Cisco IOS Voice, Video, and Fax Commands: R Through Sh

security

 

 

A RADIUS/TACACS+ server and encryption key must have been configured in Cisco IOS software for

 

 

security to work.

 

 

 

 

Only the first alias of the proper type will be identified. If no alias of the proper type is found, the

 

 

registration will be rejected.

 

 

This command does not allow you to define the password mechanism unless the security type (h323-id

 

 

or e164 or any) has been defined. Although the no security password command undefines the password

 

 

mechanism, it leaves the security type unchanged, so security is still enabled. However, the no security

 

 

command disables security entirely, including removing any existing password definitions.

 

 

 

 

Examples

 

The following example enables identification of registrations using the first H.323 ID found in any

 

 

registration:

 

 

 

 

security h323id

 

 

 

 

The following example enables security, authenticating all users by using their H.323-IDs and a

 

 

password of qwerty2x:

 

 

 

 

security h323-id

 

 

 

 

security password qwerty2x

 

 

The next example enables security, authenticating all users by using their H.323-IDs and the password

 

 

entered by the user in the H.323-ID alias he or she registers:

 

 

security h323-id

 

 

 

 

security password separator !

 

 

Now if a user registers with an H.323-ID of joe!024aqx, the gatekeeper authenticates user joe with

 

 

password 024aqx, and if that is successful, registers the user with the H.323-ID of joe. If the exclamation

 

 

point is not found, the user is authenticated with the default password, or a null password if no default

 

 

has been configured.

 

 

 

 

The following example enables security, authenticating all users by using their E.164 IDs and the

 

 

password entered by the user in the H.323-ID alias he or she registers:

 

 

security e164

 

 

 

 

security password separator !

 

 

Now if a user registers with an E.164 address of 5551212 and an H.323-ID of !hs8473q6, the gatekeeper

 

 

authenticates user 5551212 and password hs8473q6. Because the H.323-ID string supplied by the user

 

 

begins with the separator character, no H.323-ID is registered, and the user is known only by the E.164

 

 

address.

 

 

 

 

 

 

 

Related Commands

 

Command

Description

 

 

 

 

 

 

 

 

accounting (gatekeeper)

Enables the accounting security feature on the gatekeeper.

 

 

 

 

 

 

 

radius-server host

Specifies a RADIUS server host.

 

 

 

 

 

 

 

radius-server key

Sets the authentication and encryption key for all RADIUS

 

 

 

communications between the router and the RADIUS daemon.

 

 

 

 

 

Cisco IOS Voice, Video, Fax Command Reference

VR-591

Page 30 Page 32
Page 31
Image 31
Cisco Systems VR-561 manual Accounting gatekeeper, Radius-server host, Radius-server key, VR-591
Page 30 Page 32
Top Page Image Contents