Customizing the Product Name ................64 6.2.3 Customizing the Browser Tab Label ................65 6.2.4 Customizing the Favicon ..................66 6.2.5 Creating a Login Welcome Message ...............68 Configuring Additional Management Interfaces ............ 69 Configuring Management User Accounts ............. 70 Version 7.2 Mediant 4000 SBC...
Page 4
Mediant 4000 SBC Displaying Login Information upon Login .............. 75 Viewing Logged-In User Information ..............76 Configuring Web Session and Access Settings ............ 76 Changing Login Password for Administrator and Monitor Users ......77 Configuring Secured (HTTPS) Web ..............78 6.10 Web Login Authentication using Smart Cards............
Page 5
12.3 Configuring the Time Zone ................. 161 12.4 Configuring Daylight Saving Time ............... 162 General VoIP Configuration ..................163 13 Security ......................165 13.1 Configuring Firewall Settings ................165 13.2 Configuring General Security Settings ..............170 13.3 Intrusion Detection System ................. 171 Version 7.2 Mediant 4000 SBC...
Page 7
15.8.2.2 Adding ELINs to the Location Information Server ........294 15.8.2.3 Passing Location Information to the PSTN Emergency Provider ..295 15.8.3 AudioCodes ELIN Device for Skype for Business E9-1-1 Calls to PSTN .....296 15.8.3.1 Detecting and Handling E9-1-1 Calls .............297 Version 7.2...
Page 8
15.8.3.3 PSAP Callback to Skype for Business Clients for Dropped E9-1-1 Calls 15.8.3.4 Selecting ELIN for Multiple Calls within Same ERL .......300 15.8.4 Configuring AudioCodes ELIN Device ..............301 15.8.4.1 Enabling the E9-1-1 Feature ..............301 15.8.4.2 Configuring the E9-1-1 Callback Timeout ..........301 15.8.4.3 Configuring SBC IP-to-IP Routing Rule for E9-1-1 ........301...
Page 11
33.1.2.3 Step 3: Initialize HA on the Devices ............616 33.2 Configuration while HA is Operational ..............616 33.3 Configuring Firewall Allowed Rules ..............618 33.4 Monitoring IP Entities and HA Switchover upon Ping Failure ......619 Version 7.2 Mediant 4000 SBC...
Page 12
Mediant 4000 SBC 34 HA Maintenance ....................623 34.1 Maintenance of Redundant Device ..............623 34.2 Replacing a Failed Device .................. 623 34.3 Initiating an HA Switchover ................. 623 34.4 Resetting the Redundant Unit ................624 34.5 Software Upgrade ....................624 34.6 Disconnecting and Reconnecting HA ..............
Page 13
41.1.1.1 Provisioning the Device using DHCP Option 160 ........670 41.1.2 HTTP-based Provisioning ..................671 41.1.3 FTP-based Provisioning ..................672 41.1.4 Provisioning using AudioCodes OVOC ..............672 41.2 HTTP/S-Based Provisioning using the Automatic Update Feature ...... 672 41.2.1 Files Provisioned by Automatic Update ..............673 41.2.2 File Location for Automatic Update ...............674...
Page 14
53.2 Configuring Syslog ..................... 794 53.2.1 Syslog Message Format ..................794 53.2.1.1 Event Representation in Syslog Messages..........796 53.2.1.2 Identifying AudioCodes Syslog Messages using Facility Levels....798 53.2.1.3 Syslog Fields for Answering Machine Detection (AMD) ......798 53.2.1.4 SNMP Alarms in Syslog Messages ............799 53.2.2 Enabling Syslog .....................799...
Page 15
61.2.5 NAT Parameters ....................855 61.2.6 DNS Parameters ....................856 61.2.7 DHCP Parameters ....................857 61.2.8 NTP and Daylight Saving Time Parameters ............859 61.3 Debugging and Diagnostics Parameters ............. 861 61.3.1 General Parameters ....................861 61.3.2 SIP Test Call Parameters ..................861 Version 7.2 Mediant 4000 SBC...
Page 17
Customer Support Customer technical support and services are provided by AudioCodes or by an authorized AudioCodes Service Partner. For more information on how to buy technical support for AudioCodes products and for contact information, please visit our Web site at https://www.audiocodes.com/services-support/maintenance-and-support.
Page 18
Some of the features listed in this document are available only if the relevant License Key has been purchased from AudioCodes and installed on the device. For a list of License Keys that can be purchased, please consult your AudioCodes sales representative.
Page 19
Routing (IP Group load balancing); MAC Address Placeholder in Configuration File Name; VoIPerfect; Technical Specifications (AMR-WB removed). New sections: Configuring IP Group Sets. Updated parameters: SIPInterface_SBCDirectMedia; IPProfile_SBCDirectMediaTag; IpProfile_DisconnectOnBrokenConnection; IP2IPRouting_DestType; IPOutboundManipulation_PrivacyRestrictionMode; BrokenConnectionEventTimeout. New parameters: IP2IPRouting_IPGroupSetName; EnableNonCallCdr; PGroupSet; IPGroupSetMember; NoRTPDetectionTimeout; DisconnectOnBrokenConnection; BrokenConnectionEventTimeout. Version 7.2 Mediant 4000 SBC...
Page 20
Mediant 4000 SBC LTRT Description Patch version 7.20A.100. 41733 Updated sections: CLI (telnet removed); Areas of the GUI (SBC Wizard); Assigning Rows from Other Tables (search, add new, and view); Invalid Value Indications; Creating a Login Welcome Message; Configuring Management User Accounts (CLI);...
Page 22
Mediant 4000 SBC LTRT Description Enabling LDAP Searches for Numbers with Characters; Microsoft Skype for Business Presence of Third-Party Endpoints; Configuring the Device for Skype for Business Presence (example); Configuring Media Realm Extensions; Configuring Firewall Allowed Rules; Configuring SBC IP-to-IP Routing (back to the sender);...
Page 24
Mediant 4000 SBC Documentation Feedback AudioCodes continually strives to produce high quality documentation. If you have any comments (suggestions or errors) regarding this document, please fill out the Documentation Feedback form site https://online.audiocodes.com/documentation-feedback. User's Manual Document #: LTRT-42025...
User's Manual 1. Introduction Introduction This User's Manual describes how to configure and manage your AudioCodes product (hereafter, referred to as device). This document is intended for the professional person responsible for installing, configuring and managing the device. Product Overview AudioCodes Mediant 4000 Session Border Controller (SBC), hereafter referred to as device, is a mid-to-high scale capacity member of AudioCodes’...
Mediant 4000 SBC Typographical Conventions This document uses the following typographical conventions to convey information: Table 1-1: Typographical Conventions Convention Description Example Boldface font Used for the following Web Click the Add button. interface elements: Buttons Selectable parameter values ...
The Media Realm can be associated with the SIP entity, by assigning the Media Realm to the IP Group of the SIP entity, or by assigning it to the SIP Interface associated with the SIP entity. The SRD is a logical representation of your entire SIP-based VoIP Version 7.2 Mediant 4000 SBC...
Page 28
Mediant 4000 SBC Configuration Terms Description network (Layer 5) containing groups of SIP users and servers. The SRD is in effect, the foundation of your configuration to which all other previously mentioned configuration entities are associated. For example, if your VoIP network consists of three SIP entities -- a SIP Trunk, a LAN IP PBX, and remote WAN users -- the three SIP Interfaces defining these Layer-3 networks would all assigned to the same SRD.
Page 29
"served" IP Group. Authentication (SIP 401) is typically relevant for INVITE messages forwarded by the device to a "serving" IP Group. Registration is for REGISTER messages, which are initiated by the device on behalf of the "serving" SIP entity. Version 7.2 Mediant 4000 SBC...
Page 30
Mediant 4000 SBC The associations between the configuration entities are summarized in the following figure: Figure 1-1: Association of Configuration Entities The main configuration entities and their involvement in the call processing is summarized in following figure. The figure is used only as an example to provide basic understanding of the configuration terminology.
User's Manual 2. Introduction Introduction This part describes how to initially access the device's management interface and change its default IP address to correspond with your networking scheme. Version 7.2 Mediant 4000 SBC...
Page 34
Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-42025...
OAMP + Media + Control IP Address 192.168.0.2 (IP address assigned to the first Ethernet Port Group (top-left ports 1 & 2) Prefix Length 24 (255.255.255.0) Default Gateway 192.168.0.1 Ethernet Device vlan 1 Interface Name O+A+M+P Version 7.2 Mediant 4000 SBC...
Page 36
Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-42025...
Ethernet cable. Change the IP address and subnet mask of your computer to correspond with the default OAMP IP address and subnet mask of the device. Version 7.2 Mediant 4000 SBC...
Page 38
Mediant 4000 SBC Access the Web interface: On your computer, start a Web browser and in the URL address field, enter the default IP address of the device; the Web interface's Web Login screen appears: Figure 4-1: Web Login Screen In the 'Username' and 'Password' fields, enter the case-sensitive, default login username ("Admin") and password ("Admin").
At the prompt, type the password (default is "Admin" - case sensitive): Password: Admin At the prompt, type the following: enable At the prompt, type the password again: Password: Admin Access the Network configuration mode: # configure network Access the IP Interfaces table: Version 7.2 Mediant 4000 SBC...
Page 40
Mediant 4000 SBC (config-network)# interface network-if 0 Configure the IP address: (network-if-0)# ip-address <IP address> Configure the prefix length: (network-if-0)# prefix-length <prefix length / subnet mask, e.g., 16> Configure the Default Gateway address: (network-if-0)# gateway <IP address> Apply your settings: (network-if-0)# activate Cable the device to your network.
Configuration ini file - see ''INI File-Based Management'' on page 95 Note: • Some configuration settings can only be done using a specific management tool. • For a list and description of all the configuration parameters, see ''Configuration Parameters Reference'' on page 835. Version 7.2 Mediant 4000 SBC...
Page 44
Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-42025...
(Versions 5.02 or later) ® • Google Chrome (Version 50 or later) Recommended screen resolutions: 1024 x 768 pixels, or 1280 x 1024 pixels Note: Your Web browser must be JavaScript-enabled to access the Web interface. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 6.1.2 Accessing the Web Interface The following procedure describes how to access the Web interface. To access the Web interface: Open a standard Web browser. In the Web browser, specify the OAMP IP address of the device (e.g., http://10.1.10.10);...
The areas of the Web interface's GUI are shown in the figure below and described in the subsequent table. Figure 6-2: Main Areas of the Web Interface GUI Table 6-1: Description of the Web GUI Areas Item # Description Company logo. Menu bar containing the menus. Version 7.2 Mediant 4000 SBC...
Page 48
Mediant 4000 SBC Item # Description Toolbar providing frequently required command buttons. Save: Saves configuration changes to the device's flash memory (without resetting the device). If you make a configuration change, the button is surrounded by a red-colored border as a reminder to save your settings to flash memory, by clicking the button.
The items of the Navigation tree depend on the menu-tab combination, selected from the menu bar and tab bar, respectively. The menus and their respective tabs are listed below: Setup menu: • IP Network tab • Signaling & Media tab Version 7.2 Mediant 4000 SBC...
Page 50
Mediant 4000 SBC • Administration tab Monitor menu: Monitor tab Troubleshoot menu: Troubleshoot tab When you open the Navigation tree, folders containing commonly required items are opened by default, allowing quick access to their pages. Items that open pages containing tables provide the following indications in the Navigation tree: ...
Modify the parameter's value as desired. Click Apply; the changes are saved to the device's volatile memory (RAM). Save the changes to the device's non-volatile memory (flash): • If a device reset is not required: Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC On the toolbar, click Save; a confirmation message box appears: Figure 6-4: Save Configuration Confirmation Box Click Yes to confirm; the changes are save to flash memory. • If a device reset is required: On the toolbar, click Reset; the Maintenance Actions page opens.
Configure the parameters of the row as desired. For information on configuring parameters that are assigned a value which is a row referenced from another table, see ''Assigning Rows from Other Tables'' on page 54. Version 7.2 Mediant 4000 SBC...
Page 54
Mediant 4000 SBC Click Apply to add the row to the table or click Cancel to ignore your configuration. If the Save button is surrounded by a red border, you must save your settings to flash memory, otherwise they are discarded if the device resets (without a save to flash) or powers off.
6.1.6.3 Deleting Table Rows The following procedure describes how to delete a row from a table. To delete a table row: Select the row that you want to delete. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Click the delete icon, located on the table's toolbar; a confirmation message box appears requesting you to confirm deletion, as shown in the example below: Click Yes, Delete; the row is removed from the table and the total number of configured rows that is displayed next to the page title and page item in the Navigation tree is updated to reflect the deletion.
Page 57
Proxy Set #0 with indicating that it has an invalid parameter value, and Proxy Set #1 with indicating that it has a parameter that is referenced to a row of another table that has an invalid value: Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Figure 6-13: Invalid Icon Display in Drop-Down List of Parameter Referencing Other Rows Note: If you assign a non-mandatory parameter with a referenced row and then later delete the referenced row (in the table in which the row is configured), the parameter's value automatically changes to an empty field (i.e., no row assigned).
Changing row position is supported only by certain tables (e.g., IP-to-IP Routing table). To change the position of a row: Click the 'Index' column header so that the rows are sorted in ascending order (e.g., 0. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 1, 2, and so on). Select the row that you want to move. Do one of the following: • To move one index up (e.g., from Index 3 to 2): Click the up arrow; the row moves one index up in the table (e.g., to 2) and the row that originally occupied the index is moved one index down (e.g., to 3).
• Parameter's value • Brief description of parameter Figure 6-17: Search Result Window Click the link of the navigation path corresponding to the required found parameter to open the page on which the parameter appears. Version 7.2 Mediant 4000 SBC...
The product name also affects other management interfaces. • In addition to Web-interface customization, you can customize the following to reference your company instead of AudioCodes: √ SNMP Interface: Product system OID (see the SNMPSysOid parameter) and trap Enterprise OID (see the SNMPTrapEnterpriseOid parameter).
User's Manual 6. Web-Based Management 6.2.1 Replacing the Corporate Logo You can replace the default corporate logo image (i.e., AudioCodes logo) that is displayed in the Web interface. The logo appears in the following Web areas: Web Login screen: Figure 6-20: Corporate Logo on Web Login Screen ...
Mediant 4000 SBC Note: • The logo image file type can be GIF, PNG, JPG, or JPEG. • The logo image must have a fixed height of 24 pixels. The width can be up to 199 pixels (default is 145).
You can customize the label that appears on the tab of the Web browser that you use to open the device's Web interface. By default, the tab displays "AudioCodes". You can change this to display either the IP address of the device or any customized text.
Web interface (see Replacing the Corporate Logo with an Image on page 63). • If you are using the default AudioCodes corporate logo image in the Web interface, you can only customize the tab to display "AudioCodes" or the IP address.
Page 67
Access the device's command shell interface, by appending "FAE" (case-sensitive) to the device's IP address in your browser's URL address field (i.e., <IP address>/FAE). Click Cmd Shell. In the 'Command Line' field, type the following, and then click Enter: CTACI FAVICON Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 6.2.5 Creating a Login Welcome Message You can create a personalized welcome message that is displayed on the Web Login screen. The message always begins with the title "Note" and has a color background, as shown in the example below: Figure 6-27: Creating Login Welcome Message ...
Figure 6-28: Additional Management Interfaces Table - Add Dialog Box Configure an additional management interface according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Additional Management Interfaces Table Parameter Descriptions Parameter Description General Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description Index Defines an index number for the new table row. [AdditionalManagementInt Note: Each row must be configured with a unique index. erfaces_Index] Interface Name Assigns an IP network interface (from the IP Interfaces table) to the management interface.
Page 71
You can define additional Web user accounts using a RADIUS server (see ''RADIUS Authentication'' on page 233). The following procedure describes how to configure user accounts through the Web interface. You can also configure it through ini file (WebUsers) or CLI (configure system > user). Version 7.2 Mediant 4000 SBC...
Page 72
Mediant 4000 SBC To configure management user accounts: Open the Local Users table (Setup menu > Administration tab > Web & CLI folder > Local Users). Click New; the following dialog box is displayed: Figure 6-29: Local Users Table - Dialog Box Configure a user account according to the parameters described in the table below.
Page 73
Access Settings' on page 76). These users can log in only after a user-defined timeout configured by the 'Block Duration' parameter (see below) or if their status is changed (to New or Valid) by a Security Administrator or Master. Version 7.2 Mediant 4000 SBC...
Page 74
Mediant 4000 SBC Parameter Description Inactivity = The state is automatically set for users that have not accessed the Web interface for a user-defined number of days, set by the 'User Inactivity Timer' (see 'Configuring Web Session and Access Settings' on page 76). These users can only log in to the Web interface if their status is changed (to New or Valid) by a System Administrator or Master.
Enable. Click Apply. Once enabled, each time you login to the device, the Login Information window is displayed, as shown in the example below: Figure 6-30: Login Information Window To close the window, click Close. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Viewing Logged-In User Information The username of the currently logged in user is displayed in the top-right corner of the Web interface. If you click the username (e.g., "Admin"), a pop-up callout appears: Figure 6-31: Logged-in User Information The following information is displayed: ...
Local Users table (see ''Configuring Management User Accounts'' on page 70). • You can only change the password if the duration configured in the 'Password Change Interval' has elapsed (see ''Configuring Web Session and Access Settings'' on page 76). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC To change the login password: Open the Web Settings page (Setup menu > Administration tab > Web & CLI folder > Web Settings). Figure 6-34: Changing Login Password for Administrator and Monitor User Levels In the 'Current Password' field, type in your current login password.
Page 79
This feature is enabled using the EnableMgmtTwoFactorAuthentication parameter. Note: For specific integration requirements for implementing a third-party smart card for Web login authentication, contact your AudioCodes representative. To log in to the Web interface using CAC: Insert the Common Access Card into the card reader.
Mediant 4000 SBC 6.11 Configuring Web and Telnet Access List The Access List table lets you restrict access to the device's management interfaces (Web, Telnet and SSH) by specifying IP addresses (up to ten) of management clients that are permitted to access the device. Access to the device's management interfaces from undefined IP addresses is denied.
CLI Settings). Configure the following parameters: • 'Embedded Telnet Server': Select Enable Unsecured or Enable Secured (i.e, SSL) to enable Telnet. • 'Telnet Server TCP Port': Enter the port number of the embedded Telnet server. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC • 'Telnet Server Idle Timeout': Enter the duration of inactivity in the Telnet session after which the session automatically ends. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. For a detailed description of the Telnet parameters, see ''Telnet Parameters'' on page 841.
Page 83
Under the 'Authentication parameters' group, click Browse and then locate the private key file that you created and saved in Step 4. Connect to the device with SSH using the username "Admin"; RSA key negotiation Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC occurs automatically and no password is required. To configure RSA public keys for Linux (using OpenSSH 4.3): Run the following command to create a new key in the admin.key file and to save the public portion to the admin.key.pub file: ssh-keygen -f admin.key -N ""...
The current session from which this show command was run is displayed with an asterisk (*). Note: The device can display management sessions of up to 24 hours. After this time, the duration counter is reset. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Terminating a User's CLI Session You can terminate users that are currently logged in to the device's CLI. This applies to users logged in to the CLI through RS-232 (console), Telnet, or SSH. To terminate the CLI session of a specific CLI user: Establish a CLI session with the device.
8. SNMP-Based Management SNMP-Based Management The device provides an embedded SNMP agent that lets you manage it using AudioCodes One Voice Operations Center (OVOC) or a third-party SNMP manager. The SNMP agent supports standard and proprietary Management Information Base (MIBs). All supported MIB files are supplied to customers as part of the release.
Page 88
Mediant 4000 SBC For detailed descriptions of the SNMP parameters, see ''SNMP Parameters'' on page 842. To configure SNMP community strings: Open the SNMP Community Settings page (Setup menu > Administration tab > SNMP folder > SNMP Community Settings).
SNMPv3 destination. By default, traps are sent unencrypted using SNMPv2. The following procedure describes how to configure SNMP trap destinations through the Web interface. You can also configure it through ini file (SNMPManager) or CLI (configure system > snmp trap-destination). Version 7.2 Mediant 4000 SBC...
Page 90
Mediant 4000 SBC To configure SNMP trap destinations: Open the SNMP Trap Destinations table (Setup menu > Administration tab > SNMP folder > SNMP Trap Destinations). Figure 8-2: SNMP Trap Destinations Table Configure the SNMP trap manager according to the table below.
(as long as the community string is correct). The following procedure describes how to configure SNMP Trusted Managers through the Web interface. You can also configure it through ini file (SNMPTrustedMgr_x) or CLI (configure system > snmp settings > trusted-managers). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC To configure SNMP Trusted Managers: Open the SNMP Trusted Managers table (Setup menu > Administration tab > SNMP folder > SNMP Trusted Managers). Figure 8-3: SNMP Trusted Managers Table Configure an IP address (in dotted-decimal notation) for one or more SNMP Trusted Managers.
Page 93
[0] None (default) [1] DES [SNMPUsers_PrivProtocol] [2] 3DES [3] AES-128 [4] AES-192 [5] AES-256 Authentication Key Authentication key. Keys can be entered in the form of a text password Version 7.2 Mediant 4000 SBC...
Page 94
Mediant 4000 SBC Parameter Description auth-key or long hex string. Keys are always persisted as long hex strings and keys are localized. [SNMPUsers_AuthKey] Privacy Key Privacy key. Keys can be entered in the form of a text password or long hex string. Keys are always persisted as long hex strings and priv-key keys are localized.
An exception is Index fields, which are mandatory. • The Format line must end with a semicolon ";". Data line(s): Contain the actual values of the columns (parameters). The values are interpreted according to the Format line. Version 7.2 Mediant 4000 SBC...
Page 96
Mediant 4000 SBC • The first word of the Data line must be the table’s string name followed by the Index field. • Columns must be separated by a comma ",". • A Data line must end with a semicolon ";".
(!), for example: !CpMediaRealm 1 = "ITSP", "Voice", "", 60210, 2, 6030, 0, "", ""; • To restore the device to default settings through the ini file, see ''Restoring Factory Defaults'' on page 701. Version 7.2 Mediant 4000 SBC...
The file may be loaded to the device using HTTP. These protocols are not secure and are vulnerable to potential hackers. To overcome this security threat, the AudioCodes DConvert utility allows you to binary-encode (encrypt) the ini file before loading it to the device.
Page 99
$0$<plain text>: Password can be entered in plain text; useful for configuring a new password. When the ini file is loaded to the device and then later saved from the device to a PC, the password is displayed obscured (i.e., $1$<obscured password>). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC INI Viewer and Editor Utility AudioCodes INI Viewer & Editor utility provides a user-friendly graphical user interface (GUI) that lets you easily view and modify the device's ini file. This utility is available from AudioCodes Web site at www.AudioCodes.com/downloads, and can be installed on any Windows-based PC.
You can configure the device to check whether a peer's certificate has been revoked, using the OCSP. When OCSP is enabled, the device queries the OCSP server for revocation information whenever a Version 7.2 Mediant 4000 SBC...
Page 104
Mediant 4000 SBC peer certificate is received (TLS client mode, or TLS server mode with mutual authentication). Note: • The device does not query OCSP for its own certificate. • Some PKIs do not support OCSP, but generate Certificate Revocation Lists (CRLs).
Page 105
Defines the Datagram Transport Layer Security (DTLS) version, which is used to negotiate keys for SBC calls. [TLSContexts_DTLSVersion] [0] Any (default) [1] DTLSv1.0 [2] DTLSv1.2 DTLS secures UDP-based media streams (according to RFC 5763 Version 7.2 Mediant 4000 SBC...
Page 106
Mediant 4000 SBC Parameter Description and 5764). For more information on DTLS, see SRTP using DTLS Protocol on page 207. Cipher Server Defines the supported cipher suite for the TLS server (in OpenSSL cipher list format). ciphers-server The default is AES:RC4. For valid values, visit the OpenSSL website [TLSContexts_ServerCipherSt at https://www.openssl.org/docs/man1.0.2/apps/ciphers.html.
From the 'Signature Algorithm' drop-down list, select the hash function algorithm (SHA-1, SHA-256, or SHA-512) with which to sign the certificate. Fill in the rest of the request fields according to your security provider's instructions. Version 7.2 Mediant 4000 SBC...
Page 108
Mediant 4000 SBC Click the Create CSR button; a textual certificate signing request is displayed in the area below the button: Figure 10-1: Certificate Signing Request Group Copy the text and send it to your security provider (CA) to sign this request.
Page 109
• The certificate replacement process can be repeated whenever necessary (e.g., the new certificate expires). • You can also load the device certificate through the device's Automatic Provisioning mechanism, using the HTTPSCertFileName ini file parameter. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 10.3 Viewing Certificate Information You can view information of TLS certificates installed on the device per TLS Context. To view certificate information: Open the TLS Contexts table (see ''Configuring TLS Certificate Contexts'' on page 103). Select a TLS Context row, and then click the Certificate Information link located below the table;...
Browse button corresponding to the 'Send Device Certificate file ...' text. After the files successfully load to the device, save the configuration with a device reset. Verify that the private key is correct: Open the TLS Contexts table. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Select the required TLS Context index row. Click the Certificate Information link located below the table. Make sure that the 'Private key' field displays "OK"; otherwise (i.e., displays "Does not match certificate"), consult with your security administrator.
In the table, select the required TLS Context index row, and then click the Change Certificate link located below the table; the Change Certificates page appears. Under the Certificate Signing Request group, in the 'Subject Name [CN]' field, enter the fully-qualified DNS name (FQDN) as the certificate subject. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Scroll down the page to the Generate New Private Key and Self-signed Certificate group: Figure 10-8: Generate new private key and self-signed certificate Group Click Generate Self-Signed Certificate; a message appears requesting you to confirm generation. Click OK to confirm generation; the device generates a new self-signed certificate...
Page 115
Save certificates to a folder on your PC: Select the required certificate, click Export, and then in the Export Certificate dialog box, browse to the folder on your PC where you want to save the file and click Export. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 10.8 Configuring Mutual TLS Authentication This section describes how to configure mutual (two-way) TLS authentication. 10.8.1 TLS for SIP Clients When Secure SIP (SIPS) is implemented using TLS, it is sometimes required to use two- way (mutual) authentication between the device and a SIP user agent (client). When the device acts as the TLS server in a specific connection, the device demands the authentication of the SIP client’s certificate.
Open the TLS Contexts table (see ''Configuring TLS Certificate Contexts'' on page 103). Select the required TLS Context index row, and then click the Change Certificate link located below the table; the Change Certificates page appears. Version 7.2 Mediant 4000 SBC...
Page 118
Mediant 4000 SBC Scroll down the page to the TLS Expiry Settings group: Figure 10-12: TLS Expiry Settings Group In the 'TLS Expiry Check Start' field, enter the number of days before the installed TLS server certificate is to expire when the device sends an SNMP trap event to notify of this.
The areas of the Network view is shown in the example below and described in the subsequent table. Note: The below figure is used only as an example; your device may show different Ethernet Groups and Ethernet ports. Figure 11-1: Network View (Example) Version 7.2 Mediant 4000 SBC...
Page 120
Mediant 4000 SBC Table 11-1: Description of Network View Item # Description Configures and displays IP Interfaces. The IP Interface appears as an icon, displaying the application type ("OCM" for OAMP, "C" for Control, and "M" for Media), row index number, name, and IP address, as shown in the...
Page 121
125. To open the Ethernet Groups table, click any Ethernet Group icon, and then from the drop- down menu, choose View List. You can then view and edit all the Ethernet Groups in the table. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Item # Description Configures and displays the device's Ethernet ports. To configure an Ethernet port: Click the required port icon, and then from the drop-down menu, choose Edit; the Physical Ports table opens with a dialog box for editing the Ethernet port.
Page 123
Open the Physical Ports table (Setup menu > IP Network tab > Core Entities folder > Physical Ports). Select a port that you want to configure, and then click Edit; the following dialog box appears: Version 7.2 Mediant 4000 SBC...
Page 124
Mediant 4000 SBC Configure the port according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 11-2: Physical Ports Table Parameter Descriptions Parameter Description General Index (Read-only) Displays the index number for the table row.
Ports with the same MAC address (e.g., GE 1-4 ports) must each be connected to a different Layer-2 switch. • When implementing 1+1 Ethernet port redundancy, each port in the Ethernet Group (port pair) must be connected to a different switch (but in the same subnet). Version 7.2 Mediant 4000 SBC...
Page 126
Mediant 4000 SBC To configure Ethernet Groups: Open the Ethernet Groups table (Setup menu > IP Network tab > Core Entities folder > Ethernet Groups). Select the Ethernet Group that you want to configure, and then click Edit; the following...
Note: You cannot delete an Ethernet Device that is associated with an IP network interface (in the IP Interfaces table). You can only delete it once you have disassociated it from the IP network interface. Version 7.2 Mediant 4000 SBC...
Page 128
Mediant 4000 SBC The following procedure describes how to configure Ethernet Devices through the Web interface. You can also configure it through ini file (DeviceTable) or CLI (configure network > network-dev). To configure an Ethernet Device: Open the Ethernet Devices table (Setup menu > IP Network tab > Core Entities folder >...
This can be achieved by employing Layer-2 VLANs and Layer-3 subnets. The figure below illustrates a typical network architecture where the device is configured with Version 7.2 Mediant 4000 SBC...
Page 130
Mediant 4000 SBC three network interfaces, each representing the OAMP, call control, and media applications. The device is connected to a VLAN-aware switch for directing traffic from and to the device to the three separated Layer-3 broadcast domains according to VLAN tags (middle pane).
Page 131
Open the IP Interfaces table (Setup menu > IP Network tab > Core Entities folder > IP Interfaces). Click New; the following dialog box appears: Figure 11-3: IP Interfaces Table - Dialog Box Configure the IP network interface according to the parameters described in the table below. Click Apply. Version 7.2 Mediant 4000 SBC...
