose Proxy Hot Swap parameter is configured to Enab...

Страница 600: ...ld is crossed 2 configuring 806 in the Alternative Routing Reasons table and 3 configuring an alternative routing rule The device also generates the response code when it rejects a call based on Quali...

Страница 601: ...uired 403 Forbidden 404 Not Found 405 Method Not Allowed 406 Not Acceptable 408 Request Timeout Default 409 Conflict 410 Gone 413 Request Too Large 414 Request URI Too Long 415 Unsupported Media 420 B...

Страница 602: ...y with newly added configuration entities that can be associated with the Routing Policy as mentioned later in this section except for Classification rules This facilitates configuration eliminating t...

Страница 603: ...an IP Group based on the SIP Interface on which the call is received Based on the SIP Interface the device associates the call to the SRD that is assigned to the SIP Interface 2 Once the call has been...

Страница 604: ...me the device automatically assigns a name in the following format SBCRoutingPolicy_ Index for example SBCRoutingPolicy_2 Note Each row must be configured with a unique name The parameter value cannot...

Страница 605: ...Call Duration lcr call length SBCRoutingPolicy_ LCRAverageCallLength Defines the average call duration in minutes and is used to calculate the variable portion of the call cost This is useful for exa...

Страница 606: ...Dial Plan tags In the IP Group Set table see below specify the tag name In the IP to IP Routing table configure the routing rule s Destination Type parameter to Destination Tag and then specify the t...

Страница 607: ...e lowest index If unavailable it sends the calls to the next consecutive available IP Group However if the first IP Group comes online again the device selects it Note For the Random Weight optional v...

Страница 608: ...number for the new table row Note Each row must be configured with a unique index IP Group ip group name IPGroupSetMember_ IPGroupName Assigns an IP Group to the IP Group Set To configure IP Groups se...

Страница 609: ...ted if exists P Preferred if exists and Remote Party ID if exists You can also restrict source user identity in outgoing SIP dialogs in the Outbound Manipulation table using the column PrivacyRestrict...

Страница 610: ...em 100rel timer replaces Allow REGISTER OPTIONS INVITE ACK CANCEL BYE NOTIFY PRACK REFER User Agent Sip Message Generator V1 0 0 5 Content Type application sdp Content Length 155 v 0 o SMG 5 9 IN IP4...

Страница 611: ...nes a manipulation sequence for the source or destination SIP URI user part of inbound SIP dialog requests You can apply these manipulations to different SIP dialog message types e g INVITE or REGISTE...

Страница 612: ...for most deployments only a single Routing Policy is required As the device provides a default Routing Policy Default_ SBCRoutingPolicy when only one Routing Policy is required the device automatical...

Страница 613: ...Additional Manipulation is additional manipulation IPInboundManipulation_ IsAdditionalManipulation Determines whether additional SIP URI user part manipulation is done for the table entry rule listed...

Страница 614: ...ation for Routing and Manipulation Source Host src host IPInboundManipulation_ SrcHost Defines the source SIP URI host name full name usually in the From header The default is the asterisk symbol i e...

Страница 615: ...nes the number or string that you want added to the end of the user name For example if you enter 01 and the user name is john the new user name is john01 Configuring IP to IP Outbound Manipulations T...

Страница 616: ...procedure describes how to configure Outbound Manipulations rules through the Web interface You can also configure it through ini file IPOutboundManipulation or CLI configure voip sbc manipulation ip...

Страница 617: ...can only be done on a different item source URI destination URI or calling name to the rule configured in the row above configured by the Manipulated URI parameter Call Trigger trigger IPOutboundMani...

Страница 618: ...se tags see Source Tags parameter below instead of this parameter Source Host src host IPOutboundManipulation_ SrcHost Defines the source SIP URI host name full name typically in the From header The d...

Страница 619: ...ers The tag is case insensitive By default no value is defined You can configure the parameter with up to five tags where each tag is separated by a semicolon Each tag can have a name and value e g Co...

Страница 620: ...user part 2 Calling Name Manipulates the calling name in the SIP message Remove From Left remove from left IPOutboundManipulation_ RemoveFromLeft Defines the number of digits to remove from the left...

Страница 621: ...a Privacy header is added with the value id 2 Restrict The user identity is restricted The restriction is as follows From URL header anonymous anonymous invalid If a P Asserted Identity header exists...

Страница 622: ...ociated with the IP Profile are terminated at the device However you can configure a Message Manipulation rule with the proprietary header to override this parameter setting and allow the device to fo...

Страница 623: ...on configure the following manipulation rule Manipulation Set ID 1 Message Type reinvite request Condition body sdp regex m audio 7550 RTP AVP Action Subject header X AC Action Action Type Add Action...

Страница 624: ...axSIPUserAgent However you can configure signature patterns based on any SIP header To configure signature patterns use the same syntax as that used for configuring Conditions in the Message Manipulat...

Страница 625: ...nes an index number for the new table row Note Each row must be configured with a unique index Name name MaliciousSignatureDB_ Name Defines a descriptive name which is used when associating the row in...

Страница 626: ...vice terminates the regular call it immediately sends the INVITE message of the emergency call to its destination without waiting for any response from the remote sides e g 200 OK after BYE If the dev...

Страница 627: ...sing LDAP to Obtain ELIN The device can route emergency calls e g 911 for INVITE messages that are received without an ELIN number This is in contrast to when the device is deployed in a Microsoft Sky...

Страница 628: ...ting between the SIP entity and the two proxy servers To differentiate between these REGISTER messages a unique SIP Interface needs to be used for each REGISTER message Each REGISTER message is regist...

Страница 629: ...ac int 1 REGISTER for Secondary Proxy received on SIP Interface Interface 2 REGISTER To sip 100 audc com Contact sip 100 172 17 100 20 ac int 2 4 The device adds to the Contact header a special strin...

Страница 630: ...e 1 Index 1 Manipulation Set ID 2 Action Subject header contact url ac int Action Type Modify Action Value 2 4 In the SIP Interfaces table configure the following SIP Interfaces Index 0 SIP Interface...

Страница 631: ...Group Primary Proxy Destination IP Group IP Phone A Index 2 Source IP Group IP Phone B Destination IP Group Sec Proxy Index 3 Source IP Group Sec Proxy Destination IP Group IP Phone B Handling Regist...

Страница 632: ...of multiple AORs with identical Contact URIs 1 Open the Proxy Registration page Setup menu Signaling Media tab SIP Definitions folder Proxy Registration 2 From the DB Routing Search Mode drop down lis...

Страница 633: ...he outgoing INVITE is mapped to the Calling Party Number parameter of the IAM message The ISUP data is included in SIP messages using the Multipurpose Internet Mail Extensions MIME body part for examp...

Страница 634: ...rnal media source to SBC call parties that are placed on hold Implementing an external media source offers flexibility in the type of audio that you want played as MoH e g radio adverts or music If yo...

Страница 635: ...stablish Table 28 2 External Media Source Table Parameter Descriptions Parameter Description Index ExternalMediaSource_Index Defines an index number for the new table row IP Group ip group name Extern...

Страница 636: ...is always used to play MoH to its branch users is shown below and subsequently described 1 Open the Coder Groups table see Configuring Coder Groups on page 384 and then configure a Coders Group e g A...

Страница 637: ...consumer Web site see following figure After clicking the button the customer can start a voice and or video call with a customer service personnel directly from the browser without having to downloa...

Страница 638: ...t be in the SDP offer answer e g m audio 11050 RTP SAVPF 103 For more information see the IP Profile parameter IPProfile_ SBCRTCPFeedback see Configuring IP Profiles WebSocket WebSocket is a signaling...

Страница 639: ...the client on the media 9 Media flows between the WebRTC client and the SIP client located behind the device SIP over WebSocket The device supports the transmission of SIP signaling over WebSocket We...

Страница 640: ...144 tag ub50pqjgpr Call ID fhddgc3kc3hhu32h01fghl CSeq 81 REGISTER Contact sip 0bfr9fd5 v6iqlt8lne5c invalid transport ws reg id 1 sip instance urn uuid 4405bbe2 cf06 4c27 9c59 6caf83af9b00 expires 60...

Страница 641: ...ic requirement WebRTC JavaScript configuration is beyond the scope of this document The device s WebRTC feature WebRTC Gateway can also operate with mobile device users that are registered to the devi...

Страница 642: ...aces b Do the following From the Encapsulating Protocol drop down list SIPInterface_ EncapsulatingProtocol select WebSocket In the TLS Port field configure the TLS port From the TLS Context Name drop...

Страница 643: ...ect the TLS Context that you configured in Step 1 For more information on DTLS see SRTP using DTLS Protocol 6 Configure IP to IP routing rules to route calls between the WebRTC clients and the enterpr...

Страница 644: ...nder the same AOR as the specific contact This is configured by the SBCSendInviteToAllContacts parameter Configuring SIP Forking Initiated by SIP Proxy The device can handle the receipt of multiple SI...

Страница 645: ...red and then terminates the other SIP dialogs For more information see Configuring SBC IP to IP Routing Rules Call Survivability This section describes various call survivability features supported by...

Страница 646: ...ween the device and the BroadSoft AS is down the device manages the Shared Call Appearance feature for the SIP clients The feature is supported by configuring a primary extension and associating it wi...

Страница 647: ...e g 600 Manipulation Purpose Shared Line Match Request Type REGISTER Source IP Group IP Group that you created for the users e g 2 Source Username Pattern Represents the secondary extensions e g 601 a...

Страница 648: ...ents for example agents and managers 2 In the Classification table see Configuring Classification Rules add rules to classify incoming calls that are received from the entities listed in Step 1 to IP...

Страница 649: ...o notify the IP phones that it is currently operating in Survivability mode When this occurs the Aastra IP phones display the message Stand Alone Mode on their LCD screens If you enable the feature an...

Страница 650: ...ss than or equal to 50 ISPs can therefore offer service level agreements SLAs to their customers based on the VoIPerfect feature For more information contact the sales representative of your purchased...

Страница 651: ...t voice quality can also be maintained as mentioned previously Figure 28 1 VoIPerfect Managed Opus Figure 28 2 VoIPerfect Managed G 729 Configuration of the Enterprise SBC Coder Groups table see Confi...

Страница 652: ...e Coder Groups table Coders Group with G 711 Coders Group with Opus Allowed Audio Coders Groups table Allowed Audio Coders Group with G 711 Allowed Audio Coders Group with Opus IP Profiles table main...

Страница 653: ...eedback Feedback On Max Opus Bandwidth 0 Quality of Service Rules table see Configuring Quality of Service Rules Rule Metric Poor InVoice Quality Alternative IP Profile Name name of Alternative IP Pro...

