HP VCX Software manual Networks and Computers

Page 42

Chapter 4. How To Configure SIP

Here are the settings needed for this. It is assumed that the Telecommuting Module already has a network configuration. Only the additional SIP settings are listed.

Networks and Computers

The Telecommuting Module must know the network structure to be able to function properly. On the Networks and Computers page, you define all networks which the Telecommuting Module should serve and which are not reached through the default gateway of the firewall. All computers that can reach each other without having to go through the firewall connected to the Telecommuting Module should be grouped in one network.

You can also define networks and parts of networks for other configuration purposes.

Surroundings

To make the Telecommuting Module aware of the network structure, the networks defined above should be listed on the Surroundings page.

Settings in the Surroundings table are only required when the Telecommuting Module has been made the DMZ (or LAN) type.

The Telecommuting Module must know what the networks around it looks like. On this page, you list all networks which the Telecommuting Module should serve and which are not reached through the default gateway of the firewall.

All computers that can reach each other without having to go through the firewall connected to the Telecommuting Module should be grouped in one network. When you are finished, there should be one line for each of your firewall’s network connections (not counting the default gateway).

34

Page 41 Page 43
Image 42
Page 41 Page 43
Contents 3Com Telecommuting Module VersionPage United States Government Legend Page Table of Contents Page Part I. Introduction to 3Com VCX IP Telecommuting Module Page What is a Telecommuting Module? Introduction to 3Com VCX IP Telecommuting ModuleConfiguration alternatives DMZ Configuration DMZ/LAN ConfigurationQuick guide to 3Com VCX IP Telecommuting Module installation Standalone ConfigurationIntroduction to 3Com VCX IP Telecommuting Module About settings in 3Com VCX IP Telecommuting Module Introduction to 3Com VCX IP Telecommuting Module Installation with magic ping Installing 3Com VCX IP Telecommuting ModuleInstallation Installation with a serial cablePage Page Page Page Installation with a diskette Page Page Turning off a Telecommuting Module Remember to lock up the Telecommuting ModuleInstalling 3Com VCX IP Telecommuting Module Configuring 3Com VCX IP Telecommuting Module Logging onLog on again Navigation Log outSite Map Basic Configuration AdministrationSIP Services Network ConfigurationFailover Quality of ServiceOverview of configuration Virtual Private NetworksPreliminary and permanent configuration Page IP address Mask/BitsName queries in 3Com VCX IP Telecommuting Module No. of computers Mask BitsPage Configuring 3Com VCX IP Telecommuting Module Part II. How To Page How To Configure SIP DMZ Telecommuting Module, SIP server on the WANNetworks and Computers Surroundings Basic Settings InteroperabilityFiltering RoutingDMZ Telecommuting Module, SIP server on the LAN Save/Load ConfigurationNetworks and Computers Basic Settings Routing Standalone Telecommuting Module, SIP server on the WAN Basic Settings Filtering Client Settings Standalone Telecommuting Module, SIP server on the LANBasic Settings Interoperability DMZ/LAN Telecommuting Module, SIP server on the WAN Basic Settings Filtering DMZ/LAN Telecommuting Module, SIP server on the LAN Interoperability Filtering LAN Telecommuting Module Surroundings Filtering Remote SIP Connectivity Firewall How To Configure SIP How To Configure Advanced SIP Outgoing CallsShow One Number When Calling Show Different Numbers When Calling Incoming Calls Page Authentication by Accounts a.k.a SIP Trunk via SIP