Page 132
Mediant 4000 SBC Note: • If you modify the OAMP interface's address, after clicking Apply you will lose connectivity with the device and need to access the device with the new address. • If you edit or delete an IP interface, current calls using the interface are immediately terminated.
Page 133
When traffic is sent from this interface to an unknown gateway destination (i.e., not in the same subnet and not defined for any [InterfaceTable_Gateway] static routing rule), it is forwarded to this default gateway. By default, no value is defined. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description Primary DNS Defines the primary DNS server's IP address (in dotted-decimal notation), which is used for translating domain names into IP primary-dns addresses for the interface. [InterfaceTable_PrimaryDNSServe By default, no IP address is defined. rIPAddress]...
OAMP, one for Call Control, and one for RTP Media, and each with a different VLAN ID and default gateway: Table 11-8: Example of VoIP Interfaces per Application Type in IP Interfaces table Application Interface Prefix Default Ethernet Index IP Address Name Type Mode Length Gateway Device Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Application Interface Prefix Default Ethernet Index IP Address Name Type Mode Length Gateway Device OAMP IPv4 192.168.0.2 192.168.0.1 ManagementIF Manual Control IPv4 200.200.85.14 200.200.85.1 myControlIF Manual Media IPv4 211.211.85.14 211.211.85.1 myMediaIF Manual Static Routes table: A routing rule is required to allow remote management from a host in 176.85.49.0 / 24:...
The Static Routes table lets you configure up to 30 static IP routing rules. Static routes let you communicate with LAN networks that are not located behind the Default Gateway that is specified for an IP network interface in the IP Interfaces table, from which the packets Version 7.2 Mediant 4000 SBC...
Page 138
Mediant 4000 SBC are sent. Before sending an IP packet, the device searches the Static Routes table for an entry that matches the requested destination host/network. If an entry is found, the device sends the packet to the gateway that is configured for the static route. If no explicit entry is found, the packet is sent to the Default Gateway as configured for the IP interface in the IP Interfaces table.
Page 139
(using the 'Ethernet Output Device' parameter - see above). The IP network interface associated with the static route must be of the same IP address family (IPv4 or IPv6). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 11.6.1 Configuration Example of Static IP Routes An example of the use for static routes is shown in the figure below. In the example, the device needs to communicate with a softswitch at IP address 10.1.1.10. However, the IP network interface from which packets destined for 10.1.1.10 is sent, is configured to send...
If configured, uses the NAT Translation table which configures NAT per IP network interface - see Configuring NAT Translation per IP Interface on page 142. If NAT is not configured by any of the above-mentioned methods, the device sends the packet according Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC The figure below illustrates the NAT problem faced by SIP networks when the device is located behind a NAT: Figure 11-5: Device behind NAT and NAT Issues 11.7.1.1 Configuring NAT Translation per IP Interface The NAT Translation table lets you configure up to 32 network address translation (NAT) rules for translating source IP addresses into NAT IP addresses (global - public) when the device is located behind NAT.
Page 143
Defines the optional starting port range (0-65535) of the global address. If not configured, the ports are not replaced. target-start-port Matching source ports are replaced with the target ports. [NATTranslation_TargetStartPort] This address is set in the SIP Via and Contact headers and Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description in the 'o=' and 'c=' SDP fields. Target End Port Defines the optional ending port range (0-65535) of the global address. If not configured, the ports are not replaced. target-end-port Matching source ports are replaced with the target ports.
UA. • UA not behind NAT: The device sends the packets to the IP address:port specified in the SDP 'c=' line (Connection) of the first received SIP message. Version 7.2 Mediant 4000 SBC...
Page 146
Mediant 4000 SBC Note: If the SIP session is established (ACK) and the device (not the UA) sends the first packet, it sends it to the address obtained from the SIP message and only after the device receives the first packet from the UA does it determine whether the UA is behind NAT.
Page 147
STUN binding requests sent on the RTP and RTCP ports. ICE tries each candidate and selects the one that works (i.e., media can flow between the clients). The following figure shows a simple illustration of ICE: Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC The device's support for ICE-Lite means that it does not initiate the ICE process. Instead, it supports remote endpoints that initiate ICE to discover their workable public IP address with the device. Therefore, the device supports the receipt of STUN binding requests for connectivity checks of ICE candidates and responds to them with STUN responses.
Page 149
Click New; the following dialog box appears: Figure 11-10: Configuring Class of Service Configure DiffServ values per CoS according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Table 11-17: QoS Settings Parameter Descriptions Parameter Description Media Premium QoS Defines the DiffServ value for Premium Media CoS content. media-qos The valid range is 0 to 63. The default is 46. [PremiumServiceClassMediaDiffServ] Note: You can also configure the the parameter per IP Profile (IpProfile_IPDiffServ).
This feature is applicable to IPv4 and IPv6 addressing schemes. The following procedure describes how to configure ICMP messaging through the Web interface. You can also configure it through ini file - DisableICMPUnreachable (ICMP Unreachable messages) and DisableICMPRedirects (ICMP Redirect messages). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC To configure handling of ICMP messages: Open the Network Settings page (Setup menu > IP Network tab > Advanced folder > Network Settings). Figure 11-12: Configuring ICMP Messaging Under the ICMP group, do the following: •...
11.10.2 Configuring the Internal SRV Table The Internal SRV table resolves host names to DNS A-Records. Three different A-Records can be assigned to each host name, where each A-Record contains the host name, priority, weight, and port. Version 7.2 Mediant 4000 SBC...
Page 154
Mediant 4000 SBC Note: The device first attempts to resolve a domain name using the table. If the domain is not configured in the table, the device performs a Service Record (SRV) resolution using an external DNS server, configured in the IP Interfaces table (see ''Configuring IP Network Interfaces'' on page 129).
Page 155
Defines a relative weight for records with the same priority. weight-1|2|3 By default, no value is defined. [Srv2Ip_Weight1/2/3] Port (1-3) Defines the TCP or UDP port on which the service is to be found. port-1|2|3 By default, no value is defined. [Srv2Ip_Port1/2/3] Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 11.11 Robust Receipt of Media Streams by Media Latching The Robust Media mechanism (or media latching) is an AudioCodes proprietary mechanism to filter out unwanted media (RTP, RTCP, SRTP, SRTCP, and T.38) streams that are sent to the same port number of the device. Media ports may receive additional multiple unwanted media streams (from multiple sources of traffic) as result of traces of previous calls, call control errors, or deliberate malicious attacks (e.g., Denial of Service).
Page 157
User's Manual 11. Network Click Apply, and then save your settings to flash memory. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 11.12 Multiple Routers Support Multiple routers support is designed to assist the device when it operates in a multiple routers network. The device learns the network topology by responding to Internet Control Message Protocol (ICMP) redirections and caches them as routing rules (with expiration time).
• In the 'NTP Authentication Key Identifier' field, configure the NTP authentication key identifier. • In the 'NTP Authentication Secret Key' field, configure the secret authentication key shared between the device and the NTP server. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Verify that the device has received the correct date and time from the NTP server. The date and time is displayed in the 'UTC Time' read-only field under the Time Zone group. Note: If the device does not receive a response from the NTP server, it polls the NTP server for 10 minutes.
UTC. For example, if your region is GMT +1 (an hour ahead), enter "1" in the 'Hours' field. Click Apply; the updated time is displayed in the 'UTC Time' read-only field and the fields under the Local Time group. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 12.4 Configuring Daylight Saving Time You can apply daylight saving time (DST) to the date and time of the device. DST defines a date range in the year (summer) where the time is brought forward so that people can experience more daylight.
The matched rule can permit (allow) or deny (block) the packet. Once a rule in the table is located, subsequent rules further down the table are ignored. If the end of the table is reached without a match, the packet is accepted. Version 7.2 Mediant 4000 SBC...
Page 166
Mediant 4000 SBC Note: • The rules configured by the Firewall table apply to a very low-level network layer and overrides all other security-related configuration. Thus, if you have configured higher-level security features (e.g., on the Application level), you must also configure firewall rules to permit this necessary traffic.
Page 167
The IP address of the sender of the incoming packet is trimmed in accordance with the prefix length (in bits) and then compared to the parameter ‘Source IP’. The default is 0 (i.e., applies to all packets). You must change Version 7.2 Mediant 4000 SBC...
Page 168
Mediant 4000 SBC Parameter Description this value to any of the above options. Note: A value of 0 applies to all packets, regardless of the defined IP address. Therefore, you must set the parameter to a value other than 0.
Page 169
50000 Action Upon Match Allow Allow Allow Allow Block The firewall rules in the above configuration example do the following: Rules 1 and 2: Typical firewall rules that allow packets ONLY from specified IP Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC addresses (e.g., proxy servers). Note that the prefix length is configured. Rule 3: A more "advanced” firewall rule - bandwidth rule for ICMP, which allows a maximum bandwidth of 40,000 bytes/sec with an additional allowance of 50,000 bytes.
IDS rules. Each rule defines a type of malicious attack to detect and the number of attacks during an interval (threshold) before an SNMP trap is sent. Each policy is then applied to a target under attack (SIP interface) and/or source of attack (Proxy Set and/or subnet address). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 13.3.1 Enabling IDS The following procedure describes how to enable IDS. To enable IDS: Open the IDS General Settings page (Setup menu > Signaling & Media tab > Intrusion Detection folder >IDS General Settings). Figure 13-3: Enabling IDS From the 'Intrusion Detection System' drop-down list, select Enable.
Page 173
The valid value is a string of up to 100 characters. [IDSPolicy_Description] In the IDS Policies table, select the required IDS Policy row, and then click the IDS Rule link located below the table; the IDS Rule table opens. Version 7.2 Mediant 4000 SBC...
Page 174
Mediant 4000 SBC Click New; the following dialog box appears: Figure 13-6: IDS Rule Table - Add Dialog Box The figure above shows a configuration example: If 15 malformed SIP messages ('Reason') are received within a period of 30 seconds ('Threshold Window'), a minor alarm is sent ('Minor-Alarm Threshold').
Page 175
[IDSRule_MajorAlarmThreshold] defined. Critical-Alarm Threshold Defines the threshold that if crossed a critical severity alarm is sent. critical-alrm-thr The valid range is 1 to 1,000,000. A value of 0 or -1 means not [IDSRule_CriticalAlarmThreshold] defined. Deny Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description Deny Threshold Defines the threshold that if crossed, the device blocks (blacklists) the remote host (attacker). deny-thr The default is -1 (i.e., not configured). [IDSRule_DenyThreshold] Note: The parameter is applicable only if the 'Threshold Scope' parameter is set to IP or IP+Port.
Page 177
!10.1.0.0/16 & !10.2.2.2: includes all addresses except those of subnet 10.1.0.0/16 and IP address 10.2.2.2. Note that the exclamation mark "!" appears before each subnet. 10.1.0.0/16 & !10.1.1.1: includes subnet 10.1.0.0/16, except IP address 10.1.1.1. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description Policy Assigns an IDS Policy (configured in ''Configuring IDS Policies'' on page 172). policy [IDSMatch_Policy] 13.3.4 Viewing IDS Alarms For the IDS feature, the device sends the following SNMP traps: Traps that notify the detection of malicious attacks: •...
Page 179
Malicious signature pattern detected establish-malicious- signature-db-reject Requests and responses without a matching flow-no-match-tu Abnormal Flow transaction user (except ACK requests) flow-no-match- Requests and responses without a matching transaction transaction (except ACK requests) Version 7.2 Mediant 4000 SBC...
Page 180
Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-42025...
(non-linear) of the received signal (i.e., from the speaker) which find their way from multiple reflections such as walls and windows into the transmitted signal (i.e., microphone). Therefore, the party at the far end hears his / her Version 7.2 Mediant 4000 SBC...
Page 182
Mediant 4000 SBC echo. The device removes these echoes and sends only the near-end’s desired speech signal to the network (i.e., to the far-end party). The echo is composed of a linear part and a nonlinear part. However, in the Acoustic Echo Canceler, a substantial part of the echo is non-linear echo.
During a call, when a fax/modem signal is detected, transition from voice to VBD (or T.38) is automatically performed and no additional SIP signaling is required. If negotiation fails (i.e., no match is achieved for Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC any of the transport capabilities), fallback to existing logic occurs (according to the parameter IsFaxUsed). 14.2.2 Fax/Modem Transport Modes The device supports the following transport modes for fax per modem type (V.22/V.23/Bell/V.32/V.34): T.38 fax relay (see ''T.38 Fax Relay Mode'' on page 184) ...
RTP method is used, whereby the device encapsulates the entire T.38 packet (payload with all its headers) in the sent RTP. For T.38 over RTP, AudioCodes devices use the proprietary identifier "AcUdptl" in the 'a=ftmp' line of the SDP. For example: o=AudiocodesGW 1357424688 1357424660 IN IP4 10.8.6.68...
When the device initiates a fax session using G.711, a ‘gpmd’ attribute is added to the SDP according to the following format: For G.711A-law: a=gpmd:0 vbd=yes;ecan=on For G.711 µ-law: a=gpmd:8 vbd=yes;ecan=on In this mode, the 'Fax Transport Mode' (FaxTransportMode) parameter is ignored and automatically set to Disable (transparent mode). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC To configure fax fallback mode: Open the Gateway General Settings page (Setup menu > Signaling & Media tab > Gateway folder > Gateway General Settings), and then from the 'Fax Signaling Method' drop-down list (IsFaxUsed), select Fax Fallback: Figure 14-8: Configuring Fax Signaling to Fallback Click Apply.
INVITE messages are sent. The voice channel is optimized for fax/modem transmission (same as for usual bypass mode). The parameters defining payload type for AudioCodes proprietary Bypass mode -- 'Fax Bypass Payload Type' (RTP/RTCP Settings page) and ModemBypassPayloadType (ini file) -- are not used with NSE Bypass.
Mediant 4000 SBC Set the 'V.22 Modem Transport Type' parameter to Enable Bypass (V22ModemTransportType = 2). Set the 'V.23 Modem Transport Type' parameter to Enable Bypass (V23ModemTransportType = 2). Set the 'V.32 Modem Transport Type' parameter to Enable Bypass (V32ModemTransportType = 2).
V.34 fax machines can transmit data over IP to the remote side using various methods. The device supports the following modes for transporting V.34 fax data over IP: Bypass mechanism for V.34 fax transmission (see ''Bypass Mechanism for V.34 Fax Transmission'' on page 192) Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC T.38 Version 0 relay mode, i.e., fallback to T.38 (see ''Relay Mode for T.30 and V.34 Faxes'' on page 192) Note: The CNG detector is disabled in all the subsequent examples. To disable the CNG detector, set the 'CNG Detector Mode' parameter (CNGDetectorMode) to Disable.
To minimize this problem, the device uses a jitter buffer. The jitter buffer collects voice packets, stores them and sends them to the voice processor in evenly spaced intervals. The device uses a dynamic jitter buffer that can be configured with the following: Version 7.2 Mediant 4000 SBC...
Page 194
Mediant 4000 SBC Minimum delay: Defines the starting jitter capacity of the buffer. For example, at 0 msec, there is no buffering at the start. At the default level of 10 msec, the device always buffers incoming packets by at least 10 msec worth of voice frames.
However, the port range of the Media Realm must be within the range configured by the BaseUDPPort parameter. The following procedure describes how to configure the RTP base UDP port through the Web interface. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC To configure the RTP base UDP port: Open the RTP/RTCP Settings page (Setup menu > Signaling & Media tab > Media folder > RTP/RTCP Settings). In the 'RTP Base UDP Port' field, configure the lower boundary of the UDP port range.
Page 197
Ringtone the events that you want to detect. Beep (greeting message of Install the CPT file on the device. answering message) Note: To configure beep detection, see Detecting Answering Machine Beep on page 198. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 14.4.1 Detecting Answering Machine Beeps The device can detect the "beep" sound played by an answering machine that indicates the end of the answering machine's greeting message. This is useful in that the device can then notify, for example, a third-party, application server that it can now leave a voice message on the answering machine.
Page 199
The device receives a SIP message containing the X-Detect header from the remote application requesting beep detection: INVITE sip:101@10.33.2.53;user=phone SIP/2.0 Via: SIP/2.0/UDP 10.33.2.53;branch=z9hG4bKac5906 Max-Forwards: 70 From: "anonymous" <sip:anonymous@anonymous.invalid>;tag=1c25298 To: <sip:101@10.33.2.53;user=phone> Version 7.2 Mediant 4000 SBC...
The device's default AMD feature is based on voice detection for North American English (see note below). It uses AudioCodes' sophisticated speech detection algorithms which are based on hundreds of real-life recordings of answered calls by live voice and answering machines in English.
Page 201
AudioCodes sales representative for more information on this service. You will be typically required to provide AudioCodes with a database of recorded voices (calls) in the language on which the device's AMD feature can base its voice detector algorithms.
Page 202
Mediant 4000 SBC Table 14-2: Approximate AMD Normal Detection Sensitivity - Parameter Suite 0 (Based on North American English) Performance AMD Detection Sensitivity Success Rate for Live Calls Success Rate for Answering Machine 0 (Best for Answering Machine) 82.56% 97.10% 85.87%...
(AMDBeepDetectionSensitivity), enter the AMD beep detection sensitivity level. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. For a complete list of AMD-related parameters, see ''IP Media Parameters'' on page 941. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 14.6 Automatic Gain Control (AGC) Automatic Gain Control (AGC) adjusts the energy of the output signal to a required level (volume). This feature compensates for near-far gain differences. AGC estimates the energy of the incoming signal from the IP, determined by the 'AGC Redirection' parameter, calculates the essential gain, and then performs amplification.
SDP offer 'a=crypto' line in the SDP answer. You can enable symmetric MKI globally (using the EnableSymmetricMKI parameter) or per SIP entity (using the IP Profile parameter, IpProfile_EnableSymmetricMKI and IpProfile_SBCEnforceMKISize). For more information on symmetric MKI, see ''Configuring IP Profiles'' on page 424. Version 7.2 Mediant 4000 SBC...
Page 206
Mediant 4000 SBC configure enforcement policy SRTP, using IpProfile_SBCMediaSecurityBehaviour parameter. For example, if negotiation of the cipher suite fails or if incoming calls exclude encryption information, the device can be configured to reject the calls. You can also enable the device to validate the authentication of packets for SRTP tunneling for RTP and RTCP.
Open the IP Profiles table (see ''Configuring IP Profiles'' on page 424) and for the IP Profile associated with the SIP entity, configure the following: • Configure the 'SBC Media Security Mode' parameter (IPProfile_SBCMediaSecurityBehavior) to SRTP or Both. • Configure the 'Media Security Method' parameter (IPProfile_SBCMediaSecurityMethod) to DTLS. Version 7.2 Mediant 4000 SBC...
Page 208
Mediant 4000 SBC • Configure the 'RTCP Mux' parameter (IpProfile_SBCRTCPMux) to Supported. Multiplexing is required as the DTLS handshake is done for the port used for RTP and thus, RTCP and RTP must be multiplexed onto the same port. •...
DHCP Server Identifier Option 51 IP Address Lease Time Option 1 Subnet Mask Option 3 Router Option 6 Domain Name Server Option 44 NetBIOS Name Server Option 46 NetBIOS Node Type Option 42 Network Time Protocol Server Version 7.2 Mediant 4000 SBC...
Page 210
Mediant 4000 SBC DHCP Option Code DHCP Option Name Option 2 Time Offset Option 66 TFTP Server Name Option 67 Boot file Name Option 120 SIP Server Once you have configured the DHCP server, you can configure the following: ...
Page 211
Note: The IP address must belong to the same subnet as the associated interface’s IP address. End IP Address Defines the ending IP address (IPv4 address in dotted-decimal format) of the IP address pool range used by the DHCP server end-address Version 7.2 Mediant 4000 SBC...
Page 212
Mediant 4000 SBC Parameter Description [DhcpServer_EndIPAddress] to allocate addresses. The default value is 192.168.0.149. Note: The IP address must belong to the same subnet as the associated interface’s IP address and must be "greater or equal" to the starting IP address defined in 'Start IP Address'.
Page 213
SIP requests. The value is sent in DHCP [DhcpServer_SipServer] Option 120 (SIP Server). After defining the parameter, use the 'SIP server type' parameter (see below) to define the type of Version 7.2 Mediant 4000 SBC...
The VCI is a string that identifies the vendor and functionality of a DHCP client to the DHCP server. For example, Option 60 can show the unique type of hardware (e.g., "AudioCodes 440HD IP Phone") or firmware of the DHCP client. The DHCP server can then differentiate between DHCP clients and process their requests accordingly.
Open the DHCP Servers table (see ''Configuring the DHCP Server'' on page 209). Select the row of the desired DHCP server for which you want to configure additional DHCP Options, and then click the DHCP Option link located below the table; the DHCP Option table opens. Version 7.2 Mediant 4000 SBC...
Page 216
Mediant 4000 SBC Click New; the following dialog box appears: Figure 15-3: DHCP Option Table - Add Dialog Box Configure additional DHCP Options for the DHCP server according to the parameters described in the table below. Click Apply. Table 15-4: DHCP Option Table Parameter Descriptions...
Select the row of the desired DHCP server for which you want to configure static IP addresses for DHCP clients, and then click the DHCP Static IP link located below the table; the DHCP Static IP table opens. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Click New; the following dialog box appears: Figure 15-4: DHCP Static IP Table - Add Dialog Box Configure a static IP address for a specific DHCP client according to the parameters described in the table below. Click Apply.
SIP that will manage delivery of RTP media to a recording device. The siprec protocol is based on RFC 6341 (Use Cases and Requirements for SIP-Based Media Recording), Session Recording Protocol (draft-ietf-siprec-protocol-02), and Architecture (draft-ietf-siprec-architecture-03). Version 7.2 Mediant 4000 SBC...
Page 220
Mediant 4000 SBC Warning for Deployments in France: The device supports SIP-based Media Recording (SIPREC) according to RFC 6341. As such, you must adhere to the Commission Nationale Informatique Libert’יs (CNIL) directive (https://www.cnil.fr/en/rights-and-obligations) and be aware that article R226-15 applies penalties to the malicious interception, diversion, use or disclosure of correspondence sent, transmitted or received by means of telecommunication, or the setting up of a device designed to produce such interceptions.
Page 221
SRS instead (which now becomes the active SRS). For new calls, if the device receives no response or a reject response from the active SRS to its' sent INVITE message, the device sends the recorded call to the standby SRS. Figure 15-7: Multiple SRSs (Standalone and Redundancy) Version 7.2 Mediant 4000 SBC...
Page 222
Mediant 4000 SBC Note: • The device can send recordings (media) to up to three active SRSs. In other words, any one of the following configurations are supported: √ Up to three standalone (active) SRSs. √ Up to three active-standby SRS pairs (i.e., six SRSs, but recordings are sent only to the three active SRSs).
IP Group "SRS-1" is the active SRS and IP Group "SRS-2" the standby SRS. Configure a SIP recording rule according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Version 7.2 Mediant 4000 SBC...
Page 226
Mediant 4000 SBC Table 15-6: SIP Recording Rules Table Parameter Descriptions Parameter Description General Index Defines an index number for the new table record. [SIPRecRouting_Index] Recorded IP Group Defines the IP Group participating in the call and the recording is done on the leg interfacing with this recorded-ip-group-name IP Group.
'Call Setup Rules Set ID': 1 In the Message Conditions table (see Configuring Message Condition Rules on page 406), click New, and then configure a Message Condition rule with the following properties: • 'Index': 0 • 'Name': CallRec Version 7.2 Mediant 4000 SBC...
SIP message, typically in the INVITE and the first 18x response. If the device receives a SIP message with Genesys SIP header, it adds the header's information to AudioCodes' proprietary tag in the XML metadata of the SIP INVITE that it sends to the recording server, as shown below: <ac:GenesysUUID...
When the primary RADIUS server is down, the device sends a RADIUS request twice (one retransmission) and if both fail (i.e., no response), the device considers the server as down and attempts to send requests to the next server. The device continues Version 7.2 Mediant 4000 SBC...
Page 230
Mediant 4000 SBC sending RADIUS requests to the redundant RADIUS server even if the primary server returns to service later on. However, if a device reset occurs or a switchover occurs in a High-Availability (HA) system, the device sends RADIUS requests to the primary RADIUS server.
Page 231
When set to 0, RADIUS-based login authentication is not implemented. The valid value is 0 to any integer. The default is 1645. Accounting Port Defines the port of the RADIUS Accounting server to where the Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description acc-port device sends accounting data of SIP calls as call detail records (CDR). When set to any value other than 0, the RADIUS server [RadiusServers_AccountingPort] is used by the device for RADIUS-based accounting (CDR). When set to 0, RADIUS-based accounting is not implemented.
Local Users table (see ''Configuring Management User Accounts'' on page 70). However, you can configure the device to use the Local Users table as a fallback mechanism if the RADIUS server does not respond. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC When RADIUS authentication is used, the RADIUS server stores the user accounts - usernames, passwords, and access levels (authorization). When a management user (client) tries to access the device, the device sends the RADIUS server the user's username and password for authentication.
RADIUS servers, see ''Configuring Management User Accounts'' on page 70. # AudioCodes VSA dictionary VENDOR AudioCodes 5003 ATTRIBUTE ACL-Auth-Level 35 integer AudioCodes VALUE ACL-Auth-Level ACL-Auth-UserLevel 50 VALUE ACL-Auth-Level ACL-Auth-AdminLevel 100 VALUE ACL-Auth-Level ACL-Auth-SecurityAdminLevel 200 Define the list of users authorized to use the device, using one of the password authentication methods supported by the server implementation.
Page 236
Mediant 4000 SBC • If the RADIUS server response includes the access level attribute: In the 'RADIUS VSA Access Level Attribute' field, enter the code that indicates the access level attribute in the VSA section of the received RADIUS packet. For defining the RADIUS server with access levels, see ''Setting Up a Third-Party RADIUS Server'' on page 234.
For the device to run a search, the path to the directory’s subtree, known as the distinguished name (DN), where the search is to be done must be configured (see ''Configuring LDAP DNs (Base Paths) per LDAP Server'' on page 246). The search Version 7.2 Mediant 4000 SBC...
Page 238
Mediant 4000 SBC key (filter), which defines the exact DN to search and one or more attributes whose values must be returned to the device must also be configured. For more information on configuring these attributes and search filters, see ''AD-based Routing for Microsoft Skype for Business'' on page 259.
The LDAP service can be used for authenticating and authorizing device management users (Web and CLI), based on the user's login username and password (credentials). At the same, it can also be used to determine users' management access levels (privileges). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Before you can configure LDAP-based login authentication, you must enable this type of LDAP service, as described in the following procedure. To enable LDAP-based login authentication: Open the Authentication Server page (Setup menu > Administration tab > Web &...
Page 241
[0] Parallel = (Default) The device queries the LDAP servers at [LdapServerGroups_SearchMet the same time. hod] [1] Sequential = The device first queries one of the LDAP servers and if the DN object is not found or the search fails, it Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description queries the second LDAP server. DN Search Method Defines the method for querying the Distinguished Name (DN) objects within each LDAP server. search-dn-method [0] Sequential = (Default) The query is done in each DN object, [LdapServerGroups_SearchDns one by one, until a result is returned.
Page 243
Enables the device to encrypt the username and password (for Control and Management related queries) using TLS when sending use-tls them to the LDAP server. [LdapConfiguration_useTLS] [0] No = (Default) Username and password are sent in clear-text Version 7.2 Mediant 4000 SBC...
Page 244
Mediant 4000 SBC Parameter Description format. [1] Yes TLS Context Assigns a TLS Context for the connection with the LDAP server. tls-context By default, no value is defined and the device uses the default TLS Context (ID 0). [LdapConfiguration_ContextN...
Page 245
LDAP server for authenticating the user's username-password combination. An example configuration for the parameter is $@sales.local, where the device replaces the $ with the entered username, for example, JohnD@sales.local. The username can also be Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description configured with the domain name of the LDAP server. Note: By default, the device sends the username in clear-text format. You can enable the device to encrypt the username using TLS (see the 'Use SSL' parameter below).
The search filter is applicable only to LDAP-based login authentication and authorization queries. • The search filter is a global setting that applies to all LDAP-based login authentication and authorization queries, across all configured LDAP servers. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC To configure the LDAP search filter for management users: Open the LDAP Settings page (Setup menu > IP Network tab > RADIUS & LDAP folder > LDAP Settings). In the 'LDAP Authentication Filter' field, enter the LDAP search filter attribute for...
Page 249
Defines an index number for the new table row. [MgmntLDAPGroups_GroupIndex] Note: Each row must be configured with a unique index. Level Defines the access level of the group(s). level [0] Monitor (Default) [1] Admin Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description [2] Security Admin [MgmntLDAPGroups_Level] Groups Defines the attribute names of the groups in the LDAP server. groups The valid value is a string of up to 256 characters. To define multiple groups, separate each group name with a semicolon (;).
Page 251
In the 'LDAP Cache Entry Removal Timeout' field, enter the duration (in hours) after which the device removes the LDAP entry from the cache. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 15.4.8.1 Refreshing the LDAP Cache You can refresh values of LDAP Attributes associated with a specified LDAP search key that are stored in the device's LDAP cache. The device sends an LDAP query to the LDAP server for the cached Attributes of the specified search key and replaces the old values in the cache with the new values received in the LDAP response.
To use the Local Users table for authenticating management users: Open the Authentication Server page (Setup menu > Administration tab > Web & CLI folder > Authentication Server). Figure 15-32: Local Users Table for Login Authentication Under the General group, do the following: Version 7.2 Mediant 4000 SBC...
Page 254
Mediant 4000 SBC Configure when the Local Users table must be used to authenticate login users. From the 'Use Local Users Database' drop-down list, select one of the following: ♦ When No Auth Server Defined (default): When no LDAP/RADIUS server is configured or if a server is configured but connectivity with the server is down (if the server is up, the device authenticates the user with the server).
The LDAP server's entry data structure schema in the example is as follows: DN (base path): OU=testMgmt,OU=QA,DC=testqa,DC=local. The DN path to search for the username in the directory is shown below: Figure 15-33: Base Path (DN) in LDAP Server Version 7.2 Mediant 4000 SBC...