Страница 654: ...Part VI Cloud Resilience Package...

Страница 655: ...se Key see License Key For the maximum number of supported CRP sessions and CRP users than can be registered in the device s registration database see Technical Specifications For cloud providers CRP...

Страница 656: ...advantages of CRP is that it enables quick and easy configuration This is accomplished by its pre configured routing entities whereby only minimal configuration is required For example defining IP add...

Страница 657: ...configuration pages Wherever SBC appears in the menu path for the CRP application it appears as CRP If you installed a License Key with the CRP feature and you later want to stop disable working with...

Страница 658: ...CRP routes the calls between the branch users themselves as if connectivity failure has occurred with the IP PBX The CRP also registers the branch users in its registration database To configure the C...

Страница 659: ...Configuring IP Groups Pre Configured IP to IP Routing Rules For the CRP application the IP to IP Routing table is pre configured with IP to IP routing rules These rules depend on the configured Call...

Страница 660: ...s routing rule is used if the device can t find a matching destination user for IP Group 1 User type IP Group in its registration database If the CRPGatewayFallback parameter is disabled and no matchi...

Страница 661: ...Type Destin ation Type Destin ation IP Group Destin ation Address Altern ative Route Options Auto Answer to Registratio ns 1 Any OPTION S Dest Address Internal Route Row 2 Any REGIST ER IP Group Any...

Страница 662: ...nd if not located it sends the call to the PSTN IP Group 3 CRP Gateway as an alternative route To enable CRP Gateway fallback 1 Open the SBC General Settings page Setup menu Signaling Media tab SBC fo...

Страница 663: ...Part VII High Availability System...

Страница 664: ...ess of the other The Maintenance interface can use a dedicated Ethernet port group or share the same Ethernet port group with the other network interface types i e OAMP Media and Control When only one...

Страница 665: ...g the active with 5 and redundant with 4 or active with 9 and redundant with 2 both assign highest priority to the active device Whenever the device with higher priority recovers from a failure it fir...

Страница 666: ...ing HA Status on Monitor Web Page You can view the status of the HA system on the Monitor page of the device s Web interface The page provides a graphical display of both active and redundant devices...

Страница 667: ...Entities folder HA Settings 2 In the HA Device Name field enter a name for the active device 3 In the Redundant HA Device Name field enter a name for the redundant device 4 Click Apply Once the device...

Страница 668: ...o be done externally to the units either physically different physical networks or logically using VLANs When using VLANs make sure that you use a different Ethernet Device for each IP network interfa...

Страница 669: ...y if both devices are installed with a License Key that includes this feature For installing a License Key see License Key The physical connections of the first and second devices to the network i e M...

Страница 670: ...rface The Ethernet Group is associated with the Ethernet Device which is assigned to the interface The IP Interfaces table below shows an example where the Maintenance interface is configured with Eth...

Страница 671: ...Second Device Once you have configured the first device for HA you can configure the second device for HA As the configuration of the second device is similar to the first device the following proced...

Страница 672: ...es for HA 1 Cable the devices to the network You must connect both ports two in the Ethernet Group of the Maintenance interface to the network i e two network cables are used This provides 1 1 Mainten...

Страница 673: ...ure is enabled InterfaceTable defines the IP Interfaces table with two network interfaces for the following Application Types OAMP Media Control This is the same for both devices HA Maintenance This i...

Страница 674: ...ss on the redundant device requires a device reset Modifications on all other Maintenance interface parameters e g Default Gateway and VLAN ID updated to the Maintenance interface on the redundant dev...

Страница 675: ...6 10 31 4 61 670 32 68 0 680 udp Enab le HA_ IF Allo w 0 0 0 17 10 31 4 62 670 32 68 0 680 udp Enab le HA_ IF Allo w 0 0 0 18 0 0 0 0 0 0 0 655 35 Any Disa ble Blo ck 0 0 0 The index numbers in the ta...

Страница 676: ...0 is the lowest priority best effort and 63 is the highest priority 2 Reset the device with a burn to flash for your settings to take effect Monitoring IP Entities and HA Switchover upon Ping Failure...

Страница 677: ...the row s become reachable again and then unreachable The following SNMP alarms are related to the HA Network Monitor feature acHASystemFaultAlarm This alarm is sent to indicate that you have configu...

Страница 678: ...to five IP addresses in dotted decimal notation where each IP address is separated by a comma or space for example 10 1 1 1 20 2 2 2 30 3 3 3 without quotation marks Note You cannot configure the par...

Страница 679: ...of the monitored row is currently undetermined In other words all the destinations configured for the monitored row have never replied to the device s pings Reachable The device considers the monitor...

Страница 680: ...e destination as offline unreachable In other words the number of consecutive failed pings equaled to or was greater than that configured by the Ping Count parameter Terminated by ping error The devic...

Страница 681: ...vice If you need to replace a faulty device the new device must be configured exactly as the second device as described in Configuring the HA Devices Initiating an HA Switchover You can initiate a swi...

Страница 682: ...system and return them to standalone devices To disconnect HA On the active device enter the following CLI command debug ha disconnect system new OAMP address of redundant device The new OAMP address...

Страница 683: ...The device performs standard user authentication where you can configure it to check the user s credentials in the device s Local Users table or with a remote authentication server Access is granted...

Страница 684: ...y load this file to the devices to restore HA To backup and then restore HA 1 Save the ini file from the active device to a folder on your PC Store this file in a safe location for future use i e HA b...

Страница 685: ...Part VIII Maintenance...

Страница 686: ...evice through Web interface 1 Open the Maintenance Actions page Toolbar Click the Reset button Navigation tree Setup menu Administration tab Maintenance folder Maintenance Actions 2 From the Save To F...

Страница 687: ...To enable remote reset upon receipt of SIP NOTIFY 1 Open the SIP Definitions General Settings page Setup menu Signaling Media tab SIP Definitions folder SIP Definitions General Settings 2 From the Rem...

Страница 688: ...en in the Lock Timeout field enter the time in seconds after which the device locks 4 If you also want the device to terminate close existing TLS TCP client connections and reject new incoming TLS TCP...

Страница 689: ...previous settings if the device subsequently resets hardware or software or powers down Therefore to ensure that your configuration changes are retained you must save them to the device s non volatil...

Страница 690: ...SIP NOTIFY The device can be triggered to disconnect all current calls upon the receipt of a SIP NOTIFY message containing an Event header with the value soft sync proprietary to AudioCodes as shown...

Страница 691: ...edundant devices install and burn the file to flash memory with a reset In other words no HA switchover occurs Hitless Upgrade The devices are upgraded without disrupting traffic i e current calls are...

Страница 692: ...dant 3 When the system is operational again delete core dumps from the current redundant device through CLI Telnet Core dump deletion can take up to 10 minutes 4 Start the Hitless Software Upgrade pro...

Страница 693: ...configuration by uploading the backup file to the device For more information see Configuration File 4 Open the Software Upgrade wizard Toolbar From the Actions drop down menu choose Software Upgrade...

Страница 694: ...upload a cmp file Auxiliary and ini files cannot be uploaded 9 To load additional files use the Next and Back buttons to navigate through the wizard to the desired file load wizard page otherwise ski...

Страница 695: ...reviously configured for these parameters 10 Click Reset a progress bar is displayed indicating the progress of saving the files to flash and device reset Device reset may take a few minutes even up t...

Страница 696: ...nual 11 Click End Process the Web Login screen appears prompting you to log into the device 12 Log in with your username and password a message box appears informing you that the device s software has...

Страница 697: ...ed Tones File Dial Plan Provides dialing plans Note Load a Dial Plan file using the Auxiliary Files page only for backward compatibility otherwise import Dial Plan files using the Dial Plan table see...

Страница 698: ...Auxiliary Files page for backward compatibility If backward compatibility is not needed load the file or configure users in the User Information table for SBC users see Configuring SBC User Informatio...

Страница 699: ...iles e g Dial Plan file and CPT file copy aux package from to URL of remote server with TAR file name For example copy aux package from http 192 169 11 11 80 aux_files tar For more information on CLI...

Страница 700: ...ion time is 100 msec Cadence A repeating sequence of on and off sounds Up to four different sets of on off periods can be specified Burst A single sound followed by silence Only the First Signal On ti...

Страница 701: ...ce on off cycle Can be omitted if there isn t a second cadence Second Signal Off Time 10 msec Signal Off period in 10 msec units for the second cadence on off cycle Can be omitted if there isn t a sec...

Страница 702: ...all the device always selects it to eliminate the need for using DSP resources If the coder of the tone is the same as that of the call DSPs are not required If they are different DSPs are required Th...

Страница 703: ...nswered the call and is based on North American English In most cases the detection algorithms in this file suffice even when your deployment is in a region where a language other than English is spok...

Страница 704: ...for backward compatibility only If backward compatibility is not needed load the file or configure users in the User Information table for SBC users see Configuring SBC User Information Table through...

Страница 705: ...Key For more information see Viewing the Device s Product Key Mode Displays the type of License Key Local License Key The License Key is a locally installed License Key License Pool The License Key is...

Страница 706: ...re the instructions in this section must be repeated for each device To obtain and activate your License Key for initial activation 1 Make a note of the device s Serial Number fingerprint The Serial N...

Страница 707: ...ng sessions and registered users can also be provided remotely from AudioCodes OVOC management tool as described in SBC Capacity Licenses from Fixed License Pool on page 681 and in SBC Capacity Licens...

Страница 708: ...during periods of low traffic Installation of License Keys in string format is not applicable to devices in HA mode To install a License Key string through Web interface 1 Open the License Key page se...

Страница 709: ...ss message box appears When the installation completes the following message box appears 9 Click Close to close the message box you are logged out of the Web interface and prompted to log in again The...

Страница 710: ...s For backing up the License Key see Backing up the License Key 3 Click the Load By File button navigate to the License Key file on your computer and then select the file to load to the device the App...

Страница 711: ...licenses one or more of them FEU SBC Coder Transcoding SBC Signaling Non hitless Upgrade The License Key is installed on both devices simultaneously both reset at the same time Therefore this method i...

Страница 712: ...ou to click Reset or Close to cancel the operation to perform a non hitless upgrade In this scenario skip Step 5 5 Click one of the following buttons Hitless Upgrade Installs the License Key without a...

Страница 713: ...stalling the new License Key verify that it has been installed 1 On the License Key page check that the listed features and capabilities of the newly installed License Key match those that you ordered...