accounts Page Page Page Incoming Calls Page Multiple Operators Least Cost Routing Page Multiple PBXs How To Configure Advanced SIP How To Configure Advanced SIP Page Page Page Page General Basic ConfigurationBasic Configuration Name of this Telecommuting ModuleDefault domain IP Policy DNS ServersPolicy For Ping To Your 3Com VCX IP Telecommuting Module Save Access ControlCancel Look up all IP addresses againUser Authentication For Web Interface Access Configuration Allowed Via InterfaceConfiguration Transport Configuration via Http Configuration via HttpsConfiguration Computers Configuration via SSHDNS Name Or Network Address Range Network addressNetmask/Bits Via IPsec PeerRadius Port Radius ServersRadius server SecretIdentifier Contact IP AddressStatus for Radius Servers Received replies ScoreSent requests Consecutive sendsConfiguration of a Radius server ValueContact person Snmp v1 and v2cTelecommuting Module IP address to respond to Snmp requests Node locationSnmp Access via SNMPv1 and SNMPv2cAccess via SNMPv3 CommunitySnmp Traps PasswordAuthentication UserTrap receiver Resource MonitoringTrap sending function VersionSIP User Registrations Trap Levels Download the 3Com MIBSIP Sessions Trap Levels CPU Load Trap LevelsDynDNS General Configuration Dynamic DNS updateDynDNS service Use DynDNSWildcard hostnames Offline URL redirection IP address for updatesUser, Smtp Server UsernameSmtp server DNS Names to Update at DynDNSSmtp server is backup DNS NameName CertificatesPrivate Certificates CertificateCreate certificate or certificate request CA Certificates Timeouts AdvancedCA Certificate Timeout for established TCP connections Timeout for one-way UDP connectionsTimeout for two-way UDP connections Timeout for Icmp connectionsDMZ/LAN Configuration Telecommuting Module Type configuration Current Telecommuting Module TypeChange Telecommuting Module Type to Change type Save/Load Configuration AdministrationDuration of limited test mode Test Preliminary ConfigurationBackup Show Message About Unapplied ChangesApply configuration Save/Load CLI Command File Abort All Edits Show ConfigurationRevert to Old Configurations Reload Factory ConfigurationUser Administration Password For the ’admin’ AccountOld password Other Accounts New password, Confirm passwordChange administration password Account TypeCurrently Logged In Administrators Log Out UpgradeUpgrade StepAbort upgrade Try the upgradeAccept upgrade Table LookEdit Column Date and Time Change Time ZoneTime Change Date and Time ManuallyDate Set date and time manuallyNTP Servers To Use If NTP Is Enabled Change Date and Time With NTPSynchronize time with NTP Restart the SIP Module Reboot Your 3Com VCX IP Telecommuting ModuleRestart Automatic Restart of the SIP ModuleAdministration Administration 118 Network Configuration Networks and ComputersName SubgroupLower Limit Delete Row Upper LimitInterface/VLAN CreatePriority Default GatewayMain Default Gateways InterfacePolicy For Packets From Unused Gateways Gateway Reference HostsInterface Network Interface 1 Physical deviceInterface name Directly Connected Networks Obtain IP Address DynamicallyVlan Id AliasBroadcast address Vlan NameStatic Routing Routed network RouterVlan Named VLANsInterface Status Interface StatusDhcp Client Status PPPoE Client StatusAuthentication PPPoEKeep Alive Surroundings LCP echo-request intervalLog class for PPPoE negotiations Data Interfaces NetworkAdditional Negotiators Select a data interface here Network Configuration 136 Search the Log LoggingDisplay Log Display logSupport Report Packet SelectionProtocol/Port Selection Packet Type SelectionIP Address Selection All IP protocolsIcmp SIP Methods SIP Packet SelectionCall-ID IP addressesTime Limits Show This Export the LogShow newest at top Log Clear formDisplay Load RSTDirection