AudioCodes Mediant 3000 User Manual page 750

Parameter
Web: Lifetime of the nonce in
seconds
[AuthNonceDuration]
Web: Authentication Challenge
Method
[AuthChallengeMethod]
Web: Authentication Quality of
Protection
[AuthQOP]
Web: SBC User Registration
Time
[SBCUserRegistrationTime]
Web: SBC Proxy Registration
Time
[SBCProxyRegistrationTime]
Web: SBC Survivability
Registration Time
[SBCSurvivabilityRegistration
SIP User's Manual
Defines the lifetime (in seconds) that the current nonce is valid for
server-based authentication. The device challenges a message
that attempts to use a server nonce beyond this period. This
parameter is used to provide replay protection (i.e., ensures that
old communication streams are not used in replay attacks).
The valid value range is 30 to 600. The default value is 300.
Defines the type of server-based authentication challenge.

[0] 0 = Send SIP 401 "Unauthorized" with a WWW-Authenticate
header as the authentication challenge response. (default)

[1] 1 = Send SIP 407 "Proxy Authentication Required" with a
Proxy-Authenticate header as the authentication challenge
response.
Defines the authentication and integrity level of quality of protection
(QOP) for digest authentication offered to the client. When the
device challenges a SIP request (e.g., INVITE), it sends a SIP 401
response with the Authorization header containing the 'qop'
parameter indicating the QoP level of the message to be
authenticated. In response, the SBC client needs to send the
device another INVITE with the MD5 hash of the INVITE message
and indicates its auth or auth-int support.

[0] Auth = The device sends 'qop=auth' in the SIP response,
requesting authentication (i.e., validates user by checking user
name and password). This option does not authenticate the
message body (i.e., SDP).

[1] auth-int = = The device sends 'qop=auth-int' in the SIP
response, indicating required authentication and authentication
with integrity (e.g., checksum). This option restricts the client to
authenticating the entire SIP message, including the body, if
present.

[2] Auth-Int and Auth = The device sends 'qop=auth, auth-int' in
the SIP response, indicating either authentication or integrity
(default). This enables the client to choose auth or auth-int. If
the client chooses auth-int, the body is included in the
authentication. If the client chooses auth, then the body is not
authenticated. (default)
Defines the duration (in seconds) of the periodic registrations
between the user and the device (the device responds with this
value to the user). When set to 0, the device does not change the
Expires header's value received in the user's REGISTER request.
If no Expires header is received in the REGISTER message and
the SBCUserRegistrationTime parameter is set to 0, then by
default, the Expires header's value is set to 180 seconds.
The valid range is 0 to 2,000,000 seconds. The default is 0.
Note: For this parameter to take effect, a device reset is required.
Defines the duration (in seconds) for which the user is registered in
the proxy database (after the device forwards the REGISTER
message). When set to 0, the device sends the Expires header's
value as received from the user to the proxy.
The valid range is 0 to 2,000,000 seconds. The default is 0.
Defines the duration of the periodic registrations between the user
and the device, when the device is in survivability state (i.e., when
REGISTER requests cannot be forwarded to the proxy and are
750
Description
Document #: LTRT-89712
Mediant 3000