Страница 714: ...l the License Key page indicates this by displaying License Pool in the Mode field see Viewing the License Key on page 672 In addition you can view the SBC licenses allocated by the license pool under...

Страница 715: ...icationAlarm OID 1 3 6 1 4 1 5003 9 10 1 21 2 0 107 acLicensePoolOverAllocationAlarm OID 1 3 6 1 4 1 5003 9 10 1 21 2 0 125 For more information on the alarms refer to the SNMP Reference Guide No conf...

Страница 716: ...s been exceeded If the licensed capacity has been exceeded AudioCodes sends you a report detailing the excess capacity and requests that you purchase additional SBC capacity for your Floating License...

Страница 717: ...hat the following OVOC related prerequisites have been fulfilled The Floating License has been purchased from AudioCodes with the required SBC license capacities and installed on OVOC The devices for...

Страница 718: ...Registered Users This profile is suited for applications where user registration is required To configure your own profile select Custom and then configure the capacity for each SBC license type in th...

Страница 719: ...ave enabled the Floating License feature see SBC Capacity Licenses from Floating License on page 682 To view the Floating License Report through the Web interface Open the Floating License Reports pag...

Страница 720: ...ubsequent communication with AudioCodes e g for support and software upgrades The Product Key is your chassis serial number S N Product Key which also appears on the product label affixed to the chass...

Страница 721: ...e monitoring MIBs whose thresholds low and or high you have changed from default threshold values To apply these same threshold values to other devices simply load the file to the devices The saved in...

Страница 722: ...de When loading a CLI Startup Script file the device needs to reset twice for its settings to take effect The saved file includes only parameters whose values you have modified To save the CLI Script...

Страница 723: ...wing files ini ini ini configuration file LOGO dat image file used as the logo in the Web interface FAVICON dat favicon file used for Web browsers CPT dat Call Progress Tone file present only if a CPT...

Страница 724: ...h Security Administrator level Web interface a Open the Configuration File page Toolbar From the Actions drop down menu choose Configuration File Navigation tree Setup menu Administration tab Maintena...

Страница 725: ...w its lease from the DHCP server The device can use a host name in the DHCP request The host name is set to acl_nnnnn where nnnnn When using DHCP to acquire an IP address VLANs and other advanced conf...

Страница 726: ...0 included If the device is software reset e g from the Web interface or SNMP only a single DHCP sequence containing Option 60 is sent Provisioning from HTTP Server using DHCP Option 67 You can provis...

Страница 727: ...e network in which the device is deployed includes a provisioning TFTP server for all network equipment without the capability of distinguishing between AudioCodes and non AudioCodes devices Upon star...

Страница 728: ...the file does not exist on the provisioning server the device requests from the server a default configuration file whose name includes the device s product name and MAC address Product MAC ini for ex...

Страница 729: ...on site using the RS 232 port or Web interface When the device is deployed at the customer site local DHCP server provides the devices with IP addressing and DNS server information From the URL provid...

Страница 730: ...vice if the device is configured for Automatic Updates the Burn To FLASH field under the Reset Configuration group in the Web interface s Maintenance Actions page is automatically set to No by default...

Страница 731: ...needs to authenticate itself with the server you can use the same parameters to configure the authentication username and password for more information see Access Authentication with HTTP Server on pa...

Страница 732: ...eywords to denote the different file types to download and in the URL address of the provisioning server it uses a placeholder for the file names which is replaced by hardcoded file names and extensio...

Страница 733: ...e following URLs http 10 8 8 20 Site1_device ini http 10 8 8 20 Site1_fk ini http 10 8 8 20 Site1_cpt data 3 Place the files to download on the provisioning server Make sure that their file names and...

Страница 734: ...e g every 60 minutes configured by the ini file parameter AutoUpdateFrequency or CLI command configure system automatic update update frequency Centralized provisioning server request Upon receipt of...

Страница 735: ...eful Timeout 2 Load the ini file to the device Access Authentication with HTTP Server You can configure the device to authenticate itself with the HTTP S server that contains the files that you want t...

Страница 736: ...include any user defined string or the following supported string variable tags case sensitive NAME product name according to the installed License Key MAC device s MAC address VER software version c...

Страница 737: ...formation see Cyclic Redundancy Check on Downloaded Configuration Files When this method is used there is typically no need for the provisioning server to check the device s current firmware version u...

Страница 738: ...e Automatic Update feature is triggered see Triggers for Automatic Update the device attempts to download the files if available from the configured URLs in the following order 1 ini file 2 CLI Script...

Страница 739: ...ration from the Startup Script file on the new software version CLI Script and Startup Script The device downloads and applies both files but the Startup Script file overwrites all the configuration o...

Страница 740: ...x InterfaceTable_ApplicationTypes InterfaceTable_InterfaceMode InterfaceTable_IPAddress InterfaceTable_ PrefixLength InterfaceTable_Gateway InterfaceTable_VlanID InterfaceTable_ InterfaceName Interfac...

Страница 741: ...pdate automatic update crc check regular 4 Power down and then power up the device Automatic Update from Remote Servers This example describes how to configure the Automatic Update feature where files...

Страница 742: ...automatic update startup script https company com files startup_script txt 3 Configure the device with the IP address of the DNS server for resolving the domain names of the FTPS and HTTP servers Inte...

Страница 743: ...idnight for software configuration and Auxiliary files HTTP based provisioning server at www company com for storing the files DNS server at 80 179 52 100 for resolving the domain name of the provisio...

Страница 744: ...the IP address of the DNS server for resolving the domain name e g http www company com that is used in the URL for the provisioning server This is done in the IP Interfaces table ini File InterfaceT...

Страница 745: ...lete device configuration you may need to manually configure additional functionality For example you may need to configure security settings e g firewalls and IDS to ensure that the device is protect...

Страница 746: ...pack version field you can update it by clicking the Update from Remote Server button Alternatively if you have received a template pack file from the sales representative of your purchased device you...

Страница 747: ...del is not listed select Generic IP PBX b From the SIP Trunk drop down list select the SIP trunk provider If the provider is not listed select Generic SIP Trunk c To generate a configuration template...

Страница 748: ...server s IP address Note that if you enable Syslog the device generates verbose logs debug level 5 which adversely affects performance For more information on Syslog see Configuring Syslog 3 Configur...

Страница 749: ...address must be part of the Enterprise LAN and therefore is typically a private IP address The address is used for communicating with the IP PBX and or users that reside on the LAN as well as for mana...

Страница 750: ...e IP PBX group configure the following Address Configure the IP address or hostname of the IP PBX Note that for the One port WAN network topology when the device is assigned a public IP address you mu...

Страница 751: ...pears SIP Trunk Page SIP Trunk Page The SIP Trunk wizard page configures the SIP Trunk settings The following fields are read only Network Type Displays the IP network interface for communicating with...

Страница 752: ...media protocol type and ports used by the device for communicating with the IP PBX Media Protocol Configure the media protocol type Base Port Configure the first media port Number Of Sessions Configur...

Страница 753: ...he Remove field configure the number of digits to be removed from the beginning of the number If configured to 0 no digits are removed d In the Add field configure a new prefix to be added to the begi...

Страница 754: ...AN network topologies you must configure different listening ports for communication with the IP PBX and remote users 3 Under the Media Ports Realm group configure the media protocol type and ports us...

Страница 755: ...normal format click the Configuration Summary tab 2 To save the configuration as an ini file to a folder on your PC click the Save INI file button You can later load the file to the device see Loading...

Страница 756: ...iguration Wizard Mediant 4000 SBC User s Manual To complete the SBC Configuration Wizard Click Apply Reset to apply configuration to the device or click Save INI File to save configuration as an ini f...

Страница 757: ...on your computer For serial cabling refer to the Hardware Installation Manual b Establish serial communication with the device using a serial communication program such as HyperTerminalTM with the fo...

Страница 758: ...ration File 2 To keep your current IP network settings e g OAMP select the Preserve basic connectivity check box To overwrite all your IP network settings with the default IP network interface clear t...

Страница 759: ...Part IX Status Performance Monitoring and Reporting...

Страница 760: ...mation Description Parameter Description General Settings MAC Address Media access control MAC address Serial Number Serial number of the CPU This serial number also appears on the product label that...

Страница 761: ...egabytes CPU Speed MHz Clock speed of the CPU measured in megahertz MHz Versions Version ID Software version number DSP Type Type of DSP DSP Software Version DSP software version DSP Software Name DSP...

Страница 762: ...n in seconds of established calls The value is refreshed every 15 minutes and therefore this value reflects the average duration of all established calls made within a 15 minute period The correspondi...

Страница 763: ...e Viewing Active Alarms 2 Fan tray unit status icon green Normal operation of Fan tray red Fan tray failure To view detailed information of the device s hardware components click these icons to open t...

Страница 764: ...state i e Redundant device is missing and HA is unavailable or in Active state and HA is enabled yellow Steady on Redundant device while HA is unavailable before HA synchronization with Active device...

Страница 765: ...mation on the percentage of DSP resources utilized by the device through the SNMP MIB table acPMDSPUsage You can also configure low and high DSP utilization thresholds for this MIB that if crossed the...

Страница 766: ...if the device changes from HA to a Standalone device To configure the maximum number of active alarms that can be displayed in the table see the ini file parameter ActiveAlarmTableMaxSize The alarm b...

Страница 767: ...is shown first in the list The table displays both the cleared alarm and the alarm for which it was cleared adjacent to one another as shown in the figure below for alarms 8 and 9 To configure the max...

Страница 768: ...er a device reset i e the first alarm raised after a reset is assigned the number 1 Severity Severity level of the alarm Critical red Major orange Minor yellow Cleared green Source Component of the de...

Страница 769: ...he procedure below To view management user activity logs Open the Activity Log table Monitor menu Monitor tab Summary folder Activity Log Table 46 1 Activity Log Table Description Parameter Descriptio...

Страница 770: ...iled ratio Dialog Failed Attempts Displays failed SIP dialog attempts This includes the number of calls and subscribes which were successfully and abnormally terminated Dialog Termination Ratio Displa...

Страница 771: ...Displays the number of established calls INVITEs in a 15 minute interval The x axis indicates the time hh mm ss of the call and the y axis the number of calls The graph is refreshed every 15 minutes...

Страница 772: ...w ASR in the Web interface see Viewing Call Success and Failure Ratio Network Effectiveness Ratio NER The number in percentage of successfully connected calls out of the total number of attempted call...

Страница 773: ...e example is based on the ASR of a call where the Major threshold is configured to 70 the Minor threshold to 90 and the hysteresis for both thresholds to 2 Table 47 1 Threshold Crossings based on Thre...