Packet LoadTime Period UnitValue Diagram Heading DiagramDiagram Size View diagramLog class for spoofed packets Inbound TrafficLog class for non-SIP packets Log class for broadcast packetsLog class for Snmp errors Log class for email errorsLog class for Radius errors Log class for Dhcp requestsLog class for IPsec key negotiation debug messages VPN EventsLog class for IPsec key negotiations Log class for ESP packetsSIP Events Other Log Classes Email AddressLocal Log Log Sending SyslogSmtp Server Status for Outbound EmailSyslog Servers Reverts the fields to the previous configuration 157 Logging 158 Basic Settings SIP ServicesAdministration of SIP SIP ModuleTransport Additional SIP Signaling PortsProvisioning Relay CommentSIP Media Port Range Public IP address for NATed Telecommuting ModuleSIP Servers To Monitor SIP Logging ServerLog class for SIP signaling Interoperability Loose RoutingRelaxed Refer-To SIP Server Remove Via HeadersTranslation Exceptions Except this from translationExpires Header Force TranslationAlways Translate This URI Encoding Signaling Order of Re-INVITEs Loose Username CheckUser Matching Force Record-Route for Outbound Requests Accept RTP/AVP With sdescriptionsTransmit RTP/AVP With sdescriptions Force Record-Route for All RequestsForce Remote TLS Connection Reuse Accept TCP Marked As TLSAllow Large UDP Packets Remove Headers in 180 ResponsesForward Cancel Body Use Cancel Body In ACKPreserve RFC 2543 Hold Allow RFC 2069 Authentication Open Port 6891 For File TransferConvert Escaped Whitespaces in URIs Keep User-Agent Header When Acting as B2BUA Strip ICE AttributesPorts and the maddr Attribute Sessions and Media Session timerTimeout for SIP over TCP/TLS Session ConfigurationMedia Configuration Allowed number of concurrent sessionsLimitation of sender of media streams Limitation of RTP Codecs Name CodecsType This Codec Is AllowedLocal Ringback Played at Call Transfer Local RingbackMusic on Hold Redirection Ring Tone for Local RingbackRequests Default timeout for Invite requestsMaximum timeout for Invite requests SIP blacklist intervalMaximum number of retransmissions for Invite requests Base retransmission timeout for SIP requestsRemote SIP Connectivity Maximum number of retransmissions for non-INVITE requestsStun server IP addresses Stun ServerStun server Stun portsRemote NAT traversal Remote Clients Signaling ForwardingRemote NAT Traversal IP Address for Remote ClientsForward Signaling from IP Address NAT timeout for UDPNAT timeout for TCP NAT keepalive methodSIP Traffic SIP MethodsAllow MethodTraffic To AuthFrom Network FilteringSender IP Filter Rules ActionContent Type Content TypesDefault Policy For SIP Requests AllowHeader Filter Rules Default Header Filter Policy Local RegistrarLocal SIP Domains Local SIP User Database DomainAuthentication and Accounting Authentication NameRegister From Authentication settings SIP User DatabaseTrusted Domains Asserted-IdentityUse P-Asserted-Identity NetworkUse Dial Plan Dial PlanRadius Accounting Emergency NumberMatching From Header Reg ExprHead Matching Request-URIPrefix TailForward To Min. TailReplacement URI SubnoDial Plan Add Prefix Request-URIForward To Enum RootMethods in Dial Plan MethodRegister in Dial Plan Routing Enum RootDNS Override For SIP Requests Relay To WeightSIP Routing Order PortClass 3xx Message Processing Routing FunctionAlso Forward To Static RegistrationsRequests To User UserFor clients not supporting Refer Local Refer HandlingAlways handle Refer locally Sip/sipsFor dialogs with specified User-Agent header For clients not supporting replacesFor dialogs with specified From URI From URIs For Which Refer is Handled LocallyUser Routing AliasRestrict Incoming Callers Forward Send To Voice MailAction Voice Mail Server Request-URI Domain Outbound ProxyFrom Domain Domain or IP AddressTel URIs GatewayRegistrar and Session Status Active SessionsMonitored SIP Servers Monitored SIP server status Registered UsersMonitored SIP server Registered fromNetwork Interface Selection ToolsPacket Capture IP Address SelectionTools Any Icmp Check Network Check NetworkCollect data Test ResultsPage Tools 222 SIP over UDP Firewall and Client ConfigurationDMZ type SIP over TCP/TLSDMZ/LAN type SIP clientsStandalone type SIP clients Part IV Com VCX IP Telecommuting Module Serial Console Page Basic Administration Connecting to the serial consoleMain Menu Exit admin Set passwordCommand line interface Wipe email logsPhysical device name Deactivate other interfacesConfigure from a single computer Configure from multiple computersPassword Wipe email logs Set password Exit adminBasic Administration 236 Command Line Reference Command ReferenceHelp and Troubleshooting Modifying Tables Modify-row List-tablesLoad-factory Revert-editsTable Definitions Config.allowconfig Config.allowviainterfaceConfig.authlogclass Config.httpsservers Config.authenticationConfig.httpservers Config.mgmtlogclassFentalwaysfentexceptions Failover.ifacerefhostsFent.alwaysfent FentalwaysfentinterfacesFent.fentkeepalive Fent.mapsignaladdressField Name Field Type Explanation Enabled OnOffToggle Fent.mediareleasefirewall.broadcastlogclass firewall.defaultpolicyfirewall.blindroutepolicy firewall.dhcplogclassfirewall.networkgroups firewall.ownlogclassfirewall.pingpolicy firewall.spoofinglogclass firewall.servicesfirewall.policylogclass firewall.timeclassesIdsips.active Idsips.predefinedipsrulesIpsec.espproposals Idsips.ratelimitedipsIpsec.cryptodef Ipsec.espahlogclassIpsec.ipsecnets Ipsec.ikelogclassIpsec.ikeproposals Ipsec.nattkeepaliveIpsec.radiusauthserver Ipsec.plutologclassIpsec.plutoverboselogclass Field Name Field TypeIpsec.tunnelednets Ipsec.userauthlogclassIpsec.x509cacerts Misc.dnsservers Misc.conntracktimeoutsIpsec.x509cert Misc.dyndnsMisc.ntpservers Misc.dyndnsnameMisc.fversion Field Name Field Type Explanation DomainNameMisc.usentp Monitor.cpuloadlevelalarmMisc.unitname Monitor.emailalertlogclassMonitor.hardwarelogclass Monitor.memorylevelalarmMonitor.radiuserrorslogclass Monitor.logclassesMonitor.siplevelalarms Monitor.snmpagentaddressMonitor.snmpagentlogclass Monitor.snmpnodelocation Monitor.snmpcontactpersonMonitor.snmpmanagementstations Monitor.snmppacketlogclassMonitor.snmptrapsending Monitor.snmpv1v2caccessMonitor.snmpv3access Monitor.snmpv1v2cauthMonitor.watchdogs Network.extradefaultgatewaysMonitor.syslogservers Network.aliasaddressesNetwork.interfaces Network.localnetsNetwork.pppoe Network.vlans Network.routetestserversNetwork.routes Field Name Field Type Explanation Server DnsIpAddressPptp.grelogclass Password.adminusersPptp.pptpenable Pptp.pptplogclassPptp.pptpneglogclass Pptp.pptpserveripPptp.pptpusers Field Name Field Type Explanation PPTPOwnIpReferenceQos.bandwidths Qos.classesQos.egressdefaultqueueing Qos.ingressdefaultqueueingQos.egressqueueing Qos.status Qos.ingressqueueingQos.sipcac Qos.taggingSip.addexpireheader Sip.acceleratedtlsSip.active Sip.allowedcodecsSip.b2buaofferfromtemplate Sip.defaultgatewaySip.authmethods Sip.codecfilteringSip.externalrelay Sip.emergencySip.externradiusdb Field Name Field Type Explanation DnsIpAddressSip.forcemodify Sip.forwardcancelbodySip.fixfiletransferport Sip.forwardtoheaderSip.ignoreuriportwhenmaddr Sip.headerfilterdefaultSip.headerfilterrules Field Name Field Type Explanation Action SipfilteractionselSip.listen Sip.largeudpSip.lcscompanion Sip.localdomainsSip.lrtrue Sip.looserefertoSip.looseusernamecheck Sip.mediaencryptionpolicySip.mediaports Sip.mediaencryptionsettingsSip.mediaencryptionsuite Field Name Field Type Explanation Portslower PortNumberSip.message Sip.mediatimeoutsSip.mediarestriction Sip.mfullSip.monitorserver Sip.optiontimeoutSip.mimetypes Sip.musiconholdSip.percent20towhitespace Field Name Field Type Explanation Timeout OptionTimeoutSip.outboundproxy Sip.preserve2543holdSip.registrarlimits Sip.radiusacctSip.recurseon3xxinb2bua Sip.relayrulesSip.rewritetoforregisterindp Sip.removeviaSip.replyconfig Sip.ringbackSip.rroutealways Sip.routeusesportSip.routingorder Sip.rrouteoutboundSip.sessionlimits Sip.signaladdressfordestinationSip.siperrorslogclass Sip.sipaliasSip.sipmedialogclass Sip.sipsignalinglogclassSip.siplicenselogclass Sip.sipmessagelogclassSip.stripiceattributes Sip.tcptimeoutSip.sttype Sip.surroundingsSip.tlsclientcfg Sip.tlssettingsSip.tlscacerts Sip.tlsservercfgSip.uriencoding Sip.transactionconfigSip.trusteddomain Field Name Field Type Explanation UriencodingselSipswitch.b2buatransferenable Sip.usecancelbodyinackSipswitch.accounts Sip.uaregisterSipswitch.dialplanenable Sipswitch.b2buatransferfromuserSipswitch.dialplan Field Name Field Type Explanation User AliasAliasSipswitch.forwardto Sipswitch.dialplanmethodsSipswitch.enumroot Field Name Field Type Explanation Enabled FallbackselSipswitch.requestto Sipswitch.incomingunauthSipswitch.requestfrom Field Name Field Type Explanation Url SipWildcardUrlSipswitch.userrouting Sipswitch.usersUserdb.radiusservers Sipswitch.voicemailUserdb.radiuslocalendpoint Voipsm.voipsmField Types AdminPasswordAdminTypeSel Voipsm.voipsmdomainsAliasIpReference AliasUser AdminUserAliasAlias AuthDataCryptoDefReference DepUsableVlanInterface DnsDynIpAddress CaReferenceCertReference DnsDynIpNetworkInterface DnsDynIpOtherHostEnumReference DyndnsPasswordDyndnsServiceSel EspCryptoReference FirewallLogclassReferenceIpsRuleName InterfaceSelInviteRetransmitCount IpsecAuthSelMaxMessageSizeInteger IsakmpSALifeLogclassReference MaxRegOnOffToggle NonemptyStringOnOffButton OnOffToggleOnOptDSCPInteger OptDnsAutoRuntimeReachableHost OptDnsIpAddressOptComment OptDepOwnIpReferenceOptIpsecNetReference OptForwardToReferenceOptIcmpRangeList OptIpsecPeerReferenceOptPercent OptPasswordOptServicesReference OptPercentFloatOptString OptionTimeoutOptSipUserDomain OptTimeclassReferencePPTPOwnIpReference PptpPasswordRegTimeout PercentSipUserPassword SessionTimeoutSipUserDomainDefaultAll SIPRadiusSelSipWildcardUrl SnmpPasswordTimerAFloat SubGroupAccounttypesel AccountvoicemailselBlindsel AddexpireheaderselAutonegsel BypasstransportselFallbacksel ConfigauthselDpactionsel FentkeepaliveselHitsnumber FunctionselFwtypesel MediaencryptionsuiteselPqueuesel PingpolicyselPolicysel QostypeselRestfuncsel Rfc2782weightRegexpwithAt Rfc2782prioritySipfunctionsel SipauthdirselSipfilteractionsel SipselSnmpv3privacysel SnmptrapversionselSnmpv3authsel SttypeselSysloglevelsel TlsclientmethodsTlsservermethods Uriencodingsel TlsconfselTrusteddomaintransportsel VoipsmmethodselCLI command examples Add and change firewall rulesWindownumber Apply a configuration Part V. Appendices Page Why use SIP? Appendix A. More About SIPSIP Protocol Managing Your Own SIP Domain SIP and FirewallsConfiguring the 3Com VCX IP Telecommuting Module Page Configuring the PBX Configuring the DNS ServerConfiguring the SIP Clients SIP Sessions SIP in 3Com VCX IP Telecommuting ModuleEstablishing a SIP session SIP Packet Headers ContactRecord-Route Content-TypeVia RouteAppendix A. More About SIP 328 No traffic shown in the log Appendix B. TroubleshootingNetwork troubleshooting Traffic discarded as spoofedSIP users can’t register through the Telecommuting Module SIP troubleshootingSIP users can’t register on the Telecommuting Module SIP Trunking calls via SIP operatorAdministration troubleshooting Call is established, but there is no voiceSIP send failure -1 on socket -1 event number SIP errorsLog Messages Destination IP addressport is known