DO NOT SHARE THESE DOCS WITH CUSTOMERS!

This is an LA release that will only be provided to a select number of PLM-sanctioned customers (PDFs only). Contact PLM for details.


Use this parameter to support local authentication autonomously on a per-IP trunk group basis in situations where an IP-PBX does not perform a registration and the service provider does not require/want registrations (refer to IP Trunk Group Authentication for additional feature functionality).

Note

If the IP Trunk Group (IPTG) authentication is configured for both ingress sipTrunkGroup and ingress IP Peer, the IP Peer configuration will take precedence.

If you wish to use the intChallengeResponse and incInternalCredentials flags solely on the sipTrunkGroup level, the IP addresses of the IP Peers from which SBC receives SIP messages from must not match any IP address of the configured IP peers in the ingress signaling zone. If the source IP address of received SIP messages match an IP address of any IP Peer in the signaling zone, the intChallengeResponse and incInternalCredentials flags on the ipPeer level will take precedence.


Command Syntax

% set addressContext <name> zone <name> sipTrunkGroup <name> signaling authentication
	authPassword <authentication password for trunkgroup> 
	authUserPart <userPart used for authentication> 
	intChallengeResponse <disabled | enabled> 
	incInternalCredentials <disabled | enabled>

Command Parameters


Authentication Parameters

ParameterLength/
Range
Description
authPassword6-32 characters

<password> – Password to create Authorization Digest or Proxy-Authorization headers for trunk group authentication. These credentials are used when replying to local authentication requests.

Note: While exporting the configuration, the plain text authentication password for authPassword is replaced with “SonusDefaultValue” in the config dump. When you import the same config dump (xml), configure the entity with the appropriate value. Otherwise, it will still have the value “SonusDefaultValue”.

authUserPart1-127 characters<userpart> – Userpart to create Authorization Digest or Proxy-Authorization headers for trunk group authentication. These credentials are used when replying to local authentication requests.
intChallengeResponseN/A

Enable this flag on the ingress IP Trunk Group (IPTG), respective to the request, to allow the SBC to reply locally to egress IPTG authentication challenges. If this flag is disabled, the SBC will not reply to authentication challenges locally even if credentials are configured on the egress IPTG.

If this flag is disabled, incInternalCredentials is not used.

  • disabled (default)
  • enabled

NOTE: The SBC will not use IPTG credentials if a call originates from a surrogate originated peer even if intChallengeResponse is enabled on the ingress leg. 

incInternalCredentialsN/A

Enable this flag on the ingress IP Trunk Group, respective to the request, to allow egress IPTG authentication to be internally created using the authorization information in mid-dialogue without being challenged.

  • disabled (default)
  • enabled