Страница 774: ...stem performance profile To configure a Performance Profile rule 1 Open the Performance Profile table Monitor menu Monitor tab Performance Monitoring folder Performance Profile 2 Click New the followi...

Страница 775: ...is parameter see below The valid range is 0 to 100 The default is 0 Major Threshold major threshold PerformanceProfile_ MajorThreshold Defines the Major threshold in percentage of the selected perform...

Страница 776: ...alls during the interval is less than the configured minimum samples no calculation is done Configuring User Defined Performance Monitoring MIBs The User Defined Failure PM table lets you configure up...

Страница 777: ...Failure PM 2 Click New the following dialog box appears 3 Configure the rule according to the parameters described in the table below 4 Click Apply Table 47 3 User Defined Failure PM Table Parameter D...

Страница 778: ...eter with multiple codes where each code is separated by a comma e g 408 430 5xx To denote all SIP response codes configure the parameter to any Note For the device to apply the rule you must configur...

Страница 779: ..._PREEMPTION_ DUE_TO_HIGH_PRIORITY 333 Preemption Failed RELEASE_ BECAUSE_PREEMPTION_FAILED 806 Media Limit In Crossed RELEASE_ BECAUSE_IN_MEDIA_LIMITS_ EXCEEDED 807 Call Transferred RELEASE_BECAUSE_ C...

Страница 780: ...ASR_THRESHOLD_ CROSSED 852 NER Threshold Crossed RELEASE_ BECAUSE_NER_THRESHOLD_ CROSSED 853 IP Group Registration Mode RELEASE_ BECAUSE_IPGROUP_ REGISTRATION_MODE 855 Internal Route RELEASE_BECAUSE_...

Страница 781: ...plays the AOR for example 1000 10 8 5 71 or Sue Contact Displays the contacts associated with the AOR for example sip 1000 10 8 5 71 5060 expires 180 Active status 1 The information displayed can incl...

Страница 782: ...figured by the ProxySet_ProxyRedundancyMode parameter Load Balancing Proxy load balancing mode as configured by the ProxySet_ProxyRedundancyMode parameter Keep Alive Displays whether the Proxy Keep Al...

Страница 783: ...p alive feature OFFLINE The proxy is offline as determined by the device s keep alive feature and the Proxy Set is configured for Homing Redundancy Mode parameter or enabled for load balancing Proxy L...

Страница 784: ...est Call CDR history Web Open the SBC CDR History table Monitor menu Monitor tab VoIP Status folder SBC CDR History CLI All CDR history show voip calls history sbc CDR history for a specific SIP sessi...

Страница 785: ...ng call this is the destination IP address Duration Displays the duration of the call displayed in the format hh mm ss where hh is hours mm minutes and ss seconds For example 00 01 20 denotes 1 minute...

Страница 786: ...ce status Open the Ethernet Device Status page Monitor menu Monitor tab Network Status folder Ethernet Device Status Viewing Ethernet Port Information You can view status information of the device s E...

Страница 787: ...roup to which the port belongs Viewing Static Routes Status You can view the status of static IP routes configured in the Static Routes table see Configuring Static IP Routing and routes through the D...

Страница 788: ...of the associated IDS rule is configured to IP Port Transport Type The transport type used for the attack Remaining Time The duration left until the device deletes the attacker remote host from the ta...

Страница 789: ...h a single asterisk show values that are calculated in a 5 minute sampling interval column labels with two asterisks show values that are calculated in a 15 second sampling interval Tx Rate Transmit r...

Страница 790: ...he Components Status page If the device is in High Availability mode the page also displays the status of the hardware components of the Redundant device The page is refreshed every 10 seconds To view...

Страница 791: ...lable not licensed or disabled the R factor VoIP metrics are not provided in CDRs CDR fields Local R Factor and Remote R Factor generated by the device Instead these CDR fields are sent with the value...

Страница 792: ...roup Remote Group ID identification for the purposes of aggregation for the remote endpoint LocalMAC Media Access Control MAC address of the local SIP device Timestamps START Start time of the media s...

Страница 793: ...Discard Rate BurstGapLoss BLD Burst Loss Density BD Burst Duration GLD Gap Loss Density GD Gap Duration GMIN Minimum Gap Threshold Delay RTD Round Trip Delay msec ESD End System Delay msec OWD One Wa...

Страница 794: ...EXTRI EXTRO External R Out value is copied from RTCP XR received from the remote endpoint on the other side of this endpoint R is 0 95 for narrowband calls and 0 120 for wideband calls ExtROEstAlg Ext...

Страница 795: ...6 202 user phone OrigID sip 1000 172 17 116 201 LocalAddr IP 172 17 116 201 Port 6000 SSRC 0x54c62a13 RemoteAddr IP 172 17 116 202 Port 6000 SSRC 0x243220dd LocalGroup RemoteGroup LocalMAC 00 90 8f 57...

Страница 796: ...the parameter RTCPInterval Burst Threshold VQMonBurstHR defines the voice quality monitoring excessive burst alert threshold Delay Threshold VQMonDelayTHR defines the voice quality monitoring excessiv...

Страница 797: ...ng server can be a dedicated CDR server or the server used for Syslog messages To enable CDR generation and configure the CDR server address 1 Enable the Syslog feature see Enabling Syslog 2 Open the...

Страница 798: ...g their names For more information see Customizing CDRs for SBC Calls and Test Calls on page 799 To configure CDR reporting to a REST server 1 Enable the Syslog feature for sending log messages CDRs g...

Страница 799: ...s use the TimeZoneFormat parameter Storing CDRs on the Device CDRs generated by the device can be stored locally on the device or internal SD card You can specify the calls for which you wish to creat...

Страница 800: ...4000B If the device is reset or powered off locally stored CDRs are deleted Locally stored CDRs are applicable only to CALL_END CDR Report Types and to SBC signaling CDRs When the device operates in...

Страница 801: ...tion Local Storage Log Type CDR Only Mode Enable If the CDR storage feature is enabled and you later change the maximum number of files CDRLocalMaxNumOfFiles to a lower value e g from 50 to 10 the dev...

Страница 802: ...n the following figure Figure 51 2 CDR Report Types for SBC Signaling CDRs belonging to the same SBC session both legs have the same Session ID SessionId CDR field CDRs belonging to the same SBC leg h...

Страница 803: ...nt are given in the table below Table 51 2 CDR Field Descriptions Field Description Accounting Status Type 305 Displays the CDR Report Type in numeric representation integer used mainly for the RADIUS...

Страница 804: ...configure the units of measurement seconds default deciseconds centiseconds or milliseconds use the CallDurationUnits parameter The field is included in the default CDR The field is applicable only t...

Страница 805: ...is applicable to all types but mainly to RADIUS SBC and Gateway CDRs The default field title is h323 call origin for RADIUS The maximum number of characters for Syslog tabular alignment is 10 Call Ori...

Страница 806: ...R The field is applicable to all CDR Report Types The field is applicable only to SBC media and Gateway CDRs The default field title is Cid in the CDR The maximum number of characters for Syslog tabul...

Страница 807: ...eld is applicable to all CDR Report Types The field is applicable only to SBC signaling CDRs The maximum number of characters for Syslog tabular alignment is 20 Destination Host 813 Displays the desti...

Страница 808: ...destination username before manipulation if any Note The field is optional and can be included in the CDR using the SBC CDR Format tables The field is applicable to all CDR Report Types The field is a...

Страница 809: ...tion on the global session ID see Enabling Same Call Session ID over Multiple Devices on page 838 H323 ID 306 Displays the SIP ID to the RADIUS server The field is a string Note The field is included...

Страница 810: ...hed RTP IP 631 Displays the remote IP address of the incoming RTP stream that the device latched onto as a result of the RTP latching mechanism for NAT traversal Note The field is included in the defa...

Страница 811: ...he device generates leg ID 3 for the leg belonging to the call transfer target Another example is a call forking session where the leg ID sequence may be as follows incoming leg is 1 outgoing leg to u...

Страница 812: ...s included in the default CDR The field is applicable only to CALL_END and MEDIA_END CDR Report Types The field is applicable only to SBC media and Gateway CDRs The default field title is LocalMosCQ T...

Страница 813: ...d title is LocalRFactor If the RTCP XR feature is unavailable not licensed or disabled this R factor VoIP metric is not provided Instead the device sends the CDR field with the value 127 meaning that...

Страница 814: ...e The field is optional and can be included in the CDR using the SBC CDR Format tables The field is applicable to all CDR Report Types The field is applicable only to SBC signaling CDRs The maximum nu...

Страница 815: ...DIA_END CDR Report Types The field is applicable only to SBC media and Gateway CDRs The default field title is Intrv The maximum number of characters for Syslog tabular alignment is 5 Payload Type 603...

Страница 816: ...of up to 15 digits 1 Not relevant 0 Unknown reason 1 Call forward busy CFB 2 Call forward no reply CFNR 3 Call forward network busy 4 Call deflection 5 Immediate call deflection 6 Mobile subscriber no...

Страница 817: ...ield title is ReleaseTime for Syslog h323 disconnect time for RADIUS and Call End Time in the Web SBC CDR History and Web Gateway CDR History tables The maximum number of characters for Syslog tabular...

Страница 818: ...lity The field is an integer from 10 to 46 127 if information is unavailable Note The field is included in the default CDR The field is applicable only to CALL_END and MEDIA_END CDR Report Types The f...

Страница 819: ...he field is an integer from 0 to 120 127 if information is unavailable Note The field is included in the default CDR The field is applicable only to CALL_END and MEDIA_END CDR Report Types The field i...

Страница 820: ...ing the SBC CDR Format table The field is applicable only to CALL_START CALL_CONNECT and CALL_END CDR Report Types The field is applicable only to SBC signaling The maximum number of characters for Sy...

Страница 821: ...NECT MEDIA_ START MEDIA_UPDATE MEDIA_END CDR Report Types The field is applicable only to SBC media and Gateway CDRs The default field title is TxRTPIPDiffServ The maximum number of characters for Sys...

Страница 822: ...ar alignment is 5 SIP Interface Name 433 Displays the SIP Interface name The field value is a string of up to 40 characters Note The field is included in the default CDR The field is applicable to all...

Страница 823: ...SIP call termination reason The field value is a string of up to 70 characters and is set to one of the following SIP Reason header if exists for example SIP cause 200 text Call completed elsewhere I...

Страница 824: ...nt is 20 Source Host 812 Displays the source hostname after manipulation if any Note The field is optional and can be included in the CDR using the SBC CDR Format table The field is applicable to all...

Страница 825: ...included in the default CDR The field is applicable to all CDRReportType values The field is applicable only to SBC signaling CDRs The default field title is SrcURI The maximum number of characters f...

Страница 826: ...s or failed no Note The field is optional and can be included in the CDR using the SBC CDR Format and Gateway CDR Format tables The field is applicable only to the CALL_END Report Type The field is ap...

Страница 827: ...y CDRs The default field title is h323 disconnect cause e g h323 disconnect cause 16 The maximum number of characters for Syslog tabular alignment is 5 Termination Reason 410 Displays the reason for t...

Страница 828: ...APP_BC_NOT_PRESENTLY_AVAILABLE GWAPP_SERVICE_NOT_AVAILABLE GWAPP_CUG_OUT_CALLS_BARRED GWAPP_CUG_INC_CALLS_BARRED GWAPP_ACCES_INFO_SUBS_CLASS_INCONS GWAPP_BC_NOT_IMPLEMENTED GWAPP_CHANNEL_TYPE_NOT_IMPL...

Страница 829: ...E_SILENCE_DISC RELEASE_BECAUSE_NORTEL_XFER_SUCCESS RELEASE_BECAUSE_RTP_CONN_BROKEN RELEASE_BECAUSE_DISCONNECT_CODE RELEASE_BECAUSE_GW_LOCKED RELEASE_BECAUSE_FAIL RELEASE_BECAUSE_FORWARD RELEASE_BECAUS...

Страница 830: ...AILURE RELEASE_BECAUSE_OTHER_FORKED_CALL_ANSWERED RELEASE_BECAUSE_MEDIA_SYNC_FAILED Note The field is included in the default CDR The field is applicable only to CALL_END CDR Report Types The field is...

Страница 831: ...t is 5 Transport Type 421 Displays the SIP signaling transport type protocol The field value is a string UDP TCP TLS Note The field is included in the default CDR The field is applicable to all CDR Re...

Страница 832: ...Gateway CDR Format and SBC CDR Format table The field is applicable only to CALL_END CDR Report Types The field is applicable only to SBC signaling and Gateway CDRs The field is applicable only to Sy...

Страница 833: ...erver on page 765 If you do not configure a CDR customization rule for a specific CDR the device generates the CDR in a default CDR format For a detailed description of all the fields that can be pres...

Страница 834: ...slog SBC Default Customizes CDR fields for SIP signaling related CDRs sent in Syslog messages 3 Syslog Media Customizes CDR fields for media related CDRs sent in Syslog messages 5 Local Storage SBC Cu...

Страница 835: ...P Remote Tag 447 Call Success Syslog Media and RADIUS SBC 600 Channel ID 601 Coder Type 602 Packet Interval 603 Payload Type 604 Local Input Packets 605 Local Output Packets 606 Local Input Octets 607...

Страница 836: ...fault For standard RADIUS Attributes 1 Vendor Specific For vendor specific RADIUS Attributes VSA Note The parameter is applicable only to RADIUS accounting i e CDR Type parameter configured to RADIUS...

Страница 837: ...hen the RADIUS server successfully receives all the CDR attributes it responds with an Accounting Response Stop ACK message to the device If the device does not receive the Accounting Response ACK mes...

Страница 838: ...formation in a more readable format The example shows the attribute in string of characters format You can customize the prefix title of the RADIUS attribute name and the ID For more information see C...

Страница 839: ...tion Value Format Example AAA Request Attributes 1 user name Standar d Account number or calling party number or blank String up to 15 digits long 5421385747 Star t Acc Stop Acc 4 nas ip address Stand...

Страница 840: ...ated from the outgoing leg String h323 call origin answer Star t Acc Stop Acc 26 h323 call type 27 Protocol type or family used on this leg of the call The value is always VOIP String h323 call type V...

Страница 841: ...or 35 Terminator of the call yes Call ter minated by the outgoing leg no Call ter minated by the incoming leg String call terminator yes Stop Acc 26 terminator 37 Terminator of the call answer Call or...

Страница 842: ...ar record Numeri c 5 Star t Acc Stop Acc 42 acct input octets Standar d Number of octets received for that call duration applicable only if media anchoring Numeri c Stop Acc 43 acct output octets Stan...

Страница 843: ...session id Standar d A unique accounting identifier match start stop String Stop Acc Below is an example of RADIUS Accounting where non standard parameters are preceded with brackets Accounting Reques...

Страница 844: ...Part X Diagnostics...

Страница 845: ...uring Log Filter Rules The Logging Filters table lets you configure up to 60 rules for filtering debug recording packets Syslog messages and Call Detail Records CDR The log filter determines the calls...

Страница 846: ...s generated e g start and end of call see Configuring CDR Reporting The following procedure describes how to configure Log Filter rules through the Web interface You can also configure it through ini...

Страница 847: ...lue A range using a hyphen between the two values For example to specify IP Groups 1 2 and 3 configure the parameter to 1 3 without apostrophes Multiple non contiguous values using commas between each...

Страница 848: ...ow For enabling this functionality see Enabling SIP Call Flow Diagrams in OVOC on page 836 Note If the Filter Type parameter is configured to IP Trace you must configure the parameter to Debug Recordi...

Страница 849: ...ed to Debug Recording Server The debug recording includes signaling Syslog messages media and PCM 5 CDR Only Only CDRs are generated The option is applicable only if the Log Destination parameter is c...

Страница 850: ...protocol type PDU entered as an enumeration value e g 1 is ICMP 6 is TCP 17 is UDP udp tcp icmp sip ldap http https Single expressions for protocol type udp port tcp port Transport layer udp srcport t...

Страница 851: ...ssage 10 21 28 037 10 15 7 95 NOTICE S 872 BID 3aad56 32 Activity Log WEB Successful login at 10 15 7 95 80 User Admin Session HTTP 10 13 22 54 The format of the Syslog message is described in the fol...

Страница 852: ...fit of unique numbering is that it enables you to filter the information such as SIP Syslog and media according to device or session ID The syntax of the session and device identifiers are as follows...

Страница 853: ...sages The Syslog message events that the device sends are denoted by unique abbreviations The following example shows an abbreviated event in a Syslog message indicating packet loss PL Apr 4 12 00 12...

Страница 854: ...ceived From The Host RD No Available Release Descriptor RO RTP Reorder RP Unknown RTP Payload Type RS RTP SSRC Error UF Unrecognized Fax Relay Command Syslog Fields for Answering Machine Detection AMD...

Страница 855: ...tional Info2 Additional Info3 The Messages Severity is as follows Table 52 5 Syslog Message Severity ITU Perceived Severity SNMP Alarm s Severity AudioCodes Syslog Severity Critical RecoverableMsg Maj...

Страница 856: ...must be taken immediately Critical CRIT A problem has been identified that is critical Error ERROR An error has been identified Warning WARNING An error that might occur if measures are not taken to p...

Страница 857: ...xBundleSyslogLength parameter 4 From the Syslog CPU Protection SyslogCpuProtection drop down list select whether you want to enable the protection feature for the device s CPU resources during debug r...

Страница 858: ...rted without per parameter notifications Auxiliary file load and software update Device reset and burn to flash memory Access to unauthorized Web pages according to the Web user s access level Modific...

Страница 859: ...tivity on page 67 Viewing Syslog Messages You can view Syslog messages generated by the device using any of the following Syslog server types Device s Web Interface The device provides an embedded Sys...

Страница 860: ...nd detailed debugging use an external Syslog server The Message Log page provides limited Syslog server functionality Device s CLI The device sends error messages e g Syslog messages to the CLI as wel...

Страница 861: ...rload CPU utilization information is shown under the CPUUtilMonitor section shown in pink The subsequent table describes the displayed information Table 52 7 CPU Overload Fields Description in Syslog...

Страница 862: ...the CPU was idle 5 during which tasks were using the CPU core IRQ IRQ time in percentage SoftIRQ SoftIRQ time in percentage Configuring Debug Recording This section describes how to configure debug r...

Страница 863: ...AC DR The plug in files are per major software release of Wireshark For more information contact the sales representative of your purchased device To use Wireshark to view debug recording messages 1...

Страница 864: ...ss The file is saved to the device s memory not flash and erased after a device reset Marks the captured file useful for troubleshooting process debug capture VoIP physical insert pad Before running t...

Страница 865: ...LAN ID proto Protocol 3 Define a source and or destination IP address to be captured any ipv4_address ipv6_ address debug capture voip interface vlan VLAN ID proto Protocol host IP Address At this sta...

Страница 866: ...Debug File You can manually retrieve the debug file from the device flash memory and save it to a folder on your local PC The device creates the debug file when an exception occurs Each time the devi...

Страница 867: ...e of the active device For devices in HA mode you can download the redundant device s debug file by clicking the Save Redundant Device s Debug File button The button appears only if the device is in H...

Страница 868: ...clients You can configure the debug level from 1 to 3 where 3 is the most detailed The debug messages are sent to the Syslog server To configure debugging of Web services 1 Open the Web Service Setti...

Страница 869: ...tter understanding of the SIP call The call flow displays all the SIP messages related to the call session including requests e g INVITEs and responses e g 200 OK For SBC calls the call flow reflects...

Страница 870: ...ages that fail authentication SIP 4xx challenge The feature does not support SIPRec messages and REGISTER messages For HA systems during a switchover the device stops sending the SIP call flow message...

Страница 871: ...incoming SIP message containing the Global Session ID it sends the same Global Session ID in the outgoing SIP message If the incoming SIP message does not con tain a Global Session ID or if a new sess...

Страница 872: ...host and the remote endpoint can be defined as an IP Group or IP address Test calls can be dialed automatically at a user defined interval and or manually when required When a SIP test call is initiat...

Страница 873: ...art is used in the SIP From header in REGISTER requests The valid value is a string of up to 150 characters By default the parameter is not configured Note The parameter is mandatory Called URI called...

Страница 874: ...he IP Group but uses only its IP Profile The IP Group is used for incoming and outgoing calls Destination Address dst address Test_Call_DestAddress Defines the destination host The valid value is an I...

Страница 875: ...onfigure Coder Groups see Configuring Coder Groups Note The parameter s settings override the corresponding parameter of the IP Profile associated with the rule s IP Group If you don t configure this...

Страница 876: ...ured the parameter s settings override the corresponding parameter of the IP Profile associated with the rule s IP Group Media Security Mode media security mode Test_Call_MediaSecurityMode Defines the...

Страница 877: ...Alternative DTMF Method As Is If the Test Call receives the SDP offer the recommended configuration is as follows i e incoming SDP offer determines the method RFC 2833 Mode As Is Alternative DTMF Meth...

