Cisco Systems VR-561 security

Cisco IOS Voice, Video, and Fax Commands: R Through Sh

security

VR-590

Cisco IOS Voice, Video, Fax Command Reference

security

To enable authentication and authorization on a gatekeeper, use the security command in gatekeeper

configuration mode. To disable security, use the no form of this command.

security {any | h323-id | e164} {password default password | password separator character}

no security {any | h323-id | e164} {password default password | password separator character}

Syntax Description

Defaults No default

Command Modes Gatekeeper configuration

Command History

Usage Guidelines Use the security command to enable identification of registered aliases by RADIUS/TACACS+. If the

alias does not exist in RADIUS/TACACS+, the endpoint will not be allowed to register.

any Uses the first alias of an incoming registration, admission, and status

(RAS) protocol registration, regardless of its type, as the means of

identifying the user to RADIUS/TACACS+.

h323-id Uses the first H.323 ID type alias as the means of identifying the user

to RADIU S/TACACS+.

e164 Uses the first E.164 address type alias as the means of identifying the

user to RADIUS/TACACS+.

password default password Specifies the default password that the gatekeeper associates with

endpoints when authenticating them with an authentication server. The

password must be identical to the password on the authentication

server.

password separator

character Specifies the character that endpoints use to separate the H.323-ID

from the piggybacked password in the registration. Specifying this

character allows each endpoint to supply a user-specific password.

The separator character and password will be stripped from the string

before it is treated as an H.323-ID alias to be registered.

Note that passwords may only be piggybacked in the H.323-ID, not the

E.164 address, because the E.164 address allows a limited set of

mostly numeric characters. If the endpoint does not wish to register an

H.323-ID, it can still supply an H.323-ID consisting of just the

separator character and password. This H.323-ID consisting of just the

separator character and password will be understood to be a password

mechanism and no H.323-ID will be registered.

Release Modification

11.3(2)NA This command was introduced on the Cisco2600 series and

Cisco 3600 series routers.