DO NOT SHARE THESE DOCS WITH CUSTOMERS!
This is an LA release that will only be provided to a select number of PLM-sanctioned customers (PDFs only). Contact PLM for details.
In this section:
Use this object to configure an IP Peer for a particular zone.
If an IP Peer is configured to use an FQDN port (other than port 5061), the SBC increments the configured port number by 1 and uses it as the new port number for SIP over TLS signaling. If the IP Peer is configured to use port 5061 and the transport is TLS, no changes are made to the configuration.
% set addressContext <name> zone <name> ipPeer <peer name> authentication intChallengeResponse <disabled | enabled> incInternalCredentials <disabled | enabled> defaultForIp <false | true> ipAddress <IP address> ipPort <0-65535> mode <inService | outOfService> pathCheck (See Patch Check section below for details) policy description <description> ipSignalingProfile <profile name> packetServiceProfile <profile name> sip fqdn <fqdn> fqdnPort <0-65535> sip cacProfile <profile name> sipResponseCodeStats <enabled|disabled> surrogateRegistration (See Surrogate Registration section below for details)
% set addressContext <name> zone <name> ipPeer <peer name> pathCheck hostName <peer FQDN> hostPort <0-65535> profile <Path Check Profile name> state <disabled | enabled> statusUpdateSupport <disabled | enabled>
Status updates are sent/received under the following conditions:
% set addressContext <name> zone <name> ipPeer <peer name> surrogateRegistration authUserName <user name [string up to 127 characters]> hostPart <1-63 characters> regAuthPassword <DES3 encrypted string> retryTimer <50-10000000 milliseconds> sendCredentials <challengeForAnyMessage | challengeForAnyMessageAndInDialogRequests | challengeForRegister> state <disabled | enabled> suppressRegRetryAfterAuthFail <disabled | enabled> surrRegProfile <profile name> useNextSurrRegForCall <disabled | enabled> useUserNameAsPAI <disabled | enabled> userPart <user part for surrogate registration>
When configuring surrogate registration, be sure to set the expires value of ingress trunk group toward IAD to the maximum default value of “3600”.
To allow originating calls from non-pilot numbers behind an IP-PBX, set "validateAor" flag to "disabled". If enabled, only calls from the AOR configured as surrogate registration username are allowed (refer to SIP Trunk Group - Signaling - CLI).
The following examples demonstrate how to configure, enable and disable surrogate registration.
Be sure to issue the ‘commit’ command after configuring surrogate peer and before enabling surrogate registration. Otherwise, an error will occur.
Configure Peer for surrogate registration:
set addressContext PKT0_ADDR_CONTEXT_1 zone PKT0_TG1 ipPeer SURR_PEER1 ipAddress 10.32.241.2 ipPort 12020 surrogateRegistration userPart SURR_REG_PEER1 retryTimer 5 regAuthPassword 123456789012345678901234567890 commit
Enable surrogate registration:
set addressContext PKT0_ADDR_CONTEXT_1 zone PKT0_TG1 ipPeer SURR_PEER1 surrogateRegistration state enabled commit
Disable surrogate registration:
set addressContext PKT0_ADDR_CONTEXT_1 zone PKT0_TG1 ipPeer SURR_PEER1 surrogateRegistration state disabled commit