Страница 878: ...calls per second Note The parameter is applicable only if you configure Call Party to Caller Test Mode test mode Test_Call_TestMode Defines the test session mode 0 Once Default The test runs until the...

Страница 879: ...he following early yes Indicates that NetAnn is used for playing the tone play Prompt Tone Index in PRT file Defines the tone to play from the PRT file repeat Times Defines how many times the tone is...

Страница 880: ...n the call is answered The valid value is the index number 0 79 of the tone in the PRT file By default 1 the device plays the tone defined at index 22 acDialTone2 Note The parameter is applicable only...

Страница 881: ...point for the test call endpoint when all these calls end the status returns to Idle Terminating Test call is in the process of terminating currently established calls when Drop Call is clicked from t...

Страница 882: ...were disconnected by the remote side Average CPS Average calls per second Elapsed Time Duration of the test call since it was started or restarted Test Status Status brief description as displayed in...

Страница 883: ...MOS count and color threshold status of local and remote sides according to the assigned QoE Profile Delay Status Packet delay count and color threshold status of local and remote sides according to...

Страница 884: ...endpoint The figure below displays a basic test call example To configure basic call testing 1 Open the Test Call Settings page Troubleshoot menu Troubleshoot tab Test Call folder Test Call Settings...

Страница 885: ...Codes devices Device A and Device B with simulated test endpoints This eliminates the need for phone users who would otherwise need to answer and end calls many times for batch testing The calls are i...

Страница 886: ...eful for example for verifying that endpoints located in the LAN can register with an external proxy and subsequently communicate with one another This example assumes that you have configured your de...

Страница 887: ...ote host or IP address by pinging the network entity IPv4 The ping to an IPv4 address can be done from any of the device s VoIP interfaces that is configured with an IPv4 address The ping is done usin...

Страница 888: ...Part XI Appendix...

Страница 889: ...ple 3 45 represents the prefix number 3 45 To denote the key when it appears at the end of the number enclose it in square brackets For example 134 denotes any number that starts with 134 asterisk sym...

Страница 890: ...aracters Examples To denote a one digit number starting prefix with 2 3 4 5 or 6 2 3 4 5 6 To denote a one digit number ending suffix with 7 8 or 9 7 8 9 Prefix with suffix 2 3 4 5 6 7 8 9 prefix is d...

Страница 891: ...x to 49 287303 29 165 xxxxx where 28 is the ASCII HEX value for and 29 is the ASCII HEX value for The manipulation rule in this example would denote the parenthesis in the destination number prefix us...

Страница 892: ...default no value is defined For more information see Configuring a Hostname for the Device on page 84 WebLoginBlockAutoComplete Disables autocompletion when entering the management login username in...

Страница 893: ...TLS TCP client connections and reject incoming TLS TCP client connections when the device is in locked state 0 Disable default 1 Enable For more information see Locking and Unlocking the Device on pag...

Страница 894: ...oating License feature Note The parameter is applicable only when the Allocation Profile is configured to Custom Limit SBC Media Sessions configure system floating license limit media sessions LimitMe...

Страница 895: ...this duration expires the password of the Web user must be changed The valid value is 0 to 100000 where 0 means that the password is always valid The default is 1140 Note The parameter is applicable o...

Страница 896: ...gin from this same IP address The valid value is 0 to 100000 where 0 means that login is not denied regardless of number of failed login attempts The default is 60 Display Last Login Information Displ...

Страница 897: ...ounts TLS Contexts Time and Date Maintenance Actions Load Auxiliary Files Software Upgrade Wizard and Configuration File Note For the parameter to take effect a device reset is required ResetWebPasswo...

Страница 898: ...of the ini file table parameter is WelcomeMessage FORMAT WelcomeMessage_Index WelcomeMessage_Text WelcomeMessage For Example FORMAT WelcomeMessage_Index WelcomeMessage_Text WelcomeMessage 1 WelcomeMe...

Страница 899: ...go in the Web interface The valid value is a string of up to 15 characters For more information see Replacing the Corporate Logo with Text Note The parameter is applicable only when the UseWebLogo par...

Страница 900: ...netMaxSessions Defines the maximum number of permitted concurrent Telnet or SSH sessions The valid range is 1 to 5 sessions The default is 2 Note Before changing the value make sure that not more than...

Страница 901: ...ce s Local Users table see Configuring Man agement User Accounts on page 41 c Save the device s CLI Script file to your local PC see Saving and Loading CLI Script Files on page 689 d Open the file and...

Страница 902: ...range is a string of up to 255 characters ifAlias Defines the textual name of the interface The value is equal to the ifAlias SNMP MIB object The valid range is a string of up to 64 characters config...

Страница 903: ...e Guide for Gateways SBCs MSBRs ShortCallSeconds Defines the duration in seconds of a call for it to be considered a short call and thus included in the count of the performance monitoring SNMP MIBs f...

Страница 904: ...te For the parameter to take effect a device reset is required ActiveAlarmTableMaxSize Defines the maximum number of currently active alarms that can be displayed in the Active Alarms table When the t...

Страница 905: ...r has the same value for both active and redundant devices i e system identifier If the two devices return to Standalone mode i e non HA mode you must configure the parameter to a NULL value i e no va...

Страница 906: ...r to receive traps sent by the device The device sends the traps to the DNS resolved IP address The valid range is a string of up to 99 characters For more information see Configuring an SNMP Trap Des...

Страница 907: ...ng a CLI Session Note For the parameter to take effect a device reset is required SerialBaudRate Defines the serial communication baud rate The valid values include the following 1200 2400 9600 14400...

Страница 908: ...memory 0 Configuration isn t saved to flash memory 1 Default Configuration is saved to flash memory Auxiliary Filename Parameters Call Progress Tones File CallProgressTonesFilename Defines the name of...

Страница 909: ...e cmp file 0 Default The Automatic Update mechanism doesn t apply to the cmp file 1 The Automatic Update mechanism includes the cmp file Note For the parameter to take effect a device reset is require...

Страница 910: ...ioning server for the Automatic Update mechanism The valid value is a string of up to 511 characters The information can include any user defined string or the following string variable tags case sens...

Страница 911: ...cryptographic hashing and basic access authentication with the HTTP server on which the files to download are located for the Automatic Update feature The valid value is a string of up to 128 charact...

Страница 912: ...92 The default is 512 Note A higher value does not necessarily mean better performance The block size should be small enough to avoid IP fragmentation in the client network i e below MTU This feature...

Страница 913: ...e date and time of the ini file are validated Only more recently dated ini files are loaded MAC Address Placeholder in Configuration File Name This option allows the loading of specific configurations...

Страница 914: ...PT file and the URL address IP address or FQDN of the server where the file is located Optionally the username and password https username password 10 1 1 1 file name for access authentication with th...

Страница 915: ...hentication with the server can also be configured sbc user info SBCUserInfoFileUrl Defines the name of the SBC User Information file and the URL address IP address or FQDN of the server where the fil...

Страница 916: ...more information see Customizing the Favicon ConfPackageURL Defines the name of the Configuration Package file tar gz and the URL address IP address or FQDN of the server where the file is located Opt...

Страница 917: ...are described in the table below Table 60 10 IP Network Routing Parameters Parameter Description Don t Send ICMP Unreachable Messages configure network network settings icmp disable unreachable Disabl...

Страница 918: ...ontent Call Control applications You can also configure the feature per specific calls using IP Profiles IpProfile_SigIPDiffServ For a detailed description of the parameter and To configure the featur...

Страница 919: ...e UA is behind NAT 1 Disable NAT Default The device considers the UA as not located behind NAT and sends media packets to the UA using the IP address port specified in the SDP c line Connection of the...

Страница 920: ...ce is located behind NAT It is needed to keep the NAT pinhole open for the SNMP messages sent from OVOC to the device The valid range is 0 to 2 592 000 The default is 30 Note For the parameter to take...

Страница 921: ...nable Note For the parameter to take effect a device reset is required For a detailed description of DHCP see DHCP based Provisioning The parameter is a hidden parameter Once defined and saved to flas...

Страница 922: ...an be resolved from the DNS server providing NTP server redundancy The default IP address is 0 0 0 0 i e internal NTP client is disabled Secondary NTP Server Address secondary server NTPSecondaryServe...

Страница 923: ...nables daylight saving time DST 0 Disable default 1 Enable Start Time Day of Month Start configure system clock summer time start DayLightSavingTimeStart Defines the date and time when DST begins This...

Страница 924: ...e test fails the device sends information on the test results of each hardware component to the Syslog server 0 Default Rapid and Enhanced self test mode 1 Detailed self test mode full test of DSPs PC...

Страница 925: ...e Syslog CDR and debug parameters are described in the table below Table 60 18 Syslog CDR and Debug Parameters Parameter Description Enable Syslog configure troubleshoot syslog syslog EnableSyslog Det...

Страница 926: ...ort 514 default Syslog port This mechanism is active only when Syslog is enabled i e the parameter EnableSyslog is set to 1 Call End CDR SIP Reasons Filter configure troubleshoot cdr call end cdr sip...

Страница 927: ...n some calls it may only be after the call is established but in other calls the media may start at ringback tone A CDR is also sent upon termination end of the media in the call 3 Update End Media Se...

Страница 928: ...size in kilobytes of each locally stored CDR file When the Current file reaches this size the device creates a CDR file containing all the CDRs from the Current file The valid value is 1024 to 10 000...

Страница 929: ...age as well as many other logged processes configure system cdr non call cdr rprt EnableNonCallCdr Enables creation of CDR messages for non call SIP dialogs such as SUBSCRIBE OPTIONS and REGISTER 0 De...

Страница 930: ...at least 5 greater than threshold Debug level is reduced another level CPU usage is 5 to 19 less than threshold Debug level is increased by one level CPU usage is at least 20 less than threshold Debu...

Страница 931: ...IP message 1 Enables the feature If the device receives an incoming SIP message containing a Global Session ID it sends the same Global Session ID in the outgoing SIP message If the incoming SIP messa...

Страница 932: ...e actions LDAP clear cache register unregister and start stop trunk In the Web these actions are typically done by clicking a button e g the LOCK button Note For the ini file parameter enclose values...

Страница 933: ...igured by the RAIHighThreshold parameter When enabled and the threshold is crossed the device sends the SNMP trap acBoardCallResourcesAlarm 0 Default Disable 1 Enable Note For the parameter to take ef...

Страница 934: ...uration in seconds to delay the transition from HA non operational state which occurs during HA synchronization between active and redundant devices to HA operational state This feature may be useful...

