Local Cluster Configuration

You can route such untrusted (“unauthorized” or “guest”) calls by creating a separate set of “guest” dial rules used only for these untrusted calls. See Dial Rules.

Depending on the SIP SBC and how it’s configured, such calls can be distinguished in one of two ways:

By port: The SBC routes untrusted calls to a specific port.

By prefix: The SBC adds a specific prefix in the Request-URI of the first INVITE message for the call.

The RealPresence Access Director SBC supports only the prefix method. The Acme Packet Session Border Controller SBC can be configured for either.

In the SIP Settings section of the page, you can add one or more ports, prefixes, or both for untrusted calls. For each entry, you can specify whether authentication is required. Calls to an untrusted call prefix follow the authentication setting for that prefix, not for the port on which they’re received. For port entries, you can also specify the transport, and if TLS, whether certificate validation is required (mutual TLS).

Note: Require certificate validations for TLS

If Unlock SIP Settings mutual authentication option on the Signaling Settings page is unchecked on the Security Settings page, then Require mutual authentication (validation of client certificates) is turned on for both authorized and unauthorized ports, and it can’t be turned off. See Security Settings.

Signaling Settings Fields

The following table describes the fields on the Signaling Settings page.

Field

Description

 

 

H.323 Settings

 

 

 

Enable H.323 signaling

Enables the system to receive H.323 calls.

 

Caution: Disabling H.323 terminates any existing H.323 calls. When you click

 

Update, the system prompts you to confirm.

 

 

Status

Indicates whether the system’s H.323 gatekeeper functions are active.

 

 

H.225 port

Specifies the port number the system’s gatekeeper uses for call signaling.

 

We recommend using the default port number (1720), but you can use the

 

same value as the RAS port or any other value from 1024 to 65535 that’s not

 

already in use.

 

 

RAS port

Specifies the port number the system’s gatekeeper uses for RAS

 

(Registration, Admission and Status).

 

We recommend using the default port number (1719), but you can use the

 

same value as the H.225 port or any other value from 1024 to 65535 that’s not

 

already in use.

 

 

H.245 open firewall ports

Shows the port range used for H.245 so you can configure your firewall

 

accordingly. This is display only.

 

 

H.323 multicast

Enables the system to support gatekeeper discovery (GRQ messages from

 

endpoints) as described in the H.323 and H.225.0 specifications.

 

 

Polycom, Inc.

72

Page 71 Page 73
Page 72
Image 72
Polycom 7000 manual Signaling Settings Fields, Field Description Settings
Page 71 Page 73
Top Page Image Contents