Page 256
Mediant 4000 SBC Search Attribute Filter: (sAMAccountName=$). The login username is found based on this attribute (where the attribute's value equals the username): Figure 15-34: Username Found using sAMAccount Attribute Search Filter Management Attribute: memberOf. The attribute contains the member groups of the...
Page 257
Figure 15-37: Configuring LDAP Server Group for Management The DN is configured in the LDAP Server Search Base DN table (see ''Configuring LDAP DNs (Base Paths) per LDAP Server'' on page 246): Figure 15-38: Configuring DN Version 7.2 Mediant 4000 SBC...
Page 258
Mediant 4000 SBC The search attribute filter based on username is configured by the 'LDAP Authentication Filter' parameter (see ''Configuring the LDAP Search Filter Attribute'' on page 247): Figure 15-39: Configuring Search Attribute Filter The group management attribute is configured by the 'Management Attribute'...
PBX or IP PBX - users not yet migrated to Skype for Business Mobile - mobile number Private - private telephone line for Skype for Business users (in addition to the primary telephone line) Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 15.4.12.1 Querying the AD and Routing Priority The device queries the AD using the initial destination number (i.e., called number). The query can return up to four user phone numbers, each pertaining to one of the IP domains (i.e., private number, Skype for Business number, PBX / IP PBX number, and mobile...
Page 261
- call busy), the device can route the call to an alternative destination if an alternative routing rule is configured. "Redundant" route: If the query failed (i.e., no attribute found in the AD), the device uses the routing rule matching the "LDAP_ERR" prefix destination number value. Version 7.2 Mediant 4000 SBC...
Page 262
Mediant 4000 SBC The flowchart below summarizes the device's process for querying the AD and routing the call based on the query results: Figure 15-42: Querying AD in Skype for Business Environment Note: If you are using the device's local LDAP cache, see ''Configuring the Device's LDAP Cache'' on page 250 for the LDAP query process.
LDAP server. For alternative routing, enable the alternative routing mechanism and configure corresponding SIP reasons for alternative routing. For this feature, alternative routing starts from the table row located under the LDAP query row. Version 7.2 Mediant 4000 SBC...
Page 264
Mediant 4000 SBC The table below shows an example for configuring AD-based SBC routing rules in the IP- to-IP Routing Table: Table 15-14: AD-Based SBC IP-to-IP Routing Rule Configuration Examples Destination Username Destination Index Destination Type Prefix Address PRIVATE: Dest Address 10.33.45.60...
This example shows four defined Cost Groups and the total call cost if the average call duration is 10 minutes: Table 15-15: Call Cost Comparison between Cost Groups for different Call Durations Total Call Cost per Duration Connection Cost Group Minute Cost Cost 1 Minute 10 Minutes 80.3 Version 7.2 Mediant 4000 SBC...
Page 266
Mediant 4000 SBC If four matching routing rules are located in the routing table and each one is assigned a different Cost Group as listed in the table above, then the rule assigned Cost Group "D" is selected. Note that for one minute, Cost Groups "A" and "D" are identical, but due to the average call duration, Cost Group "D"...
Time Bands per Cost Group. The following procedure describes how to configure Cost Groups through the Web interface. You can also configure it through ini file (CostGroupTable) or CLI (configure voip > sip-definition least-cost-routing cost-group). Version 7.2 Mediant 4000 SBC...
Page 268
Mediant 4000 SBC To configure a Cost Group: Open the Cost Groups table (Setup menu > Signaling & Media tab > SIP Definitions folder > Least Cost Routing > Cost Groups). Click New; the following dialog box appears: Configure a Cost Group according to the parameters described in the table below.
Page 269
(i.e., SUN, MON, TUE, WED, THU, FRI, or SAT). hh and mm denote the time of day, where hh is the hour (00-23) and mm the minutes (00-59) Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description For example, SAT:22:00 denotes Saturday at 10 pm. End Time Defines the day and time of day until when this time band is applicable. For a description of the valid values, see the end-time parameter above.
Capture: Recording of signaling and RTP packets, and Syslog. The remote host can be, for example, a Syslog server or AudioCodes OVOC. QoS: Call routing based on QoS. For more information, see Configuring QoS-Based Routing by Routing Server on page 281.
Page 272
Mediant 4000 SBC Note: • You can configure only one Remote Web Service for each of the following server types: Routing, Call Status, Topology Status, and QoS. • The Routing service also includes the Call Status and Topology Status services.
Page 273
[0] Round Robin = (Default) Load balancing of traffic across all configured hosts. Every consecutive message is sent to the next available host. [1] Sticky Primary = Device always attempts to send traffic to Version 7.2 Mediant 4000 SBC...
Page 274
Mediant 4000 SBC Parameter Description the first (primary) host. If the host does not respond, the device sends the traffic to the next available host. If the primary host becomes available again, the device sends the traffic to the primary host.
Services folder > Remote Web Services). In the table, select the required remote Web service index row, and then click the HTTP Remote Hosts link located below the table; the HTTP Remote Hosts table appears. Version 7.2 Mediant 4000 SBC...
Page 276
Mediant 4000 SBC Click New; the following dialog box appears: Figure 15-46: HTTP Remote Hosts Table - Add Dialog Box Configure an HTTP remote host according to the parameters described in the table below. Click Apply, and then save your settings to flash memory.
Open the Web Service Settings page (Setup menu > IP Network tab > Web Services folder > Web Service Settings). From the 'Topology Status' drop-down list (RoutingServerGroupStatus), select Enable: Figure 15-47: Enabling Topology Status Web-based Service Click Apply. Version 7.2 Mediant 4000 SBC...
15.6.3 Centralized Third-Party Routing Server You can employ a remote, third-party Routing server to handle call routing decisions in deployments consisting of multiple AudioCodes devices. Employing a Routing server replaces the need for the device's routing tables (IP-to-IP Routing table) to determine call destination.
Page 279
(disconnected). The device can also report when an IP Group (Proxy Set) is unavailable, detected by the keep-alive mechanism, or when the CAC thresholds permitted per IP Group have Version 7.2 Mediant 4000 SBC...
Page 280
Mediant 4000 SBC been crossed. Credentials for Authentication: The Routing Server can provide user (e.g., IP Phone caller) credentials (username-password) in the Get Route response, which can be used by the device to authenticate outbound SIP requests if challenged by the outbound peer, for example, Microsoft Skype for Business (per RFC 2617 and RFC 3261).
Enable voice quality monitoring and RTCP XR, using the 'Enable RTCP XR' (VQMonEnable) parameter (see Configuring RTCP XR on page 737). Note: For media metrics calculations, the device's License Key must include voice quality monitoring and RTCP XR. Version 7.2 Mediant 4000 SBC...
HTTP-based OVOC Services for AudioCodes Equipment behind NAT: You can configure the device to act as an HTTP Proxy that enables AudioCodes OVOC to manage AudioCodes equipment (such as IP Phones) over HTTP when the equipment is located behind NAT (e.g., in the LAN) and OVOC is located in a public domain (e.g., in the WAN).
The HTTP Proxy application is a license-dependent feature and is available only if it is included in the License Key installed on the device. For ordering the feature, please contact your AudioCodes sales representative. For installing a new License Key, see License Key on page 649.
The HTTP Interfaces table lets you configure up to 10 HTTP Interfaces. An HTTP Interface represents a local, listening interface for receiving HTTP/S requests from HTTP-based (Web) clients such as managed equipment (e.g., IP Phones) and/or AudioCodes OVOC management tool for HTTP/S-based services.
You can also configure it through ini file (HTTPProxyService) or CLI (configure network > http-proxy http-proxy-serv). To configure an HTTP Proxy Service: Open the HTTP Proxy Services table (Setup menu > IP Network tab > HTTP Proxy folder > HTTP Proxy Services). Version 7.2 Mediant 4000 SBC...
Page 286
Mediant 4000 SBC Click New; the following dialog box appears: Figure 15-55: HTTP Proxy Services Table - Add Dialog Box Configure an HTTP Proxy service according to the parameters described in the table below. Click Apply, and then save your settings to flash memory.
HTTP Proxy Hosts link located below the table; the HTTP Proxy Hosts table appears. Click New; the following dialog box appears: Figure 15-56: HTTP Proxy Hosts Table - Add Dialog Box Configure an HTTP Proxy Host according to the parameters described in the table below. Version 7.2 Mediant 4000 SBC...
Page 288
Mediant 4000 SBC Click Apply, and then save your settings to flash memory. Table 15-22: HTTP Proxy Hosts Table Parameter Descriptions Parameter Description General Index Defines an index number for the new table row. Note: Each row must be configured with a unique index.
Table 15-23: OVOC Services Table Parameter Descriptions Parameter Description General Index Defines an index number for the new table row. [EMSService_Index] Note: Each row must be configured with a unique index. The parameter is mandatory. Version 7.2 Mediant 4000 SBC...
Page 290
Mediant 4000 SBC Name Defines a descriptive name, which is used when associating the row in other tables. service-name The valid value is a string of up to 40 characters. By default, no value [EMSService_ServiceNam is defined. Note: Each row must be configured with a unique name.
E9-1-1 due to the difficulty in accurately locating the E9-1-1 caller. This section describes the E9-1-1 solution provided by Microsoft Skype for Business and AudioCodes' device's ELIN interworking capabilities, which provides the SIP Trunk to the E9-1-1 emergency service provider. This section also describes the configuration of the device for interoperating between the Skype for Business environment and the E9-1-1 emergency provider.
The figure below illustrates the routing of an E9-1-1 call to the PSAP: The VoIP user dials 9-1-1. AudioCodes' ELIN device sends the call to the emergency service provider over the SIP Trunk (PSAP server). The emergency service provider identifies the call is an emergency call and sends it to an E9-1-1 Selective Router in the Emergency Services provider's network.
• Immediately after startup and registering the user with Skype for Business • Approximately every four hours after initial registration • Whenever a network connection change is detected (such as roaming to a new WAP) Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC The Skype for Business client includes in its location request the following known network connectivity information: • Always included: ♦ IPv4 subnet ♦ Media Access Control (MAC) address • Depends on network connectivity: ♦ Wireless access point (WAP) Basic Service Set Identifier (BSSID) ♦...
(for example, less than 7000 square feet per ERL). Typically, you would have an ERL for each floor of the building. The ELIN is used as the phone number for 911 callers within this ERL. Version 7.2 Mediant 4000 SBC...
Therefore, IP phones, for example, on a specific floor are in the same subnet and therefore, use the same ELIN when dialing 9-1-1. 15.8.3 AudioCodes ELIN Device for Skype for Business E9-1-1 Calls to PSTN Microsoft Mediation Server sends the location information of the E9-1-1 caller in the XML- based PIDF-LO body contained in the SIP INVITE message.
PSAP, based on ELIN-address match lookup in the emergency service provider's ALI database. The figure below illustrates an AudioCodes ELIN device deployed in the Skype for Business environment for handling E9-1-1 calls between the Enterprise and the emergency service provider.
Page 298
Mediant 4000 SBC ELIN Time Count Index Call From 4257275999 22:11:57 4258359444 4257275615 22:12:03 4258359555 4257275616 22:11:45 4258359777 The ELIN table stores this information for a user-defined period (see ''Configuring the E9-1-1 Callback Timeout'' on page 301), starting from when the E9-1-1 call, established with the PSAP, terminates.
If a match is found in the ELIN table, it routes the call to the Mediation Sever by sending a SIP INVITE, where the values of the To and Request-URI are taken from Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC the value of the original From header that is stored in the ELIN table (in the Call From column). The device updates the Time in the ELIN table. (The Count is not affected). The PSAP callback can be done only within a user-defined period (see ''Configuring the E9-1-1 Callback Timeout'' on page 301), started from after the original E9-1-1 call established with the PSAP is terminated.
User's Manual 15. Services 15.8.4 Configuring AudioCodes ELIN Device This section describes E9-1-1 configuration of the AudioCodes ELIN Gateway deployed in the Skype for Business environment. 15.8.4.1 Enabling the E9-1-1 Feature By default, the ELIN device feature for E9-1-1 emergency call handling in a Skype for Business environment is disabled.
Mediant 4000 SBC 15.8.4.4 Viewing the ELIN Table To view the ELIN table: # show voip e911 ELIN Time Count Index Call From ------------------------------------------------------------ 4257275678 22:11:52 0 4258359333 4257275999 22:11:57 0 4258359444 4257275615 22:12:03 0 4258359555 4257275616 22:11:45 0...
Page 303
SIP-ETag value of last 200 OK) and Expires header value set to "0", as shown in the following example: PUBLISH sip:john.doe@sfb.example SIP/2.0 From: <sip:john.doe@sfb.example>;tag=1c1654434948 To: <sip:john.doe@sfb.example> CSeq: 1 PUBLISH Contact: <sip:john.doe@10.33.221.57:5061;transport=tls> Event: presence Expires: 0 User-Agent: sur1-vg1.ecarecenters.net/v.7.20A.001.080 SIP-If-Match: 2545777538-1-1 Content-Length: 0 Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC The following figure shows a basic illustration of the device's integration into Microsoft Skype for Business Presence feature for third-party endpoints. 15.9.1 Configuring Skype for Business Server for Presence On the Skype for Business Server side, you need to define the device in the Skype for Business Topology as a Trusted Application.
When the call ends, the device sends another SIP PUBLISH message to the Skype for Business Server, clearing the users' "On-the-Phone" status (the presence status changes to what it was before the call was connected). Version 7.2 Mediant 4000 SBC...
Page 306
Mediant 4000 SBC To configure the device for Skype for Business presence: Enable the Microsoft presence feature: open the SIP Definitions General Settings page (Setup menu > Signaling & Media tab > SIP Definitions folder > SIP Definitions General Settings), and then from the 'Enable MsPresence message'...
Page 307
Configure routing rules to route the calls in the network. Configure IP Groups to represent your call party entities, and assign them the group of Call Setup Rules (Set ID) that you configured in Step 7 (above). Version 7.2 Mediant 4000 SBC...
Page 308
Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-42025...
Reporting Voice Quality of Experience to OVOC The device can be configured to report voice (media) Quality of Experience (QoE) to AudioCodes' One Voice Operations Center (OVOC) server, a plug-in for AudioCodes OVOC. The reports include real-time metrics of the quality of the actual call experience, which are then processed by the OVOC.
Mediant 4000 SBC In the SNMP Trusted Managers table (see Configuring SNMP Trusted Managers), either leave the table without any configuration, or if you want to use Trusted Managers, make sure you configure a Trusted Manager with the IP address of OVOC.
In other words, you need to configure them with the same NTP server. The NTP server can be one of the following: AudioCodes OVOC server (also acting as an NTP server) Third-party, external NTP server Once you have determined the NTP server, all the elements--deviceand OVOC--must be configured with the same NTP server address.
Mediant 4000 SBC VoIP call quality and diagnosing problems. Enabling RTCP XR means that the device can send RTCP XR messages, containing the call-quality metrics, to the OVOC server. For enabling RTCP XR reporting, see ''Configuring RTCP XR'' on page 737. To configure what to report to the OVOC, see ''Configuring Quality of Experience Profiles'' on page 312.
Page 313
Report the change in the measured metrics to AudioCodes' One Voice Operations Center (OVOC) server. The OVOC displays this call quality status for the associated OVOC link (IP Group, Media Realm, or Remote Media Subnet). To configure the OVOC server's address, see ''Configuring the OVOC Server'' on page 310.
Page 314
Mediant 4000 SBC Depending on the crossed threshold type, you can configure the device to reject calls to the destination IP Group or use an alternative IP Profile for the IP Group. For more information, see ''Configuring Quality of Service Rules'' on page 321.
Page 315
[2] Packet Loss [3] Jitter [4] RERL [Echo] Direction Defines the monitoring direction. direction [0] Device Side (default) [1] Remote Side [QOEColorRules_direction] Sensitivity Level Defines the sensitivity level of the thresholds. Version 7.2 Mediant 4000 SBC...
Page 316
Mediant 4000 SBC Parameter Description [0] User Defined = Need to define the thresholds in the sensitivity-level parameters described below. [QOEColorRules_profile] [1] Low = Pre-configured low sensitivity threshold values. Thus, reporting is done only if changes in parameters' values are significant.
Red: Indicates that bandwidth utilization has exceeded total bandwidth. Bandwidth Profiles let you configure bandwidth thresholds, which when crossed changes the color-coded state for bandwidth utilization: Green-Yellow (Minor) Threshold: Lower threshold configured as a percentage of the Version 7.2 Mediant 4000 SBC...
Page 318
Mediant 4000 SBC configured major (total) bandwidth threshold. When bandwidth goes over the threshold, the device considers it a Yellow state (Minor alarm severity); when it goes below the threshold, it considers it a Green state (cleared alarm). Yellow-Red (Major) Threshold: Upper threshold configured by the major (total) bandwidth threshold.
Page 319
The valid value is a string of up to 20 characters. [BWProfile_Name] Egress Audio Bandwidth Defines the major (total) threshold for outgoing audio traffic (in Kbps). egress-audio-bandwidth [BWProfile_EgressAudioBandwidth] Ingress Audio Bandwidth Defines the major (total) threshold for incoming audio traffic (in Kbps). ingress-audio-bandwidth Version 7.2 Mediant 4000 SBC...
Page 320
Mediant 4000 SBC Parameter Description [BWProfile_IngressAudioBandwidth] Egress Video Bandwidth Defines the major (total) threshold for outgoing video traffic (in Kbps). egress-video-bandwidth [BWProfile_EgressVideoBandwidth] Ingress Video Bandwidth Defines the major (total) threshold for incoming video traffic (in Kbps). ingress-video-bandwidth [BWProfile_IngressVideoBandwidth] Total Egress Bandwidth Defines the major (total) threshold for video and audio outgoing bandwidth (in Kbps).
(configure voip > qoe quality-of-service-rules). To configure a Quality of Service rule: Open the Quality of Service Rules table (Setup menu > Signaling & Media tab > Media folder > Quality of Service Rules). Version 7.2 Mediant 4000 SBC...
Page 322
Mediant 4000 SBC Click New; the following dialog box appears: Figure 16-7: Quality of Service Rules Table - Dialog Box Configure a rule according to the parameters described in the table below. Click Apply, and then reset the device with a save-to-flash for your settings to take effect.
Page 323
'Rule Metric' parameter) if the rule is matched. alt-ip-profile-name By default, no value is defined. [QualityOfServiceRules_AltIPPr ofileName] Note: The parameter is applicable only if the 'Rule Action' parameter is configured to Alternative IP Profile. Version 7.2 Mediant 4000 SBC...
Page 324
Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-42025...
You can also configure it through ini file (CpMediaRealm) or CLI (configure voip > realm). To configure a Media Realm: Open the Media Realms table (Setup menu > Signaling & Media tab > Core Entities folder > Media Realms). Version 7.2 Mediant 4000 SBC...
Page 326
Mediant 4000 SBC Click New; the following dialog box appears: Figure 17-1: Media Realms Table - Add Dialog Box Configure the Media Realm according to the parameters described in the table below. Click Apply. Table 17-1: Media Realms table Parameter Descriptions...
Page 327
For more information on local UDP port range, see ''Configuring RTP Base UDP Port'' on page 195. Default Media Realm Defines the Media Realm as the default Media Realm. The default Media Realm is used for SIP Interfaces and IP Groups is-default Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description [CpMediaRealm_IsDefault] for which you have not assigned a Media Realm. [0] No (default) [1] Yes Note: You can configure the parameter to Yes for only one Media Realm; all the other Media Realms must be configured to ...
Page 329
Open the Media Realms table (see ''Configuring Media Realms'' on page 325). Select the Media Realm row for which you want to add Remote Media Subnets, and then click the Remote Media Subnet link located below the table; the Remote Media Subnet table appears. Version 7.2 Mediant 4000 SBC...
Page 330
Mediant 4000 SBC Click New; the following dialog box appears: Figure 17-3: Remote Media Subnet Table - Add Dialog Box Configure the Remote Media Subnet according to the parameters described in the table below. Click Apply. Table 17-2: Remote Media Subnet Table Parameter Descriptions...
Open the Media Realms table (see ''Configuring Media Realms'' on page 325). Select the Media Realm for which you want to add Remote Media Extensions, and then click the Media Realm Extension link located below the table; the Media Realm Extension table appears. Version 7.2 Mediant 4000 SBC...
Page 332
Mediant 4000 SBC Click New; the following dialog box appears: Figure 17-5: Media Realm Extension Table - Add Dialog Box Configure the Media Realm Extension according to the parameters described in the table below. Click Apply. Table 17-3: Media Realm Extension Table Parameter Descriptions...
SRD, you can use the default SRD instead of creating a new one. When only one SRD is employed and you create other related configuration entities (e.g., SIP Interfaces), the default SRD is automatically assigned to the new configuration entity. Version 7.2 Mediant 4000 SBC...
Page 334
Mediant 4000 SBC Therefore, when employing a single-SRD configuration topology, there is no need to handle SRD configuration (i.e., transparent). SRDs are associated with the following configuration entities: SIP Interface (mandatory) - see ''Configuring SIP Interfaces'' on page 343 ...
Page 335
Open the SRDs table (Setup menu > Signaling & Media tab > Core Entities folder > SRDs). Click New; the following dialog box appears: Figure 17-7: SRDs Table - Add Dialog Box Configure an SRD according to the parameters described in the table below. Click Apply. Version 7.2 Mediant 4000 SBC...
Page 336
Mediant 4000 SBC Table 17-4: SRDs table Parameter Descriptions Parameter Description General Index Defines an index for the new table row. [SRD_Index] Note: Each row must be configured with a unique index. Name Defines a descriptive name, which is used when associating the row in other tables.
Page 337
When the device rejects a call, it sends a SIP 500 "Server Internal Error" response to the user. In addition, it reports the rejection Version 7.2 Mediant 4000 SBC...
Page 338
Mediant 4000 SBC Parameter Description (Dialog establish failure - Classification failure) using the Intrusion Detection System (IDS) feature (see Configuring IDS Policies on page 172), by sending an SNMP trap. When the corresponding parameter in the SIP Interfaces table...
Tenant size in a multi-tenant architecture can vary and therefore, the instance CPU, memory and interface allocations should be optimized so as not to waste resources for small-sized Version 7.2 Mediant 4000 SBC...
Page 340
Mediant 4000 SBC tenants on the one hand, and not to allocate too many instances for a single tenant/customer on the other. For example, it would be a waste to allocate a capacity of 100 concurrent sessions to a small tenant for which 10 concurrent sessions suffice.
To exit the tenant view: # no srd-view 17.2.3 Cloning SRDs You can clone (duplicate) existing SRDs. This is especially useful when operating in a multi-tenant environment and you need to add new tenants (SRDs). The new tenants can Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC quickly and easily be added by simply cloning one of the existing SRDs. Once cloned, all you need to do is tweak configuration entities associated with the SRD clone. When an SRD is cloned, the device adds the new SRD clone to the next available index row in the SRDs table.
Interface. For more information, see ''Configuring IDS Policies'' on page 172. SBC application: • IP-to-IP Routing rules for specifying the destination SIP Interface to where you want to route the call. For more information, see Configuring SBC IP-to-IP Routing Rules on page 505. Version 7.2 Mediant 4000 SBC...
Page 344
Mediant 4000 SBC • Classification rules for specifying the SIP Interface as a matching characteristic of the incoming call. This is especially useful for the single SRD-configuration topology, where each SIP Interface represents a Layer-3 network (SIP entity). Therefore, classification of calls to IP Groups (SIP entities) can be based on SIP Interface.
Page 345
6000 to 6999, the SIP port can either be less than 6000 or greater than 6999. Each SIP Interface must have a unique signaling port (i.e., no two SIP Interfaces can share the same port - no port overlapping). Version 7.2 Mediant 4000 SBC...
Page 346
Mediant 4000 SBC Parameter Description TCP Port Defines the device's listening port for SIP signaling traffic over TCP. tcp-port The valid range is 1 to 65534. The default is 5060. [SIPInterface_TCPPort] Note: The port must be different from ports configured for RTP traffic (i.e., ports configured for Media Realms).
Page 347
SIP request (OPTIONS, REGISTER, or INVITE) fails the SBC Classification process. classification_fail_response_ty The valid value can be a SIP response code from 400 through 699, or it can be set to 0 to not send any response at all. The default [SIPInterface_ClassificationFa Version 7.2 Mediant 4000 SBC...
Page 348
Mediant 4000 SBC Parameter Description ilureResponseType] response code is 500 (Server Internal Error). This feature is important for preventing Denial of Service (DoS) attacks, typically initiated from the WAN. Malicious attackers can use SIP scanners to detect ports used by SIP devices. These scanners...
Page 349
SRDs table (SRD_BlockUnRegUsers) of the SRD that is associated with the SIP Interface is applied. [0] Accept All = Accepts requests from registered and unregistered users. [1] Accept Registered Users = Accepts requests only from users Version 7.2 Mediant 4000 SBC...
Page 350
Mediant 4000 SBC Parameter Description registered with the device. Requests from users not registered are rejected. [2] Accept Registered Users from Same Source = Accepts requests only from registered users whose source address is the same as that registered with the device (during the REGISTER message process).
If you delete an IP Group or modify the 'Type' or 'SRD' parameters, the device immediately terminates currently active calls that are associated with the IP Group. In addition, all users belonging to the IP Group are removed from the device's users database. Version 7.2 Mediant 4000 SBC...
Page 352
Mediant 4000 SBC The following procedure describes how to configure IP Groups through the Web interface. You can also configure it through ini file (IPGroup) or CLI (configure voip > ip-group). To configure an IP Group: Open the IP Groups table (Setup menu > Signaling & Media tab > Core Entities folder >...
Page 353
Contact header in the REGISTER request received from the IP Group. Therefore, routing to this IP Group is possible only once a REGISTER request is received (i.e., IP Group is registered with the device). If a Version 7.2 Mediant 4000 SBC...
Page 354
Mediant 4000 SBC Parameter Description REGISTER refresh request arrives, the device updates the new location (i.e., IP address) of the IP Group. If the REGISTER fails, no update is performed. If an UN-REGISTER request arrives, the IP address associated with the IP Group is deleted and therefore, no routing to the IP Group is done.
Page 355
Group). "Connected": Keep-alive success (i.e., connectivity with the IP Group). The connectivity status is also displayed in the Topology View page (see ''Building and Viewing SIP Entities in Topology View'' on page 374). Note: Version 7.2 Mediant 4000 SBC...
Page 356
Mediant 4000 SBC Parameter Description The feature is applicable only to Server-type IP Groups. To support the feature, you must enable the keep-alive mechanism of the Proxy Set that is associated with the IP Group (see ''Configuring Proxy Sets'' on page 366).
Page 357
Note: To ensure proper device handling, the parameter should be a valid FQDN. UUI Format Enables the generation of the Avaya UCID value, adding it to the outgoing INVITE sent to this IP Group. uui-format [0] Disabled (default) [IPGroup_UUIFormat] Version 7.2 Mediant 4000 SBC...
Page 358
Mediant 4000 SBC Parameter Description [1] Enabled This provides support for interworking with Avaya equipment by generating Avaya's UCID value in outgoing INVITE messages sent to Avaya's network. The device adds the UCID in the User-to-User SIP header. Avaya's UCID value has the following format (in hexadecimal): 00 +...
Page 359
[1] Classify by IP = For initial registrations from the IP Group, the device adds a key representing the user to its registration database, based on the REGISTER request source IP address, port (if UDP) and SIP Interface ID (e.g., "10.33.3.3:5010#1"). The Version 7.2 Mediant 4000 SBC...
Page 360
Mediant 4000 SBC Parameter Description device classifies incoming non-REGISTER SIP dialog requests (e.g., INVITEs) from the IP Group according to the received source IP address. The device rejects initial registration requests that have the same IP address, as the necessary key is already used for another registration.
Page 361
SIP headers, you must apply your manipulation rule (Manipulation Set ID) to the IP Group as an Outbound Message Manipulation Set (see the IPGroup_OutboundManSet parameter), when the IP Group is the Version 7.2 Mediant 4000 SBC...
Page 362
Mediant 4000 SBC Parameter Description destination of the call. Outbound Message Assigns a Message Manipulation Set (rule) to the IP Group for SIP Manipulation Set message manipulation on the outbound leg. outbound-mesg- By default, no value is defined. manipulation-set To configure Message Manipulation rules, see ''Configuring SIP [IPGroup_OutboundManSet] Message Manipulation'' on page 401.
Page 363
'Registration Mode' parameter of the IP Group (User-type) to which the user belongs, to User Initiates Registration. This feature is also supported when the device operates in HA mode; registrar "stickiness" is retained even after an HA switchover. Version 7.2 Mediant 4000 SBC...
Page 364
Mediant 4000 SBC Parameter Description User UDP Port Assignment Enables the device to assign a unique, local UDP port (for SIP signaling) per registered user (User-type IP Group) on the leg user-udp-port- interfacing with the proxy server (Server-type IP Group). The port is...
Page 365
Defines the shared password for authenticating the IP Group, when the device acts as an Authentication server. password The valid value is a string of up to 51 characters. By default, no IPGroup_Password] password is defined. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description Note: The parameter is applicable only to Server-type IP Groups and when the 'Authentication Mode' parameter is set to SBC as Server (i.e., authentication of servers). To specify the SIP request types (e.g., INVITE) that must be challenged by the device, use the 'Authentication Method List' parameter.
Page 367
Open the Proxy Sets table (Setup menu > Signaling & Media tab > Core Entities folder >Proxy Sets). Click New; the following dialog box appears: Configure a Proxy Set according to the parameters described in the table below. Click Apply. Version 7.2 Mediant 4000 SBC...
Page 368
Mediant 4000 SBC Select the index row of the Proxy Set that you added, and then click the Proxy Address link located below the table; the Proxy Address table opens. Click New; the following dialog box appears: Figure 17-10: Proxy Address Table - Add Dialog Box Configure the address of the Proxy Set according to the parameters described in the table below.
