This object creates and configures a static IP Peer in this zone.

Note

If an IP Peer is configured to use an FQDN port (other than port 5061), the SBC increments the configured port number by 1 and uses it as the new port number for SIP over TLS signaling.

If the IP Peer is configured to use port 5061 and the transport is TLS, no changes are made to the configuration. 

To View IP Peer

On the SBC main screen, go to Configuration > System Provisioning > Category: Trunk Provisioning > IP Peer. The IP Peer window is displayed.

System Provisioning - IP Peer

 

The IP Peer can be checked for each Address Context or for each Zone or for all the Address Contexts and Zones created. Use the drop-down box to select the desired Address Context and Zone.

IP Peer Main Field

 

To Edit IP Peer

To edit any of the IP Peers in the list, click the radio button next to the specific IP Peer name.

IP Peer Highlighted

 

The Edit Selected IP Peer window is displayed below.

IP Peer Edit Window

 

Make the required changes and click Save at the right hand bottom of the panel to save the changes made.

To Create IP Peer

To create a new IP Peer, click New IP Peer tab on the IP Peer List panel.

IP Peer Fields

 

The Create New IP Peer window is displayed.

IP Peer Create Window

 

The following fields are displayed:

IP Peer Parameters

 


Parameter


Description

Name

The name of the IP Peer.

IP Address

Specifies the IPv4 or IPv6 address of the peer.

IP Port

The IP port for this peer.

Default for IP

Set to 'true' if this peer should be used for the IP Address and ephemeral port on ingress, or 'false' if this peer will not be used for the IP Address and ephemeral port on ingress.

Sip
CAC ProfileSpecifies the SIP endpoint CAC profile for the IP peer.
Policy
DescriptionSpecifies the description of this IP Peer.

Packet Service
Profile

Specifies the name of the Packet Service Profile used for this IP Peer.

IP Signaling
Profile

Specifies the name of the IP Signaling Profile used for this IP Peer.
Policy - Sip
FqdnSpecifies the FQDN value to use for sending egress calls/requests to the IP peer.

Fqdn Port

Specifies the FQDN port number for sending egress calls/requests to the IP Peer.
Path Check
ProfileSpecifies the path check profile name used for OPTIONS ping.
Host NameSpecifies the FQDN value of the peer. It will be resolved using DNS and the resulting servers will be pinged using SIP OPTIONS requests. The value ranges up to 63 characters.
Host PortSpecifies the TCP/UDP port number of the peer. The peer's servers will be pinged using SIP OPTIONS requests at this port. The value ranges from 0 to 65535 and the default value is 0.
State

Specifies if the active pinging is enabled or not. The options are:

  • enabled
  • disabled (default)

Status Update
Support

Specifies if the status update support should be enabled for this peer or not. The options are:

  • enabled
  • disabled (default)
Surrogate Registration

User Part

Specifies the user part for this Surrogate Registration.
Auth User NameSpecifies the authorization User Name for surrogate registration. The value ranges up to 127 characters.

Retry Timer

Specifies the time, in milliseconds, after which the REGISTRATION is retried after a failure. The Value range from 50 - 10000000 milliseconds. The default value is 900000 milliseconds (15 minutes).

Reg Auth
Password

Specifies the DES3 (triple Digital Encryption Standard) encrypted string authentication password for surrogate registration. All ASCII characters from 33 to 126 (except 34 - double quotes) are allowed. SBC users "Admin" and "Operator" have full access to surrogate registration passwords.

If Reg Auth Password contains ASCII characters, enclose the entire password string with " " (double quotes).

Example using double quotes
"1234567890123456789012340\!$$@#$!@#!@#!@#"

"Field Service" and "Guest" users do not have access to Reg Auth Password field.

State

Specifies if the Surrogate Registration should be enabled or not. The options are:

  • enabled
  • disabled (default)
Send Credentials 

Defines how the Credentials are sent. Options are:

  • challengeForAnyMessage – The SBC sends credentials for REGISTER, INVITE, PRACK, UPDATE, REINVITE and BYE when these messages are challenged.
  • challengeForAnyMessageAndInDialogRequests – The SBC sends credentials for REGISTER, INVITE, PRACK, UPDATE, REINVITE and BYE when these messages are challenged. The SBC also sends credentials by default as per last challenge in the in-dialog requests such as PRACK, UPDATE, REINVITE and BYE when any one of these methods is challenged earlier in the call.
  • challengeForRegister (default) – The SBC sends credentials only for REGISTER when challenged. Challenges for any other messages are returned to the IP-PBX.

Refresh REGISTER and De-REGISTER are always sent without credentials. If such a REGISTER is challenged, then SBC responds with a new REGISTER with credentials.

The SBC mirrors the credentials to the standby of an HA System. If the sendCredentials is set to 'challengeForAnyMessageAndInDialogRequests', upon a switchover the SBC can send in-dialog requests such as REINVITE/UPDATE/BYE with credentials.

Suppress Reg Retry After Auth Fail

Use this flag to control sending registration retries when a REGISTER with credentials is challenged (with stale ≠ true and realm is identical to previous realm received).
When stale = true or realm is not identical to previous realm received, the SBC immediately sends REGISTER.

  • disabled (default) – Send REGISTER when a 401 or 407 in response to REGISTER with credentials is received.
  • enabled – Do not attempt to send REGISTER after receiving a 401 or 407 response.
Surr Reg Profile Specifies the name of the Surrogate Registration Profile.
User Next Reg Call For Call

When this flag is enabled, it tries to use the next available pilot number to resend the INVITE.

Crank back profile should be configured for 4xx (403) response.

Use User Name As PAI

When this flag is enabled, the configured userName in surrogateRegistraion should be used as userName in the outgoing INVITE.

This flag indicates sending PAI in outgoing Invite. The flag, Include Privacy must be disabled.

Host PartWhen this flag is configured with a name, the assigned name is used as a hostname of RURI, FROM, TO headers of all outgoing calls.
Authentication
Int Challenge Response

Enable this flag on the ingress IP Peer to allow the SBC to reply to local authentication challenges autonomously. If this flag is disabled, the SBC will not reply to authentication challenges locally even if credentials are configured on the egress IPTG.

  • disabled (default)
  • enabled
Inc Internal Credentials

Enable this flag on the ingress IP Peer to allow egress IPTG authentication to be internally created using the authorization information in mid-dialogue without being challenged.

  • disabled (default)
  • enabled
If Int Challenge Response is disabled, Inc Internal Credentials is not used.


To Copy IP Peer

To copy any of the created IP Peer and to make any minor changes, click the radio button next to the specific IP Peer to highlight the row.

IP Peer Highlighted

 

Click Copy IP Peer tab on the IP Peer List panel.

IP Peer Fields

 

The Copy Selected IP Peer window is displayed along with the field details which can be edited.

IP Peer Copy Window

 

Make the required changes to the required fields and click Save to save the changes. The copied IP Peer is displayed at the bottom of the original IP Peer in the IP Peer List panel.

To Delete IP Peer

To delete any of the created IP Peer, click the radio button next to the specific IP Peer which you want to delete.

IP Peer Highlighted

 

Click Delete at the end of the highlighted row. A delete confirmation message appears seeking your decision.

IP Peer Delete Confirmation

 

Click Yes to remove the specific IP Peer from the list.

 

  • No labels