Skip to end of metadata
Go to start of metadata

 

The SBC Core supports local authentication autonomously on a per-IP trunk group basis in situations where an IP-PBX does not perform a registration and the service provider does not require/want registrations. This functionality is accomplished using the authentication configurable to the ingress IP Peer and/or ingress IP Trunk Group (IPTG) as described below.

Additionally, the IP Signaling Profile relay flag statusCode4xx6xx should be enabled on egress leg of the call to relay error status codes.

The CLI syntax for this configuration is shown below:

CLI Syntax
% set addressContext <addressContext name> zone <zone name> sipTrunkGroup <SIP trunkgroup name> signaling authentication
    authPassword <authentication password for trunkgroup> 
    authUserPart <userPart used for authentication> 
    intChallengeResponse <enabled | disabled> 
    incInternalCredentials <enabled | disabled> 

% set profiles signaling ipSignalingProfile <profile_name> commonIpAttributes relayFlags statusCode4xx6xx <disable | enable>

Egress Trunk Group

  • Define authentication password (authPassword) used when replying to local authentication requests.
  • Define authentication user part (authUserPart) used when replying to local authentication requests.
  • Enable IP Signaling Profile relay flag statusCode4xx6xx to relay error status codes.

Ingress Trunk Group

  • Set authentication flag to choose whether to reply to authentication locally (intChallengeResponse) if credentials are configured on the egress IPTG.
  • Set authentication flag to choose whether to include credentials (incInternalCredentials) in subsequent mid-dialog requests before they are challenged if the dialog initiating INVITE was challenged.

IP Peer

  • Set flag to choose whether to reply to authentication locally (intChallengeResponse) if credentials are configured on the egress IPTG.
  • Set flag to choose whether to include credentials (incInternalCredentials) in subsequent mid-dialog requests before they are challenged if the dialog initiating INVITE was challenged.

The SBC supports local authentication for dialog initiating INVITE, dialog initiating SUBSCRIBE, mid-dialog INVITE, mid-dialog INFO, mid-dialog REFER, mid-dialog MESSAGE, initial REGISTER, refresh REGISTER, UPDATE, PUBLISH, out-of-dialog REFER, out-of-dialog MESSAGE, BYE and PRACK.