Page 369
Proxy keep-alive using REGISTER messages (Using REGISTER option) is applicable only to the Parking redundancy mode ('Redundancy Mode' parameter configured to Parking). For Survivability mode for User-type IP Groups, you must enable this Proxy Keep-Alive feature. Version 7.2 Mediant 4000 SBC...
Page 370
Mediant 4000 SBC Parameter Description If you enable this Proxy Keep-Alive feature and the proxy uses the TCP/TLS transport type, you can enable CRLF Keep-Alive feature, using the UsePingPongKeepAlive parameter. If you enable this Proxy Keep-Alive feature, the device can...
Page 371
REGISTER messages are also distributed unless a RegistrarIP is configured. The IP address list is refreshed every user-defined interval (see the ProxyIPListRefreshTime parameter). If a change in the order of the IP address entries in Version 7.2 Mediant 4000 SBC...
Page 372
Mediant 4000 SBC Parameter Description the list occurs, all load statistics are erased and balancing starts over again. [2] Random Weights = The outgoing requests are not distributed equally among the Proxies. The weights are received from the DNS server, using SRV records. The device sends the requests in such a fashion that each proxy receives a percentage of the requests according to its' assigned weight.
Page 373
30 IP addresses in the received list and ignores the rest. Proxy Address Table Index Defines an index number for the new table row. proxy-ip-index Note: Each row must be configured with a unique index. [ProxyIp_ProxyIpIndex] Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description Proxy Address Defines the address of the proxy. proxy-address Up to 10 addresses can be configured per Proxy Set. The address can be defined as an IP address in dotted-decimal notation (e.g., [ProxyIp_IpAddress] 201.10.8.1) or FQDN. You can also specify the port using the following format: ...
Page 375
(as shown in the figure below for callouts #1 and #2, respectively). For example, on the top border you can position all entities relating to WAN, and on the bottom border all entities relating to LAN. Figure 17-12: Display Location in Topology View Version 7.2 Mediant 4000 SBC...
Page 376
Mediant 4000 SBC Item # Description By default, configuration entities are displayed on the bottom border. To define the position, use the 'Topology Location' parameter when configuring the entity, where Down is the bottom border and Up the top border: Figure 17-13: Configuration Postion in Topology View Configured SIP Interfaces.
Page 377
Configured IP Groups. Each IP Group is displayed using the following "IP Group [Server]" or "IP Group [User]" titled icon (depending on whether it's a Server- or User-type IP Group respectively), which includes the name and row index number (example of a Server-type): Version 7.2 Mediant 4000 SBC...
Page 378
Mediant 4000 SBC Item # Description If you hover your mouse over the icon, a pop-up appears displaying the following basic information (example): If you click the icon, a drop-down menu appears listing the following commands: Edit: Opens a dialog box in the IP Groups table to modify the IP Group.
Page 379
Routing: Opens the IP-to-IP Routing table where you can configure IP-to-IP routing rules (see ''Configuring SBC IP-to-IP Routing Rules'' on page 505). SBC Settings: Opens the SBC General Settings page where you can configure miscellaneous settings. Version 7.2 Mediant 4000 SBC...
Page 380
Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-42025...
In this scenario, the Account can be not registered due to any of the reasons listed previously or for the dynamic UDP port assignment feature, there is no available port for the Account (port used for interfacing with the Serving IP Group). Version 7.2 Mediant 4000 SBC...
Page 382
Mediant 4000 SBC Note: • The device uses the username and password configured for the Serving IP Group in the IP Groups table for user registration and authentication, in the scenarios listed below. For this mode of operation, the 'Authentication Mode' parameter in...
Page 383
(Unauthorized) in response to a sent INVITE, the device checks for a matching "serving" and "served" entry in the table. If a matching row exists, the device authenticates the INVITE by providing the corresponding MD5 authentication username and Version 7.2 Mediant 4000 SBC...
Page 384
Mediant 4000 SBC Parameter Description password to the "serving" IP Group. [1] Regular = Regular registration process. For more information, see ''Regular Registration Mode'' on page 387. [2] GIN = Registration for legacy PBXs, using Global Identification Number (GIN). For more information, see ''Single Registration for Multiple Phone Numbers using GIN'' on page 388.
Page 385
(Serving IP Group) to which the Account [Account_RegEventPackageSubscription] is successfully registered and binded, when the Registrar Stickiness feature is enabled. The service allows the device to receive notifications of the Accounts registration state change with the registrar. Version 7.2 Mediant 4000 SBC...
Page 386
Mediant 4000 SBC Parameter Description The device subscribes to the service by sending a SUBSCRIBE message containing the Event header with the value "reg" (Event: reg). Whenever a change occurs in the registration binding state, the registrar notifies the device by sending a SIP NOTIFY message.
(user in From/To and Contact headers) are taken from the configured Accounts table upon successful registration. See the example below: REGISTER sip:xyz SIP/2.0 Via: SIP/2.0/UDP 10.33.37.78;branch=z9hG4bKac1397582418 From: <sip:ContactUser@HostName>;tag=1c1397576231 To: <sip: ContactUser@HostName > Call-ID: 1397568957261200022256@10.33.37.78 CSeq: 1 REGISTER Contact: <sip:ContactUser@10.33.37.78>;expires=3600 Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Expires: 3600 User-Agent: Sip-Gateway/v.7.20A.000.038 Content-Length: 0 18.1.2 Single Registration for Multiple Phone Numbers using GIN When you configure the registration mode in the Accounts table to GIN, the Global Identifiable Number (GIN) registration method is used, according to RFC 6140. The device performs GIN-based registration of users to a SIP registrar on behalf of a SIP PBX.
''Configuration Parameters Reference'' on page 835. To configure Proxy servers (Proxy Sets), see ''Configuring Proxy Sets'' on page 366. Note: To view the registration status of endpoints with a SIP Registrar/Proxy server, see ''Viewing Registration Status'' on page 730. Version 7.2 Mediant 4000 SBC...
The REGISTER request is sent to a Registrar/Proxy server for registration: REGISTER sip:10.2.2.222 SIP/2.0 Via: SIP/2.0/UDP 10.1.1.200 From: <sip: 122@10.1.1.200>;tag=1c17940 To: <sip: 122@10.1.1.200> Call-ID: 634293194@10.1.1.200 User-Agent: Sip-Gateway/Mediant 4000 SBC/v.7.20A.000.038 CSeq: 1 REGISTER Contact: sip:122@10.1.1.200: Expires:3600 Upon receipt of this request, the Registrar/Proxy returns a 401 Unauthorized response: SIP/2.0 401 Unauthorized...
Page 391
• The password from the ini file is "AudioCodes". • The equation to be evaluated is "122:audiocodes.com:AudioCodes". According to the RFC, this part is called A1. • The MD5 algorithm is run on this equation and stored for future usage.
Mediant 4000 SBC Server: Columbia-SIP-Server/1.17 Content-Length: 0 Contact: <sip:122@10.1.1.200>; expires="Thu, 26 Jul 2012 10:34:42 GMT"; action=proxy; q=1.00 Contact: <122@10.1.1.200:>; expires="Tue, 19 Jan 2038 03:14:07 GMT"; action=proxy; q=0.00 Expires: Thu, 26 Jul 2012 10:34:42 GMT 18.3 Configuring Call Setup Rules The Call Setup Rules table lets you configure up to 40 Call Setup rules. Call Setup rules define various sequences that are run upon the receipt of an incoming call (dialog) at call setup, before the device routes the call to its destination.
Page 393
LDAP query result is not found: Incorrect -this rule will always exit with result = True: Condition: ldap.found exists Action Type: Exit Action Value: True Correct: • Single rule: Condition: ldap.found !exists Action Type: Exit Action Value: False Version 7.2 Mediant 4000 SBC...
Page 394
Mediant 4000 SBC • Set of rules: Condition: ldap.found exists Action Type: Exit Action Value: True Condition: <leave it blank> Action Type: Exit Action Value: False Note: If the source and/or destination numbers are manipulated by the Call Setup rules, they revert to their original values if the device moves to the next routing rule.
Page 395
To LDAP query the AD attribute "telephoneNumber" that has a redirect number: 'telephoneNumber=' + param.call.redirect + To query a Dial Plan for the source number: param.call.src.user To query an ENUM server for the URI of the called (destination) number: param.call.dst.user Version 7.2 Mediant 4000 SBC...
Page 396
Mediant 4000 SBC Parameter Description Note: The parameter is applicable only if the 'Query Type' parameter is configured to any value other than None. Attributes To Get Defines the attributes of the queried LDAP record that the device must handle (e.g., retrieve value).
Below are configuration examples for using Call Setup Rules. Example 1: This example configures the device to replace (manipulate) the incoming call's source number with a number retrieved from the AD by an LDAP query. The Version 7.2 Mediant 4000 SBC...
Page 398
Mediant 4000 SBC device queries the AD server for the attribute record, "telephoneNumber" whose value is the same as the received source number (e.g., "telephoneNumber =4064"). If such an attribute is found, the device retrieves the number of the attribute record, "alternateNumber"...
Page 399
IP Groups table: 'Call Setup Rules Set ID': 4 • IP-to-IP Routing table: ♦ Index 1: 'Destination Tag': dep-sales 'Destination IP Group': SALES ♦ Index 2: 'Destination Tag': dep-mkt 'Destination IP Group': MKT ♦ Index 3: 'Destination Tag': dep-rd 'Destination IP Group': RD Version 7.2 Mediant 4000 SBC...
Page 400
Mediant 4000 SBC Example 5: The example configures the device to perform an ENUM query with an ENUM server in order to retrieve a SIP URI address for the called E.164 telephone number. The device then replaces (manipulates) the incoming call's E.164 destination number in the SIP Request-URI header with the URI retrieved from the ENUM server: •...
Translating one SIP response code to another Topology hiding (generally present in SIP headers such as Via, Record Route, Route and Service-Route). Configurable identity hiding (information related to identity of subscribers, for example, P-Asserted-Identity, Referred-By, Identity and Identity-Info) Version 7.2 Mediant 4000 SBC...
Page 402
Mediant 4000 SBC Multiple manipulation rules on the same SIP message Apply conditions per rule - the condition can be on parts of the message or call’s parameters Multiple manipulation rules using the same condition. The following figure shows a...
Page 403
Open the Message Manipulations page (Setup menu > Signaling & Media tab > Message Manipulation folder > Message Manipulations). Click New; the following dialog box appears: Figure 19-3: Message Manipulations Table - Add Dialog Box Version 7.2 Mediant 4000 SBC...
Page 404
Mediant 4000 SBC Configure a Message Manipulation rule according to the parameters described in the table below. Click Apply. An example of configured message manipulation rules are shown in the figure below: Figure 19-4: Example of Configured Message Manipulation Rules ...
Page 405
[7] Normalize = Removes unknown SIP message elements before forwarding the message. Action Value Defines a value that you want to use in the manipulation. The default value is a string (case-insensitive) in the following Version 7.2 Mediant 4000 SBC...
Message Policy rules are used to block (blacklist) unwanted incoming SIP messages or permit (whitelist) receipt of desired SIP messages. You can configure legal and illegal characteristics of SIP messages. This feature is helpful against VoIP fuzzing (also known Version 7.2 Mediant 4000 SBC...
Page 408
Mediant 4000 SBC as robustness testing), which sends different types of packets to its "victims" for finding bugs and vulnerabilities. For example, the attacker might try sending a SIP message containing either an oversized parameter or too many occurrences of a parameter.
Page 409
[MessagePolicy_MaxMessageLength] Max Header Length Defines the maximum SIP header length. max-header-length The valid value is up to 512 characters. The default is 512. [MessagePolicy_MaxHeaderLength] Max Body Length Defines the maximum SIP message body length. This Version 7.2 Mediant 4000 SBC...
Page 410
Mediant 4000 SBC Parameter Description max-body-length is the value of the Content-Length header. [MessagePolicy_MaxBodyLength] The valid value is up to 1,024 characters. The default is 1,024. Max Num Headers Defines the maximum number of SIP headers. max-num-headers The valid value is any number up to 32. The default is...
Pre-Parsing Manipulation Rules table: ini file (PreParsingManipulationRules) or CLI (configure voip > message pre-parsing-manip-rules) To configure Pre-Parsing Manipulation Sets: Open the Pre-Parsing Manipulation Sets table (Setup menu > Signaling & Media tab > Message Manipulation folder > Pre-Parsing Manipulation Sets). Version 7.2 Mediant 4000 SBC...
Page 412
Mediant 4000 SBC Click New; the following dialog box appears: Figure 19-8: Pre-Parsing Manipulation Sets Table - Add Dialog Box Configure a Pre-Parsing Manipulation Set name according to the parameters described in the table below. Click Apply. Pre-Parsing Manipulation Set Table Parameter Descriptions...
Page 413
For more information on regex, refer to the Message [PreParsingManipulationRules_P Manipulation Reference Guide. attern] Replace-With Defines a pattern, based on regex, to replace the matched pattern (defined above). replace-with For more information on regex, refer to the Message [PreParsingManipulationRules_R Manipulation Reference Guide. eplaceWith] Version 7.2 Mediant 4000 SBC...
Page 414
Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-42025...
IpProfile_SBCAllowedCodersMode parameter to Restriction or Restriction and Preference). The following procedure describes how to configure the Coder Groups table through the Web interface. You can also configure it through ini file (AudioCodersGroups and AudioCoders) or CLI (configure voip > coders-and-profiles audio-coders-groups). Version 7.2 Mediant 4000 SBC...
Page 416
For supported audio coders, see ''Supported Audio Coders'' on page 417. • Some coders are license-dependent and are available only if purchased from AudioCodes and included in the License Key installed on your device. For more information, contact your AudioCodes sales representative. •...
Note: The AMR payload type can be configured globally using the AmrOctetAlignedEnable parameter. However, the Coder Group configuration overrides the global parameter. 20.1.1 Supported Audio Coders The table below lists the coders supported by the device. Version 7.2 Mediant 4000 SBC...
Open the Coder Settings page (Setup menu > Signaling & Media tab > Coders & Profiles folder > Coder Settings). Configure the following parameters: • AMR coder: ♦ 'AMR Payload Format' (AmrOctetAlignedEnable): Defines the AMR payload format type: Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC • SILK coder (Skype's default audio codec): ♦ 'Silk Tx Inband FEC': Enables forward error correction (FEC) for the SILK coder. ♦ 'Silk Max Average Bit Rate': Defines the maximum average bit rate for the SILK coder.
Page 421
Configure a name for the Allowed Audio Coders Group according to the parameters described in the table below. Click Apply. Select the new row that you configured, and then click the Allowed Audio Coders link located below the table; the Allowed Audio Coders table opens. Version 7.2 Mediant 4000 SBC...
Page 422
Mediant 4000 SBC Click New; the following dialog box appears: Figure 20-5: Allowed Audio Coders Table - Add Dialog Box Configure coders for the Allowed Audio Coders Group according to the parameters described in the table below. Click Apply. Table 20-3: Allowed Audio Coders Groups and Allowed Audio Coders Tables Parameter...
Configure a name for the Allowed Video Coders Group according to the parameters described in the table below. Click Apply. Select the new row that you configured, and then click the Allowed Video Coders link located below the table; the Allowed Video Coders table opens. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Click New; the following dialog box appears: Figure 20-7: Allowed Video Coders Table - Add Dialog Box Configure coders for the Allowed Video Coders Group according to the parameters described in the table below. Click Apply. Table 20-4: Allowed Video Coders Groups and Allowed Video Coders Tables Parameter...
Page 425
Click New; the following dialog box appears: Figure 20-8: IP Profiles Table - Add Dialog Box Configure an IP Profile according to the parameters described in the table below. Click Apply. Table 20-5: IP Profiles Table Parameter Descriptions Parameter Description General Version 7.2 Mediant 4000 SBC...
Page 426
Mediant 4000 SBC Parameter Description Index Defines an index number for the new table row. [IpProfile_Index] Note: Each row must be configured with a unique index. Name Defines a descriptive name, which is used when associating the row in other tables.
Page 427
RTP. Therefore, RTCP and RTP should be multiplexed over the same port. The device does not support forwarding of DTLS transparently between endpoints (SIP entities). As DTLS has been defined by the WebRTC standard as mandatory Version 7.2 Mediant 4000 SBC...
Page 428
Mediant 4000 SBC Parameter Description for encrypting media channels for SRTP key exchange, the support is important for deployments implementing WebRTC. For more information on WebRTC, see WebRTC on page 572. Reset SRTP Upon Re-key Enables synchronization of the SRTP state between the device and a server when a new SRTP key is generated upon a SIP session expire.
Page 429
SDP answers (with different To-header tags). In this case, the SBCRemoteMultipleAnswersMode parameter is ignored. Note: If the parameter and the SBCRemoteMultipleAnswersMode parameter are disabled, multiple SDP answers are not reflected to the Version 7.2 Mediant 4000 SBC...
Page 430
Mediant 4000 SBC Parameter Description SIP entity (i.e., the device sends the same SDP answer in multiple 18x and 200 responses). Remote Multiple Answers Enables interworking multiple SDP answers within the same SIP Mode dialog (non-standard). The parameter enables the device to forward multiple answers to the SIP entity associated with the IP Profile.
Page 431
Allowed coders; the rest are removed from the SDP offer (i.e., only sMode] coders common between those in the received SDP offer and the Allowed coders are used). If an Extension Coders Group is also assigned (using the 'Extension Coders Group' parameter, above), Version 7.2 Mediant 4000 SBC...
Page 432
Mediant 4000 SBC Parameter Description these coders are added to the SDP offer if they also appear in Allowed coders. [1] Preference = The device re-arranges the priority (order) of the coders in the incoming SDP offer according to their order of appearance in the Allowed Audio Coders Group or Allowed Video Coders Group.
Page 433
SIP re-INVITE (or UPDATE) from the SIP entity to where the SIP INFO is being sent (and keep sending the DTMF digits using the RFC 2833 method). This is done using AudioCodes proprietary SIP header X-AC-Action and a Message Manipulation rule (inbound)
Page 434
Mediant 4000 SBC Parameter Description (i.e., 'Send Multiple DTMF Methods' is configured to Disable): X-AC-Action: 'switch-profile;profile-name=<IP Profile Name>' If the IP Profile name contains one or more spaces, you must enclose the name in double quotation marks, for example: X-AC-Action: 'switch-profile;profile-name="My IP Profile"'...
Page 435
Preferred Value [2] and the 'Preferred Ptime' parameter is configured to a non-zero value, the configured ptime is used (enabling ptime transrating if the other side uses a different ptime). If the 'SDP Ptime Answer' parameter is configured to Remote Answer Version 7.2 Mediant 4000 SBC...
Page 436
Mediant 4000 SBC Parameter Description [0] or Original Offer [1] and the 'Preferred Ptime' parameter is configured to a non-zero value, the configured value is used as the ptime in the SDP offer. The valid range is 0 to 200. The default is 0 (i.e., a preferred ptime is not used).
Page 437
This functionality may require DSP resources. For more information, contact your AudioCodes sales representative. ICE Mode Enables Interactive Connectivity Establishment (ICE) Lite for the SIP entity associated with the IP Profile. ICE is a methodology for NAT...
Page 438
Mediant 4000 SBC Parameter Description The parameter is useful for SIP entities that either require the attribute or do not support the attribute. For example, Google Chrome and Web RTC do not accept calls without the RTCP attribute in the SDP. In...
Page 439
80000 = Smart Transcoding [IpProfile_SBCMaxOpusBW] Note: The parameter is applicable only to the VoIPerfect feature (see VoIPerfect on page 592). Quality of Experience RTP IP DiffServ Defines the DiffServ value for Premium Media class of service (CoS) Version 7.2 Mediant 4000 SBC...
Page 440
Mediant 4000 SBC Parameter Description rtp-ip-diffserv content. [IpProfile_IPDiffServ] The valid range is 0 to 63. The default is 46. Note: The corresponding global parameter is PremiumServiceClassMediaDiffServ. Signaling DiffServ Defines the DiffServ value for Premium Control CoS content (Call Control applications).
Page 441
Session Expires Mode Defines the required session expires mode for the SIP entity associated with the IP Profile. sbc-session-expires-mode [0] Transparent = (Default) The device does not interfere with the [IpProfile_SBCSessionExpir session expires negotiation. esMode] Version 7.2 Mediant 4000 SBC...
Page 442
Mediant 4000 SBC Parameter Description [1] Observer = If the SIP Session-Expires header is present, the device does not interfere, but maintains an independent timer for each leg to monitor the session. If the session is not refreshed on time, the device disconnects the call.
Page 443
[1] Enable = Device retains the incoming Record-Route headers received in requests and non-failure responses from the other side, in the following scenarios: The message is part of a SIP dialog-setup transaction. The messages in the setup and previous transaction didn't Version 7.2 Mediant 4000 SBC...
Page 444
Mediant 4000 SBC Parameter Description include the Record-Route header, and therefore hadn't set the route set. Note: Record-Routes are kept only for SIP INVITE, UPDATE, SUBSCRIBE and REFER messages. Keep User-Agent Header Enables interworking SIP User-Agent headers between SIP entities.
Page 445
Note: If the parameter is not configured, the registration time is according to the global parameter SBCUserRegistrationTime or IP Profile parameter IpProfile_SBCUserRegistrationTime. SBC Forward and Transfer Remote REFER Mode Defines the device's handling of SIP REFER requests for the IP entity Version 7.2 Mediant 4000 SBC...
Page 446
Mediant 4000 SBC Parameter Description sbc-rmt-refer-behavior (transferee - call party that is transfered to the transfer target) associated with the IP Profile. [IpProfile_SBCRemoteRefer Behavior] [0] Regular = (Default) SIP Refer-To header value is unchanged and the device forwards the REFER message as is.
Page 447
SIP 3xx standard while others may not even support SIP 3xx. When enabled, the device handles SIP redirections between different subnets (e.g., between LAN and WAN sides). This is required when Version 7.2 Mediant 4000 SBC...
Page 448
Mediant 4000 SBC Parameter Description the new address provided by the redirector (Redirect sever) may not be reachable by the far-end user (FEU) located in another subnet. For example, a far-end user (FEU) in the WAN sends a SIP request via...
Page 449
IP Profile for all re-INVITE offer-answer transactions (except for initial INVITE). Note: The fax settings in the IP Profile include IpProfile_SBCFaxCodersGroupName, IpProfile_SBCFaxOfferMode, and IpProfile_SBCFaxAnswerMode. Fax Offer Mode Defines the coders included in the outgoing SDP offer (sent to the Version 7.2 Mediant 4000 SBC...
Page 450
Mediant 4000 SBC Parameter Description sbc-fax-offer-mode called "fax") for the SIP entity associated with the IP Profile. [IpProfile_SBCFaxOfferMod [0] All coders = (Default) Use only (and all) the coders of the selected Coder Group configured using the SBCFaxCodersGroupID parameter.
Page 451
(IPv4 and IPv6) and the IP address eference] version preference to establish the media stream. The IP address is indicated in the "c=" field (Connection) of the SDP. [0] Only IPv4 = (Default) SDP offer includes only IPv4 media IP Version 7.2 Mediant 4000 SBC...
Page 452
Mediant 4000 SBC Parameter Description addresses. [1] Only IPv6 = SDP offer includes only IPv6 media IP addresses. [2] Prefer IPv4 = SDP offer includes IPv4 and IPv6 media IP addresses, but the first (preferred) media is IPv4.
Page 453
[2] 2 to [7]7 = Optional Parameter Suites that you can create based on any language (16 sensitivity levels, from 0 to 15). This requires a customized AMD Sensitivity file that needs to be installed on the device. For more information, contact your AudioCodes sales representative. Note: ...
Page 454
Mediant 4000 SBC Parameter Description [IPProfile_LocalRingbackTo (value of -1), the device plays a hard default ringback tone. To play user-defined tones, you need to record your tones and then install them on the device using a loadable Prerecorded Tones (PRT) file.
For example, IP addresses of ITSPs' equipment (e.g. proxies, gateways, and application servers) can be hidden from outside parties. The device's topology hiding is provided by implementing back-to-back user agent (B2BUA) leg routing: Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC • Strips all incoming SIP Via header fields and creates a new Via value for the outgoing message. • Each leg has its own Route/Record Route set. • User-defined manipulation of SIP To, From, and Request-URI host names.
Page 459
Some SIP functionalities are achieved by conveying the SIP call identifiers either in SIP specific headers (e.g., Replaces) or in the message bodies (e.g. Dialog Info in an XML body). Version 7.2 Mediant 4000 SBC...
Page 460
Mediant 4000 SBC In some setups, the SIP client authenticates using a hash that is performed on one or more of the headers that B2BUA changes (removes). Therefore, implementing B2BUA would cause authentication to fail. For facilitating debugging procedures, some administrators require that the value in the Call-ID header remains unchanged between the inbound and outbound SBC legs.
The device obtains the source and destination URLs from certain SIP headers. Once the URLs are determined, the user and host parts of the URLs can be used as matching rule characteristics for classification, message manipulation, and call routing. Version 7.2 Mediant 4000 SBC...
Page 462
Mediant 4000 SBC • All SIP requests (e.g., INVITE) except REGISTER: ♦ Source URL: Obtained from the From header. If the From header contains the value 'Anonymous', the source URL is obtained from the P-Preferred- Identity header. If the P-Preferred-Identity header does not exist, the source URL is obtained from the P-Asserted-Identity header.
You can configure Call Admission Control (CAC) rules for incoming and outgoing REGISTER messages. For example, you can limit REGISTER requests from a specific IP Group or SRD. Note that this applies only to concurrent REGISTER dialogs and not concurrent registrations in the device's registration database. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC The device provides a dynamic registration database that it updates according to registration requests traversing it. Each database entry for a user represents a binding between an AOR (obtained from the SIP To header), optional additional AORs, and one or more contacts (obtained from the SIP Contact headers).
If you configure this grace period, the device keeps the user in the database (and does not send an un-register to the registrar server), allowing the user to send a "late" re-registration to the device. The device removes the Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC user from the database only when this additional time expires. The graceful period is also used before removing a user from the registration database when the device receives a successful unregister response (200 OK) from the registrar/proxy server. This is useful in scenarios, for example, in which users (SIP user agents) such as IP Phones erroneously send unregister requests.
SDP: Origin: IP address, session and version id Session connection attribute ('c=' field) Media connection attribute ('c=' field) Media port number RTCP media attribute IP address and port Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC The device uses different local ports (e.g., for RTP, RTCP and fax) for each leg (inbound and outbound). The local ports are allocated from the Media Realm associated with each leg. The Media Realm assigned to the leg's IP Group (in the IP Groups table) is used. If not assigned to the IP Group, the Media Realm assigned to the leg's SIP Interface (in the SIP Interfaces table) is used.
Page 469
Microsoft Server (direct media is required in the Skype for Business environment). For more information, see ''Configuring IP Groups'' on page 351. IP Groups of the endpoints use the same SIP Interface and the SIP Interface's 'SBC Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Direct Media' parameter is set to Enable (SIPInterface_SBCDirectMedia = 1). IP Groups of the endpoints use the same SIP Interface and the SIP Interface's 'SBC Direct Media' parameter Enable When Single (SIPInterface_SBCDirectMedia = 2), and the endpoints are located behind the same NAT.
SDP answer from the WAN IP phone includes the G.729 coder as the chosen coder. Since this coder was not included in the original incoming SDP offer from the LAN IP phone, the device performs G.729-G.711 transcoding between the inbound and outbound legs. Version 7.2 Mediant 4000 SBC...
Page 472
Mediant 4000 SBC Figure 21-5: Transcoding using Extended Coders (Example) Note: • If you assign a SIP entity an Allowed Audio Coders Group for coder restriction (allowed coders) and a Coders Group for extension coders, the allowed coders take precedence over the extension coders. In other words, if an extension coder is not listed as an allowed coder, the device does not add the extension coder to the SDP offer.
Page 473
G.729 and G.726, but removes the G.711 coder as it does not appear in the Allowed Audio Coders Group for coder restriction. m=audio 6050 RTP/AVP 18 96 96 a=rtpmap:18 G729/8000 a=rtpmap:96 G726-32/8000 a=fmtp:4 annexa=no Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC a=rtpmap:96 telephone-event/8000 a=fmtp:96 0-15 a=ptime:20 a=sendrecv The device includes only the G.729 and G.726 coders in the SDP offer that it sends from the outgoing leg to the outbound SIP entity. The G.729 is listed first as the Allowed Audio Coders Group for coder restriction takes precedence over the extension coder.
It supports the negotiation of up to five media streams ('m=' line) in the SDP offer/answer model per session. The media can include a combination of any of the following types: Audio, indicated in the SDP as 'm=audio' Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Video, indicated in the SDP as 'm=video' Text, indicated in the SDP as 'm=text' Fax, indicated in the SDP as 'm=image' Binary Floor Control Protocol (BFCP), indicated in the SDP as 'm=application <port>...
SIP entity. The IP Profiles table also defines the negotiation method used between the incoming and outgoing fax legs, using the following fax-related parameters: IPProfile_SBCFaxBehavior: defines the offer negotiation method - pass fax Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC transparently, negotiate fax according to fax settings in IP Profile, or enforce remote UA to first establish a voice channel before fax negotiation. IPProfile_SBCFaxCodersGroupName: defines the supported fax coders (from the Coder Groups table). IPProfile_SBCFaxOfferMode: determines the fax coders sent in the outgoing SDP offer.
The SIP client sends the SIP request with the Authorization header to the device. The device sends an Access-Request message to the RADIUS server. The RADIUS server verifies the client's credentials and sends an Access-Accept (or Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Access-Reject) response to the device. The device accepts the SIP client's request (sends a SIP 200 OK or forwards the authenticated request) or rejects it (sends another SIP 407 to the SIP client). To configure this feature, set the SBCServerAuthMode ini file parameter to 2.
