TANDBERG Gatekeeper User Manual
20
match an entry on the DenyList. Allow lists and Deny lists are mutually exclusive: only one
may be in use at any given time.
Matching uses a simple form of wild card expansion:
12345678 Exact match only
1234567? First 7 characters are an exact match, last may be anything
123* 123 followed by anything
*@example.com Any string ending with @example.com
To set entries in the Allow and Deny lists use the following commands
AllowListAdd, AllowListDelete, DenyListAdd, DenyListDelete
To view the entries in the allow and deny lists, use the following commands:
xConfiguration Gatekeeper Registration AllowList
xConfiguration Gatekeeper Registration DenyList
Figure 13 Configuring a pattern for the Allow/Deny List within the Registration
Restrictions

3.7.2 Authentication

The TANDBERG Gatekeeper can use a user name and password based challenge-response
scheme to permit registrations. For details of how to configure the Gatekeeper for
authentication see section 3.8 H.235 Authentication. For details of how to configure your
endpoint with the appropriate information, please consult your endpoint manual.
3.8 H.235 Authentication
The Gatekeeper supports the ITU H.2352 specification for authenticating the identity of
network devices with which the Gatekeeper communicates.
In order to verify the identity of a device, the Gatekeeper needs access to the password
information. This credential information may be stored in a local database on the Gatekeeper
or obtained from an LDAP Director Server.

3.8.1 Authentication using a local database

2 ITU Specification: H.235 Security and encryption for H-Series (H.323 and other H.245-based)
multimedia terminals