Страница 935: ...chover based on HA priority 0 Disable Default A switchover over to the redundant device is done only if a failure occurs in the currently active device 1 Enable A switchover over to the redundant devi...

Страница 936: ...network monitor threshold HaNetworkMonitorThreshold Defines the minimum number of monitored rows con figured in the HA Network Monitor table whose des tinations are unreachable that are required to tr...

Страница 937: ...od TimeoutToRelatch media type Msec it latches on to the next packet received from any other stream If other packets of different media type are received from the new stream based on IP address and SS...

Страница 938: ...another stream The valid range is any value from 0 The default is 200 Timeout To Relatch SRTP TimeoutToRelatchSRTPMsec Defines a period msec during which if no packets are received from the current S...

Страница 939: ...is required Require Client Certificates for HTTPS connection configure system web req client cert HTTPSRequireClientCertificate Enables the requirement of client certificates for HTTPS connection 0 Di...

Страница 940: ...specific calls using IP Profiles IpProfile_ EnableSymmetricMKI For a detailed description of the parameter and for configuring this feature in the IP Profiles table see Configuring IP Profiles Note I...

Страница 941: ...ed RTP Packets configure voip media security RTP authentication disable tx RTPAuthenticationDisableTx Enables authentication on transmitted RTP packets in a secured RTP session 0 Enable default 1 Disa...

Страница 942: ...behavior mode ResetSRTPStateUponRekey Global parameter that enables synchronization of the SRTP state between the device and a server when a new SRTP key is generated upon a SIP session expire You can...

Страница 943: ...er Host Name Verification Mode configure network security settings PEERHOSTNAMEVERIFICATIONMODE PeerHostNameVerificationMode Enables the device to verify the Subject Name of a TLS certificate received...

Страница 944: ...as well TLS Remote Subject Name configure network security settings tls rmt subs name TLSRemoteSubjectName Defines the Subject Name that is compared with the name defined in the remote side certifica...

Страница 945: ...the proxy SSH port number on the active device for accessing the redundant device s embedded SSH server from the active device for downloading files from the redundant device The valid value is any v...

Страница 946: ...configure system cli settings ssh max login attempts SSHMaxLoginAttempts Defines the maximum SSH login attempts allowed for entering an incorrect password by an administrator before the SSH session i...

Страница 947: ...e to this parameter OCSP Parameters The Online Certificate Status Protocol OCSP parameters are described in the table below Table 60 27 OCSP Parameters Parameter Description Enable OCSP Server configu...

Страница 948: ...as the host name in SIP From and To headers in REGISTER requests 0 Disable default 1 Enable If the parameter is disabled and the device registers to an IP Group i e proxy server it uses the string co...

Страница 949: ...rules 1 Enable All SIP messages and responses are sent to the Proxy server Note The parameter is applicable only if a Proxy server is used i e the parameter IsProxyUsed is set to 1 DNS Query Type con...

Страница 950: ...TR query is done If successful an SRV query is sent according to the information received in the NAPTR response If the NAPTR query fails an SRV query is done according to the configured transport type...

Страница 951: ...he Proxy without authorization The Proxy sends a 401 407 response with a challenge for credentials The device saves caches the response for further uses The device sends a new request with the appropr...

Страница 952: ...time interval in seconds after which a registration request is re sent if registration fails with a 4xx response or if there is no response from the Proxy Registrar server The default is 30 seconds Th...

Страница 953: ...seconds As can be seen from the algorithm the upper bound wait time can never exceed the value of the MaxRegistrationBackoffTime parameter Registration Time Threshold configure voip sip definition pr...

Страница 954: ...value of applies to all registrations but it can only be used if the Expires header field is present with a value of 0 Add Empty Authorization Header configure voip sip definition settings add empty a...

Страница 955: ...mechanism uses a client to server ping keep alive and a corresponding server to client pong message This ping pong sequence allows the client and optionally the server to tell if its flow is still ac...

Страница 956: ...int GeneratedRegistersInterval Defines the rate in seconds at which the device sends user register requests REGISTER messages The parameter is based on the maximum number of REGISTER messages that ca...

Страница 957: ...rval TCPKeepAliveInterval Defines the interval in sec between consecutive keep alive probes regardless of what the connection has exchanged in the meantime The valid value is 10 to 65 000 The default...

Страница 958: ...OK in response The parameter is disabled When enabled again new random user parts are assigned to the Accounts To configure Accounts see Configuring Registration Accounts UnregisterOnStartup Enables t...

Страница 959: ...calls Note The Event header value is proprietary to AudioCodes Max SIP Message Length MaxSIPMessageLeng th Defines the maximum size in Kbytes for each SIP message that can be sent over the network The...

Страница 960: ...nditions Via Source IP and user in Request URI 3 Verify dialog initiating INVITE and in dialog requests The VerifyRecievedRequestUri parameter functions together with the RegistrarProxySetID parameter...

Страница 961: ...ion settings max nb of act calls MaxActiveCalls Defines the maximum number of simultaneous active calls supported by the device If the maximum number of calls is reached new calls are not established...

Страница 962: ...ter is ignored for calls associated with the profile Session Expires Disconnect Time configure voip sip definitions settings sess exp disc time SessionExpiresDisco nnectTime Defines a session expiry t...

Страница 963: ...d to detect mid call fax tones and to send T 38 Re INVITE messages upon fax detection If the remote party supports T 38 the fax is relayed over T 38 Note If VBD coder negotiation fails at call start a...

Страница 964: ...sportType is set to 2 or 1 i e TCP or TLS and EnableSIPS is enabled TLS is used through the entire connection over multiple hops Note If the parameter is enabled and the parameter SIPTransportType is...

Страница 965: ...tial TCP connection set up Note If the destination is a Proxy server the TCP TLS connection is persistent regardless of the settings of the parameter TCP Timeout configure voip sip definition settings...

Страница 966: ...ltiple values 0 Default The device includes multiple P Preferred Identity SIP headers in the outgoing message for example Incoming message containing a P Preferred Identity header with multiple values...

Страница 967: ...C REFER sip C domain com SIP 2 0 From sip A domain com tag 99asd To sip C domain com Refer To URI that identifies B s UA The Refer To header needs to contain a URI that user C can use to place a call...

Страница 968: ...e default string product name software version is used for example User Agent AudioCodes Sip Gateway swver The maximum string length is 50 characters Note The software version number and preceding for...

Страница 969: ...ibute in the outgoing SDP PacketCable defined format The mptime attribute enables the device to define a separate packetization period for each negotiated coder in the SDP The mptime attribute is only...

Страница 970: ...ues sending traffic of other entities to the proxy All other SIP dialogs e g INVITE The device ignores the Retry After header and forwards the 503 response transparently to the other user agent Retry...

Страница 971: ...Pai2 is configured the calling number is obtained from a specific header using the following logic a P Preferred Identity header b If the above header is not present then the first P Asserted Identit...

Страница 972: ...voip sip definition settings delayed offer EnableDelayedOffer Determines whether the device sends the initial INVITE message with or without an SDP Sending the first INVITE without SDP is typically d...

Страница 973: ...all User Information Usage configure voip sip definition settings user inf usage EnableUserInfoUsag e Enables the usage of the User Information which is loaded to the device in the User Information Au...

Страница 974: ...n receipt of the 200 OK when the call is answered 0 Disable default 1 Enable Note The parameter is applicable only if SRTP is used configure voip sip definition settings number of active dialogs Numbe...

Страница 975: ...t 1 sip configure voip sip definition settings 100 to 18x timeout TimeoutBetween100A nd18x Defines the timeout in msec between receiving a 100 Trying response and a subsequent 18x response If a 18x re...

Страница 976: ...integration with Microsoft presence see Microsoft Skype for Business Presence of Third Party Endpoints Microsoft Presence Status EnableMSPresence Enables the device to notify using SIP PUBLISH messag...

Страница 977: ...When enabled and certain scenarios exist the device does the following The above behavior is done upon one of the following scenarios The device is physically disconnected from the network i e Etherne...

Страница 978: ...x Defines the maximum number of UDP transmissions of SIP messages first transmission plus retransmissions The range is 1 to 30 The default is 7 Number of RTX Before Hot Swap configure voip sip definit...

Страница 979: ...and for configuring the feature see Configuring IP Profiles Note If the feature is configured for a specific profile the settings of the global parameter is ignored for calls associated with the prof...

Страница 980: ...cho attenuation intensity The valid range is 0 to 3 The default is 0 Max ERL Threshold DB configure voip media voice acoustic echo suppressor max ERL AcousticEchoSuppMaxERLThreshold Defines the acoust...

Страница 981: ...efficients RTPSIDCoeffNum Defines the number of spectral coefficients added to an SID packet being sent according to RFC 3389 The valid values are 0 default 4 6 8 and 10 Answer Detector AD Parameters...

Страница 982: ...load only no header TOC or m factor similar to RFC 3558 Header Free format 1 Supports RFC 2658 1 byte for interleaving header always 0 TOC no m factor 2 Payload including TOC only allow m factor 3 RFC...

Страница 983: ...t according to RFC 2833 and muted when received Note The parameter is automatically updated if the parameters FirstTxDTMFOption or RxDTMFOption are configured DTMF Volume 31 to 0 dB configure voip med...

Страница 984: ...y upon detection of an End event RTP RTCP and T 38 Parameters The RTP RTCP and T 38 parameters are described in the table below Table 60 34 RTP RTCP and T 38 Parameters Parameter Description Dynamic J...

Страница 985: ...tmf and dialing telephony events payload type tx RFC2833TxPayloadType Defines the Tx RFC 2833 DTMF relay dynamic payload type for outbound calls The valid range is 96 to 127 The default is 96 Note Whe...

Страница 986: ...and issues warnings to notify of the invalid packets Note The parameter is applicable only if the IPProfile_ TranscodingMode parameter is configured to RTP Forwarding Forward Unknown RTP Payload Types...

Страница 987: ...Voice Device activates T 38 fax relay upon receipt of a re INVITE with T 38 and audio media in the SDP The parameter is used for transmission from fax machines connected to the device and located insi...

Страница 988: ...pEnable parameter no operation interval RTPNoOpPayloadType Defines the payload type of No Op packets The valid range is 96 to 127 for the range of Dynamic RTP Payload Type for all types of non hard co...

Страница 989: ...value range is 0 to 65 535 The default is 5 000 Disable RTCP XR Interval Randomization configure voip media rtp rtcp disable RTCP randomization DisableRTCPRandomize Determines whether RTCP report inte...

Страница 990: ...emTransportType Determines the V 21 modem transport type 0 Disable Default Transparent 2 Enable Bypass 3 Events Only Transparent with Events Note You can also configure this feature per specific calls...