Routing table rules. (where the 'Call Trigger' field is set to 3xx). It is also possible to specify the IP Group that sent the 3xx request as matching criteria for the re-routing rule in this table ('ReRoute IP Group ID' field). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 21.9.2 Interworking SIP Diversion and History-Info Headers This device can be configured to interwork between the SIP Diversion and History-Info headers. This is important, for example, to networks that support the Diversion header but not the History-Info header, or vice versa. Therefore, mapping between these headers is crucial for preserving the information in the SIP dialog regarding how and why (e.g., call...
21.9.6 Interworking SIP Early Media The device supports early media. Early media is when the media flow starts before the SIP call is established (i.e., before the 200 OK response). This occurs when the first SDP offer- Version 7.2 Mediant 4000 SBC...
Page 484
Mediant 4000 SBC answer transaction completes. The offer-answer options can be included in the following SIP messages: Offer in first INVITE, answer on 180, and no or same answer in the 200 OK Offer in first INVITE, answer on 180, and a different answer in the 200 OK (not standard) ...
Page 485
Media RTP Detection Mode', 'SBC Remote Supports RFC 3960', and 'SBC Remote Can Play Ringback'. See the flowcharts below for the device's handling of such scenarios: Figure 21-8: SBC Early Media RTP 18x without SDP Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Figure 21-9: Early Media RTP - SIP 18x with SDP 21.9.7 Interworking SIP re-INVITE Messages The device supports interworking re-INVITE messages. This enables communication between endpoints that generate re-INVITE requests and those that do not support the receipt of re-INVITEs. The device does not forward re-INVITE requests to IP Groups that do not support it.
Interworking generation of held tone where the device generates the tone to the held party instead of the call hold initiator. This is configured by the IP Profile parameter, 'SBC Reliable Held Tone Source'. To configure IP Profiles, see ''Configuring IP Profiles'' on page 424. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 21.9.12 Interworking SIP Via Headers The device supports the interworking of SIP Via headers between SIP entities. For the outgoing message sent to a SIP entity, the device can remove or retain all the Via headers received in the incoming SIP request from the other side. Employing IP Profiles, you can configure this interworking feature per SIP entity, using the IpProfile_SBCKeepVIAHeaders parameter (see ''Configuring IP Profiles'' on page 424).
Open the Applications Enabling page (Setup menu > Signaling & Media tab > Core Entities folder > Applications Enabling). From the 'SBC Application' drop-down list, select Enable: Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Version 7.2 Mediant 4000 SBC...
Page 490
Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-42025...
XML body. Below is an example of an XML body where the call-id, tags, and URIs have been replaced by the device: <?xml version="1.0"?> <dialog-info xmlns="urn:ietf:params:xml:ns:dialog-info" version="10" state="partial" entity="sip:alice@example.com"> <dialog id="zxcvbnm3" call-id="67402270@10.132.10.150" local-tag="1c137249965" Version 7.2 Mediant 4000 SBC...
(e.g., of 200). Requests that reach the user-defined call limit (maximum concurrent calls and/or call rate) are sent to an alternative route if configured in the IP-to-IP Routing table. If no alternative Version 7.2 Mediant 4000 SBC...
Page 494
Mediant 4000 SBC routing rule exists, the device rejects the SIP request with a SIP 480 "Temporarily Unavailable" response. Note: The device applies the CAC rule for the incoming leg immediately after the Classification process. If the call/request is rejected at this stage, no routing is performed.
Page 495
'Reserved Capacity' parameter at its' default (i.e., 0). Reserved call capacity is applicable only to INVITE and SUBSCRIBE messages. Reserved call capacity must be less than the maximum capacity (limit) configured for the CAC rule (see the 'Limit' parameter below). Version 7.2 Mediant 4000 SBC...
Page 496
Mediant 4000 SBC Parameter Description The total reserved call capacity configured for all CAC rules must be within the device's total call capacity support. Limit Defines the maximum number of concurrent SIP dialogs per IP Group, SIP Interface or SRD. You can also use the following special...
To configure the action for unclassified calls: Open the SBC General Settings (Setup menu > Signaling & Media tab > SBC folder > SBC General Settings). Version 7.2 Mediant 4000 SBC...
Page 498
Mediant 4000 SBC From the 'Unclassified Calls' drop-down list, select Reject to reject unclassified calls or Allow to accept unclassified calls: Figure 25-1: Configuring Action for Classification Failure Click Apply. If you configure the parameter to Allow, the incoming SIP dialog is assigned to an IP Group as follows: The device determines on which SIP listening port (e.g., 5061) the incoming SIP...
Page 499
Proxy Set feature). • The device saves incoming SIP REGISTER messages in its registration database. If the REGISTER message is received from a User-type IP Group, the device sends the message to the configured destination. Version 7.2 Mediant 4000 SBC...
Page 500
Mediant 4000 SBC The flowchart below illustrates the classification process: Figure 25-2: Classification Process (Identifying IP Group or Rejecting Call) The following procedure describes how to configure Classification rules through the Web interface. You can also configure it through ini file (Classification) or CLI (configure voip >...
Page 501
Source SIP Interface Assigns a SIP Interface to the rule as a matching characteristic for the incoming SIP dialog. src-sip-interface-name The default is Any (i.e., all SIP Interfaces belonging to the SRD [Classification_SrcSIPInterfac assigned to the rule). Version 7.2 Mediant 4000 SBC...
Page 502
Mediant 4000 SBC Parameter Description Note: The SIP Interface must belong to the SRD assigned to the rule eName] (see the 'SRD' parameter in the table). Source IP Address Defines a source IP address as a matching characteristic for the incoming SIP dialog.
Page 503
Note: The IP Group must be associated with the assigned SRD (see the 'SRD' parameter in the table). IP Profile Assigns an IP Profile to the matched incoming SIP dialog. The assigned IP Profile overrides the IP Profile assigned to the IP Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description ip-profile-id Group (in the IP Groups table) to which the SIP dialog is classified. Therefore, assigning an IP Profile during classification allows you to [Classification_IpProfileName] assign different IP Profiles to specific users (calls) that belong to the same IP Group (User or Server type).
Request-URI of incoming SIP dialog-initiating requests. Any registered user in the registration database. If the Request-URI of the incoming INVITE exists in the database, the call is sent to the corresponding contact address specified in the database. Version 7.2 Mediant 4000 SBC...
Page 506
Mediant 4000 SBC According to result of an ENUM query. Hunt Group - used for call survivability of call centers (see ''Configuring Call Survivability for Call Centers'' on page 587). According to result of LDAP query (for more information on LDAP-based routing, see ''Routing Based on LDAP Active Directory Queries'' on page 237).
Page 507
(call forking). The incoming call can be routed to multiple destinations of any type such as an IP Group or IP address. The device forks the call by sending simultaneous INVITE messages to all the specified destinations. It handles Version 7.2 Mediant 4000 SBC...
Page 508
Mediant 4000 SBC the multiple SIP dialogs until one of the calls is answered and then terminates the other SIP dialogs. Call forking is configured by creating a Forking group. A Forking group consists of a main routing rule ('Alternative Route Options' set to Route Row) whose 'Group Policy' is set to Forking, and one or more associated routing rules ('Alternative Route Options' set to Group Member Ignore Inputs or Group Member Consider Inputs).
Page 509
Determines whether this routing rule is the main routing rule or an alternative routing rule (to the rule defined directly above it in the table). alt-route-options [0] Route Row = (Default) Main routing rule - the device first attempts Version 7.2 Mediant 4000 SBC...
Page 510
Mediant 4000 SBC Parameter Description [IP2IPRouting_AltRouteOp to route the call to this route if the incoming SIP dialog's input tions] characteristics matches this rule. [1] Alternative Route Ignore Inputs = If the call cannot be routed to the main route (Route Row), the call is routed to this alternative route regardless of the incoming SIP dialog's input characteristics.
Page 511
The valid value is a string of up to 20 characters. The tag is case [IP2IPRouting_DestTags] insensitive. To configure prefix tags, see ''Configuring Dial Plans'' on page 547. Note: Make sure that you assign the Dial Plan in which you have Version 7.2 Mediant 4000 SBC...
Page 512
Mediant 4000 SBC Parameter Description configured the prefix tag, to the related IP Group or SRD. Instead of using tags and configuring the parameter, you can use the 'Destination Username Prefix' parameter to specify a specific URI destination user or all destinations users.
Page 513
[13] Internal = Instead of sending the incoming SIP dialog to another destination, the device replies to the sender of the dialog with a SIP response code or a redirection response, configured by the 'Internal Version 7.2 Mediant 4000 SBC...
Page 514
Mediant 4000 SBC Parameter Description Action' (IP2IPRouting_InternalAction) parameter in this table (see below). Note: Use option [5] Dial Plan only for backward compatibility purposes; otherwise, use prefix tags as described in ''Configuring Dial Plans'' on page 547. If you configure the parameter to Dest Address, Request URI,...
Page 515
Call Setup rules of this Set ID if the incoming call matches call-setup-rules-set-id the characteristics of this routing rule. The device routes the call to the [IP2IPRouting_CallSetupR destination according to the routing rule's configured action, only after it ulesSetId] has performed the Call Setup rules. Version 7.2 Mediant 4000 SBC...
Page 516
Mediant 4000 SBC Parameter Description To configure Call Setup rules, see ''Configuring Call Setup Rules'' on page 413. Group Policy Defines whether the routing rule includes call forking. group-policy [0] None = (Default) Call uses only this route (even if Forking Group [IP2IPRouting_GroupPolicy members are configured in the rows below it).
Open the Fax/Modem/CID Settings page (Setup menu > Signaling & Media tab > Media folder > Fax/Modem/CID Settings). In the 'Fax Detection Timeout' field (SBCFaxDetectionTimeout), enter the duration (in seconds) for which the device attempts to detect fax (CNG tone): Version 7.2 Mediant 4000 SBC...
Page 518
Mediant 4000 SBC From the 'CNG Detector Mode' drop-down list (CNGDetectorMode), select Event Only. Load an ini file to the device through the Auxiliary Files page (see Loading Auxiliary Files through Web Interface on page 635) with the following parameter setting,...
Open the SIP Interfaces table (see Configuring SIP Interfaces on page 343), and then configure the following SIP Interfaces: • SIP Interface for leg interfacing with IP PBXs (local UDP port 5060 is used): General Index Name Version 7.2 Mediant 4000 SBC...
Page 520
Mediant 4000 SBC Network Interface UDP Port 5060 • SIP Interface for leg interfacing with proxy server (specific local UDP ports are later taken from this port range): General Index Name ITSP Network Interface UDP Port 5060 Additional UDP Ports...
Page 521
'Tags' parameter of the classified IP Group, as the local UDP port on the leg interfacing with the proxy server for messages sent to the proxy server: General Index Rule Set ID Condition srctags.Type=='PBX' Action Action Subject message.outgoing.local-port Action Type Modify Version 7.2 Mediant 4000 SBC...
Page 522
Mediant 4000 SBC param.ipg.src.tags.Port Action Value • If the source tag name "Type" equals "ITSP" (i.e., SIP message from the ITSP), then use the value (port number) of the local port on which the incoming message from the proxy server is received by the device, as the value of the destination tag name "Port".
(see ''Configuring Quality of Service Rules'' on page 321). If the response code is configured in the table and the device rejects a call due to threshold crossing, it searches in the IP-to-IP Routing table for an alternative routing rule. Version 7.2 Mediant 4000 SBC...
Page 524
Mediant 4000 SBC Note: • If the device receives a SIP 408 response, an ICMP message, or no response, alternative routing is still performed even if the code is not configured in the Alternative Routing Reasons table. • SIP requests belonging to an SRD or IP Group that have reached the call limit...
(tenants), unless deployment requires otherwise (i.e., a dedicated Routing Policy per SRD). Once configured, you need to associate the Routing Policy with an SRD(s) in the SRDs table. To determine the routing and manipulation rules for the SRD, you need to assign the Version 7.2 Mediant 4000 SBC...
Page 526
Mediant 4000 SBC Routing Policy to routing and manipulation rules. The figure below shows the configuration entities to which Routing Policies can be assigned: Typically, assigning a Routing Policy to a Classification rule is not required, as when an incoming call is classified it uses the Routing Policy associated with the SRD to which it belongs.
Page 527
> Routing > Routing Policies). Click New; the following dialog box appears: Figure 25-8: Routing Policies Table - Add Dialog Box Configure the Routing Policy rule according to the parameters described in the table below. Click Apply. Version 7.2 Mediant 4000 SBC...
Page 528
Mediant 4000 SBC Table 25-4: Routing Policies table Parameter Descriptions Parameter Description General Index Defines an index number for the new table row. Note: Each row must be configured with a unique index. Name Defines a descriptive name, which is used when associating the row in other tables.
You can assign up to five IP Groups per IP Group Set. The following procedure describes how to configure IP Group Sets through the Web interface. You can also configure it through other management platforms: Version 7.2 Mediant 4000 SBC...
Page 530
Mediant 4000 SBC IP Group Set Table: ini file (IPGroupSet) or CLI (configure voip > sbc routing ip- group-set) IP Group Set Member Table: ini file (IPGroupSetMember) or CLI (configure voip > sbc routing ip-group-set-member) To configure an IP Group Set: Open the IP Group Set table (Setup menu >...
Page 531
Figure 25-10: IP Group Set Member Table - Dialog Box Configure IP Group Set members according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. IP Group Set Member Table Parameter Descriptions Parameter Description Version 7.2 Mediant 4000 SBC...
Page 532
Mediant 4000 SBC Parameter Description Index Defines an index number for the new table row. index Note: Each row must be configured with a unique index. [IPGroupSetMember_IPGroupSe tMemberIndex] IP Group Assigns an IP Group to the IP Group Set. ip-group-name To configure IP Groups, see Configuring IP Groups.
IP Groups respectively (if any, in the IP Groups table). Below is an example of a call flow and consequent SIP URI manipulations: Incoming INVITE from LAN: INVITE sip:1000@10.2.2.3;user=phone;x=y;z=a SIP/2.0 Via: SIP/2.0/UDP 10.2.2.6;branch=z9hGLLLLLan From:<sip:7000@10.2.2.6;user=phone;x=y;z=a>;tag=OlLAN;paramer1 =abe To: <sip:1000@10.2.2.3;user=phone> Call-ID: USELLLAN@10.2.2.3 Version 7.2 Mediant 4000 SBC...
Routing Policy ("Default_SBCRoutingPolicy"), when only one Routing Policy is required, the device automatically assigns the default Routing Policy to the routing rule. If you are implementing LDAP-based routing (with or without Call Setup Rules) and/or Version 7.2 Mediant 4000 SBC...
Page 536
Mediant 4000 SBC Least Cost Routing (LCR), you need to configure these settings for the Routing Policy (regardless of the number of Routing Policies employed). For more information on Routing Policies, see ''Configuring SBC Routing Policy Rules'' on page 525.
Page 537
[2] REGISTER = Only REGISTER messages. [3] SUBSCRIBE = Only SUBSCRIBE messages. [4] INVITE and REGISTER = All SIP messages except SUBSCRIBE. [5] INVITE and SUBSCRIBE = All SIP messages except Version 7.2 Mediant 4000 SBC...
Page 538
Mediant 4000 SBC Parameter Description REGISTER. Source IP Group Defines the IP Group from where the incoming INVITE is CLI: src-ip-group-name received. [IPInboundManipulation_SrcIpGr The default is Any (i.e., any IP Group). oupName] Source Username Prefix Defines the prefix of the source SIP URI user name (usually in CLI: src-user-name-prefix the From header).
IP Groups, respectively. The following procedure describes how to configure Outbound Manipulations rules through the Web interface. You can also configure it through ini file (IPOutboundManipulation) or CLI (configure voip > sbc manipulation ip-outbound-manipulation). Version 7.2 Mediant 4000 SBC...
Page 540
Mediant 4000 SBC To configure Outbound Manipulation rules: Open the Outbound Manipulations table (Setup menu > Signaling & Media tab > SBC folder > Manipulation > Outbound Manipulations). Click New; the following dialog box appears: Figure 26-3: Outbound Manipulations Table- Add Dialog Box Configure an Outbound Manipulation rule according to the parameters described in the table below.
Page 541
Defines the prefix of the source SIP URI user name, typically used in the SIP From header. src-user-name-prefix The default value is the asterisk (*) symbol (i.e., any source [IPOutboundManipulation_SrcUsern username prefix). The prefix can be a single digit or a range of amePrefix] Version 7.2 Mediant 4000 SBC...
Page 542
Mediant 4000 SBC Parameter Description digits. For available notations, see ''Dialing Plan Notation for Routing and Manipulation'' on page 831. Note: If you need to manipulate calls of many different source URI user names, you can use tags (see 'Source Tags' parameter below) instead of this parameter.
Page 543
Prefix to Add Defines the number or string to add in the front of the manipulated item. For example, if you enter 'user' and the user prefix-to-add name is "john", the new user name is "userjohn". [IPOutboundManipulation_Prefix2Ad Version 7.2 Mediant 4000 SBC...
Page 544
Mediant 4000 SBC Parameter Description If you set the 'Manipulated Item' parameter to Source URI or Destination URI, you can configure the parameter to a string of up 49 characters. If you set the 'Manipulated Item' parameter to Calling Name, you can configure the parameter to a string of up 36 characters.
26.3 Using the Proprietary SIP X-AC-Action Header You can use AudioCodes proprietary SIP header, X-AC-Action in message manipulation rules to trigger certain actions. These actions can be used to support, for example, interworking of SIP-I and SIP endpoints for the ISUP SPIROU variant (see Enabling Interworking of SIP and SIP-I Endpoints on page 569).
Page 546
Mediant 4000 SBC receiving this manipulated message, the device starts using IP Profile "ITSP-Profile-2" instead of "ITSP-Profile-1", for the IP Group. User's Manual Document #: LTRT-42025...
Dial Plan for a rule that matches the destination number. If matching dial plan rules are found, the tags configured for these rules are used in the routing and/or manipulation processes as source and/or destination tags. Version 7.2 Mediant 4000 SBC...
Page 548
Mediant 4000 SBC Note: When tags are used in the IP-to-IP Routing table to determine destination IP Groups (i.e., 'Destination Type' parameter configured to Destination Tag), the device searches the Dial Plan for a matching destination (called) prefix number only.
Page 549
532[1-9] 532[2-4] For incoming calls with prefix number "53124", the rule with tag C is chosen (longest suffix - C has three digits, B two digits and A one digit): Prefix 53([2-4]) 53([01-99]) 53([001-999]) Version 7.2 Mediant 4000 SBC...
Page 550
Mediant 4000 SBC For incoming calls with prefix number "53124", the rule with tag B is chosen (suffix is more specific for digit "4"): Prefix 53([2-4]) 53(4),B Dial Plans are configured using two tables with parent-child type relationship: ...
Page 551
For example, "54324#" represents a 5-digit number that starts with the digits 54324. .: (Period) Denotes any letter or digit. [n-m], (n-m), or ([n1-m1,n2-m2,a,b,c,n3-m3]): Represents a Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description mixed notation of single numbers and multiple ranges. To represent the prefix, the notation is enclosed by square brackets [...]; to represent the suffix, the notation is enclosed by square brackets which are enclosed by parenthesis ([...]).
Page 553
The following procedures describe how to import a Dial Plan file. To overwrite all existing Dial Plans with imported Dial Plan file: Web interface (from a local folder): Open the Dial Plan table. Version 7.2 Mediant 4000 SBC...
Page 554
Mediant 4000 SBC From the 'Action' drop-down menu, choose Import; the following dialog box appears: Figure 27-5: Importing Dial Plan Rules for Specific Dial Plan Use the Browse button to select the Dial Plan file on your PC, and then click OK.
Name: Name of the dial plan rule belonging to the Dial Plan. Prefix: Source or destination number prefix. Tag: Result of the user categorization and can be used as matching characteristics for routing and outbound manipulation For example: DialPlanName,Name,Prefix,Tag PLAN1,rule_100,5511361xx,A PLAN1,rule_101,551136184[4000-9999]#,B MyDialPlan,My_rule_200,5511361840000#,itsp_1 MyDialPlan,My_rule_201,66666#,itsp_2 Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 27.3 Using Dial Plan Tags for IP-to-IP Routing You can use Dial Plan tags with IP-to-IP Routing rules in the IP-to-IP Routing table, where tags can be used for the following: Matching routing rules by source and/or destination prefix numbers (see Using Dial Plan Tags for Matching Routing Rules on page 556) ...
The device searches the IP Groups table and IP Group Set table for an IP Group whose 'Tags' parameter is configured with the same tag as selected from the Dial Plan rule. If found, the device routes the call to this IP Group. Version 7.2 Mediant 4000 SBC...
Page 558
Mediant 4000 SBC The following figure displays the device's SIP dialog processing when Dial Plan tags are used to determine the destination IP Group: Figure 27-7: SIP Dialog Handling for Tag-Based Routing The following procedure describes how to configure routing to destination IP Groups determined by Dial Plan tags.
Page 559
Destination Tag and the 'Routing Tag Name' to one of your Dial Plan tags. In our example, the tag "Country" is used: Parameter Index 0 Name Europe Source IP Group Destination Type Destination Tag Routing Tag Name Country Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Note: • For configuring Dial Plan tags, see Configuring Dial Plans on page 547. • Configure the 'Routing Tag Name' parameter with only the name of the tag (i.e., without the value, if exists). For example, instead of "Country=England", configure it as "Country"...
Manipulations'' on page 539), configure a rule with the required manipulation and whose matching characteristics include the tag(s) that you configured in your Dial Plan in Step 1. The tags are assigned using the following parameters: • 'Source Tags' parameter (IPOutboundManipulation_SrcTags): tag denoting the calling users Version 7.2 Mediant 4000 SBC...
Page 562
Mediant 4000 SBC • 'Destination Tags' parameter (IPOutboundManipulation_DestTags): tag denoting the called users User's Manual Document #: LTRT-42025...
For example, you can configure a rule that adds the SIP header "City" with the value "ny" (i.e., City: ny) to all outgoing SIP INVITE messages associated with the source tag "ny": Note: You cannot modify Dial Plan tags using Message Manipulation rules. Version 7.2 Mediant 4000 SBC...
Page 564
Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-42025...
(i.e., IP Group). To configure Message Policies, see ''Configuring SIP Message Policy Rules''. The following procedure describes how to configure Malicious Signatures through the Web interface. You can also configure it through ini file (MaliciousSignatureDB) or CLI (configure voip > sbc malicious-signature-database). Version 7.2 Mediant 4000 SBC...
Page 566
Mediant 4000 SBC To configure a Malicious Signature: Open the Malicious Signature table (Setup menu > Signaling & Media tab > SBC folder > Malicious Signature). Click New; the following dialog box appears: Figure 28-1: Malicious Signature Table - Add Dialog Box Configure a Malicious Signature according to the parameters described in the table below.
The device does not preempt established emergency calls. To configure SBC emergency call preemption: In the Message Conditions table (see ''Configuring Message Condition Rules'' on page 406), configure a Message Condition rule to identify incoming emergency calls. See above for examples. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Open the SBC General Settings page (Setup menu > Signaling & Media tab > SIP Definitions folder > Priority and Emergency), and then scroll down to the Call Priority and Preemption group: Figure 29-2: Configuring Emergency SBC Call Preemption From the 'Preemption Mode' drop-down list (SBCPreemptionMode), select Enable to enable call preemption.
SIP-I is SIP encapsulated with ISUP and the interworking is between SIP signaling and ISUP signaling. This allows you to deploy the device in a SIP environment where part of the call path involves the PSTN. Version 7.2 Mediant 4000 SBC...
Page 570
Mediant 4000 SBC The SIP-I sends calls, originating from the SS7 network, to the SIP network by adding ISUP messaging in the SIP INVITE message body. The device can receive such a message from the SIP-I and remove the ISUP information before forwarding the call to the SIP endpoint.
Page 571
''Configuring SIP Message Manipulation'' on page 401). For a complete description of the ISUP manipulation syntax, refer to the SIP Message Manipulation Reference Guide. In addition, you can use AudioCodes proprietary SIP header X-AC-Action in Message Manipulation rules to support various call actions (e.g., SIP-I SUS and RES messages) for the ISUP SPIROU variant.
The WebRTC feature is a license-dependent feature and is available only if it is included in the License Key that is installed on the device. For ordering the feature, please contact your AudioCodes sales representative. User's Manual Document #: LTRT-42025...
Page 573
WebRTC components and the device's interworking of these components between the WebRTC client and the SIP user agent: The call flow process for interworking WebRTC with SIP endpoints by the device is illustrated below and subsequently described: Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC The WebRTC client uses a Web browser to visit the Web site page. The Web page receives Web page elements and JavaScript code for WebRTC from the Web hosting server. The JavaScript code runs locally on the Web browser.
Page 575
The SIP messages over WebSocket are indicated by the "ws" value, as shown in the example below of a SIP REGISTER request received from a client: REGISTER sip:10.132.10.144 SIP/2.0 Via: SIP/2.0/WS v6iqlt8lne5c.invalid;branch=z9hG4bK7785666 Max-Forwards: 69 To: <sip:101@10.132.10.144> From: "joe" <sip:101@10.132.10.144>;tag=ub50pqjgpr Call-ID: fhddgc3kc3hhu32h01fghl CSeq: 81 REGISTER Version 7.2 Mediant 4000 SBC...
For the WebRTC deployment environment, you need to install a signed certificate by a Certificate Authority (CA) on you Web server machine (hosting the WebRTC JavaScript) and on your AudioCodes SBC device (i.e., WebSocket server). Note: • Google announced a security policy change that impacts new versions of the Chrome Web browser.
Page 577
From the 'TLS Context Name' drop-down list, assign the TLS Context that you configured in Step 1 (e.g., "WebRTC"). Figure 29-7: Configuring SIP Interface for WebRTC Clients Click Apply. Configure an IP Profile for the WebRTC clients: Version 7.2 Mediant 4000 SBC...
Page 578
Mediant 4000 SBC Open the IP Profiles table (see ''Configuring IP Profiles'' on page 424). Do the following: ♦ From the 'ICE Mode' drop-down list (IPProfile_SBCIceMode), select Lite to enable ICE. ♦ From the 'RTCP Mux' drop-down list (IPProfile_SBCRTCPMux), select Supported to enable RTCP multiplexing.
Some SIP entities (e.g., IP Phones) are setup to register with two registrar/proxy servers (primary and secondary). The reason for this is to provide call redundancy for the SIP entity in case one of the proxy servers fail. When the SIP entity registers with the proxy servers, it Version 7.2 Mediant 4000 SBC...
Page 580
Mediant 4000 SBC sends two identical REGISTER messages - one to the primary proxy and one to the secondary proxy. When the device is located between the SIP entity and the two proxy servers, it needs to differentiate between these two REGISTER messages even though they are identical.
Page 581
Keep user; add unique identifier as URI parameter. In the Message Manipulations table, configure the following rules: • Index 0: ♦ Manipulation Set ID: 1 ♦ Action Subject: header.contact.url.ac-int ♦ Action Type: Modify ♦ Action Value: '1' • Index 1: Version 7.2 Mediant 4000 SBC...
Page 582
Mediant 4000 SBC ♦ Manipulation Set ID: 2 ♦ Action Subject: header.contact.url.ac-int ♦ Action Type: Modify ♦ Action Value: '2' In the SIP Interfaces table, configure the following SIP Interfaces: • Index 0 (SIP Interface for IP Phone A): ♦...
29.7.2 Configuring SIP Forking Initiated by SIP Proxy The device can handle the receipt of multiple SIP 18x responses as a result of SIP forking initiated by a proxy server. This occurs when the device forwards an INVITE, received from Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC a user agent (UA), to a proxy server and the proxy server then forks the INVITE request to multiple UAs. Several UAs may answer and the device may therefore, receive several replies (responses) for the single INVITE request. Each response has a different 'tag' value in the SIP To header.
To enable the BroadWorks survivability feature: Open the SBC General Settings page (Setup menu > Signaling & Media tab > SBC folder > SBC General Settings). From 'BroadWorks Survivability Feature' drop-down list (SBCExtensionsProvisioningMode), select Enable: Click Apply. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 29.8.2 Configuring BroadSoft's Shared Phone Line Call Appearance for Survivability The device can provide redundancy for BroadSoft's Shared Call Appearance feature. When the BroadSoft application server switch (AS) fails or does not respond, or when the network connection between the device and the BroadSoft AS is down, the device manages the Shared Call Appearance feature for the SIP clients.
(such as IVR), the device routes the incoming calls received from the customer (i.e., from the TDM gateway) to the call center agents. Version 7.2 Mediant 4000 SBC...
Page 588
Mediant 4000 SBC In normal operation, the device registers the agents in its users registration database. Calls received from the TDM gateway are forwarded by the device to the application server, which processes the calls and sends them to specific call center agents, through the device.
LCD screens. If you enable the feature and the device is in Survivability mode, it responds to SIP REGISTER messages from the IP phones with a SIP 200 OK containing the following XML body: Version 7.2 Mediant 4000 SBC...
Page 590
Mediant 4000 SBC Content-Type: application/xml <?xml version="1.0" encoding="utf-8"?> <LMIDocument version="1.0"> <LocalModeStatus> <LocalModeActive>true</LocalModeActive> <LocalModeDisplay>StandAlone Mode</LocalModeDisplay> </LocalModeStatus> </LMIDocument> To enable survivability display on Aastra phones: Load an ini file to the device that includes the following parameter setting: SBCEnableSurvivabilityNotice = 1...
If the device does not receive a SIP ACK in response to this, it sends a new 200 OK to the next alternative destination. This new destination can be the next given IP address resolved from a DNS from the Contact or Record-Route header in the request related to the response. Version 7.2 Mediant 4000 SBC...
25%. ISPs can therefore offer service level agreements (SLAs) to their customers based on the VoIPerfect feature. For more information, contact your AudioCodes sales representative. In addition, by ensuring high call quality even in adverse network conditions, VoIPerfect may reduce costs for ISPs such...
