Use this window to create and configure a static IP Peer in a zone.
If an IP Peer is configured to use an FQDN port (other than port 5061), the SBC increments the configured port number by 1 and uses it as the new port number for SIP over TLS signaling.
If the IP Peer is configured to use port 5061 and the transport is TLS, no changes are made to the configuration.
On the SBC main screen, use one of the following paths:
The IP Peer window is displayed. The IP Peer list can be filtered by Address Context and/or Zone using the drop-down lists.
System Provisioning - IP Peer
To create a new IP Peer, click New IP Peer. The Create New IP Peer window opens.
IP Peer Create Window
Use the following table to configure the IP Peer and then click Save.
IP Peer Parameters
|
|
---|---|
Name | The name of the IP Peer. |
IP Address | Specifies the IPv4 or IPv6 address of the peer. |
IP Port | The IP port for this peer. |
Default for IP | Set to 'true' if this peer should be used for the IP Address and ephemeral port on ingress, or 'false' if this peer will not be used for the IP Address and ephemeral port on ingress. |
SIP Response Code Stats | Specifies whether SIP response code statistics are collected for the IP Peer.The options are:
Warning:
Enabling the collection of statistics on trunk groups or IP peers may have significant impact on network performance of an SBC system under heavy load.
|
SIP Options Stats | Enable this flag to support SIP OPTIONS message/response statistics for IP Peer configurations.
Modified: for 12.1.3 |
Mode | Specifies the status of the IP peer. The options are:
Note
This option becomes available when Advance Peer Control is enabled in Zone. Refer to System Provisioning - Zone, for details. |
Action | Specifies the method to use to exit calls if the mode of the IP peer is set to Out of Service. Options are:
|
Dry Up Timeout | Specifies an interval, in minutes, that calls are allowed to continue when the IP peer is taken out of service. The default is 5 minutes. The range allowed is 1 to 1440 minutes. |
Block Direction | Specifies a direction in which calls are blocked for this IP peer. The options are:
|
SIP | |
CAC Profile | Specifies the SIP endpoint CAC profile for the IP peer. |
Policy | |
Description | Specifies the description of this IP Peer. |
Packet Service | Specifies the name of the Packet Service Profile used for this IP Peer. |
IP Signaling | Specifies the name of the IP Signaling Profile used for this IP Peer. |
Policy - SIP | |
FQDN | Specifies the FQDN value to use for sending egress calls/requests to the IP peer. |
FQDN Port | Specifies the FQDN port number for sending egress calls/requests to the IP Peer. |
Path Check | |
Profile | Specifies the path check profile name used for OPTIONS ping. |
Host Name | Specifies the FQDN value of the peer. It will be resolved using DNS and the resulting servers will be pinged using SIP OPTIONS requests. The value ranges up to 63 characters. |
Host Port | Specifies the TCP/UDP port number of the peer. The peer's servers will be pinged using SIP OPTIONS requests at this port. The value ranges from 0 to 65535 and the default value is 0. |
State | Specifies if the active pinging is enabled or not. The options are:
|
Status Update | Specifies if the status update support should be enabled for this peer or not. The options are:
|
Surrogate Registration | |
User Part | Specifies the user part for this Surrogate Registration. |
Auth User Name | Specifies the authorization User Name for surrogate registration. The value ranges up to 127 characters. |
Retry Timer | Specifies the time, in milliseconds, after which the REGISTRATION is retried after a failure. The Value range from 50 - 10000000 milliseconds. The default value is 900000 milliseconds (15 minutes). |
Reg Auth Password | Specifies the DES3 (triple Digital Encryption Standard) encrypted string authentication password for surrogate registration. All ASCII characters from 33 to 126 (except 34 - double quotes) are allowed. SBC users "Admin" and "Operator" have full access to surrogate registration passwords. Note:
If Reg Auth Password contains ASCII characters, enclose the entire password string with " " (double quotes). Example using double quotes "1234567890123456789012340\!$$@#$!@#!@#!@#" Note:
"Field Service" and "Guest" users do not have access to Reg Auth Password field. |
State | Specifies if the Surrogate Registration should be enabled or not. The options are:
|
Send Credentials | Defines how the Credentials are sent. Options are:
Note:
Refresh REGISTER and De-REGISTER are always sent without credentials. If such a REGISTER is challenged, then SBC responds with a new REGISTER with credentials. Note:
The SBC mirrors the credentials to the standby of an HA System. If the |
Suppress Reg Retry After Auth Fail | Use this flag to control sending registration retries when a REGISTER with credentials is challenged (with stale ≠ true and realm is identical to previous realm received).
|
Surr Reg Profile | Specifies the name of the Surrogate Registration Profile. |
User Next Reg Call For Call | When this option is enabled, it tries to use the next available pilot number to resend the INVITE. Note:
Crankback profile should be configured for 4xx (403) response. |
Use User Name As PAI | When this option is enabled, the configured User Name in Surrogate Registration should be used as the User Name in the outgoing Note:
This flag indicates sending PAI in outgoing Invite. The flag, Include Privacy must be disabled. |
Host Part | When this flag is configured with a name, the assigned name is used as a hostname of R-URI, From, and To headers of all outgoing calls. |
Authentication | |
Int Challenge Response | Enable this flag on the ingress IP Peer to allow the SBC to reply to local authentication challenges autonomously. If this flag is disabled, the SBC will not reply to authentication challenges locally even if credentials are configured on the egress IPTG.
|
Inc Internal Credentials | Enable this flag on the ingress IP Peer to allow egress IPTG authentication to be internally created using the authorization information in mid-dialogue without being challenged.
Note:
If Int Challenge Response is disabled, Inc Internal Credentials are not used. |