Before You Begin
If you wish to configure the Sonus SBC 1000/2000 for either RADIUS Authentication or Accounting, you must first add one or more RADIUS Server(s) for the Sonus SBC 1000/2000 to use.
Configuring RADIUS Services on Sonus SBC 1000/2000
- In the WebUI, click the Settings tab.
In the left navigation pane, go to Auth and Directory Services > RADIUS > Configuration.
Did you know?
It is possible to configure a single RADIUS server to be used for both RADIUS-based authentication and CDR accounting at the same time. To do this, simply create two RADIUS server entries pointing to the same RADIUS server IP address/FQDN — enter port 1812 to be used as the authentication server entry, and port 1813 for the accounting server entry.
RADIUS Options - Field Definitions
Authentication
You can configure Sonus SBC 1000/2000 to authenticate users via RADIUS Authentication Server(s). If enabled, you must specify the RADIUS user permissions on Sonus SBC 1000/2000 by configuring the necessary RADIUS User Class Access Level Mapping.
Accounting
You can configure Sonus SBC 1000/2000 for RADIUS accounting using the Sonus SBC 1000/2000 Call Detail Records (CDR) feature. If enabled, the Sonus SBC 1000/2000 must have a valid CDR license before it can log call details.
Accounting Mode Options
If you wish to record call details to RADIUS Accounting Server(s), you must choose an Accounting Mode (i.e., the way you want Sonus SBC 1000/2000 to send those call record details):
- Active-Standby Mode
In the Active-StandBy mode, all accounting related requests are sent to the first accounting server (A-Server One) when it is UP. That is when it is pingable and active. In the event Server One becomes unreachable, accounting requests are then sent to the second accounting server (A-Server Two).
If A-Server One and A-Server Two become unreachable CDR information is backed up and queued for retry on the Sonus SBC 2000 hard drive. On the Sonus SBC 1000, if an eUSB device is present, the Call Detail Records (CDRs) will be queued on the eUSB device up to a limit of 1,500 records. - Active-Active Mode
In the Active-Active mode, all accounting requests are sent to both A-Servers. If one of the servers becomes unreachable, a retry procedure is executed. If the retry procedure fails, an alarm is raised every five minutes until the server becomes reachable again.
If any or both servers become unreachable, the records are queued as described for the Active-StandBy Mode. - Round Robin Mode
In the Round Robin Mode, accounting requests are alternated between A-Server One and A-Server Two. The first, third, fifth, etc., (odd numbered) requests are sent to A-Server One and the second, fourth, sixth, etc. (even numbered) are sent to A-Server Two. All the call-legs belonging to the same call will go to the same server. These legs will be linked with a unique Acct-Multi-Session-Id per call. When only one server is reachable, all the accounting packets will go to same server. If both servers become unreachable, the records are queued as described for the Active-StandBy Mode.
RADIUS Authentication Servers - Field Definitions
Primary Server/Secondary Servers
Specifies the RADIUS server to use as either Primary or Secondary for RADIUS Authentication. Servers selected for authentication must be configured for authentication and assigned to the correct UDP (Default 1812) Port for RADIUS authentication
RADIUS Accounting Servers - Field Definitions
Accounting Server 1/Accounting Server 2
Specifies the RADIUS server to use as either Primary or Secondary for RADIUS Authentication. Servers selected for accounting must be configured for accounting and assigned to the correct UDP Port (Normally, Port 1813) for RADIUS accounting. Although you must specify at least one RADIUS Accounting server, Sonus recommends you use two.
Overview
Content Tools