In this section:

Overview

To enable authenticated identity management, stiProfile is added and is associated to a SIP Trunk Group. If the state of the stiProfile attached to the ingress trunkgroup is enabled, the SBC sends STI related information to the PSX, which is provisioned to either sign, verify or tag the call. The SBC then receives information from the PSX about the service provided that is signing, verification or tagging

The provisioning on the PSX dictates whether STI related headers are signaled on the egress. 

The stiProfile has to be enabled on the egress sip trunkgroup for STI headers to be signaled on the egress.

For transparently passing Date Header, existing Header Transparency feature is used. When retryWithoutIdentity is configured for a SIP response code, on receipt of the response code the same route is tried without Identity Headers.

For the next route to be tried, the user provisions the reasonCode in the crankback profile. If the reasonCode is not provisioned in the crankback profile, the call fails.

Though these steps can be performed from either the EMA or from the CLI, the description below is limited to CLI. 

Configuration Example


set profiles services stiProfile STIPROFILE1 state enabled
[ok]
commit
Commit complete.
[ok]
set addressContext default zone ZONE1 sipTrunkGroup SBX_50672_ING_TG services stiProfile STIPROFILE1
[ok]
commit
Commit complete.
[ok]

set addressContext default zone ZONE2 sipTrunkGroup SBX_50672_EGR_TG services stiProfile STIPROFILE1
[ok]
commit
Commit complete.
[ok]

set profiles services retryProfile retry1
Possible completions:
attemptRecordGeneration - When enabled, an ATTEMPT record will be logged to the accounting file after each retry crankback.
state  - The administrative state of this Retry Profile.
triggerActionRule - List of rules with each rule containing sip response code, warning code and actions.

set profiles services retryProfile retry1 triggerActionRule
Possible completions:
  Enter a value between 1...16  1
set profiles services retryProfile retry1 triggerActionRule 1
Possible completions:
action - A list of SIP Retry Action entries.
sipResponseCode - sip response codes.
sipWarningCode  - Warning codes.
set profiles services retryProfile retry1 triggerActionRule 1 action
Possible completions:
Enter a value between 1...16  1
set profiles services retryProfile retry1 triggerActionRule 1 action 1 actionType
Possible completions:
fallBackSrtpToRtp  fallBackToIPV4  fallBackToIPV6  retryWithoutidentity

set profiles services retryProfile retry1 triggerActionRule 1
Possible completions:
action - A list of SIP Retry Action entries.
sipResponseCode - sip response codes.
sipWarningCode  - Warning codes.
set profiles services retryProfile retry1 triggerActionRule 1 sip
Possible completions:
sipResponseCode - sip response codes.
sipWarningCode  - Warning codes.
set profiles services retryProfile retry1 triggerActionRule 1 sipResponseCode 438
Possible completions:
action - A list of SIP Retry Action entries.
sipWarningCode - Warning codes.
set profiles services retryProfile retry1 triggerActionRule 1 sipResponseCode 438 action
Possible completions:
  Enter a value between 1...16  1
set profiles services retryProfile retry1 triggerActionRule 1 sipResponseCode 438 action 1 actionType retryWithoutidentity
[ok]
commit
No modifications to commit.
[ok]

set addressContext default zone ZONE2 sipTrunkGroup SBX_50672_EGR_TG services retryProfile retry1
[ok]
commit
Commit complete.
  • No labels