bad. SkippingStarting SIP UDP server at port IPsec key negotiationsStarting SIP TCP server at port Stopped SIP TCP serverConfiguration server logins List of the most important reserved ports Name Port/protocol DescriptionWWW Cmip Krcmd Kerberos encrypted remote shell -kfall List of Icmp types Type NameIcmp codes Type Name ReferenceIcmp type Name Code Description Unreachable for Type Internet protocols and their numbers Protocol number KeywordIP intervals Set bits Mask IP address class Reserved IP addresses Class IP in- tervalsPage Appendix D. Definitions of terms ARPDMZ 349 Https NAT Nntp 353 PPP SIP Uucp 357 Appendix D. Definitions of terms 358 BSD derived licenses Appendix E. License ConditionsSoftware developed by Peter Åstrand TermsSoftware developed by Carnegie Mellon University Software developed by Gregory M Christy Software developed by Cisco SystemsSoftware developed by Digital Equipment Corporation Dhcp license Software developed by Jason DownsSoftware developed by Brian Gladman Version 2, June Software developed by Google, IncGNU General Public License GPL PreambleGNU General Public License 367 368 No Warranty IBM Public License Software developed by Ingate Systems Software developed in the GIE Dyade cooperationSoftware developed by Tommi Komulainen GNU Library General Public License Lgpl v USA374 GNU Library General Public License 376 377 Page 379 380 GNU Lesser General Public License Lgpl v Version 2.1, February382 GNU Lesser General Public License 384 385 386 Page Glibc Tzdata 2006a 388 Software in the GNU C distribution Appendix E. License Conditions Appendix E. License Conditions 392 More software in the GNU C distribution 394 License exceptions for gcc/libgcc2.c License License exceptions for libstdc++License for lilo DisclaimerSoftware developed by Paul Mackerras Software developed by Pedro Roque Marques Software developed at M I TLicense for Net-SNMP Part 1 CMU/UCD copyright notice BSD likePart 4 Sun Microsystems, Inc. copyright notice BSD Part 5 Sparta, Inc copyright notice BSD Part 6 Cisco/BUPTNIC copyright notice BSD License for NTP License for OpenSSH404 Appendix E. License Conditions 406 407 Snprintf replacement Copyright Patrick Powell 409 License for OpenSSL License for OpenSWAN Python license Release Derived Year Owner GPL- compatible? FromTerms and Conditions for Accessing or Otherwise Using Python Beopen Python Open Source License Agreement Version Cnri License Agreement for Python License for Python Imaging Library CWI License Agreement for Python 0.9.0 ThroughLicense for Rdisc Software developed by RSA Data Security, Inc More software developed by RSA Data Security, IncLicense for SSL License for stunnel Software developed by Sun Microsystems, IncMore software developed by Sun Microsystems, Inc License for Sun RPCLicense for termcap Software developed by Trusted Information Systems, IncSoftware developed by Andrew Tridgell Software developed by Paul VixieVovida Software License v Software developed by Rayan S ZachariassenVovida Software License, Version License for zlib Software developed at University of CaliforniaOpenswan-kernel 427 Appendix E. License Conditions Appendix E. License Conditions Readlink Appendix E. License Conditions 430 Purchase Extended Warranty Professional Services Register Your Product to Gain Service BenefitsSolve Problems Online Appendix F. Obtaining Support for Your 3Com ProductsTelephone Technical Support and Repair Access Software DownloadsContact Us Asia, Pacific Rim Telephone Technical Support and RepairLatin America Telephone Technical Support and Repair Country Telephone NumberUS and Canada Telephone Technical Support and Repair For administration IndexConfiguration logins From the Telecommuting Module MIBs
Related manuals
Manual 70 pages 30.95 Kb
Top Page Image Contents