Page 593
♦ RTCP Feedback: Feedback On ♦ Voice Quality Enhancement: Enable ♦ Max Opus Bandwidth: 80000 • Quality of Service Rules (see Configuring Quality of Service Rules on page 321): ♦ Rule Metric: Poor InVoice Quality Version 7.2 Mediant 4000 SBC...
Page 594
Mediant 4000 SBC ♦ Alternative IP Profile Name: name of Alternative IP Profile (above) Configuration of the Access SBC for both methods: Coder Groups: • Coders Group with G.711 and Opus • Coders Group with Opus Allowed Audio Coders Group with Opus ...
Short number dialog (short numbers are learned dynamically in the registration process) Survivability indication to IP phone Call hold and retrieve Version 7.2 Mediant 4000 SBC...
Page 598
Mediant 4000 SBC Survivability Quality of Experience/Service Security Call transfer (if IP phone initiates REFER) Basic Shared Line Appearance (excluding correct busy line indications) Call waiting (if supported by IP phone) One of the main advantages of CRP is that it enables quick-and-easy configuration. This is accomplished by its pre-configured routing entities, whereby only minimal configuration is required.
Open the Applications Enabling page (Setup menu > Signaling & Media tab > Core Entities folder > Applications Enabling). From the 'CRP Application' drop-down list, select Enable. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 31.2 Configuring Call Survivability Mode The CRP can be configured to operate in one of the following call survivability modes: Normal (Default): The CRP interworks between the branch users and the IP PBX located at headquarters. The CRP forwards all requests (such as for registration) from the branch users to the IP PBX, and routes the calls based on the IP-to-IP routing rules.
The IP Groups can be edited, except for the fields listed above, which are read-only. • For accessing the IP Groups table and for a description of its parameters, see ''Configuring IP Groups'' on page 351. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 31.4 Pre-Configured IP-to-IP Routing Rules For the CRP application, the IP-to-IP Routing table is pre-configured with IP-to-IP routing rules. These rules depend on the configured Call Survivability mode, as described in ''Configuring Call Survivability Mode'' on page 600.
Route Ignore Inputs #1 [CRP IP Group #3 [CRP Alternative Users] Gateway] Route Ignore Inputs #2 [CRP IP Group #1 [CRP Route Row Proxy] Users] #2 [CRP IP Group #3 [CRP Route Row Proxy] Gateway] Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Mode Index Source IP Request Type Destination Destination Destination Alternative Group Type IP Group Address Route Options #3 [CRP IP Group #2 [CRP Route Row Gateway] Proxy] #3 [CRP IP Group #1 [CRP Alternative Gateway] Users] Route Ignore...
(.cmp) if the redundant device is running a different software version. Once loaded to the redundant device, the redundant device reboots to apply the new configuration and/or software. This ensures that the two units are synchronized regarding configuration and software. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Note: If the active unit runs an earlier version (e.g., 7.0) than the redundant unit (e.g., 7.2), the redundant unit is downgraded to the same version as the active unit (e.g., 7.0). Thus, under normal operation, one of the devices is in active state while the other is in redundant state, where both devices share the same configuration and software.
Title above device is "Active Device". The default name is "Device 1". Redundant device: • Color of border surrounding device is blue. • Title above device is "Redundant Device". The default name is "Device 2". Version 7.2 Mediant 4000 SBC...
Page 610
Mediant 4000 SBC The Monitor page also displays the HA operational status of the device to which you are currently logged in. This is displayed in the 'HA Status' field under the Device Information: "Synchronizing": Redundant device is synchronizing with Active device ...
This is enabled by configuring the Ethernet Group associated with the Maintenance interface with two ports. The required receive (Rx) and transmit (TX) mode for the port pair in the Ethernet Group used by the Maintenance interface is as follows (not applicable to Mediant VE): Version 7.2 Mediant 4000 SBC...
Page 612
Mediant 4000 SBC (Recommended Physical Connectivity) If the Maintenance ports of both devices are connected directly to each other without intermediation of switches, configure the mode to 2RX/1TX: Figure 33-1: Rx/Tx Mode for Direct Connection If the two devices are connected through two (or more) isolated LAN switches (i.e.,...
Assigning the OAMP IP Address on page Open the IP Interfaces table (see ''Configuring IP Network Interfaces'' on page 129). Change the default OAMP network settings to suit your networking scheme. Configure the Control and Media network interfaces, as required. Version 7.2 Mediant 4000 SBC...
Page 614
Mediant 4000 SBC Add the HA Maintenance interface (i.e., the MAINTENANCE Application Type). Note: Make sure that the Maintenance interface uses an Ethernet Device and Ethernet Group that is not used by any other IP network interface. The Ethernet Group is associated with the Ethernet Device, which is assigned to the interface.
Configure the same Ethernet port Tx / Rx mode of the Ethernet Group used by the Maintenance interface as configured for the first device. Configure HA parameters in the HA Settings page: In the 'HA Remote Address' field, enter the Maintenance IP address of the first device. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC (Optional) Enable the HA Preempt feature by configuring the 'Preempt Mode' parameter to Enable, and then setting the priority level of the device in the 'Preempt Priority' field. Make sure that you configure different priority levels for the two devices.
Page 617
After it synchronizes with the active device, it initiates a switchover and becomes the new active device (the former active device resets and becomes the new redundant device). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 33.3 Configuring Firewall Allowed Rules If you want to configure firewall rules (see 'Configuring Firewall Rules' on page 165) that block specific network traffic, you must first configure firewall rules that allow traffic needed in your deployment. Therefore, in addition to allowing basic traffic (such as OAMP,...
To enable and configure monitoring of network entities using pings: Open the HA Settings page (Setup menu > IP Network tab > Core Entities folder > HA Settings). From the 'HA Network Monitor' (HAPingEnabled) drop-down list, select Enable: Version 7.2 Mediant 4000 SBC...
Page 620
Mediant 4000 SBC In the 'Monitor Threshold' (HaNetworkMonitorThreshold) field, enter the minimum number of failed ("Not Reachable") monitored rows that are required to trigger an HA switchover: Open the HA Network Monitor table (Setup menu > IP Network tab > Core Entities folder >...
Page 621
('Peer Destination Address') of the monitored row, as shown in the below example: The reachability status is displayed in the 'Peer Reachability Status' read-only field: "Reachability unverified": The reachability status of the destination is currently Version 7.2 Mediant 4000 SBC...
Page 622
Mediant 4000 SBC undetermined. In other words, the destination has never replied to the device's pings. "Reachable": The device considers the destination as online (reachable). In other words, the device has received a ping reply from the destination. ...
• Navigation tree: Setup menu > Administration tab > Maintenance folder > High Availability Maintenance. Figure 34-1: Performing a Device HA Switchover Click Switch Over; a confirmation box appears requesting you to confirm. Click OK. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 34.4 Resetting the Redundant Unit You can reset the Redundant device, if necessary. Note: When resetting the Redundant device, the HA mode becomes temporarily unavailable. To reset the Redundant device: Open the High Availability Maintenance page: •...
Page 625
Reset the redundant device. Note: The procedure assumes that no network changes were made to both devices' HA Maintenance interface or Ethernet Devices (VLAN); otherwise, the devices may not be able to communicate with each other. Version 7.2 Mediant 4000 SBC...
Page 626
Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-42025...
Timeout' field (see next step). During this interval, no new traffic is accepted. If no traffic exists and the time has not yet expired, the device resets immediately. • No: Reset begins immediately, regardless of traffic. Any existing traffic is immediately terminated. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC In the 'Shutdown Timeout' field (available only if the 'Graceful Option' field is configured to Yes), enter the time after which the device resets. Note that if no traffic exists and the time has not yet expired, the device resets.
Page 631
User's Manual 35. Basic Maintenance calls. The 'Gateway Operational State' read-only field displays "UNLOCKED". Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 35.3 Saving Configuration When you configure parameters and tables in the Web interface and then click the Apply button on the pages in which the configurations are done, changes are saved to the device's volatile memory (RAM). These changes revert to their previous settings if the device subsequently resets (hardware or software) or powers down.
You can forcibly disconnect all active calls, or disconnect specific calls based on Session To disconnect calls through CLI: Disconnect all active calls: # clear voip calls Disconnect active calls belonging to a specified Session ID: # clear voip calls <Session ID> Version 7.2 Mediant 4000 SBC...
Page 634
Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-42025...
''Locking and Unlocking the Device'' on page 630. 37.1.1 Loading Auxiliary Files through Web Interface The following procedure describes how to load Auxiliary files through the Web interface. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Note: • When loading an ini file through the Auxiliary Files page (as described in this section), only parameter settings specified in the ini file are applied to the device; all other parameters remain at their current settings.
(in any standard text editor) to suit your specific requirements and then convert the modified ini file into binary dat file format, using AudioCodes DConvert utility. For more information, refer to the DConvert Utility User's Guide.
Page 638
Mediant 4000 SBC Only eight AM tones, in the range of 1 to 128 kHz, can be configured (the detection range is limited to 1 to 50 kHz). Note that when a tone is composed of a single frequency, the second frequency field must be set to zero.
Page 639
High Freq [Hz]=0 Low Freq Level [-dBm]=10 (-10 dBm) High Freq Level [-dBm]=32 (use 32 only if a single tone is required) First Signal On Time [10msec]=300; the dial tone is detected after 3 sec Version 7.2 Mediant 4000 SBC...
Audition), and then combined into a single and loadable PRT file (.dat) using the latest version of AudioCodes DConvert utility (refer to the DConvert Utility User's Guide). Once created, you need to install the PRT file on the device (flash memory), using the Web interface (see 'Loading Auxiliary Files' on page 635) or CLI.
Plans as required. Save the file with the ini file extension name (e.g., mydialplanfile.ini). Convert the ini file to a dat binary file, using AudioCodes DConvert utility. For more information, refer to DConvert Utility User's Guide. Load the converted file to the device, as described in ''Loading Auxiliary Files'' on page 635.
Mediant 4000 SBC 37.5.2 Obtaining IP Destination from Dial Plan File You can use a Dial Plan index listed in a loaded Dial Plan file for determining the IP destination of SBC (see note below) calls. This enables the mapping of called numbers to IP addresses (in dotted-decimal notation) or FQDNs (up to 15 characters).
644 CLI - see Configuring SBC User Info Table through CLI on page 645 Loadable User Info file - see ''Configuring SBC User Info Table in Loadable Text File'' on page 646 Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 37.6.2.1 Configuring SBC User Info Table through Web Interface The following procedure describes how to configure the SBC User Info table through the Web interface. Note: • To configure the User Info table, make sure that you have enabled the feature as described in Enabling the User Info Table on page 643.
Mediant 4000 SBC To search a user by local-user: (sip-def-proxy-and-reg)# user-info find <local-user, e.g., JohnDoe> JohnDee: Found at index 0 in SBC user info table, not registered Note: To configure the User Info table, make sure that you have enabled the feature as described in Enabling the User Info Table on page 643.
The XML-to-binary format conversion can be done using AudioCodes DConvert utility. For more information on using this utility, refer to DConvert Utility User's Guide. Only one AMD Sensitivity file can be installed on the device.
Page 648
Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-42025...
License Key The License Key determines the device's supported features and call capacity, as ordered from your AudioCodes sales representative. You can upgrade or change your device's supported features and capacity, by purchasing and installing a new License Key that match your requirements.
Serial Number: Device's serial number. Board Type: AudioCodes internal identification number of the type of your device. Remote License Server / Remote License Server IP: For more information, see Upgrading SBC Capacity Licenses by License Pool Manager Server on page 657.
The License Key page uses color-coded icons to indicate the changes between the previous License Key and the newly loaded License Key (for more information, see Installing License Key through Web Interface on page 650). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Click Apply New License Key; the following message box appears: Figure 38-4: Apply New License Key Message Click Reset; the device begins to save the file to flash memory with a reset and the following progress message box appears:...
Page 653
Figure 38-7: Apply New License Key Message Click Reset; the device begins to save the file to flash memory with a reset and the following progress message box appears: Figure 38-8: Reset in Progress for License Key Version 7.2 Mediant 4000 SBC...
Page 654
Mediant 4000 SBC When installation completes, the following message box appears: Figure 38-9: Reset and Save-to-Flash Success Message Clock Close to close the message box; you are logged out of the Web interface and prompted to log in again. The features and capabilities displayed on the License Key page now reflect the newly installed License Key.
Page 655
HA switchover mechanism. When you click the button, the process starts and a message box is displayed indicating the installation progress: Figure 38-10: Hitless License Key Upgrade - Progress When installation completes, the following message box appears: Figure 38-11: Hitless License Upgrade Successfully Completed Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC • Non-Hitless Upgrade: Installs the License Key simultaneously on both devices where both undergo a reset and therefore, current calls are terminated. When you click the button, the process starts and the following progress message box appears:...
Manager Server The device can receive SBC capacity (session) licenses from a centralized pool of SBC resources managed by the License Pool Manager Server running on AudioCodes OVOC. The License Pool Manager Server can dynamically allocate and de-allocate SBC licenses from the pool to devices in the network to meet capacity demands of each device, whenever required.
Page 658
Mediant 4000 SBC Remote License Server IP: IP address of the License Server. The device periodically checks with the License Pool Manager Server for SBC capacity licenses. The License Pool Manager Server identifies the device by serial number. If it has an SBC license for the device, it sends it to the device.
: Saves the License Key as a file to a folder on your computer. By default, the device names the file "license". • : Copies the License Key as a string to your computer's clipboard. You can then paste the string into any application, for example, an e-mail message. Version 7.2 Mediant 4000 SBC...
Viewing the Device's Product Key The Product Key identifies a specific purchase of your device installation for the purpose of subsequent communication with AudioCodes (e.g., for support and software upgrades). The Product Key is your chassis' serial number--"S/N(Product Key)"--which also appears on the product label affixed to the chassis.
An HA switchover occurs from active device (i.e., the initial redundant device) to redundant device (i.e., the initial active device) to return the devices to their original HA state. Only the initial redundant deviceundergoes a reset to return to redundant state. Version 7.2 Mediant 4000 SBC...
Page 662
Mediant 4000 SBC Note: • You can obtain the latest software files from AudioCodes Web site at http://www.audiocodes.com/downloads. • When you start the wizard, the rest of the Web interface is unavailable. After the files are successfully installed with a device reset, access to the full Web interface is restored.
Page 663
Cancel. However, if you continue with the wizard and start loading the cmp file, the upgrade process must be completed with a device reset. Click Browse, and then navigate to and select the .cmp file. Version 7.2 Mediant 4000 SBC...
Page 664
Mediant 4000 SBC Click Load File; the device begins to install the .cmp file and a progress bar displays the status of the loading process: Figure 39-2: CMP File Loading Progress Bar When the file is loaded, a message is displayed to inform you.
Page 665
(according to the .cmp file) and thereby, overwrite values previously configured for these parameters. Click Reset; a progress bar is displayed, indicating the progress of saving the files to flash and device reset. Figure 39-4: Progress Bar Indicating Burning Files to Flash Version 7.2 Mediant 4000 SBC...
Page 666
Mediant 4000 SBC Note: Device reset may take a few minutes (even up to 30 minutes), depending on .cmp file version. When the device finishes the installation process and resets, the wizard displays the following, which lists the installed .cmp software version and other files that you may...
The following procedure describes how to load a configuration file from a folder on your PC to the device. You can load any of the following configuration file types: ini file CLI Script file CLI Startup Script file Version 7.2 Mediant 4000 SBC...
Page 668
Mediant 4000 SBC Warning: • When loading an ini file as described in this section, parameters not included in the ini file are restored to default settings. If you want to keep the device's current configuration settings and also apply the settings specified in the ini file, load the file through the Auxiliary Files page, as described in Loading Auxiliary Files through Web Interface on page 635.
Open the Network Settings page (Setup menu > IP Network tab > Advanced folder > Network Settings). From the 'Enable DHCP" drop-down list, select Enable. Figure 41-1: Enabling DHCP Client Functionality Click Apply. To activate the DHCP process, reset the device. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC The following shows an example of a configuration file for a Linux DHCP server (dhcpd.conf). The devices are allocated temporary IP addresses in the range 10.31.4.53 to 10.31.4.75. TFTP is assumed to be on the same computer as the DHCP server (alternatively, the "next-server"...
The only configuration required is to preconfigure the device(s) with the URL of the initial (master) ini file. This can be done using one of the following methods: DHCP, as described in ''DHCP-based Provisioning'' on page 669 or via TFTP at a Version 7.2 Mediant 4000 SBC...
Provisioning'' on page 671 is that the protocol in the URL is "ftp" (instead of "http"). 41.1.4 Provisioning using AudioCodes OVOC AudioCodes OVOC server functions as a core-network provisioning server. The device's SNMP Manager should be configured with the IP address of the OVOC server, using one of the methods detailed in the previous sections.
Automatic Update settings and other configuration settings that require a device reset. The URL of the server where this file is located is configured by the AUPDStartupScriptURL ini file parameter or CLI command, configure system > automatic-update > startup-script <URL>. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 41.2.2 File Location for Automatic Update The files for updating the device can be stored on any standard Web (HTTP/S), TFTP, or FTP, server. The files can be loaded periodically to the device using HTTP/S, TFTP, or FTP, .
URL is replaced with the filename and extension, as listed in the below table. For example, if you configure the AupdFilesList parameter as in Step 1 and the TemplateUrl parameter to: • ini File: TemplateUrl = 'http://10.8.8.20/Site1_<FILE>' • CLI: Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC # configure system (config-system)# automatic update (automatic-update)# template-url http://10.8.8.20/Site1_<FILE> The device sends HTTP requests to the following URLs: • http://10.8.8.20/Site1_device.ini • http://10.8.8.20/Site1_fk.ini • http://10.8.8.20/Site1_cpt.data Place the files to download on the provisioning server. Make sure that their file names and extensions are based on the hardcoded string values specific to the file type for the <FILE>...
(working in conjunction with the HTTP If- Modified-Since header, described further on in this section). Version 7.2 Mediant 4000 SBC...
Page 678
Mediant 4000 SBC You can configure the information sent in the User-Agent header, using the AupdHttpUserAgent parameter or CLI command, configure system > http-user-agent. The information can include any user-defined string or the following supported string variable tags (case-sensitive): •...
Page 679
If the serial number is the same and the license key is different to the one currently installed on the device, it applies the new License Key. For devices in HA mode, the License Key is applied to both active and redundant units. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC If the device receives an HTTP 301/302/303 redirect response from the provisioning server, it establishes a connection with the new server at the redirect URL and re- sends the HTTP Get request. 41.2.8 File Download Sequence Whenever the Automatic Update feature is triggered (see ''Triggers for Automatic Update''...
For enabling CRC, use the ini file parameter AUPDCheckIfIniChanged or CLI command, configure system > automatic-update > crc-check regular. By default, CRC is disabled. For more information on the parameter, see ''Automatic Update Parameters'' on page 848. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 41.2.10 Automatic Update Configuration Examples This section provides a few examples on configuring the Automatic Update feature. 41.2.10.1 Automatic Update for Single Device This simple example describes how to configure the Automatic Update feature for updating a single device. In this example, the device queries the provisioning server for software, configuration and Auxiliary files every 24 hours.
'ftps://root:wheel@ftpserver.corp.com/feature_key.txt' Software (.cmp) and ini files: Set up an HTTP Web server and copy the .cmp and configuration files to the server. Configure the device with the URL paths of the .cmp and ini files: Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC ♦ ini File: AutoCmpFileUrl = 'http://www.company.com/device/sw.cmp' IniFileURL = 'http://www.company.com/device/inifile.ini' ♦ CLI: # configure system (config-system)# automatic update (automatic-update)# auto-firmware 'http://www.company.com/sw.cmp' (automatic-update)# startup-script https://company.com/files/startup_script.txt Configure the device with the IP address of the DNS server for resolving the domain...
Page 685
(e.g., http://www.company.com) that is used in the URL for the provisioning server. This is done in the IP Interfaces table: ♦ ini File: [ InterfaceTable ] FORMAT InterfaceTable_Index = InterfaceTable_ApplicationTypes, InterfaceTable_InterfaceMode, InterfaceTable_IPAddress, InterfaceTable_PrefixLength, InterfaceTable_Gateway, InterfaceTable_VlanID, InterfaceTable_InterfaceName, InterfaceTable_PrimaryDNSServerIPAddress, InterfaceTable_SecondaryDNSServerIPAddress, InterfaceTable_UnderlyingDevice; Version 7.2 Mediant 4000 SBC...
Page 686
Mediant 4000 SBC InterfaceTable 0 = 6, 10, 10.15.7.95, 16, 10.15.0.1, 1, "Voice", 80.179.52.100, 0.0.0.0, "vlan 1"; [ \InterfaceTable ] ♦ CLI: # configure network (config-network)# interface network-if 0 (network-if-0)# primary-dns 80.179.52.100 Power down and then power up the device.
SBC Configuration Wizard, their new settings are used. • On some wizard pages, the availability of certain fields depends on the selected application. Version 7.2 Mediant 4000 SBC...
Figure 42-1: SBC Configuration Wizard - Welcome Page If desired, the SBC Configuration Wizard allows you to share usage statistics with AudioCodes in order to help us improve our software. To agree, select the 'Report usage statistics' check box, and then fill in the subsequent fields.
SIP REGISTER, SUBSCRIBE and NOTIFY messages. If you selected the SIP Trunk application in Step 1, do the following: From the 'IP-PBX' drop-down list, select the IP PBX model. If the model is not listed, select Generic IP-PBX. Version 7.2 Mediant 4000 SBC...
Page 690
Mediant 4000 SBC From the 'SIP-Trunk' drop-down list, select the SIP trunk provider. If the provider is not listed, select Generic SIP Trunk. To generate a configuration template based on the individual properties of the selected IP PBX and SIP Trunk, instead of using the existing template for the specific combination, select the 'Override template' check box.
DNS server and the IP PBX or ITSP require the use of hostnames instead of IP addresses. Select the 'Apply local DNS' check box, and then configure the following parameters: Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC ♦ 'Domain Name': Domain name to resolve into an IP address. ♦ 'First IP address': IP address of the domain name. ♦ 'Secondary IP address': Second IP address of the domain name (optional). For more information on configuring the device's DNS table, see Configuring the Internal DNS Table on page 152.
'NAT Public IP': Displays the public IP address (of the Enterprise router) for communicating with the IP PBX. The field is applicable only when the device is connected to a router that performs NAT. To configure IP PBX settings: Under the IP-PBX group, configure the following: Version 7.2 Mediant 4000 SBC...
Page 694
Mediant 4000 SBC • 'Address': Configure the IP address (or hostname) of the IP PBX. Note that for the One port: WAN network topology, when the device is assigned a public IP address, you must use the public IP address (of the Enterprise router) instead of the private address of the IP PBX, and configure the Enterprise router to forward VoIP traffic from the device to the IP PBX.
Under the SIP Trunk group, configure the following: • 'Address': Configures the IP address or hostname of the SIP Trunk. • 'Backup Address': (Optional) Configures the backup IP address or hostname of the SIP Trunk. Version 7.2 Mediant 4000 SBC...
Page 696
Mediant 4000 SBC • 'SIP Domain': Configures the SIP domain name for communicating with the SIP Trunk. The domain name is used in the following SIP message headers: ♦ Outbound calls: Request-URI and To headers ♦ Inbound calls: From header •...
'Password': Password for communication with ARM. Click Next; the Remote Users (FEU) page appears (see Remote Users Page on page 698). The example below changes the number "+15033311432" to "03311432": Prefix: "+1503" Remove:"4" Add: "0" Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 42.8 Remote Users Page The Remote Users (FEU) wizard page configures the remote users settings. Note: This page is applicable only to IP PBXs that support such configuration. Figure 42-8: SBC Configuration Wizard - Remote Users Page ...
To save the configuration as an ini file to a folder on your PC, click the Save INI file button. You can later load the file to the device (see Loading an ini File to the Device on page 667). Click Next; the Congratulations page appears (see Congratulations Page on page 700). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 42.10 Congratulations Page The Congratulations wizard page is the last wizard page and allows you to complete configuration. Figure 42-10: SBC Configuration Wizard - Congratulations Page To complete the SBC Configuration Wizard: Click Apply & Reset to apply configuration to the device or click Save INI File to save configuration as an ini file on your PC.
# enable At the prompt, type the password again, and then press Enter: # Password: Admin At the prompt, type the following to reset the device to default settings, and then press Enter: # write factory Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 43.2 Restoring Factory Defaults through Web Interface You can restore the device to factory defaults through the Web interface. Note: When restoring to factory defaults, you can preserve your IP network settings that are configured in the IP Interfaces table (see ''Configuring IP Network Interfaces'' on page 129), as described in the procedure below.
Product Key, which identifies the specific device purchase. The Product Key also appears on the product label that is affixed to the chassis, as "S/N(Product Key)". For more information, see Viewing the Device's Product Key on page 660. Version 7.2 Mediant 4000 SBC...
Page 706
Mediant 4000 SBC Parameter Description Board Type Product name of the device. Device Up Time Duration that the device has been up and running since the last reset. The duration is displayed in the following format: dd:hh:mm:ss:100th of a second Device Administrative State Administrative status ("Unlocked"...
INVITE and REGISTER, or in-dialog transactions such as UPDATE and BYE). The corresponding • Registered Users: Number of users registered with the device. The corresponding SNMP performance monitoring MIB is PM_gwSBCRegisteredUsers. Figure 44-2: Viewing Call Statistics on Monitor Page Version 7.2 Mediant 4000 SBC...
Page 708
Mediant 4000 SBC Graphical display of the device with color-coded status icons, as shown in the figure below and described in the subsequent table: Note: For a description of the Monitor page when the device is in High Availability (HA) mode, see HA Status Display on Monitor Web Page on page 609.
Page 709
(green): Ethernet link is working (gray): Ethernet link is not connected To view detailed Ethernet port information, click these icons to open the Ethernet Port Information page (see Viewing Ethernet Port Information on page 733). Version 7.2 Mediant 4000 SBC...
Page 710
Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-42025...
SNMP MIB table, acPMDSPUsage. You can also configure low and high DSP utilization thresholds this MIB, that crossed, SNMP trap event, acPerformanceMonitoringThresholdCrossing is sent by the device. For more information on this MIB, refer to the SNMP Reference Guide. Version 7.2 Mediant 4000 SBC...
Page 712
Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-42025...
Critical (red) Major (orange) Minor (yellow) Source Component of the device from which the alarm was raised. Description Brief description of the alarm. Date Date (DD/MM/YYYY) and time (HH:MM:SS) the alarm was raised. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 46.2 Viewing History Alarms You can view all SNMP alarms, in the Web interface's Alarms History table, that have been raised (active alarms) as well as cleared (resolved). One of the benefits of this is that you can view alarms that may have been raised and then cleared on a continuous basis.
Page 715
Description Date Date (DD/MM/YYYY) and time (HH:MM:SS) the alarm was raised. To delete all the alarms in the table: Click the Delete History Table button; a confirmation message box appears. Click OK to confirm. Version 7.2 Mediant 4000 SBC...
Page 716
Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-42025...
Username of the user account that performed the activity. Interface Protocol used for connecting to the management interface (e.g., Telnet, SSH, Web, or HTTP). Client IP address of the client PC from where the user accessed the management interface. Version 7.2 Mediant 4000 SBC...
Page 718
Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-42025...
From the 'SRD/IP Group' drop-down list, select whether you want to view statistic for an SRD or IP Group. From the 'Index' drop-down list, select the SRD or IP Group index. From the 'Direction' drop-down list, select the call direction: Version 7.2 Mediant 4000 SBC...
Page 720
Mediant 4000 SBC • In: incoming calls • Out: outgoing calls • Both: incoming and outgoing calls From the 'Type' drop-down list, select the SIP message type: • INVITE: INVITE • SUBSCRIBE: SUBSCRIBE • Other: all SIP messages If there is no data for the charts, the chart appears gray and "No Data" is displayed to the right of the chart.
The minimum resolution is about 30 seconds; the maximum resolution is about an hour. To pause the graph, click the Pause button; click Play to resume. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 48.3 Configuring Performance Profiles The Performance Profile table lets you configure up to 2628 Performance Profile rules. A Performance Profile rule defines thresholds of performance monitoring call metrics for Major and Minor severity alarms. If the threshold is crossed, the device raises the corresponding severity alarm.
Page 723
92 (i.e., 90 + 2) crosses the configured Minor threshold with hysteresis. Yellow to Green (alarm The change occurs if the measured metric 92 (i.e., 90 + 2) cleared) crosses the configured Minor threshold with hysteresis. Version 7.2 Mediant 4000 SBC...
Page 724
Mediant 4000 SBC Note: • Forwarded calls are not considered in the calculation for ASR and NER. • If you don't configure thresholds for a specific metric, the device still provides current performance monitoring values of the metric, but does not raise any threshold alarms for it.
Page 725
For example, if you configure the 'Major Threshold' parameter to 70% and the 'Hysteresis' parameter to 2%, the device considers a threshold crossing from Red to Yellow only if the ASR crosses 72% (i.e., 70% + 2%). Version 7.2 Mediant 4000 SBC...
Page 726
Mediant 4000 SBC Parameter Description Minimum Samples Defines the minimum number of call sessions (sample) that is required for the device to calculate the performance minimum-samples monitoring metrics (per window size). If the number of call [PerformanceProfile_MinimumSample] sessions is less than the configured value, no calculation is done.
10 seconds from the proxy/registrar server. CLI: • SBC users: # show voip register db sbc list • SBC contacts of a specified AOR: # show voip register db sbc user <Address Of Record> Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 49.2 Viewing Proxy Set Status You can view the status of Proxy Sets that are used in your call routing topology. Proxy Sets that are not associated with any routing rule are not displayed. To configure proxy Sets, see Configuring Proxy Sets on page 366.
