In this section:
This section lists CLI commands to configure ingress IP attributes.
% set profiles signaling ipSignalingProfile <SIP profile name> ingressIpAttributes carrierInformation generateTerminatingCa <disable | enable> generateTerminatingCic <disable | enable> flags mapCalledPartyCategoryInPSigInfoHeader <disable | enable> noSdpIn180Supported <disable | enable> registrationExpiresinExpiresHeader <disable | enable> send183OnInitiatingDisconnectTreatment <disable | enable> sendSdpIn200OkIf18xReliable <disable | enable> sendSdpInSubsequent18x <disable | enable> sendTLSConnectionFailureResponse <disable | enable> sendUpdatedSDPin200Ok <disable | enable> set-cut-through-indication-in-OBCI <disable | enable> sip181Supported <disable | enable> sip182Supported <disable | enable> suppress183For3xxRedirectResponse <disable | enable> suppress183WithoutSdp <disable | enable> ingressHistoryInformation supportRFC7044Ingress <disable | enable> applyHistoryInfoPrivacyIngress <disable | enable>
The IP Signaling Profile SIP Ingress IP Attributes are shown below:
To learn more about the various methods of controlling transport protocols for SIP signaling and how these work together, refer to Controlling SBC Core Transport Protocols for SIP Signaling.
To configure SIP over TCP:
Assign this IP signaling profile to SIP trunk group(s):
% set addressContext a1 zone EXTERNAL sipTrunkGroup EXT_NET policy signaling ipSignalingProfile SIP_IPSIGPROF
If ipSignalingProfile
is not configured for any transport protocols (if transport type1 is "none"), SIP call over TCP can be forced by configuring the transport preference on egress sipTrunkGroup.
% set addressContext a1 zone EXTERNAL sipTrunkGroup EXT_NETWORK signaling transportPreference preference Possible completions: preference1 - This first choice of transport protocol for SIP calls. preference2 - This second choice of transport protocol for SIP calls. preference3 - This third choice of transport protocol for SIP calls. preference4 - This fourth choice of transport protocol for SIP calls.
Select TCP.
% set addressContext a1 zone EXTERNAL sipTrunkGroup EXT_NETWORK signaling transportPreference preference1 tcp
Generate server certificate and show status.
% set system security pki certificate server fileName server.p12 passPhrase gsx9000 type local state enabled > show status system security pki certificate certificate server { encoding pkcs12; status success; }
Generate client certificate and show status. Both client and server certificates display.
% set system security pki certificate client fileName clientCert.der type remote state enabled > show status system security pki certificate certificate client { encoding der; status success; } certificate server { encoding pkcs12; status success; }
Assign the installed certificates to the TLS profile:
% set profiles security tlsProfile defaultTlsProfile serverCertName server clientCertName client % commit
Assign TLS to the SIP signaling ports:
% set addressContext a1 zone ZONE1 sipSigPort 1 mode outOfService state disabled % commit % set addressContext a1 zone ZONE1 sipSigPort 1 tlsProfileName defaultTlsProfile % commit % set addressContext a1 zone ZONE1 sipSigPort 1 mode inService state enabled % commit % set addressContext a1 zone ZONE2 sipSigPort 2 mode outOfService state disabled % commit % set addressContext a1 zone ZONE2 sipSigPort 2 tlsProfileName defaultTlsProfile % commit % set addressContext a1 zone ZONE2 sipSigPort 2 mode inService state enabled % commit
Associate IP Signaling Profiles with TLS over TCP:
% set profiles signaling ipSignalingProfile IPSP_1 % commit % set profiles signaling ipSignalingProfile IPSP_1 egressIpAttributes transport type1 tlsOverTcp % commit % set profiles signaling ipSignalingProfile IPSP_2 % commit % set profiles signaling ipSignalingProfile IPSP_2 egressIpAttributes transport type1 tlsOverTcp % commit
% set addressContext a1 zone ZONE1 sipTrunkGroup SIP_TG1 policy signaling ipSignalingProfile IPSP_1 % commit % set addressContext a1 zone ZONE2 sipTrunkGroup SIP_TG2 policy signaling ipSignalingProfile IPSP_2 % commit