DMA Operations Guide

Local Cluster Configuration Procedures

 

 

bLeave the default port numbers (1720 for H.225, 1719 for RAS) unless you have a good reason for changing them.

cSelect H.323 multicast to support gatekeeper discovery messages from endpoints.

dTo turn on H.235 authentication, select Enable H.323 device authentication.

Device authentication credentials must be added on the Inbound

Authentication tab of the Device Authentication page. Click the

Device authentication settings link to go directly there.

3To make the system accessible via SIP calls: a Select Enable SIP signaling.

bIf the system’s security settings permit unencrypted SIP connections, optionally set Unencrypted SIP port to TCP or UDP/TCP.

You must have the Administrator role to change security settings. See “Security Settings” on page 48.

Note

The system only answers UDP calls if that transport is enabled. But for communications back to the endpoint, it uses the transport protocol that the endpoint requested (provided that the transport is enabled, and for TCP, that unencrypted connections are permitted).

For more information about this and other aspects of SIP, see RFC 3261.

cLeave the default port numbers (5060 for TCP/UDP, 5061 for TLS) unless you have a good reason for changing them.

dTo turn on SIP digest authentication for either the unencrypted or TLS port, select the corresponding Enable authentication check box.

Device authentication credentials must be added on the Inbound

Authentication tab of the Device Authentication page. Click the

Device authentication settings link to go directly there.

eTo enable mutual TLS (mTLS), select Require certificate validation for TLS.

4To enable the system to receive untrusted calls (see “Untrusted SIP Call Handling Configuration” on page 73) from SIP session border controllers (SBCs) configured to route such calls to special ports, do the following:

a Under Unauthorized ports, click Add.

The Add Guest Port dialog box opens.

bSpecify the port number, the transport, whether authentication is required, and for TLS, whether certificate validation is required (mTLS). Click OK.

The new entry is added to the Unauthorized ports list.

84

Polycom, Inc.

Page 96
Image 96
Polycom 3725-76302-001LI manual Under Unauthorized ports, click Add