Page 729
"NOT RESOLVED": Proxy address is configured as an FQDN, but the DNS resolution has failed. Empty field: Keep-alive for the proxy is disabled or the device has yet to send a keep-alive to the proxy. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 49.3 Viewing Registration Status You can view the registration status of the device's SIP Accounts. To view registration status: Open the Registration Status table (Monitor menu > Monitor tab > VoIP Status folder > Registration Status).
CDR is added, the last CDR entry is removed from the table. Note: • The CDR fields in the table cannot be customized. • If the device is reset, all CDRs are deleted from memory and from the table. Version 7.2 Mediant 4000 SBC...
Page 732
Mediant 4000 SBC To view SBC CDR history: Web: Open the SBC CDR History table (Monitor menu > Monitor tab > VoIP Status folder > SBC CDR History). Figure 49-4: SBC CDR History Table CLI: • All CDR history: # show voip calls history sbc •...
Navigation tree: Monitor menu > Monitor tab > Network Status folder > Ethernet Port Information. • Monitor home page: Click an Ethernet port on the graphical display of the device (see ''Viewing Device Status on Monitor Page'' on page 707). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Table 50-1: Ethernet Port Information Table Description Parameter Description Port Name Displays the name of the port. Active Displays whether the port is active ("Yes") or not ("No"). Speed Displays the speed of the Ethernet port. Duplex Mode Displays whether the port is half- or full-duplex.
Navigation tree: Monitor menu > Monitor tab > Hardware folder > Components Status. • Monitor home page: Click a power supply or fan tray icon (see ''Viewing Device Status on Monitor Page'' on page 707). Version 7.2 Mediant 4000 SBC...
Page 736
Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-42025...
Description CallID Call ID - call ID from the SIP dialog LocalID Local ID - identifies the reporting endpoint for the media session RemoteID Remote ID - identifies the remote endpoint of the media session Version 7.2 Mediant 4000 SBC...
Page 738
Mediant 4000 SBC Metric Parameter Description OrigID Originating ID - Identifies the endpoint which originated the session LocalAddr Local Address - IP address, port, and SSRC of the endpoint/UA which is the receiving end of the stream being measured RemoteAddr...
Page 739
MOSCQEstAlg MOS-CQ Est. Algorithm - name (string) of the algorithm used to estimate MOSCQ QoEEstAlg QoE Est. Algorithm - name (string) of the algorithm used to estimate all voice quality metrics DialogID Identification of the SIP dialog with which the media session is related Version 7.2 Mediant 4000 SBC...
Page 740
Mediant 4000 SBC Below shows an example of a SIP PUBLISH message sent with RTCP XR and QoE information: PUBLISH sip:172.17.116.201 SIP/2.0 Via: SIP/2.0/UDP 172.17.116.201:5060;branch=z9hG4bKac2055925925 Max-Forwards: 70 From: <sip:172.17.116.201>;tag=1c2055916574 To: <sip:172.17.116.201> Call-ID: 20559160721612201520952@172.17.116.201 CSeq: 1 PUBLISH Contact: <sip:172.17.116.201:5060> Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUB...
In addition, CDRs can be generated for SIP signaling and/or media. The device can send CDRs to any of the following: Syslog server. The CDR Syslog message complies with RFC 3164 and is identified by Facility 17 (local1) and Severity 6 (Informational). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC RADIUS server. For CDR in RADIUS format, see ''Configuring RADIUS Accounting'' on page 780. To configure RADIUS servers for CDR reporting, see ''Configuring RADIUS Servers'' on page 229. Note: To view SBC CDRs stored on the device's memory, see Viewing SBC CDR History on page 731.
Page 743
The maximum number of characters for tabular alignment are given in the table below. Table 52-2: CDR Field Descriptions Field Description Accounting Displays the CDR Report Type in numeric representation (integer), used mainly for Status Type the RADIUS Accounting Status Type attribute (40): Version 7.2 Mediant 4000 SBC...
Page 744
Mediant 4000 SBC Field Description [305] "1" = “Accounting Start” for CALL_START or CALL_CONNECT "2" = “Accounting Stop” for CALL_END Note: The field is included in the default CDR. The field is applicable to all CDR Report Types.
Page 745
Displays the name of the called party. The field is a string of up to 36 characters. Note: [432] The field is included in the default CDR. The field is applicable to all CDR Report Types. The field is applicable only to SBC signaling and Gateway CDRs. Version 7.2 Mediant 4000 SBC...
Page 746
Mediant 4000 SBC Field Description The default field title is "Callee" in the sent CDR. The maximum number of characters for Syslog tabular alignment is 37. Caller Display Displays the name of the caller (caller ID). The field is a string of up to 50 characters.
Page 747
The field is a string of up to 150 characters. Manipulation Note: [803] The field is included in the default CDR. The field is applicable to all CDR Report Types. The field is applicable only to SBC signaling CDRs. Version 7.2 Mediant 4000 SBC...
Page 748
Mediant 4000 SBC Field Description The default field title is "DstURIBeforeMap". The maximum number of characters for Syslog tabular alignment is 41. Destination Displays the destination URI (username@host) after manipulation, if any. The field is a string of up to 150 characters.
Page 749
Format and Gateway CDR Format tables. The field is applicable to all CDR Report Types. The field is applicable only to SBC signaling and Gateway CDRs. The maximum number of characters for Syslog tabular alignment is 5. Version 7.2 Mediant 4000 SBC...
Page 750
Mediant 4000 SBC Field Description IP Profile Displays the IP Profile name. The field is a string of up to 40 characters. Name Note: [426] The field is included in the default CDR. The field is applicable to all CDR Report Types.
Page 751
Displays the local MOS for conversation quality. The field is an integer from 10 to 46 (127 if information is unavailable). [627] Note: The field is included in the default CDR. The field is applicable only to "CALL_END" and "MEDIA_END" CDR Report Types. Version 7.2 Mediant 4000 SBC...
Page 752
Mediant 4000 SBC Field Description The field is applicable only to SBC media and Gateway CDRs. The default field title is "LocalMosCQ". The maximum number of characters for Syslog tabular alignment is 10. Local Output Displays the local output octets (bytes).
Page 753
The field is applicable to all CDR Report Types. The field is applicable only to SBC signaling and Gateway CDRs. The default field title is "MediaRealmId (name)". The maximum number of characters for Syslog tabular alignment is 32. Version 7.2 Mediant 4000 SBC...
Page 754
Mediant 4000 SBC Field Description Media Type Displays the media type: [304] "audio" "video" "text" Note: The field is included in the default CDR. The field is applicable only to "CALL_END" and "MEDIA_END" CDR Report Types.
Page 755
Displays the date and time the call ended (disconnected). The field is a string of up to 35 characters and presented in the following format: <hh:mm:ss:ms> UTC [413] <DDD> <MMM> <DD> <YYYY>. For example, "17:00:55.002 UTC Thu Dec 14 2017". Version 7.2 Mediant 4000 SBC...
Page 756
Mediant 4000 SBC Field Description Note: To configure the time zone string (e.g., "UTC" - default, "GMT+1", and "EST"), use the TimeZoneFormat parameter. The field is included in the default CDR. The field is applicable to "CALL_END" CDR Report Types.
Page 757
The maximum number of characters for Syslog tabular alignment is 5. Remote R Displays the remote R-factor conversation quality. The field is an integer from 0 to Factor 120 (127 if information is unavailable). [626] Note: Version 7.2 Mediant 4000 SBC...
Page 758
Mediant 4000 SBC Field Description The field is included in the default CDR. The field is applicable only to "CALL_END" and "MEDIA_END" CDR Report Types. The field is applicable only to SBC media and Gateway CDRs. ...
Page 759
Displays the date and time that the call was setup. The field value is a string of up to 35 characters and presented in the following format: [411] <hh:mm:ss:ms> UTC <DDD> <MMM> <DD> <YYYY>. For example, "17:00:49.052 UTC Thu Dec 14 2017" Version 7.2 Mediant 4000 SBC...
Page 760
Mediant 4000 SBC Field Description Note: To configure the time zone string (e.g., "UTC" - default, "GMT+1", and "EST"), use the TimeZoneFormat parameter. The field is included in the default CDR. The field is applicable to all CDR Report Types.
Page 761
Displays the source IP address. The field value is a string of up to 20 characters. [402] Note: The field is included in the default CDR. The field is applicable to all CDR Report Types. Version 7.2 Mediant 4000 SBC...
Page 762
Mediant 4000 SBC Field Description The field is applicable only to SBC signaling and Gateway CDRs. The default field title is "SourceIp". The maximum number of characters for Syslog tabular alignment is 20. Source Port Displays the SIP signaling source UDP port. The field value is an integer of up to 10 digits.
Page 763
The field is applicable only to "CALL_END" CDR Report Types. The field is applicable only to SBC signaling and Gateway CDRs. The default field title is "TrmReasonCategory" for Syslog and Local Storage, Version 7.2 Mediant 4000 SBC...
Page 764
Mediant 4000 SBC Field Description and "Termination Reason" for Web CDR History. The maximum number of characters for Syslog tabular alignment is 17. Termination Displays the Q.850 reason codes (1-127) for call termination. For example, "16" for Reason Value Normal Termination.
Page 767
The default field title is "Trigger". The maximum number of characters for Syslog tabular alignment is 8. Was Call Displays whether the call was started or not (i.e., whether a "CALL_START" CDR Started Report was generated). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Field Description [415] "0": No INVITE was sent to the IP side for the Tel-to-IP call, or no Setup message was sent to the Tel side for the IP-to-Tel call. Note that the first "CALL_START" CDR report type of a new signaling leg has value "0".
Page 769
Examples of configured CDR customization rules are shown below: Figure 52-6: Examples of SBC CDR Customization Rules Table 52-3: SBC CDR Format Table Parameter Descriptions Parameter Description Index Defines an index number for the new table row. Version 7.2 Mediant 4000 SBC...
Page 770
Mediant 4000 SBC Parameter Description Note: Each row must be configured with a unique index. [SBCCDRFormat_Index] CDR Type Defines the application type for which you want to customize CDRs. cdr-type [1] Syslog SBC = (Default) Customizes CDR fields for SIP signaling-related CDRs sent in Syslog messages.
Page 771
ID to 0 (default) for any of the RADIUS Attributes (configured in the 'Column Type' parameter) listed below and then apply your rule (Click Apply), the device automatically replaces the value with the RADIUS Attribute's ID according to the RFC: Destination Username: 30 Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description Source Username: 31 Accounting Status Type: 40 Local Input Octets: 42 Local Output Octets: 43 Call Duration: 46 Local Input Packets: 47 Local Output Packets: 48 If you configure the value to 0 and the RADIUS Attribute is not any of the ones listed above, the configuration is invalid.
Page 773
Index 2: The default CDR field "Call Duration" for local CDR storage is changed to "call-duration=". Table 52-4: Test Call CDR Format Table Parameter Descriptions Parameter Description Index Defines an index number for the new table row. Note: Each row must be configured with a unique index. [GWCDRFormat_Index] Version 7.2 Mediant 4000 SBC...
Page 774
Mediant 4000 SBC Parameter Description CDR Type Defines the application type for which you want to customize CDRs. cdr-type [0] Syslog Gateway = (Default) Customizes CDR field names for CDRs (media and signaling) sent in Syslog messages. [GWCDRFormat_CDRType] ...
Page 775
Call Duration: 46 Local Input Packets: 47 Local Output Packets: 48 If you configure the value to 0 and the RADIUS Attribute is not any of the ones listed above, the configuration is invalid. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 52.2.4 Configuring CDR Reporting To enable and configure CDR reporting, follow the procedure below. For detailed descriptions of the parameters, see ''Syslog, CDR and Debug Parameters'' on page 862. To configure CDR reporting: Enable the Syslog feature for sending log messages generated by the device to a collecting log message server.
You can do the following with locally saved CDR files (*.csv), through the CLI (root menu): View stored CDR files: • View all stored CDR files: # show storage-history • View all stored, unused CDR files: # show storage-history unused Version 7.2 Mediant 4000 SBC...
Page 778
Mediant 4000 SBC Delete stored CDR files: • Delete all stored files: # clear storage-history cdr-storage-history all • Delete all stored, unused CDR files: # clear storage-history cdr-storage-history unused Save stored CDR files to an external destination: # copy storage-history cdr-storage-history <filename> to <protocol://destination>...
Page 779
If you have enabled the CDR storage feature and you later decide to change the maximum number of files (CDRLocalMaxNumOfFiles) to a lower value (e.g., from 50 to 10), the device stores the remaining files (e.g., 40) in its memory (i.e., unused files). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 52.3 Configuring RADIUS Accounting The device can send accounting data of SIP calls as call detail records (CDR) to a RADIUS Accounting server. CDR-based accounting messages can be sent upon call release, call connection and release, or call setup and release. This section lists the CDR attributes for RADIUS accounting.
Page 781
Customizing CDRs for SBC Calls on page 768. To configure the address of the RADIUS Accounting server, see ''Configuring RADIUS Servers'' on page 229. For all RADIUS-related configuration, see ''RADIUS-based Services'' on page 229. Version 7.2 Mediant 4000 SBC...
Page 782
Mediant 4000 SBC To configure RADIUS accounting: Open the Call Detail Record Settings page (Troubleshoot menu > Troubleshoot tab > Call Detail Record folder > Call Detail Record Settings). Configure the following parameters: • From the 'Enable RADIUS Access Control' drop-down list (EnableRADIUS), select Enable.
Page 783
String h323-gw-id=<SIP Start gateway ID string> Stop sip-call-id SIP Call ID String sip-call- Start id=abcde@ac.com Stop call-terminator Terminator of the String call-terminator=yes Stop call: "yes": Call terminated by the outgoing leg "no": Call Version 7.2 Mediant 4000 SBC...
Page 784
Mediant 4000 SBC Vendor- Attribute Attribute Specific Value Description Example Name Attribute Format (VSA) ID terminated by the incoming leg terminator Terminator of the String terminator=originate Stop call: "answer": Call originated from the incoming leg "originate": Call originated from...
Syslog messages, or CDRs. Disabling a rule is useful, for example, if you no longer require the rule, but may need it in the future. Thus, instead of deleting the rule entirely, you can simply disable it. Version 7.2 Mediant 4000 SBC...
Page 790
Mediant 4000 SBC Note: • If you want to configure a Log Filter rule that logs Syslog messages to a Syslog server (i.e., not to a Debug Recording server), you must enable Syslog functionality, using the 'Enable Syslog' (EnableSyslog) parameter (see ''Enabling Syslog'' on page 799).
Page 791
IP Group at Index 2 with the name "SIP Trunk", configure the parameter to either "2" or "SIP Trunk" (without apostrophes). For IP trace expressions, see ''Filtering IP Network Traces'' on Version 7.2 Mediant 4000 SBC...
Page 792
Mediant 4000 SBC Parameter Description page 793. Log Destination Defines where the device sends the log file. log-dest [0] Syslog Server = The device generates Syslog messages based on the configured log filter and sends them to a user- [LoggingFilters_LogDestination] defined Syslog server.
IP protocol type (PDU) entered as an enumeration value (e.g., 1 is ICMP, 6 is TCP, 17 is UDP) udp, tcp, icmp, sip, ldap, http, https Single expressions for protocol type udp.port, tcp.port Transport layer Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Expression Description udp.srcport, tcp.srcport Transport layer for source port udp.dstport, tcp.dstport Transport layer for destination port and, &&, ==, <, > Between expressions Below are examples of configured expressions for the 'Value' parameter: udp && ip.addr==10.8.6.55 ...
Page 795
In addition, the benefit of unique numbering is that it enables you to filter the information (such as SIP, Syslog, and media) according to device or session ID. The syntax of the session and device identifiers are as follows: Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Message Item Dscription [SID=<last 6 characters of device's MAC address>:<number of times device has reset>:<unique SID counter indicating the call session; increments consecutively for each new session; resets to 1 after a device reset>] For example: 14:32:52.028: 10.33.8.70: NOTICE: [S=9369] [SID=2ed1c8:96:5] (lgr_psbrdex)(274) recv <--...
Page 797
Counts the number of BFI Frames Received From The Host No Available Release Descriptor RTP Reorder Unknown RTP Payload Type RTP SSRC Error Unrecognized Fax Relay Command Invalid Accumulated Packets Counter Invalid Channel ID Invalid Header Length Invalid Codec Type Version 7.2 Mediant 4000 SBC...
Unknown Aggregation Payload Type Invalid Routing Flag Received 53.2.1.2 Identifying AudioCodes Syslog Messages using Facility Levels The device’s Syslog messages can easily be identified and distinguished from Syslog messages from other equipment, by setting its Facility level. The Facility levels of the device's Syslog messages are numerically coded with decimal values.
The following procedure describes how to enable Syslog. To enable Syslog: Open the Syslog Settings page (Troubleshoot menu > Troubleshoot tab > Logging folder > Syslog Settings). From the 'Enable Syslog' drop-down list, select Enable. Figure 53-2: Enabling Syslog Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Click Apply. 53.2.3 Configuring the Syslog Server Address The following procedure describes how to configure the Syslog server's address to where the device sends Syslog messages. To configure the Syslog server address: Open the Syslog Settings page (Troubleshoot menu > Troubleshoot tab > Logging folder >...
Actions that are not related to parameter changes (for example, file uploads, file delete, lock-unlock maintenance actions, LDAP clear cache, register-unregister, and start-stop trunk. In the Web, these actions are typically done by clicking a button (e.g., the LOCK button). Version 7.2 Mediant 4000 SBC...
When debug recording is enabled and Syslog messages are also included in the debug recording, to view Syslog messages using Wireshark, you must install AudioCodes' Wireshark plug-in (acsyslog.dll). Once the plug-in is installed, the Syslog messages are decoded as "AC SYSLOG" and displayed using the "acsyslog" filter (instead of the regular "syslog"...
You can select the Syslog messages displayed on the page, and copy and paste them into a text editor such as Notepad. This text file (txt) can then be sent to AudioCodes Technical Support for diagnosis and troubleshooting. 53.3 Configuring Debug Recording This section describes how to configure debug recording and how to collect debug recording packets.
Click Apply. 53.3.2 Collecting Debug Recording Messages To collect debug recording packets, use the open source packet capturing program, Wireshark. AudioCodes proprietary plug-in files for Wireshark are required. Note: • The default debug recording port is 925. You can change the port in Wireshark (Edit menu >...
Note that the source IP address of the messages is always the OAMP IP address of the device. The device adds the header "AUDIOCODES DEBUG RECORDING" to each debug recording message, as shown below: 53.3.3 Debug Capturing on Physical VoIP Interfaces You can capture traffic on the device's physical (Ethernet LAN) VoIP interfaces (Layer-2 VLAN tagged packets).
Page 806
Mediant 4000 SBC # debug capture VoIP physical get_last_capture <TFTP/FTP server IP address> The file is saved to the device's memory (not flash) and erased after a device reset. Marks the captured file (useful for troubleshooting process): # debug capture VoIP physical insert-pad Before running this command, the debug capture must be started.
The ID is unique to the call session and remains the same throughout the session even if the call traverses multiple devices. The Global Session ID appears in SIP messages using AudioCodes’ proprietary SIP header, AC-Session-ID, as shown in the example below: INVITE sip:2000@172.17.113.123;user=phone SIP/2.0...
Page 808
Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-42025...
55. Enabling SIP Call Flow Diagrams in OVOC Enabling SIP Call Flow Diagrams in OVOC You can configure the device to send SIP messages of SIP call dialogs to AudioCodes One Voice Operations Centers (OVOC) so that OVOC management users can view the call dialog as a call flow in graphical format.
Page 810
Mediant 4000 SBC Note: • If the Logging Filters table does not include any filtering rule for SIP call flow, the device sends call flow messages to OVOC for all calls. • The feature does not support SIPRec messages and REGISTER messages.
Open the Web Service Settings page (Setup menu > IP Network tab > Web Services folder > Web Service Settings). In the 'Debug Level' field (RestDebugMode), enter the debug level (or disable debugging by configuring it to 0): Click Apply. Version 7.2 Mediant 4000 SBC...
Page 812
Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-42025...
The files may assist you in identifying the cause of the crash. The core dump can either be included in or excluded from the debug file, or alternatively, sent separately to a TFTP server. You can then provide the files to AudioCodes support team for troubleshooting. ...
Page 814
Mediant 4000 SBC You can also delete the core dump file through CLI, as described in the following procedure: To delete the core dump file: Navigate to the root CLI directory (enable mode), and then enter the following...
By default, you can configure up to five test calls. However, this number can be increased by installing the relevant License Key. For more information, contact your AudioCodes sales representative. The following procedure describes how to configure test calls through the Web interface.
Page 816
Mediant 4000 SBC Click New; the following dialog box appears: Figure 58-1: Test Call Rules Table - Add Dialog Box Configure a test call according to the parameters described in the table below. Click Apply, and then save your settings to flash memory.
Page 817
To configure QoE Profiles, see ''Configuring Quality of Experience Profiles'' on page 312. Bandwidth Profile Assigns a Bandwidth Profile to the test call. bandwidth-profile By default, no value is defined. To configure Bandwidth Profiles, see ''Configuring Bandwidth Version 7.2 Mediant 4000 SBC...
Page 818
Mediant 4000 SBC Parameter Description [Test_Call_BWProfile] Profiles'' on page 317. Authentication Note: These parameters are applicable only if the 'Call Party' parameter (see below) is configured to Caller. Auto Register Enables automatic registration of the endpoint. The endpoint can register to the device itself or to the 'Destination Address' or 'IP auto-register Group' parameter settings (see above).
Dial: Starts the test call (applicable only if the test call party is the caller). • Drop Call: Stops the test call. • Restart: Ends all established calls and then starts the test call session again. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 58.3 Viewing Test Call Status You can view the status of test call rules in the 'Test Status' field of the Test Call Rules table. The status can be one of the following: Table 58-2: Test Call Status Description...
Page 821
"Done - Established Calls: <number of established calls>, ASR: <ASR>%": Test call has been successfully completed (or was prematurely stopped by clicking the Drop Call command) and shows the following: Total number of test calls that were established. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Statistics Field Description Number of successfully answered calls out of the total number of calls attempted (ASR). MOS Status MOS count and color threshold status of local and remote sides according to the assigned QoE Profile.
Single Test Call Scenario: This example describes the configuration of a simple test call scenario that includes a single test call between a simulated test endpoint on the device and a remote endpoint. Figure 58-6: Single Test Call Example • Test Call Rules table configuration: Version 7.2 Mediant 4000 SBC...
Page 824
The test call is done between two AudioCodes devices - Device A and Device B - with simulated test endpoints. This eliminates the need for phone users, who would otherwise need to answer and end calls many times for batch testing.
Page 825
Route By: Dest Address ♦ Destination Address: "10.13.4.12" (this is the IP address of the device itself) ♦ SIP Interface: SIPInterface_0 ♦ Auto Register: Enable ♦ User Name: "testuser" ♦ Password: "12345" ♦ Call Party: Caller Version 7.2 Mediant 4000 SBC...
Page 826
Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-42025...
IPv4 address. The ping is done using the following CLI command: # ping <IPv4 ip address or host name> source [voip] interface For a complete description of the ping command, refer to the CLI Reference Guide. Version 7.2 Mediant 4000 SBC...
Page 828
Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-42025...
4 to 8, and suffix is 234, 235, or 236. The entered value would be the following: [4-8](23[4,5,6]). [n-m] or (n-m) Represents a range of numbers. Examples: To depict prefix numbers from 5551200 to 5551300: Version 7.2 Mediant 4000 SBC...
Page 832
Mediant 4000 SBC Notation Description [5551200-5551300]# To depict prefix numbers from 123100 to 123200: 123[100-200]# To depict prefix and suffix numbers together: 03(100): for any number that starts with 03 and ends with 100. ...
Page 833
User's Manual 60. Dialing Plan Notation for Routing and Manipulation Notation Description Version 7.2 Mediant 4000 SBC...
Page 834
Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-42025...
(i.e., the [WebAccessList_x] device can be accessed from any IP address). The default is 0.0.0.0 (i.e., the device can be accessed from any IP address). For example: Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description WebAccessList_0 = 10.13.2.66 WebAccessList_1 = 10.13.77.7 For a description of the parameter, see ''Configuring Web and Telnet Access List'' on page 80. Local Users Table Local Users The table defines management users. The format of the ini file table parameter is as follows: configure system >...
Page 837
The valid value is 0 to 100000, where 0 means that login is not denied regardless of number of failed login attempts. The default is 60. Display Last Login Information Enables display of user's login information on each successful login attempt. [DisplayLoginInformation] Version 7.2 Mediant 4000 SBC...
Page 838
Mediant 4000 SBC Parameter Description [0] Disable (default) [1] Enable [EnableMgmtTwoFactorAuthentication] Enables Web login authentication using a third-party, smart card. [0] = Disable (default) [1] = Enable When enabled, the device retrieves the Web user’s login username from the smart card, which is automatically displayed (read-only) in the Web Login screen;...
Page 839
For more information, see Customizing the Product Name on page 64. [UserProductName] Defines a name for the device instead of the default name. The value can be a string of up to 29 characters. For more information, see Customizing the Product Name Version 7.2 Mediant 4000 SBC...
Page 840
Defines the name of the image file that you want loaded to the device. This image is displayed as the logo in the Web interface (instead of AudioCodes logo). The file name can be up to 47 characters. For more information, see Replacing the Corporate Logo with an Image on page 63.
“—MORE—" prompt is displayed (at which you can press the spacebar to display the next four output lines). Note: You can override this parameter for a specific CLI session and configure a different number of output lines, by using the Version 7.2 Mediant 4000 SBC...
> snmp trap > auto- Enables the device to send NAT keep-alive traps to the port send-keep-alive of the SNMP network management station (e.g., AudioCodes OVOC). This is used for NAT traversal, and allows SNMP [SendKeepAliveTrap] communication with AudioCodes OVOC management...
Page 843
The parameter can be controlled by the Config Global Entry Limit MIB (located in the Notification Log MIB). The valid range is 50 to 1000. The default is 500. Note: For the parameter to take effect, a device reset is required. Version 7.2 Mediant 4000 SBC...
Page 844
Mediant 4000 SBC Parameter Description [ActiveAlarmTableMaxSize] Defines the maximum number of currently active alarms that can be displayed in the Active Alarms table. When the table reaches this user-defined maximum capacity (i.e., full), the device sends the SNMP trap event, acActiveAlarmTableOverflow.
Page 845
SNMP V3 Users Table SNMP V3 Users The table defines SNMP v3 users. configure system > snmp v3-users The format of the ini file table parameter is: [SNMPUsers] [SNMPUsers] FORMAT SNMPUsers_Index = SNMPUsers_Username, SNMPUsers_AuthProtocol, SNMPUsers_PrivProtocol, Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description SNMPUsers_AuthKey, SNMPUsers_PrivKey, SNMPUsers_Group; [\SNMPUsers] For example: SNMPUsers 1 = v3admin1, 1, 0, myauthkey, -, 1; The example above configures user 'v3admin1' with security level authNoPriv(2), authentication protocol MD5, authentication text password 'myauthkey', and ReadWriteGroup2. For more information, see ''Configuring SNMP V3 Users'' on page 92.
Note: For the parameter to take effect, a device reset is required. Dial Plan File Defines the name of the Dial Plan file. This file should be created using AudioCodes DConvert utility (refer to DConvert Utility User's [DialPlanFileName] Guide). For the ini file, the name must be enclosed by single apostrophes, for example, 'dial_plan.dat'.
Mediant 4000 SBC 61.1.8 Automatic Update Parameters The automatic update of software and configuration files parameters are described in the table below. Table 61-8: Automatic Update of Software and Configuration Files Parameters Parameter Description General Automatic Update Parameters CLI path: configure system > automatic-update update-firmware Enables the Automatic Update mechanism for the cmp file.
Page 849
[1] = Enable CRC for the entire file, including line order (i.e., same text must be on the same lines). If there are differences between the files, the device installs the downloaded file. If there are no Version 7.2 Mediant 4000 SBC...
Page 850
Mediant 4000 SBC Parameter Description differences, the device discards the newly downloaded file. [2] = Enable CRC for individual lines only. Same as option [1], except that the CRC ignores the order of lines (i.e., same text can be on different lines).
Page 851
Defines the name of the License Key file and the URL address of the feature-key server on which the file is located. [FeatureKeyURL] template-url Defines the URL address in the File Template for automatic updates, Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description [TemplateUrl] of the provisioning server on which the files to download are located. For more information, see ''File Template for Automatic Provisioning'' on page 675. Defines the list of file types in the File Template for automatic template-files-list updates, to download from the provisioning server.
Note: For the parameter to take effect, a device reset is required. 61.2.3 Routing Parameters The IP network routing parameters are described in the table below. Table 61-11: IP Network Routing Parameters Parameter Description Send ICMP Unreachable Enables sending of ICMP Unreachable messages. Version 7.2 Mediant 4000 SBC...
Note: If the SIP session is established (ACK) and the device (not the UA) sends the first packet, it sends it to the address obtained from the SIP message and only after the device receives the first Version 7.2 Mediant 4000 SBC...
1. The parameter is used to allow SNMP communication with AudioCodes OVOC management platform, located in the WAN, when the device is located behind NAT. It is needed to keep the NAT pinhole open for the SNMP messages sent from OVOC to the device.
The parameter is a "hidden" parameter. Once defined and saved to flash memory, its value doesn't revert to default even if the parameter doesn't appear in the ini file. [DHCP120OptionMode] Enables the acceptance of DHCP Option 120 in DHCP responses sent Version 7.2 Mediant 4000 SBC...
Page 858
Mediant 4000 SBC Parameter Description by a DHCP server. [0] = DHCP Option 120 is not supported and ignored if received in the DHCP response. [1] = (Default) DHCP Option 120 is supported and if received, the device adds the SIP server information to the Proxy Set.
NTP server fails, then this NTP server is used. secondary-server The default IP address is 0.0.0.0. [NTPSecondaryServerIP] NTP Update Interval Defines the time interval (in seconds) that the NTP client requests for a time update. update-interval Version 7.2 Mediant 4000 SBC...
