Cisco IOS Voice, Video, and Fax Commands: R Through Sh

security

security

To enable authentication and authorization on a gatekeeper, use the security command in gatekeeper configuration mode. To disable security, use the no form of this command.

security {any h323-id e164} {password default password password separator character} no security {any h323-id e164} {password default password password separator character}

Syntax Description

any

Uses the first alias of an incoming registration, admission, and status

 

 

(RAS) protocol registration, regardless of its type, as the means of

 

 

identifying the user to RADIUS/TACACS+.

 

 

 

 

h323-id

Uses the first H.323 ID type alias as the means of identifying the user

 

 

to RADIUS/TACACS+.

 

 

 

 

e164

Uses the first E.164 address type alias as the means of identifying the

 

 

user to RADIUS/TACACS+.

 

 

 

 

password default password

Specifies the default password that the gatekeeper associates with

 

 

endpoints when authenticating them with an authentication server. The

 

 

password must be identical to the password on the authentication

 

 

server.

 

 

 

 

password separator

Specifies the character that endpoints use to separate the H.323-ID

 

character

from the piggybacked password in the registration. Specifying this

 

 

character allows each endpoint to supply a user-specific password.

 

 

The separator character and password will be stripped from the string

 

 

before it is treated as an H.323-ID alias to be registered.

 

 

Note that passwords may only be piggybacked in the H.323-ID, not the

 

 

E.164 address, because the E.164 address allows a limited set of

 

 

mostly numeric characters. If the endpoint does not wish to register an

 

 

H.323-ID, it can still supply an H.323-ID consisting of just the

 

 

separator character and password. This H.323-ID consisting of just the

 

 

separator character and password will be understood to be a password

 

 

mechanism and no H.323-ID will be registered.

 

 

 

Defaults

Command Modes

Command History

No default

Gatekeeper configuration

Release

Modification

11.3(2)NA

This command was introduced on the Cisco 2600 series and

 

Cisco 3600 series routers.

 

 

Usage Guidelines Use the security command to enable identification of registered aliases by RADIUS/TACACS+. If the alias does not exist in RADIUS/TACACS+, the endpoint will not be allowed to register.

Cisco IOS Voice, Video, Fax Command Reference

VR-590

Page 29 Page 31
Page 30
Image 30
Cisco Systems VR-561 manual Security, Syntax Description, VR-590
Page 29 Page 31
Top Page Image Contents