Version 7.2 441 Mediant 800B Gateway & E-SBC
User's Manual 20. Coders and Profiles
Parameter Description
Contexts on page 113). The server cipher ('Cipher Server')
must be configured to All.
IpProfile_SBCMediaSecurityBehaviourMedia configured to
SRTP or Both.
IpProfile_SBCRTCPMux configured to Supported. The setting
is required as the DTLS handshake is done for the port used
for RTP. Therefore, RTCP and RTP should be multiplexed
over the same port.
The device does not support forwarding of DTLS transparently
between endpoints (SIP entities).
As DTLS has been defined by the WebRTC standard as
mandatory for encrypting media channels for SRTP key exchange,
the support is important for deployments implementing WebRTC.
For more information on WebRTC, see WebRTC on page 774.
Reset SRTP Upon Re-key
reset-srtp-upon-re-key
[IpProfile_ResetSRTPStateU
ponRekey]
Enables synchronization of the SRTP state between the device and a
server when a new SRTP key is generated upon a SIP session expire.
This feature ensures that the roll-over counter (ROC), one of the
parameters used in the SRTP encryption/decryption process of the
SRTP packets is synchronized on both sides for transmit and receive
packets.
[0] Disable = (Default) ROC is not reset on the device side.
[1] Enable = If the session expires causing a session refresh
through a re-INVITE, the device or server generates a new key and
the device resets the ROC index (and other SRTP fields) as done
by the server, resulting in a synchronized SRTP.
Note:
If this feature is disabled and the server resets the ROC upon a re-
key generation, one-way voice may occur.
The corresponding global parameter is
ResetSRTPStateUponRekey.
Generate SRTP Keys Mode
generate-srtp-keys
[IpProfile_GenerateSRTPK
eys]
Enables the device to generate a new SRTP key upon receipt of a re-
INVITE with the SIP entity associated with the IP Profile.
[0] Only If Required= (Default) The device generates an SRTP key
only if necessary.
[1] Always = The device always generates a new SRTP key.
SBC Remove Crypto
Lifetime in SDP
sbc-sdp-remove-crypto-
lifetime
[IpProfile_SBCRemoveCrypt
oLifetimeInSDP]
Defines the handling of the lifetime field in the 'a=crypto' attribute of
the SDP for the SIP entity associated with the IP Profile. The SDP field
defines the lifetime of the master key as measured in maximum
number of SRTP or SRTCP packets using the master key.
[0] No = (Default) The device retains the lifetime field (if present) in
the SDP.
[1] Yes = The device removes the lifetime field from the 'a=crypto'
attribute.
Note: If you configure the parameter to Yes, the following IP Profile
parameters must be configured as follows:
IpProfile_EnableSymmetricMKI configured to Enable [1].
IpProfile_MKISize configured to 0.
IpProfile_SBCEnforceMKISize configured to Enforce [1].
SBC Early Media
To Next Page
Loading...
