AudioCodes Mediant 3000 User Manual page 1035

User's Manual
Parameter
Authentication Quality of
Protection
[AuthQOP]
SBC User Registration
Time
[SBCUserRegistrationTim
e]
SBC Proxy Registration
Time
[SBCProxyRegistrationTi
me]
[SBCRandomizeExpires]
Version 7.0
Defines the authentication and integrity level of quality of protection
(QoP) for digest authentication offered to the client. When the device
challenges a SIP request (e.g., INVITE), it sends a SIP 401 response
with the Proxy-Authenticate header or WWW-Authenticate header
containing the 'qop' parameter. The QoP offered in the 401 response can
be 'auth', 'auth-int', both 'auth' and 'auth-int', or the 'qop' parameter can
be omitted from the 401 response. In response to the 401, the client
needs to send the device another INVITE with the MD5 hash of the
INVITE message and indicate the selected auth type.

[0] 0 = The device sends 'qop=auth' in the SIP response, requesting
authentication (i.e., validates user by checking user name and
password). This option does not authenticate the message body (i.e.,
SDP).

[1] 1 = The device sends 'qop=auth-int' in the SIP response,
indicating required authentication and authentication with integrity
(e.g., checksum). This option restricts the client to authenticating the
entire SIP message, including the body, if present.

[2] 2 = (Default) The device sends 'qop=auth, auth-int' in the SIP
response, indicating either authentication or integrity. This enables
the client to choose 'auth' or 'auth-int'. If the client chooses 'auth-int',
then the body is included in the authentication. If the client chooses
'auth', then the body is not authenticated.

[3] 3 = No 'qop' parameter is offered in the SIP 401 challenge
message.
Global parameter that defines the duration (in seconds) of the periodic
registrations that occur between the user and the device (the device
responds with this value to the user). You can also configure this
functionality per specific calls, using IP Profiles
(IpProfile_SBCUserRegistrationTime). For a detailed description of the
parameter and for configuring this functionality in the IP Profile table, see
''Configuring IP Profiles'' on page 391.
Note: If this functionality is configured for a specific IP Profile, the
settings of this global parameter is ignored for calls associated with the
IP Profile.
Defines the duration (in seconds) for which the user is registered in the
proxy database (after the device forwards the REGISTER message).
This value is sent in the Expires header. When set to 0, the device sends
the Expires header's value as received from the user to the proxy.
The valid range is 0 to 2,000,000 seconds. The default is 0.
Defines a value (in seconds) that is used to calculate a new value for the
expiry time in the Expires header of SIP 200 OK responses for user
registration and subscription requests from users.
The expiry time value appears in the Expires header in REGISTER and
SUBSCRIBE SIP messages. When the device receives such a request
from a user, it forwards it to the proxy or registrar server. Upon a
successful registration or subscription, the server sends a SIP 200 OK
response. If the expiry time was unchanged by the server, the device
applies this feature and changes the expiry time in the SIP 200 OK
response before forwarding it to the user; otherwise, the device does not
change the expiry time.
This feature is useful in scenarios where multiple users may refresh their
1035
58. Configuration Parameters Reference
Description
Mediant 3000