User's Manual 332 Document #: LTRT-27045
Mediant 1000B Gateway & E-SBC
Parameter Description
Context is configured for the Proxy Set associated with the call.
 To configure TLS Contexts, see ''Configuring SSL/TLS
Certificates'' on page 103.
TLS Mutual Authentication
tls-mutual-auth
[SIPInterface_TLSMutualAuth
entication]
Enables TLS mutual authentication for the SIP Interface (when the
device acts as a server).
 [0]
Disable = Device does not request the client certificate for TLS
connection on the SIP Interface.
 [1] Enable = Device requires receipt and verification of the client
certificate to establish the TLS connection on the SIP Interface.
By default, no value is defined and the SIPSRequireClientCertificate
global parameter setting is applied.
Message Policy
message-policy
[SIPInterface_MessagePolicy
Name]
Assigns a SIP message policy to the SIP interface.
To configure SIP Message Policy rules, see ''Configuring SIP
Message Policy Rules''.
User Security Mode
block-un-reg-users
[SIPInterface_BlockUnRegUs
ers]
Defines the blocking (reject) policy for incoming SIP dialog-initiating
requests (e.g., INVITE messages) from registered and unregistered
users belonging to the SIP Interface.
 [-1] Not Configured = (Default) The corresponding parameter in
the SRDs table (SRD_BlockUnRegUsers) of the SRD that is
associated with the SIP Interface is applied.
 [0] Accept All = Accepts requests from registered and
unregistered users.
 [1] Accept Registered Users = Accepts requests only from users
registered with the device. Requests from users not registered
are rejected.
 [2] Accept Registered Users from Same Source = Accepts
requests only from registered users whose source address is the
same as that registered with the device (during the REGISTER
message process). All other requests are rejected. The device
verifies whether the IP address and port are different only if the
transport protocol is UDP; otherwise, the device verifies only the
IP address. The verification is performed before any of the
device's call handling processes (i.e., Classification, Manipulation
and Routing).
Note:
 The parameter is applicable only to calls belonging to User-type
IP Groups.
 The feature is not applicable to REGISTER requests.
 The option, Accept Registered Users from Same Source [2] does
not apply to registration refreshes. These requests are accepted
even if the source address is different to that registered with the
device.

When the device rejects a call, it sends a SIP 500 "Server Internal
Error" response to the user. In addition, it reports the rejection
(Dialog establish failure - Classification failure) using the Intrusion
Detection System (IDS) feature (see Configuring IDS Policies on
page
169), by sending an SNMP trap.
 If you configure the parameter to any value other than default [-
it overrides the corresponding parameter in the SRDs table
(SRD_BlockUnRegUsersInterface) for the SRD associated with
To Next Page
Loading...
Need help?
General
