DMA OperationsGuide Local Cluster Configuration Procedures
84 Polycom, Inc.
bLeave the default port numbers (1720 for H.225, 1719 for RAS) unless
you have a good reason for changing them.
cSelect H.323 multicast to support gatekeeper discovery messages
from endpoints.
dTo turn on H.235 authentication, select Enable H.323 device
authentication.
Device authentication credentials must be added on the Inbound
Authentication tab of the Device Authentication page. Click the
Device authentication settings link to go directly there.
3To make the system accessible via SIP calls:
aSelect Enable SIP signaling.
bIf the system’s security settings permit unencrypted SIP connections,
optionally set Unencrypted SIP port to TCP or UDP/TCP.
You must have the Administrator role to change security settings. See
“Security Settings” on page 48.
cLeave the default port numbers (5060 for TCP/UDP, 5061 for TLS)
unless you have a good reason for changing them.
dTo turn on SIP digest authentication for either the unencrypted or TLS
port, select the corresponding Enable authentication check box.
Device authentication credentials must be added on the Inbound
Authentication tab of the Device Authentication page. Click the
Device authentication settings link to go directly there.
eTo enable mutual TLS (mTLS), select Require certificate validation
for TLS.
4To enable the system to receive untrusted calls (see “Untrusted SIP Call
Handling Configuration” on page 73) from SIP session border controllers
(SBCs) configured to route such calls to special ports, do the following:
aUnder Unauthorized ports, click Add.
The Add Guest Port dialog box opens.
bSpecify the port number, the transport, whether authentication is
required, and for TLS, whether certificate validation is required
(mTLS). Click OK.
The new entry is added to the Unauthorized ports list.
Note
The system only answers UDP calls if that transport is enabled. But for
communications back to the endpoint, it uses the transport protocol that the
endpoint requested (provided that the transport is enabled, and for TCP, that
unencrypted connections are permitted).
For more information about this and other aspects of SIP, see RFC 3261.