Cisco Systems VR-561

Cisco IOS Voice, Video, and Fax Commands: R Through Sh security

VR-591

Cisco IOS Voice, Video, Fax Command Reference

A RADIUS/TACACS+ server and encryption key must have been configured in Cisco IOS software for

security to work.

Only the first alias of the proper type will be identified. If no alias of the proper type is found, the

registration will be rejected.

This command does not allow you to define the password mechanism unless the security type (h323-id

or e164 or any) has been defined. Although the no security password command undefines the password

mechanism, it leaves the security type unchanged, so security is still enabled. However, the nosecurity

command disables security entirely, including removing any existing password definitions.

Examples The following example enables identification of registrations using the first H.323 ID found in any

registration:

security h323id

The following example enables security, authenticating all users by using their H.323-IDs and a

password of qwerty2x:

security h323-id

security password qwerty2x

The next example enables security, authenticating all users by using their H.323-IDs and the password

entered by the user in the H.323-ID alias he or she registers:

security h323-id

security password separator !

Now if a user registers with an H.323-ID of joe!024aqx, the gatekeeper authenticates user joe with

password 024aqx, and if that is successful, registers the user with the H.323-ID of joe. If the exclamation

point is not found, the user is authenticated with the default password, or a null password if no default

has been configured.

The following example enables security, authenticating all users by using their E.164 IDs and the

password entered by the user in the H.323-ID alias he or she registers:

security e164

security password separator !

Now if a user registers with an E.164 address of 5551212 and an H.323-ID of !hs8473q6, the gatekeeper

authenticates user 5551212 and password hs8473q6. Because the H.323-ID string supplied by the user

begins with the separator character, no H.323-ID is registered, and the user is known only by the E.164

address.

Related Commands Command Description

accounting (gatekeeper) Enables the accounting security feature on the gatekeeper.

radius-server host Specifies a RADIUS server host.

radius-server key Sets the authentication and encryption key for all RADIUS

communications between the router and the RADIUS daemon.