Страница 991: ...media fax modem V34 modem transport type V34ModemTransportType Determines the V 90 V 34 modem transport type 0 Disable Transparent 2 Enable Bypass default 3 Events Only Transparent with Events Note Yo...

Страница 992: ...r calls associated with the IP Profile SIP T 38 Version configure voip sip definition settings sip t38 ver SIPT38Version Defines the T 38 fax relay version 1 Not Configured Default No T 38 0 Version 0...

Страница 993: ...te supported between the local and remote endpoints Fax Relay ECM Enable configure voip media fax modem ecm mode FaxRelayECMEnable Enables Error Correction Mode ECM mode during fax relay 0 Disable 1 E...

Страница 994: ...to 31 dB in 1 dB steps The default is 0 i e no gain Modem Bypass Output Gain configure voip media fax modem modem bypass output gain ModemBypassOutputGain Defines the modem bypass output gain control...

Страница 995: ...re per specific calls using IP Profiles IpProfile_NSEMode For a detailed description of the parameter and for configuring this feature in the IP Profiles table see Configuring IP Profiles Note If this...

Страница 996: ...to 1 T 38 Relay or 3 Fax Fallback CED Transfer Mode configure voip media fax modem ced transfer mode CEDTransferMode Defines the method for sending fax modem CED answering tones 0 Fax Relay or VBD De...

Страница 997: ...nsport Channel 0 The range is 140 to 256 The default is 140 SPRT Transport Ch 2 Max Payload Size configure voip media fax modem SPRT transport channel2 max payload size V1501SPRTTransportChannel2MaxPa...

Страница 998: ...shed call i e RTP flow suddenly stops during the call The valid range is from 3 i e 300 msec to approx 2684354 i e 74 5 hours The default is 100 i e 10 000 msec or 10 seconds Note The parameter is app...

Страница 999: ...g from the proxy server to the Gateway PSTN 0 Disable default 1 Enable SBC specific Parameters configure voip application enable sbc EnableSBCApplication Enables the Session Border Control SBC applica...

Страница 1000: ...re per specific calls using IP Profiles IpProfile_SBCMaxCallDuration For a detailed description of the parameter and for configuring this feature in the IP Profiles table see Configuring IP Profiles I...

Страница 1001: ...S to the working proxy regardless of the Contact header The working proxy address is determined by the device s keep alive mechanism for the Proxy Set that was used to route the initial SUBSCRIBE Note...

Страница 1002: ...tag generated by the called party All SIP messages between the device and caller use this generated To tag while all SIP messages between the device and called party use the To tag generated by the ca...

Страница 1003: ...s considered timed out This value is conveyed in the SIP Min SE header The valid range is 0 default to 1 000 000 where 0 means that the device does not limit Session Expires configure voip sbc setting...

Страница 1004: ...ured using the SBCSessionExpires and SBCMinSE parameters respectively User Registration Grace Time configure voip sbc settings sbc usr reg grace time SBCUserRegistrationGraceTime Defines additional ti...

Страница 1005: ...ndle P Asserted Identity configure voip sbc settings p assert id SBCAssertIdentity Global parameter that defines the handling of the SIP P Asserted Identity header You can also configure this feature...

Страница 1006: ...hich are sent to Server type IP Groups Depending on the Remote Representation Mode parameter of the IP Profiles table IpProfile_ SBCRemoteRepresentationMode the host part in the SIP Contact header can...

Страница 1007: ...URIs Port The ports of the URIs are excluded in the comparison of the two URIs but all other URI parameters are included in the comparison port can be combined with other URI parameters that you want...

Страница 1008: ...he settings of this global parameter is ignored for calls associated with the IP Profile configure voip sbc settings sbc xfer prefix SBCXferPrefix When the SBCReferBehavior is set to 1 the device whil...

Страница 1009: ...e image in its SDP offer v 0 o bob 2890844730 2890844731 IN IP4 host example com s c IN IP4 host example com t 0 0 m audio 0 RTP AVP 0 m image 12345 udptl t38 If the parameter is disabled the only m l...

Страница 1010: ...e default is 300 Authentication Challenge Method configure voip sbc settings auth chlng mthd AuthChallengeMethod Defines the type of server based authentication challenge 0 0 Default Send SIP 401 Unau...

Страница 1011: ...SBC User Registration Time configure voip sbc settings sbc usr rgstr time SBCUserRegistrationTime Global parameter that defines the duration in seconds of the periodic registrations that occur betwee...

Страница 1012: ...ore distributed over time i e do not all occur simultaneously The valid value is 0 disabled to 20 any value from 1 to 20 is considered enabled The default is enabled 10 If disabled i e 0 the device do...

Страница 1013: ...the device is in survivability state i e when REGISTER requests cannot be forwarded to the proxy and are terminated by the device When set to 0 the device uses the value set by the SBCUserRegistratio...

Страница 1014: ...fines the maximum duration in seconds that the device is prepared to wait for a response from external servers when a routing rule is configured to query an external server e g LDAP server on whose re...

Страница 1015: ...IP BYE request before disconnecting the call This feature prevents for example a scenario in which the SBC SIP client receives a BYE request from a third party imposer assuming the identity of a parti...

Страница 1016: ...C calls whereby SIP signaling is handled by the device without handling the RTP SRTP media flow between the user agents UA The RTP packets do not traverse the device Instead the two SIP UAs establish...

Страница 1017: ...0 Doesn t Include Extensions Default Extension coders are added at the end of the coder list 1 Include Extensions Extension coders and Allowed coders are arranged according to their order of appearan...

Страница 1018: ...on the device Note The device always forwards REGISTER messages of the primary line SBC Forking Handling Mode configure voip sbc settings sbc forking handling mode SBCForkingHandlingMode Defines the h...

Страница 1019: ...synchronization is required 1 Enable Media synchronization is performed if the media including RTP mode or any other media such as coders is different and has not been negotiated between the user agen...

Страница 1020: ...mption Mode configure voip sbc settings sbc preemption mode SBCPreemptionMode Enables SBC emergency call preemption 0 Disable default 1 Enable Emergency Message Condition configure voip sbc settings s...

Страница 1021: ...SBC features that require DSP resources use two DSP channels For example if the device needs to perform coder transcoding between two endpoints where one uses the G 711 coder and the other uses G 729...

Страница 1022: ...sec 17 17 8 00 dB sec 18 18 9 00 dB sec 19 19 10 00 dB sec 20 20 11 00 dB sec 21 21 12 00 dB sec 22 22 13 00 dB sec 23 23 14 00 dB sec 24 24 15 00 dB sec 25 25 20 00 dB sec 26 26 25 00 dB sec 27 27 3...

Страница 1023: ...so configure this feature per specific calls using IP Profiles IpProfile_ AMDSensitivityParameterSuit For a detailed description of the parameter and for configuring this feature in the IP Profiles ta...

Страница 1024: ...he maximum duration of silence from after the greeting time is over configured by AMDMaxGreetingTime until the device s AMD decision You can also configure this feature per specific calls using IP Pro...

Страница 1025: ...ameters are described in the table below Table 60 40 SIP based Media Recording Parameters Parameter Description SIP Recording Application configure voip sip definition sip recording settings enable si...

Страница 1026: ...33 38Z associate time RADIUS and LDAP Parameters This section describes the RADIUS and LDAP parameters General Parameters The general RADIUS and LDAP parameters are described in the table below Table...

Страница 1027: ...ault access level for the device when the LDAP RADIUS response doesn t include an access level attribute for determining the user s management access level The valid range is 0 to 255 The default is 2...

Страница 1028: ...ission See also the RADIUSRetransmission parameter The valid range is 1 to 30 The default is 2 RADIUS Accounting Parameters RADIUS Accounting Type configure voip sip definition settings radius account...

Страница 1029: ...everts to the initial value configured by RadiusLocalCacheTimeout Password Local Cache Timeout configure system radius settings local cache timeout RadiusLocalCacheTimeout Defines the time in seconds...

Страница 1030: ...tribute ldap numeric attr LDAPNumericAttributes Defines up to five LDAP Attributes separated by commas for which the device employs LDAP query searches in the AD for numbers that may have characters b...

Страница 1031: ...PPrimaryKey Defines the name of the attribute used as a query search key for the destination number in the AD This is used instead of the PBX attribute name configured by the MSLDAPPBXNumAttributeName...

Страница 1032: ...ologyStatus API command to HTTP remote hosts 0 Disable default 1 Enable For more information see Configuring HTTP Services HTTP Proxy Parameters The HTTP Proxy service parameters are described in the...

Страница 1033: ...imary DNS server in dotted decimal notation which is used for translating domain names into IP addresses for the HTTP service By default no IP address is defined Secondary DNS Server IP dns secondary...

Страница 1034: ...aling Media and User Registrations For the device s supported capacity SIP signaling media and user registrations refer to the SBC Gateway MSBR Series Release Notes Ver 7 2 which can be downloaded fro...

Страница 1035: ...ediant 4000 SBC User s Manual 62 Technical Specifications For technical specifications see the device s Datasheet which can be downloaded from AudioCodes website at https www audiocodes com media 2411...

Страница 1036: ...This page is intentionally left blank CHAPTER 62 Technical Specifications Mediant 4000 SBC User s Manual 1003...

Страница 1037: ...www audiocodes com 2019 AudioCodes Ltd All rights reserved AudioCodes AC HD VoIP HD VoIP Sounds Better IPmedia Mediant MediaPack What s Inside Matters OSN SmartTAP User Management Pack VMAS VoIPerfect...

Отзывы:

Нет отзывов

Похожие инструкции для Mediant 4000 SBC

Бренд: FAAC Страницы: 32

Бренд: UCS Страницы: 4

Бренд: OJ Electronics Страницы: 8

Бренд: OJ Electronics Страницы: 112

Бренд: OJ Страницы: 17

Бренд: Zeta Страницы: 44

Бренд: Radionics Страницы: 14

Бренд: Parker Страницы: 42

UNDER CONTROL CP-30A PILOT

Бренд: G-Force Страницы: 2

Q Module WFZ16.Ox

Бренд: QUNDIS Страницы: 24

Бренд: mikroElektronika Страницы: 3

Бренд: Window Master Страницы: 7

Бренд: Altronix Страницы: 8

Бренд: nvent Страницы: 6

Бренд: Smart Vision Страницы: 5

Бренд: Teledyne Страницы: 47

Бренд: Western Co Страницы: 14

SensoTimer ST6 Duo eco!ogic

Бренд: Kärcher Страницы: 96

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды