Use this object to support local authentication autonomously on a per-IP trunk group basis in situations where an IP-PBX does not perform a registration and the service provider does not require/want registrations. Refer to IP Trunk Group Authentication for additional feature functionality.

To View and Edit Authentication

On the SBC main screen, go to All > Address Context > Zone > IP Peer > Authentication. The Authentication window is displayed.

The Authentication can be checked for each Address Context, for each Zone, for each IP Peer created or for all the Address Contexts, Zones and IP Peers created. Use the drop-down box to select the desired Address Context, Zone and IP Peer. 

The Edit Authentication window is displayed.

Figure 1: Zone - IP Peer - Authentication

 

The following fields are displayed:

Table 1: Zone - IP Peer - Authentication

ParameterDescription
Int Challenge Response

Enable this flag on the ingress IP Peer to allow the SBC to reply to local authentication challenges autonomously. If this flag is disabled, the SBC will not reply to authentication challenges locally even if credentials are configured on the egress IPTG. The options are:

  • disabled (default)
  • enabled
Inc Internal Credentials

Enable this flag on the ingress IP Peer to allow egress IPTG authentication to be internally created using the authorization information in mid-dialogue without being challenged. The options are:

  • disabled (default)
  • enabled

If Int Challenge Response is disabled, Inc Internal Credentials is not used.

If IP Trunk Group (IPTG) authentication is configured for both ingress sipTrunkGroup and ingress IP Peer, the IP Peer configuration will take precedence.

If you wish to use the intChallengeResponse and incInternalCredentials flags solely on the sipTrunkGroup level, IP addresses of the IP Peers which SBC receives SIP messages from must not match any IP address of the configured IP peers in the ingress signaling zone. If the source IP address of received SIP messages match an IP address of any IP Peer in the signaling zone, the intChallengeResponse and incInternalCredentials flags on the ipPeer level will take precedence.

Make the required changes and click Save at the right hand bottom of the panel to save the changes made.


  • No labels