Page 860
Mediant 4000 SBC Parameter Description [NTPUpdateInterval] The default interval is 86400 (i.e., 24 hours). The range is 0 to 214783647. Note: It is not recommend to set the parameter to beyond one month (i.e., 2592000 seconds). NTP Authentication Key Defines the NTP authentication key identifier for authenticating NTP Identifier messages.
[EnableAutoRAITransmitBER] Enables the device to send a remote alarm indication (RAI) when the bit error rate (BER) is greater than 0.001. [0] Disable (default) [1] Enable 61.3.2 SIP Test Call Parameters The SIP Signaling Test Call parameters are described in the table below. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Table 61-18: SIP Test Call Parameters Parameter Description Test Call DTMF String Defines the DTMF tone that is played for answered test calls (incoming and outgoing). configure troubleshoot > test-call settings > testcall- The DTMF string can be up to 15 strings. The default is "3212333". If no dtmf-string string is defined (empty), DTMF is not played.
Page 863
CDR with the MediaReportType field set to "Update" is sent, as the media was changed from voice to T.38. A CDR is also sent upon termination (end) of the media in the call. Version 7.2 Mediant 4000 SBC...
Page 864
Mediant 4000 SBC Parameter Description [4] Start & End & Update Media = Sends a CDR at the start of the media, upon an update in the media (if occurs), and at the end of the media. Note: To enable CDR generation as well as enable signaling- related CDRs, use the CDRReportLevel parameter.
Page 865
Syslog messages, at one single server. The device’s Syslog messages can easily be identified and distinguished from other Syslog messages by its Facility level. Therefore, in addition to Version 7.2 Mediant 4000 SBC...
Page 866
Mediant 4000 SBC Parameter Description filtering Syslog messages according to IP address, the messages can be filtered according to Facility level. [16] = (Default) local use 0 (local0) [17] = local use 1 (local1) [18] = local use 2 (local2) ...
Page 867
Defines the IP address of the server for capturing debug recording. configure troubleshoot > logging settings > dbg-rec-dest-ip [DebugRecordingDestIP] Debug Recording Destination Port Defines the UDP port of the server for capturing debug recording. The default is 925. configure troubleshoot > logging Version 7.2 Mediant 4000 SBC...
Page 868
Mediant 4000 SBC Parameter Description settings > dbg-rec-dest-port [DebugRecordingDestPort] Enable Core Dump Enables the automatic generation of a Core Dump file upon a device crash. [EnableCoreDump] [0] Disable (default) [1] Enable Note: For the parameter to take effect, a device reset is required.
Defines a name for the active device, which is displayed on the Home page to indicate the active device. configure network > high-availability > unit-id-name The valid value is a string of up to 128 characters. The default Version 7.2 Mediant 4000 SBC...
Page 870
Mediant 4000 SBC Parameter Description [HAUnitIdName] value is "Device 1". Redundant HA Device Name Defines a name for the redundant device, which is displayed on the Home page to indicate the redundant device. configure network > high-availability > redundant-unit-id-name The valid value is a string of up to 128 characters. The default value is "Device 2".
> access-list The format of the ini file table parameter is: [AccessList] [AccessList] FORMAT AccessList_Index = AccessList_Source_IP, AccessList_Source_Port, AccessList_PrefixLen, AccessList_Source_Port, AccessList_Start_Port, AccessList_End_Port, AccessList_Protocol, AccessList_Use_Specific_Interface, AccessList_Interface_ID, AccessList_Packet_Size, AccessList_Byte_Rate, AccessList_Byte_Burst, AccessList_Allow_Type; [\AccessList] For example: Version 7.2 Mediant 4000 SBC...
The valid range is 0 to 255. The default is 10. 61.5.2 HTTPS Parameters The Secure Hypertext Transport Protocol (HTTPS) parameters are described in the table below. Table 61-23: HTTPS Parameters Parameter Description Secured Web Connection Determines the protocol used to access the Web interface. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description (HTTPS) [0] HTTP and HTTPS (default). [1] HTTPs Only = Unencrypted HTTP packets are blocked. configure system > web > secured-connection Note: For the parameter to take effect, a device reset is required.
Page 875
Enables encryption on transmitted RTCP packets in a secured RTP session. configure voip > media security > RTCP- encryption-disable-tx [0] Enable (default) [1] Disable [RTCPEncryptionDisableTx] SRTP Tunneling Authentication for RTP Enables validation of SRTP tunneling Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description configure voip > media security > authentication for RTP. srtp-tnl-vld-rtp-auth [0] Disable = (Default) The device does not [SRTPTunnelingValidateRTPRxAuthentication] perform any validation and forwards the packets as is. [1] Enable = The device validates the packets (e.g., sequence number) and if successful,...
Page 877
TLS connection. If the device receives a certificate from a SIP entity (IP Group) and the parameter is configured to Server Only or Server & Client, it attempts to authenticate the certificate based on the Version 7.2 Mediant 4000 SBC...
Page 878
Mediant 4000 SBC Parameter Description certificate's address. The device searches for a Proxy Set that contains the same address (IP address or FQDN) as that specified in the certificate's SubjectAltName (Subject Alternative Names). For Proxy Sets with an FQDN, the device checks the FQDN itself and not the DNS- resolved IP addresses.
Note: The last SSH login information is cleared when the device is reset. Max Login Attempts Defines the maximum SSH login attempts allowed for entering an incorrect password by an administrator before the SSH session is Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description configure system > cli-settings rejected. > ssh-max-login-attempts The valid range is 1 to 5. The default is 3. [SSHMaxLoginAttempts] Note: The new setting takes effect only for new subsequent SSH connections. 61.5.6 IDS Parameters The Intrusion Detection System (IDS) parameters are described in the table below.
The Quality of Experience (QoE) parameters are described in the table below. Table 61-29: Quality of Experience Parameters Parameter Description OVOC Parameters Server IP Defines the IP address of the primary One Voice Operations Center Version 7.2 Mediant 4000 SBC...
Page 882
Mediant 4000 SBC Parameter Description configure voip > qoe (OVOC) server to where the quality experience reports are sent. settings > server-ip Note: For the parameter to take effect, a device reset is required. [QOEServerIP] Redundant Server IP Defines the IP address of the secondary OVOC server to where the quality experience reports are sent.
Page 883
The format of the ini file table parameter is as follows: performance-profile [ PerformanceProfile ] [PerformanceProfile] FORMAT PerformanceProfile_Index = PerformanceProfile_Entity, PerformanceProfile_IPGroupName, PerformanceProfile_SRDName, PerformanceProfile_PMType, PerformanceProfile_MinorThreshold, PerformanceProfile_MajorThreshold, PerformanceProfile_Hysteresis, PerformanceProfile_MinimumSample, PerformanceProfile_WindowSize; [ \PerformanceProfile ] For more information, see ''Configuring Performance Profiles'' on page 722. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC 61.7 Control Network Parameters 61.7.1 IP Group, Proxy, Registration and Authentication Parameters The proxy server, registration and authentication SIP parameters are described in the table below. Table 61-30: Proxy, Registration and Authentication SIP Parameters Parameter Description IP Groups Table IP Groups This table configures IP Groups.
Page 885
- upon device reset, device power up, or new and modified configuration. Always Use Proxy Determines whether the device sends SIP messages and responses through a Proxy server. configure voip > sip-definition Version 7.2 Mediant 4000 SBC...
Page 886
Mediant 4000 SBC Parameter Description proxy-and-registration > always- [0] Disable = (Default) Use standard SIP routing rules. use-proxy [1] Enable = All SIP messages and responses are sent to the Proxy server. [AlwaysSendToProxy] Note: The parameter is applicable only if a Proxy server is used (i.e., the parameter IsProxyUsed is set to 1).
Page 887
[1] INVITE Only = Challenges issued for INVITE requests are cached. This prevents a mixture of REGISTER and INVITE authorizations. [2] Full = Caches all challenges from the proxies. Version 7.2 Mediant 4000 SBC...
Page 888
Mediant 4000 SBC Parameter Description Note: Challenge caching is used with all proxies and not only with the active one. The challenge can be cached per Account or per user whose credentials are known through the User Info table.
Page 889
50% and 100% of the upper-bound wait time (e.g., for an upper-bound wait-time of 240, the actual wait-time is between 120 and 240 seconds). As can be seen from the algorithm, the upper-bound wait time can never exceed the value of the MaxRegistrationBackoffTime parameter. Version 7.2 Mediant 4000 SBC...
Page 890
Mediant 4000 SBC Parameter Description Registration Time Threshold Defines a threshold (in seconds) for re-registration timing. If the parameter is greater than 0, but lower than the computed re- configure voip > sip-definition registration timing (according to the parameter proxy-and-registration >...
Page 891
The device uses the range of 80-100% of this user-defined value as the actual interval. For example, if the parameter value is set to 200 sec, the interval used is any random time between 160 to Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description 200 seconds. This prevents an “avalanche” of keep-alive by multiple SIP UAs to a specific server. Max Generated Register Rate Defines the maximum number of user register requests (REGISTER messages) that the device sends (to a proxy or configure voip >...
Page 893
The format of the ini file table parameter is as follows: [NATTranslation] [ NATTranslation ] FORMAT NATTranslation_Index = NATTranslation_SrcIPInterfaceName, NATTranslation_TargetIPAddress, NATTranslation_SourceStartPort, NATTranslation_SourceEndPort, NATTranslation_TargetStartPort, NATTranslation_TargetEndPort; [ \NATTranslation ] For more information, see ''Configuring NAT Translation per IP Interface'' on page 142. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description Media Realms table Media Realms Defines Media Realms. configure voip > realm The format of the ini file table parameter is as follows: [CpMediaRealm] [ CpMediaRealm ] FORMAT CpMediaRealm_Index = CpMediaRealm_MediaRealmName, CpMediaRealm_IPv4IF, CpMediaRealm_IPv6IF, CpMediaRealm_PortRangeStart, CpMediaRealm_MediaSessionLeg,...
Page 895
[0] Disable = SIP 408 response is not sent upon receipt of non-INVITE [EnableNonInvite408Re messages (to comply with RFC 4320). ply] [1] Enable = (Default) SIP 408 response is sent upon receipt of non- INVITE messages, if necessary. Version 7.2 Mediant 4000 SBC...
Page 896
Mediant 4000 SBC Parameter Description Max SIP Message Defines the maximum size (in Kbytes) for each SIP message that can be Length [KB] sent over the network. The device rejects messages exceeding this user- defined size. [MaxSIPMessageLengt The valid value range is 1 to 100. The default is 100.
Page 897
This is because 90 minus 32 is 58 seconds, which is less than one third of the Session-Expires value (i.e., 60/3 is 30, and 90 minus 30 is 60). The valid range is 0 to 32 (in seconds). The default is 32. Version 7.2 Mediant 4000 SBC...
Page 898
Mediant 4000 SBC Parameter Description [RemoveToTagInFailur Determines whether the device removes the ‘to’ header tag from final SIP eResponse] failure responses to INVITE transactions. [0] = (Default) Do not remove tag. [1] = Remove tag. [EnableRTCPAttribute] Enables the use of the 'rtcp' attribute in the outgoing SDP.
Page 899
Enables the re-use of the same TCP/TLS connection for sessions with the same user, even if the "alias" parameter is not present in the SIP Via configure voip > sip- header of the first INVITE. definition settings > Version 7.2 Mediant 4000 SBC...
Page 900
Mediant 4000 SBC Parameter Description [0] Disable = (Default) TCP/TLS connection reuse is done only if the fake-tcp-alias "alias" parameter is present in the Via header of the first INVITE. [FakeTCPalias] [1] Enable Note: To enable TCP/TLS connection re-use, set the EnableTCPConnectionReuse parameter to 1.
Page 901
URI. It must use the GRUU in the following messages: INVITE request, its 2xx response, SUBSCRIBE request, its 2xx response, NOTIFY request, REFER request and its 2xx response. [IsCiscoSCEMode] Determines whether a Cisco gateway exists at the remote side. Version 7.2 Mediant 4000 SBC...
Page 902
> user-agent-info User-Agent: myproduct/v.7.20A.000.038 [UserAgentDisplayInfo] If not configured, the default string, <AudioCodes product-name>/software version' is used, for example: User-Agent: Audiocodes-Sip-Gateway-Mediant 4000 SBC/v.7.20A.000.038 The maximum string length is 50 characters. Note: The software version number and preceding forward slash (/) cannot be modified.
Page 903
If the device receives a SIP 503 response to an INVITE, it also marks that the proxy is out of service for the defined "Retry-After" period. Enable P-Associated- Determines the device usage of the P-Associated-URI header. This Version 7.2 Mediant 4000 SBC...
Page 904
Mediant 4000 SBC Parameter Description URI Header header can be received in 200 OK responses to REGISTER requests. When enabled, the first URI in the P-Associated-URI header is used in p-associated-uri-hdr subsequent requests as the From/P-Asserted-Identity headers value. [EnablePAssociatedURI ...
Page 905
Reason header for Release Reason mapping. settings > [0] = Disregard Reason header in incoming SIP messages. handle-reason- [1] = (Default) Use the Reason header value for Release Reason header mapping. [HandleReasonHeader] Version 7.2 Mediant 4000 SBC...
Page 906
Mediant 4000 SBC Parameter Description [EnableSilenceSuppInS Determines the device's behavior upon receipt of SIP Re-INVITE messages that include the SDP's 'silencesupp:off' attribute. [0] = (Default) Disregard the 'silecesupp' attribute. [1] = Handle incoming Re-INVITE messages that include the 'silencesupp:off' attribute in the SDP as a request to switch to the Voice-Band-Data (VBD) mode.
Page 907
SDP received from the remote side. settings > [0] Disable (default) ignore-remote- [1] Enable sdp-mki [IgnoreRemoteSDPMKI configure voip > sip- Defines the echo canceller format in the outgoing SDP. The 'ecan' definition settings > Version 7.2 Mediant 4000 SBC...
Page 908
Mediant 4000 SBC Parameter Description sdp-ecan-frmt attribute is used in the SDP to indicate the use of echo cancellation. [SDPEcanFormat] [0] = (Default) The 'ecan' attribute appears on the 'a=gpmd' line. [1] = The 'ecan' attribute appears as a separate attribute.
Page 909
SIP Message Manipulations Table Message Manipulations Defines manipulation rules for SIP header messages. configure voip > The format of the ini file table parameter is as follows: message message- [ MessageManipulations] manipulations FORMAT MessageManipulations_Index = [MessageManipulations MessageManipulations_ManSetID, Version 7.2 Mediant 4000 SBC...
Page 910
Mediant 4000 SBC Parameter Description MessageManipulations_MessageType, MessageManipulations_Condition, MessageManipulations_ActionSubject, MessageManipulations_ActionType, MessageManipulations_ActionValue, MessageManipulations_RowRole; [\MessageManipulations] For example, the below configuration changes the user part of the SIP From header to 200: MessageManipulations 1 = 0, Invite.Request, , Header.From.Url.User, 2, 200, 0; For more information, see Configuring SIP Message Manipulation on page 401.
Global parameter enabling echo cancellation (i.e., echo configure voip > media voice > echo- from voice calls is removed). canceller-enable You can also configure this functionality per specific calls, [EnableEchoCanceller] using IP Profiles (IpProfile_EnableEchoCanceller). For a Version 7.2 Mediant 4000 SBC...
Page 914
Mediant 4000 SBC Parameter Description detailed description of the parameter and for configuring the functionality, see ''Configuring IP Profiles'' on page 424. Note: If the functionality is configured for a specific profile, the settings of this global parameter is ignored for calls associated with the profile.
[1] Enable [SilkTxInbandFEC] Silk Max Average Bit Rate Defines the maximum average bit rate for the SILK coder. configure voip > media settings The valid value range is 6,000 to 50,000. The default is 50,000. Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description > silk-max-average-bitrate The SILK coder is Skype's default audio codec used for Skype-to- Skype calls. [SilkMaxAverageBitRate] Opus Max Average Bitrate Defines the maximum average bit rate (in bps) for the Opus coder. configure voip > sip-definition The valid value range is 6000 to 50,000.
61.10.4 RTP, RTCP and T.38 Parameters The RTP, RTCP and T.38 parameters are described in the table below. Table 61-37: RTP/RTCP and T.38 Parameters Parameter Description Broken Connection Mode Global parameter that defines the device's handling of calls if Version 7.2 Mediant 4000 SBC...
Page 918
Mediant 4000 SBC Parameter Description configure voip > sip-definition RTP packets are not received within a user-defined timeout settings > disc-broken-conn (configured by the BrokenConnectionEventTimeout parameter). You can also configure this functionality per specific calls, using [DisconnectOnBrokenConnection] IP Profiles (IpProfile_DisconnectOnBrokenConnection). For a...
Page 919
For the parameter to take effect, a device reset is required. If the device is located in a network subnet which is connected to other gateways using a router that uses Virtual Router Redundancy Protocol (VRRP) for redundancy, then Version 7.2 Mediant 4000 SBC...
Page 920
Mediant 4000 SBC Parameter Description set the parameter to 0 or 2. FW Invalid Packet Handling Defines the device's handling of invalid RTP and RTCP packets. [RTPFWInvalidPacketHandling] [0] Do Nothing = Forwards the invalid packets as is. [1] Issue Warnings Only = (Default) Forwards the invalid packets and issues warnings (sent to the Syslog) to notify of the invalid packets.
Page 921
The default is -1 (i.e., no alerts are issued). R-Value Delay Threshold Defines the voice quality monitoring - end of call low quality alert threshold. [VQMonEOCRValTHR] The default is -1 (i.e., no alerts are issued). Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description RTCP XR Packet Interval Defines the time interval (in msec) between adjacent RTCP XR reports. This interval starts from call establishment. Thus, the configure voip > media rtp-rtcp > device can send RTCP XR reports during the call, in addition to rtcp-interval at the end of the call.
Page 923
IP party does not answer the call within this timeout user-defined interval, the device disconnects the [SBCAlertTimeout] session. The device starts the timeout count upon receipt of a SIP 180 Ringing response from the called Version 7.2 Mediant 4000 SBC...
Page 924
[NumOfSubscribes] The valid value is any value between 0 and the maximum supported SUBSCRIBE sessions. When set to -1, the device uses the default value. For more information, contact your AudioCodes sales representative. Note: For the parameter to take effect, a device reset is required.
Page 925
UA by sending the SIP message with the 'refresher=' parameter in the Session-Expires header set to 'uas'. [1] SBC Refresher = The device performs the session refresh requests. The device indicates this Version 7.2 Mediant 4000 SBC...
Page 926
Mediant 4000 SBC Parameter Description to the UA by sending the SIP message with the 'refresher=' parameter in the Session-Expires header set to 'uac'. Note: The time values of the Session-Expires (session refresh interval) and Min-SE (minimum session refresh interval) headers can be configured using the SBCSessionExpires and SBCMinSE parameters, respectively.
Page 927
IP Profiles table, see ''Configuring IP Profiles'' on page 424. Note: If this functionality is configured for a specific IP Profile, the settings of this global parameter is ignored for calls associated with the IP Profile. Version 7.2 Mediant 4000 SBC...
Page 928
Mediant 4000 SBC Parameter Description configure voip > sbc settings > sbc-xfer- When the SBCReferBehavior is set to 1, the device, prefix while interworking the SIP REFER message, adds the prefix "T~&R-" to the user part of the URI in the Refer- [SBCXferPrefix] To header.
Page 929
This option does not authenticate the message body (i.e., SDP). [1] 1 = The device sends 'qop=auth-int' in the SIP response, indicating required authentication and authentication with integrity (e.g., checksum). This Version 7.2 Mediant 4000 SBC...
Page 930
Mediant 4000 SBC Parameter Description option restricts the client to authenticating the entire SIP message, including the body, if present. [2] 2 = (Default) The device sends 'qop=auth, auth-int' in the SIP response, indicating either authentication or integrity. This enables the client to choose 'auth' or 'auth-int'.
Page 931
(parsing of call identifiers in XML body) in SIP configure voip > sbc settings > sbc-dialog- NOTIFY messages received from a remote info-interwork application server. [EnableSBCDialogInfoInterworking] [0] Disable (default) [1] Enable For more information, see ''Interworking Dialog Version 7.2 Mediant 4000 SBC...
Page 932
Mediant 4000 SBC Parameter Description Information in SIP NOTIFY Messages'' on page 491. configure voip > sbc settings > sbc-keep-call- Global parameter that enables the device to use the same call identification (SIP Call-ID header value) received in incoming messages for the call [SBCKeepOriginalCallId] identification in outgoing messages.
Page 933
> sbc settings > transcoding- functionality per specific calls, using IP Profiles mode (IpProfile_TranscodingMode). For a detailed [TranscodingMode] description of the parameter and for configuring this functionality in the IP Profiles table, see Configuring Version 7.2 Mediant 4000 SBC...
Page 934
Mediant 4000 SBC Parameter Description IP Profiles on page 424. Note: If this functionality is configured for a specific IP Profile, the settings of this global parameter is ignored for calls associated with the IP Profile. Preferences Mode Determines the order of the Extension coders (coders added if there are no common coders between SDP configure voip >...
Page 935
SBC Fax Detection Timeout Defines the duration (in seconds) for which the device attempts to detect fax (CNG tone) immediately upon configure voip > sbc settings > sbc-fax- the establishment of a voice session. The interval detection-timeout Version 7.2 Mediant 4000 SBC...
Page 936
Mediant 4000 SBC Parameter Description [SBCFaxDetectionTimeout] starts from the establishment of the voice call. The valid value is 1 to any integer. The default is 10. The feature applies to faxes that are sent immediately after the voice channel is established (i.e., after 200 OK).
Page 937
Classification_SRDName, Classification_SrcSIPInterfaceName, Classification_SrcAddress, Classification_SrcPort, Classification_SrcTransportType, Classification_SrcUsernamePrefix, Classification_SrcHost, Classification_DestUsernamePrefix, Classification_DestHost, Classification_ActionType, Classification_SrcIPGroupName, Classification_DestRoutingPolicy, Classification_IpProfileName; [ \Classification ] For more information, see ''Configuring Classification Rules'' on page 497. Condition Table Condition Table Defines SIP Message Condition rules. Version 7.2 Mediant 4000 SBC...
Page 938
Mediant 4000 SBC Parameter Description configure voip > sbc routing condition-table [ ConditionTable ] FORMAT ConditionTable_Index = [ConditionTable] ConditionTable_Condition, ConditionTable_Description; [ \ConditionTable ] For more information, see ''Configuring Message Condition Rules'' on page 406. SBC IP-to-IP Routing Table IP-to-IP Routing Table Defines SBC IP-to-IP routing rules.
Page 939
Outbound Manipulations Table Outbound Manipulations Defines outbound manipulation rules. configure voip > sbc manipulation ip- The format of the ini file table parameter is as follows: outbound-manipulation [IPOutboundManipulation] [IPOutboundManipulation] FORMAT IPOutboundManipulation_Index = IPOutboundManipulation_ManipulationName, IPOutboundManipulation_RoutingPolicyName, IPOutboundManipulation_IsAdditionalManipulation, Version 7.2 Mediant 4000 SBC...
This is included in the SIP Resource-Priority configure voip > sbc settings > header. sbc-emerg-sig-diffserv The valid value is 0 to 63. The default is 40. [SBCEmergencySignalingDiffServ] 61.12 IP Media Parameters The IP media parameters are described in the table below. Version 7.2 Mediant 4000 SBC...
Page 942
Mediant 4000 SBC Table 61-40: IP Media Parameters Parameter Description IPMedia Detectors Enables the device's DSP detectors for detection features such as AMD. configure voip > media ipmedia > ipm-detectors-enable [0] Disable (default) [1] Enable [EnableDSPIPMDetectors] Note: ...
Page 943
IP Profiles table, see ''Configuring IP parameter-suit Profiles'' on page 424. [AMDSensitivityParameterSuit] Note: If this functionality is configured for a specific IP Profile, the settings of this global parameter is ignored for calls Version 7.2 Mediant 4000 SBC...
Page 944
Mediant 4000 SBC Parameter Description associated with the IP Profile. Answer Machine Detector Global parameter that defines the AMD detection sensitivity Sensitivity Level level of the selected AMD Parameter Suite. You can also configure this functionality per specific calls, using IP Profiles configure voip >...
SIP Recording Application Enables the SIP-based Media Recording feature: [0] Disable (default) configure voip > sip-definition sip-recording settings > [1] Enable enable-sip-rec Note: For the parameter to take effect, a device reset is required. [EnableSIPRec] Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description Recording Server (SRS) Defines the SIP user part for the recording server. This user part is Destination Username added in the SIP To header of the INVITE message that the device sends to the recording server.
RADIUS VSA Vendor ID Defines the vendor ID that the device accepts when parsing a RADIUS response packet. configure system > radius settings > vsa-vendor-id The valid range is 0 to 0xFFFFFFFF. The default is 5003. Version 7.2 Mediant 4000 SBC...
Page 948
Mediant 4000 SBC Parameter Description [RadiusVSAVendorID] [MaxRADIUSSessions] Defines the number of concurrent calls that can communicate with the RADIUS server (optional). The valid range is 0 to 240. The default is 240. RADIUS Packets Defines the number of RADIUS retransmission retries when no Retransmission response is received from the RADIUS server.
"(sAMAccountName=$)" and the user logs in with the username "SueM", the LDAP query is run for sAMAccountName=SueM. Use LDAP for Web > Telnet Login Enables LDAP-based management-user login authentication and authorization. configure system > ldap settings > Version 7.2 Mediant 4000 SBC...
Page 950
Mediant 4000 SBC Parameter Description [0] Disable (default) enable-mgmt-login [1] Enable [MgmtLDAPLogin] Note: For the parameter to take effect, a device reset is required. [LDAPDebugMode] Determines whether to enable the LDAP task debug messages. This is used for providing debug information regarding LDAP tasks.
Page 951
Management LDAP Groups Table Defines the users group attribute in the AD and corresponding management access level. configure system > ldap mgmt-ldap- groups The format of the ini file table parameter is as follows: [ MgmntLDAPGroups ] Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description [MgmntLDAPGroups] FORMAT MgmntLDAPGroups_Index = MgmntLDAPGroups_LdapConfigurationIndex, MgmntLDAPGroups_GroupIndex, MgmntLDAPGroups_Level, MgmntLDAPGroups_Group; [ \MgmntLDAPGroups ] For more information, see ''Configuring Access Level per Management Groups Attributes'' on page 248. LDAP Server Groups Table LDAP Server Groups Table Defines LDAP Server Groups.
For more information, see ''Configuring HTTP Services'' on page 271. Remote Web Services Table Remote Web Services Defines remote Web services. configure system > http-services The format of the ini file table parameter is as follows: > http-remote-services [HTTPRemoteServices] Version 7.2 Mediant 4000 SBC...
Mediant 4000 SBC Parameter Description [HTTPRemoteServices] FORMAT HTTPRemoteServices_Index = HTTPRemoteServices_Name, HTTPRemoteServices_Path, HTTPRemoteServices_HTTPType, HTTPRemoteServices_Policy, HTTPRemoteServices_LoginNeeded, HTTPRemoteServices_PersistentConnection, HTTPRemoteServices_NumOfSockets, HTTPRemoteServices_AuthUserName, HTTPRemoteServices_AuthPassword, HTTPRemoteServices_TLSContext, HTTPRemoteServices_VerifyCertificate, HTTPRemoteServices_TimeOut, HTTPRemoteServices_KeepAliveTimeOut, HTTPRemoteServices_ServiceStatus; [\HTTPRemoteServices] For more information, see ''Configuring Remote Web Services'' on page 271. HTTP Remote Hosts Table HTTP Remote Hosts Defines remote HTTP hosts per remote Web service.
Page 955
OVOC Services Table OVOC Services Defines an HTTP-based OVOC Service so that the device can act as an HTTP Proxy that enables AudioCodes OVOC to manage configure network > AudioCodes equipment (such as IP Phones) over HTTP when the http-proxy ems-serv equipment is located behind NAT (e.g., in the LAN) and OVOC is...
Page 956
Mediant 4000 SBC Parameter Description EMSService_PrimaryServer, EMSService_SecondaryServer, EMSService_DeviceLoginInterface, EMSService_EMSInterface; [ \EMSService ] For more information, see ''Configuring an HTTP-based OVOC Service'' on page 289. User's Manual Document #: LTRT-42025...
The figures listed in the table are accurate at the time of publication of this document. However, these figures may change due to a later software update. For the latest figures, please contact your AudioCodes sales representative. • "GW" refers to Gateway functionality.
957. These SBC sessions also support SRTP and RTCP XR. When DSP capabilities are required, the number of sessions that can use DSP capabilities is reduced, as shown in the table below. Table 62-2: Transcoding Capacity per Coder-Capability Profile for Mediant 4000 SBC Session Coders Max. Sessions...
Page 960
Profile 2: G.711, G.726, G.729, G.723.1, AMR-NB, T.38 with fax detection, In-band signaling (in voice channel), and Silence Compression. • Acoustic Echo Suppressor reduces performance by about 30%. For more information, contact your AudioCodes sales representative. • MPMB is the optional, Media Processing Module that provides additional DSPs, allowing greater capacity.
The device's technical specifications are listed in the table below. Note: • All specifications in this document are subject to change without prior notice. • The compliance and regulatory information can be downloaded from AudioCodes Web site at http://www.audiocodes.com/library. Table 63-1: Technical Specifications Function Specification...
Page 962
Direct Media (No Media Hair-pinning of local calls to avoid unnecessary media delays and Anchoring) bandwidth consumption Voice Quality Monitoring RTCP-XR, AudioCodes One Voice Operations Center (OVOC) High Availability SBC high availability with two-box redundancy, active calls (Redundancy) preserved Quality of Experience...
Page 963
100-240 VAC, 50-60 Hz, 7A max. Environmental Operational: 0 to 40°C (32 to 104°F) Storage: -20 to 70°C (-4 to 158°F) Relative Humidity: 10 to 85% non-condensing Version 7.2 Mediant 4000 SBC...