Add_workflow_for_techpubs | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Internal_display_only |
---|
Panel | ||||
---|---|---|---|---|
In this section:
|
Use the DTLS Profile window to configure various DTLS parameters to attach to a SIP trunk group in support of WebRTC functionality.
Multiexcerpt include | ||||
---|---|---|---|---|
|
On the SBC main screen, go to All > Profiles > Security > DTLS Profile.
The DTLS Profile window opens.Figure 1: DTLS Profile List Window
To create a new DTLS Profile:
Click New DTLS Profile. The Create New DTLS Profile window opens.
Use the following table to configure the options and then click Save.
Table 1: DTLS Profile Parameters
Parameter | Description | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Name | Specifies the name of the DTLS Profile created. The value ranges up to 23 characters. | ||||||||||
Handshake Timer | Specifies the time in which the DTLS handshake must be completed. The timer starts when the TCP connection is established. Must be 1 - 60 seconds; default is 5. | ||||||||||
Session Resump Timer | Specifies the DTLS session resumption period for which cached sessions are retained (in seconds). DTLS allows successive connections to be created within one DTLS session and the resumption of a session after a DTLS connection is closed or after a server card failover, without repeating the entire authentication and other setup steps for each connection, except when the space must be reclaimed for a new session. Must be 0 - 86,400 seconds; default is 300. | ||||||||||
Cipher Suite1 | Use this parameter to specify the first DTLS Cipher Suite choice for this profile.
* To use this cipher, DTLS version 1.2 must be enabled in the DTLS Profile.** The SBC 11.1 and later versions do not support *** To use this cipher, DTLS version 1.2 must be enabled in the DTLS Profile and SSL certificates must be created using ECC keys. Warning: When
| ||||||||||
Cipher Suite2 | Use this parameter to specify the second DTLS Cipher Suite choice for this profile.
* To use this cipher, DTLS version 1.2 must be enabled in the DTLS Profile. ** To use this cipher, DTLS version 1.2 must be enabled in the DTLS Profile and SSL certificates must be created using ECC keys. Warning: When | ||||||||||
Cipher Suite3 | Use this parameter to specify the third DTLS Cipher Suite choice for this profile.
* To use this cipher, DTLS version 1.2 must be enabled in the DTLS Profile. ** To use this cipher, DTLS version 1.2 must be enabled in the DTLS Profile and SSL certificates must be created using ECC keys. Warning: When | ||||||||||
DTLS Role | Specifies the allowed DTLS roles of this DTLS profile. The options are:
| ||||||||||
Hash Type | Specifies the allowed DTLS hash function for a specified DTLS profile. The options are:
| ||||||||||
Cert Name | Specifies the name of the certificate referred by a specified DTLS profile. The default value is defaultDtlsSBCCert . | ||||||||||
Cookie Exchange | Specifies the state that is, enabled or disabled cookie exchange.
| ||||||||||
V1_0 | DTLS protocol version 1.0.
| ||||||||||
V1_1 | DTLS protocol version 1.1.
| ||||||||||
V1_2 | DTLS protocol version 1.2.
|
To edit a
DTLS ProfileDTLS Profile:
To copy a DTLS Profile and make minor changes:
To delete a DTLS Profile: