Page 1 User's Manual AudioCodes Mediant™ Family of Session Border Controllers (SBC) Mediant 4000 SBC Version 7.2...
Page 3: Table Of Contents
Configuring Web Session and Access Settings ............. 63 Changing Login Password for Administrator and Monitor Users ......65 Configuring Secured (HTTPS) Web ............... 65 Web Login Authentication using Smart Cards ............66 Configuring Web and Telnet Access List ............... 67 Version 7.2 Mediant 4000 SBC...
Page 4 Mediant 4000 SBC CLI-Based Management ..................69 Getting Familiar with CLI ..................69 7.1.1 Understanding Configuration Modes ............... 69 7.1.2 Using CLI Shortcuts ....................70 7.1.3 Common CLI Commands ..................71 7.1.4 Configuring Tables through CLI ................72 7.1.5 Understanding CLI Error Messages ................ 73 Enabling CLI ......................
Page 5 13 Security ......................155 13.1 Configuring Firewall Settings ................155 13.2 Configuring General Security Settings ..............160 13.3 Intrusion Detection System .................. 161 13.3.1 Enabling IDS ......................162 13.3.2 Configuring IDS Policies ..................162 13.3.3 Assigning IDS Policies ...................166 Version 7.2 Mediant 4000 SBC...
Page 6 Mediant 4000 SBC 13.3.4 Viewing IDS Alarms ....................168 14 Media ........................ 171 14.1 Configuring Voice Settings ................... 171 14.1.1 Configuring Voice Gain (Volume) Control .............171 14.1.2 Silence Suppression (Compression) ..............171 14.1.3 Configuring Echo Cancellation ................172 14.2 Fax and Modem Capabilities ................173 14.2.1 Fax/Modem Operating Modes ................174...
Page 7 15.8.2.2 Adding ELINs to the Location Information Server ......... 278 15.8.2.3 Passing Location Information to the PSTN Emergency Provider ..279 15.8.3 AudioCodes ELIN Device for Skype for Business E9-1-1 Calls to PSTN .....280 15.8.3.1 Detecting and Handling E9-1-1 Calls ............ 281 15.8.3.2 Pre-empting Existing Calls for E9-1-1 Calls ..........
Page 8 Mediant 4000 SBC 15.8.4.2 Configuring the E9-1-1 Callback Timeout ..........285 15.8.4.3 Configuring SBC IP-to-IP Routing Rule for E9-1-1 ....... 285 15.8.4.4 Viewing the ELIN Table ................. 286 16 Quality of Experience ..................287 16.1 Reporting Voice Quality of Experience to SEM ............ 287 16.1.1 Configuring the SEM Server ..................287...
Page 9 20.9.12 Interworking SIP Via Headers ................446 20.9.13 Interworking SIP User-Agent Headers ..............446 20.9.14 Interworking SIP Record-Route Headers ..............446 20.9.15 Interworking SIP To-Header Tags in Multiple SDP Answers ........446 20.9.16 Interworking In-dialog SIP Contact and Record-Route Headers ......446 Version 7.2 Mediant 4000 SBC...
Page 10 Mediant 4000 SBC 21 Enabling the SBC Application ................ 447 22 Configuring General SBC Settings ..............449 22.1 Interworking Dialog Information in SIP NOTIFY Messages ......... 449 23 Configuring Admission Control ..............451 24 Routing SBC ....................455 24.1 Configuring Classification Rules ................455 24.1.1 Classification Based on URI of Selected Header Example ........462...
Page 11 34.2 Remotely Resetting Device using SIP NOTIFY ........... 562 34.3 Locking and Unlocking the Device ............... 562 34.4 Saving Configuration .................... 564 35 High Availability Maintenance ................ 565 35.1 Initiating an HA Switchover .................. 565 35.2 Resetting the Redundant Unit ................565 Version 7.2 Mediant 4000 SBC...
Page 12 39.1.1 DHCP-based Provisioning ..................595 39.1.2 HTTP-based Provisioning ..................596 39.1.3 FTP-based Provisioning ..................597 39.1.4 Provisioning using AudioCodes EMS ..............597 39.2 HTTP/S-Based Provisioning using the Automatic Update Feature ...... 597 39.2.1 Files Provisioned by Automatic Update ..............598 39.2.2 File Location for Automatic Update ...............598 39.2.3 MAC Address Placeholder in Configuration File Name .........599...
Page 13 49.2.1.3 CDR Fields for SBC Local Storage ............659 49.2.2 Customizing CDRs for SBC Calls ................661 49.2.3 Configuring CDR Reporting ...................664 49.2.4 Storing CDRs on the Device ..................665 49.3 Configuring RADIUS Accounting ................. 668 Diagnostics ......................675 Version 7.2 Mediant 4000 SBC...
Page 14 50.2.1 Syslog Message Format ..................682 50.2.1.1 Event Representation in Syslog Messages .......... 684 50.2.1.2 Identifying AudioCodes Syslog Messages using Facility Levels ..685 50.2.1.3 Syslog Fields for Answering Machine Detection (AMD) ....... 686 50.2.1.4 SNMP Alarms in Syslog Messages ............686 50.2.2 Enabling Syslog .....................687...
Page 15 55.13.4 Call Setup Rules Parameters ................823 55.13.5 HTTP-based Services ....................824 55.13.6 HTTP Proxy Parameters ..................825 56 Channel Capacity .................... 827 56.1 Mediant 4000 SBC ....................828 56.2 Mediant 4000B SBC ..................... 829 57 Technical Specifications ................831 57.1 Supported SIP Standards ..................833 57.1.1 Supported SIP RFCs .....................833...
Page 16: User's Manual
Mediant 4000 SBC 57.1.2.4 SDP Fields .................... 839 57.1.2.5 SIP Responses ..................839 User's Manual Document #: LTRT-41729...
Page 17: Weee Eu Directive
Customer Support Customer technical support and services are provided by AudioCodes or by an authorized AudioCodes Service Partner. For more information on how to buy technical support for AudioCodes products and for contact information, please visit our Web site at www.audiocodes.com/support.
Page 18: Related Documentation
Security measures should be done in accordance with your organization’s security policies. For basic security guidelines, refer to AudioCodes Recommended Security Guidelines document. Note: Throughout this manual, unless otherwise specified, the term device refers to your AudioCodes product.
Page 19 Some of the features listed in this document are available only if the relevant License Key has been purchased from AudioCodes and installed on the device. For a list of License Keys that can be purchased, please consult your AudioCodes sales representative.
Page 20 RTPOnlyMode (removed); SBCUserRegistrationGraceTime; SBCKeepOriginalCallId. Documentation Feedback AudioCodes continually strives to produce high quality documentation. If you have any comments (suggestions or errors) regarding this document, please fill out the Documentation Feedback form on our Web site at http://www.audiocodes.com/downloads. User's Manual...
Page 21: Introduction
User's Manual 1. Introduction Introduction This User's Manual describes how to configure and manage your AudioCodes product (hereafter, referred to as device). This document is intended for the professional person responsible for installing, configuring and managing the device. Product Overview AudioCodes Mediant 4000 Session Border Controller (SBC), hereafter referred to as device, is a mid-to-high scale capacity member of AudioCodes’...
Page 22: Typographical Conventions
Mediant 4000 SBC Typographical Conventions This document uses the following typographical conventions to convey information: Table 1-1: Typographical Conventions Convention Description Example Boldface font Used for the following Web Click the Add button. interface elements:  Buttons  Selectable parameter values ...
Page 23: Getting Familiar With Configuration Concepts And Terminology
The Media Realm can be associated with the SIP entity, by assigning the Media Realm to the IP Group of the SIP entity, or by assigning it to the SIP Interface associated with the SIP entity. The SRD is a logical representation of your entire SIP-based VoIP Version 7.2 Mediant 4000 SBC...
Page 24 Mediant 4000 SBC Configuration Terms Description network (Layer 5) containing groups of SIP users and servers. The SRD is in effect, the foundation of your configuration to which all other previously mentioned configuration entities are associated. For example, if your VoIP network consists of three SIP entities -- a SIP Trunk, a LAN IP PBX, and remote WAN users -- the three SIP Interfaces defining these Layer-3 networks would all assigned to the same SRD.
Page 25 "served" IP Group. Authentication (SIP 401) is typically relevant for INVITE messages forwarded by the device to a "serving" IP Group. Registration is for REGISTER messages, which are initiated by the device on behalf of the "serving" SIP entity. Version 7.2 Mediant 4000 SBC...
Page 26 Mediant 4000 SBC The associations between the configuration entities are summarized in the following figure: Figure 1-1: Association of Configuration Entities The main configuration entities and their involvement in the call processing is summarized in following figure. The figure is used only as an example to provide basic understanding of the configuration terminology.
Page 27: Getting Started With Initial Connectivity
Part I Getting Started with Initial Connectivity...
Page 29: Introduction
User's Manual 2. Introduction Introduction This part describes how to initially access the device's management interface and change its default IP address to correspond with your networking scheme. Version 7.2 Mediant 4000 SBC...
Page 30 Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-41729...
Page 31: Default Oamp Ip Address
OAMP + Media + Control IP Address 192.168.0.2 (IP address assigned to the first Ethernet Port Group (top-left ports 1 & 2) Prefix Length 24 (255.255.255.0) Default Gateway 192.168.0.1 Ethernet Device vlan 1 Interface Name O+A+M+P Version 7.2 Mediant 4000 SBC...
Page 32 Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-41729...
Page 33: Configuring Voip Lan Interface For Oamp
Ethernet cable. Change the IP address and subnet mask of your computer to correspond with the default OAMP IP address and subnet mask of the device. Version 7.2 Mediant 4000 SBC...
Page 34 Mediant 4000 SBC Access the Web interface: On your computer, start a Web browser and in the URL address field, enter the default IP address of the device; the Web interface's Web Login screen appears: Figure 4-1: Web Login Screen In the 'Username' and 'Password' fields, enter the case-sensitive, default login username ("Admin") and password ("Admin").
Page 35: Cli
At the prompt, type the password (default is "Admin" - case sensitive): Password: Admin At the prompt, type the following: enable At the prompt, type the password again: Password: Admin Access the Network configuration mode: # configure network Access the IP Interfaces table: Version 7.2 Mediant 4000 SBC...
Page 36 Mediant 4000 SBC (config-network)# interface network-if 0 Configure the IP address: (network-if-0)# ip-address <IP address> Configure the prefix length: (network-if-0)# prefix-length <prefix length / subnet mask, e.g., 16> Configure the Default Gateway address: (network-if-0)# gateway <IP address> Exit the IP Interfaces table:...
Page 37: Management Tools
Part II Management Tools...
Page 39: Introduction
Configuration ini file - see ''INI File-Based Management'' on page 87 Note: • Some configuration settings can only be done using a specific management tool. • For a list and description of all the configuration parameters, see ''Configuration Parameters Reference'' on page 717. Version 7.2 Mediant 4000 SBC...
Page 40 Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-41729...
Page 41: Web-Based Management
(Versions 5.02 or later) • Google Chrome (Version 50 or later)  Recommended screen resolutions: 1024 x 768 pixels, or 1280 x 1024 pixels Note: Your Web browser must be JavaScript-enabled to access the Web interface. Version 7.2 Mediant 4000 SBC...
Page 42: Accessing The Web Interface
Mediant 4000 SBC 6.1.2 Accessing the Web Interface The following procedure describes how to access the Web interface.  To access the Web interface: Open a standard Web browser. In the Web browser, specify the OAMP IP address of the device (e.g., http://10.1.10.10);...
Page 43: Areas Of The Gui
The areas of the Web interface's GUI are shown in the figure below and described in the subsequent table. Figure 6-2: Main Areas of the Web Interface GUI Table 6-1: Description of the Web GUI Areas Item # Description Version 7.2 Mediant 4000 SBC...
Page 44 Mediant 4000 SBC Item # Description Company logo. Menu bar containing the menus. Toolbar providing frequently required command buttons.  Save: Saves configuration changes to the device's flash memory (without resetting the device). If you make a configuration change, the button is surrounded by a red-colored border as a reminder to save your settings to flash memory, by clicking the button.
Page 45: Accessing Configuration Pages From Navigation Tree
The items of the Navigation tree depend on the menu-tab combination, selected from the menu bar and tab bar, respectively. The menus and their respective tabs are listed below:  Setup menu: • IP Network tab • Signaling & Media tab Version 7.2 Mediant 4000 SBC...
Page 46 Mediant 4000 SBC • Administration tab  Monitor menu: Monitor tab  Troubleshoot menu: Troubleshoot tab When you open the Navigation tree, folders containing commonly required items are opened by default, allowing quick access to their pages. Items that open pages containing tables provide the following indications in the Navigation tree: ...
Page 47: Configuring Stand-Alone Parameters
Modify the parameter's value as desired. Click Apply; the changes are saved to the device's volatile memory (RAM). Save the changes to the device's non-volatile memory (flash): • If a device reset is not required: Version 7.2 Mediant 4000 SBC...
Page 48: Configuring Table Parameters
Mediant 4000 SBC On the toolbar, click Save; a confirmation message box appears: Figure 6-4: Save Configuration Confirmation Box Click Yes to confirm; the changes are save to flash memory. • If a device reset is required: On the toolbar, click Reset; the Maintenance Actions page opens.
Page 49: Adding Table Rows
Configure the parameters of the row as desired. For information on configuring parameters that are assigned a value which is a row referenced from another table, see ''Assigning a Row from Another Table'' on page 50. Version 7.2 Mediant 4000 SBC...
Page 50: Modifying Table Rows
Mediant 4000 SBC Click Apply to add the row to the table or click Cancel to ignore your configuration. If the Save button is surrounded by a red border, you must save your settings to flash memory, otherwise they are discarded if the device resets (without a save to flash) or powers off.
Page 51: Deleting Table Rows
Mandatory parameters that reference rows of other configuration tables: • Adding a row: If you do not configure the parameter and you click Apply, an error message is displayed at the bottom of the dialog box, as shown in the example below: Version 7.2 Mediant 4000 SBC...
Page 52 Mediant 4000 SBC If you click Cancel, the dialog box closes and the row is not added to the table. To add the row, you must configure the parameter. • Editing a row: If you modify the parameter so that it's no longer referencing a row of another table (i.e., blank value), when you close the dialog box, the Invalid...
Page 53: Viewing Table Rows
You can sort table rows by any column and in ascending order (e.g., 1, 2 and 3 / a, b, and c) or descending order (e.g., 3, 2, and 1 / c, b, and a). By default, most tables are sorted by the Index column and in ascending order. Version 7.2 Mediant 4000 SBC...
Page 54: Changing Index Position Of Table Rows
Mediant 4000 SBC  To sort table rows by column: Click the name of the column by which you want to sort the table rows; the up-down arrows appear alongside the column name and the up button is displayed in a darker...
Page 55: Searching Table Entries
The search key for a parameter value can include alphanumerics and certain characters (see note below). The key can be a complete value or a partial value. The following are examples of search keys for searching values:  "10.102.1.50" Version 7.2 Mediant 4000 SBC...
Page 56 Mediant 4000 SBC  "10.15."  "abc.com"  "ITSP ABC" When the device completes the search, it displays a list of found results based on the search key. Each possible result, when clicked, opens the page on which the parameter or value is located.
Page 57: Creating A Login Welcome Message
The Web interface provides you with context-sensitive pop-up help of standalone parameters. When you hover your mouse over a parameter's field, a pop-up appears with a short description of the parameter, as shown in the following example: Figure 6-16: Viewing Context-Sensitive Help for a Parameter Version 7.2 Mediant 4000 SBC...
Page 58: Logging Off The Web Interface
Mediant 4000 SBC 6.1.10 Logging Off the Web Interface The following procedure describes how to log off the Web interface.  To log off the Web interface: On the menu bar, from the 'Admin' drop-down list, click Log Out; the following...
Page 59 You can also configure it through CLI (configure system > create-users-table).  To configure management user accounts: Open the Local Users table (Setup menu > Administration tab > Web & CLI folder > Local Users). Figure 6-18: Local Users Table Version 7.2 Mediant 4000 SBC...
Page 60 Mediant 4000 SBC Click New; the following dialog box is displayed: Figure 6-19: Local Users Table - Dialog Box Configure a user account according to the parameters described in the table below. Click Apply, and then save your settings to flash memory.
Page 61 (i.e., IP addresses) at any one time. Once the user logs in, the session is active until the user logs off (by clicking the Log off icon on Version 7.2 Mediant 4000 SBC...
Page 62: Displaying Login Information Upon Login
Mediant 4000 SBC Parameter Description the toolbar) or until the session expires if the user is inactive for a user- defined duration (see the 'Session Timeout' parameter below). The valid value is 0 to 5. The default is 2. Note: Up to five users can be concurrently logged in to the Web interface.
Page 63: Viewing Logged-In User Information
Note: You can only perform the configuration described in this section if you are a management user with Security Administrator level or Master level. For more information, see ''Configuring Management User Accounts'' on page 58. Version 7.2 Mediant 4000 SBC...
Page 64 Mediant 4000 SBC  To configure Web user sessions and access security: Open the Web Settings page (Setup menu > Administration tab > Web & CLI folder > Web Settings). Under the Session group, configure the following parameters: Figure 6-22: Configuring Web User Sessions •...
Page 65: Changing Login Password For Administrator And Monitor Users
HTTPS.  To configure secure (HTTPS) Web access: Open the Web Settings page (Setup menu > Administration tab > Web & CLI folder > Web Settings). Under the General group, configure the following: Version 7.2 Mediant 4000 SBC...
Page 66: Web Login Authentication Using Smart Cards
This feature is enabled using the EnableMgmtTwoFactorAuthentication parameter. Note: For specific integration requirements for implementing a third-party smart card for Web login authentication, contact your AudioCodes representative.  To log in to the Web interface using CAC: Insert the Common Access Card into the card reader.
Page 67: Configuring Web And Telnet Access List
When deleting all the IP addresses, make sure that you delete the IP address of the computer from which you are currently logged into the device, last; otherwise, access from your computer will be immediately denied. Version 7.2 Mediant 4000 SBC...
Page 68 Mediant 4000 SBC  To delete an IP address from the Access List: Select the Delete Row check box corresponding to the IP address that you want to delete. Click Delete Selected Addresses. User's Manual Document #: LTRT-41729...
Page 69: Cli-Based Management
> enable Password: <Enable mode password> The Enable mode prompt is "#". Note: The default password for accessing the Enable mode is "Admin" (case- sensitive). To change the password, use the CLIPrivPass ini file parameter. Version 7.2 Mediant 4000 SBC...
Page 70: Using Cli Shortcuts
Mediant 4000 SBC The Enable mode groups the configuration commands under the following command sets: • configure network: Contains IP network-related commands (e.g., interface and dhcp-server): # configure network (config-network)# • configure voip: Contains voice-over-IP related commands (e.g., ip-group, sbc,...
Page 71: Common Cli Commands
For online parameters, if the configuration was changed and no activate command was entered, the exit command applies the activate command automatically. If issued on the top level, the session will end: (config)# exit Version 7.2 Mediant 4000 SBC...
Page 72: Configuring Tables Through Cli
Mediant 4000 SBC Command Description # exit (session closed) Displays the configuration of current configuration set. display help Displays a short help how-to string. history Displays a list of previously run commands. list Displays the available command list of the current command-set.
Page 73: Understanding Cli Error Messages
C-Kermit for UNIX and Kermit-95 for Windows. For security, some organizations require the display of a proprietary notice upon starting a Telnet session. To configure such a message, see ''Creating a Login Welcome Message'' on page 57. Version 7.2 Mediant 4000 SBC...
Page 74: Enabling Ssh With Rsa Public Key For Cli
Mediant 4000 SBC  To enable Telnet: Open the CLI Settings page (Setup menu > Administration tab > Web & CLI folder > CLI Settings). Configure the following parameters: • 'Embedded Telnet Server': Select Enable Unsecured or Enable Secured (i.e, SSL) to enable Telnet.
Page 75 SSH access is only possible by using the RSA key and not by username and password. Configure the other SSH parameters as required. For a description of these parameters, see ''SSH Parameters'' on page 756. Click Apply. Start the PuTTY Configuration program, and then do the following: Version 7.2 Mediant 4000 SBC...
Page 76: Configuring Maximum Telnet/Ssh Sessions
Mediant 4000 SBC In the 'Category' tree, drill down to Connection, then SSH, and then Auth; the 'Options controlling SSH authentication' pane appears. Under the 'Authentication parameters' group, click Browse and then locate the private key file that you created and saved in Step 4.
Page 77: Viewing Current Cli Sessions
The current session from which this show command was run is displayed with an asterisk (*). Note: The device can display management sessions of up to 24 hours. After this time, the duration counter is reset. Version 7.2 Mediant 4000 SBC...
Page 78: Terminating A User's Cli Session
Mediant 4000 SBC Terminating a User's CLI Session You can terminate users that are currently logged in to the device's CLI. This applies to users logged in to the CLI through RS-232 (console), Telnet, or SSH.  To terminate the CLI session of a specific CLI user: Establish a CLI session with the device.
Page 79: Snmp-Based Management
8. SNMP-Based Management SNMP-Based Management The device provides an embedded SNMP agent that lets you manage it using AudioCodes Element Management System (EMS) or a third-party SNMP manager. The SNMP agent supports standard and proprietary Management Information Base (MIBs). All supported MIB files are supplied to customers as part of the release.
Page 80 Mediant 4000 SBC Note: • SNMP community strings are applicable only to SNMPv1 and SNMPv2c; SNMPv3 uses username-password authentication along with an encryption key (see ''Configuring SNMP V3 Users'' on page 84). • You can enhance security by configuring Trusted Managers (see ''Configuring SNMP Trusted Managers'' on page 83).
Page 81: Configuring Snmp Trap Destinations With Ip Addresses
SNMPv3 destination. By default, traps are sent unencrypted using SNMPv2. The following procedure describes how to configure SNMP trap destinations through the Web interface. You can also configure it through ini file (SNMPManager) or CLI (configure system > snmp trap-destination). Version 7.2 Mediant 4000 SBC...
Page 82 Mediant 4000 SBC  To configure SNMP trap destinations: Open the SNMP Trap Destinations table (Setup menu > Administration tab > SNMP folder > SNMP Trap Destinations). Figure 8-3: SNMP Trap Destinations Table Configure the SNMP trap manager according to the table below.
Page 83: Configuring An Snmp Trap Destination With Fqdn
(as long as the community string is correct). The following procedure describes how to configure SNMP Trusted Managers through the Web interface. You can also configure it through ini file (SNMPTrustedMgr_x) or CLI (configure system > snmp settings > trusted-managers). Version 7.2 Mediant 4000 SBC...
Page 84: Enabling Snmp Traps For Web Activity
Mediant 4000 SBC  To configure SNMP Trusted Managers: Open the SNMP Trusted Managers table (Setup menu > Administration tab > SNMP folder > SNMP Trusted Managers). Figure 8-4: SNMP Trusted Managers Table Configure an IP address (in dotted-decimal notation) for one or more SNMP Trusted Managers.
Page 85 [0] None (default)  [1] DES [SNMPUsers_PrivProtocol]  [2] 3DES  [3] AES-128  [4] AES-192  [5] AES-256 Authentication Key Authentication key. Keys can be entered in the form of a text password Version 7.2 Mediant 4000 SBC...
Page 86 Mediant 4000 SBC Parameter Description auth-key or long hex string. Keys are always persisted as long hex strings and keys are localized. [SNMPUsers_AuthKey] Privacy Key Privacy key. Keys can be entered in the form of a text password or long hex string. Keys are always persisted as long hex strings and priv-key keys are localized.
Page 87: Ini File-Based Management
An exception is Index fields, which are mandatory. • The Format line must end with a semicolon ";".  Data line(s): Contain the actual values of the columns (parameters). The values are interpreted according to the Format line. Version 7.2 Mediant 4000 SBC...
Page 88 Mediant 4000 SBC • The first word of the Data line must be the table’s string name followed by the Index field. • Columns must be separated by a comma ",". • A Data line must end with a semicolon ";".
Page 89: General Ini File Formatting Rules
(!), for example: !CpMediaRealm 1 = "ITSP", "Voice", "", 60210, 2, 6030, 0, "", ""; • To restore the device to default settings through the ini file, see ''Restoring Factory Defaults'' on page 613. Version 7.2 Mediant 4000 SBC...
Page 90: Loading An Ini File To The Device
The file may be loaded to the device using HTTP. These protocols are not secure and are vulnerable to potential hackers. To overcome this security threat, the AudioCodes DConvert utility allows you to binary-encode (encrypt) the ini file before loading it to the device.
Page 91 $0$<plain text>: Password can be entered in plain text; useful for configuring a new password. When the ini file is loaded to the device and then later saved from the device to a PC, the password is displayed obscured (i.e., $1$<obscured password>). Version 7.2 Mediant 4000 SBC...
Page 92: Ini Viewer And Editor Utility
Mediant 4000 SBC INI Viewer and Editor Utility AudioCodes INI Viewer & Editor utility provides a user-friendly graphical user interface (GUI) that lets you easily view and modify the device's ini file. This utility is available from AudioCodes Web site at www.AudioCodes.com/downloads, and can be installed on any Windows-based PC.
Page 93: General System Settings
Part III General System Settings...
Page 95: Configuring Ssl/Tls Certificates
You can configure the device to check whether a peer's certificate has been revoked, using the OCSP. When OCSP is enabled, the device queries the OCSP server for revocation information whenever a Version 7.2 Mediant 4000 SBC...
Page 96 Mediant 4000 SBC peer certificate is received (IPSec, TLS client mode, or TLS server mode with mutual authentication). Note: • The device does not query OCSP for its own certificate. • Some PKIs do not support OCSP, but generate Certificate Revocation Lists (CRLs).
Page 97 [3] TLSv1.0 and TLSv1.1 = Only TLS 1.0 and TLS 1.1.  [4] TLSv1.2 = Only TLS 1.2.  [5] TLSv1.0 and TLSv1.2 = Only TLS 1.0 and TLS 1.2.  [6] TLSv1.1 and TLSv1.2 = Only TLS 1.1 and TLS 1.2. Version 7.2 Mediant 4000 SBC...
Page 98 Mediant 4000 SBC Parameter Description  [7] TLSv1.0 TLSv1.1 and TLSv1.2 = Only TLS 1.0, TLS 1.1 and TLS 1.2 (excludes SSL 3.0). Cipher Server Defines the supported cipher suite for the TLS server (in OpenSSL cipher list format). ciphers-server...
Page 99: Assigning Csr-Based Certificates To Tls Contexts
From the 'Signature Algorithm' drop-down list, select the hash function algorithm (SHA-1, SHA-256, or SHA-512) with which to sign the certificate. Fill in the rest of the request fields according to your security provider's instructions. Version 7.2 Mediant 4000 SBC...
Page 100 Mediant 4000 SBC Click the Create CSR button; a textual certificate signing request is displayed in the area below the button: Figure 10-1: Certificate Signing Request Group Copy the text and send it to your security provider (CA) to sign this request.
Page 101 • The certificate replacement process can be repeated whenever necessary (e.g., the new certificate expires). • You can also load the device certificate through the device's Automatic Provisioning mechanism, using the HTTPSCertFileName ini file parameter. Version 7.2 Mediant 4000 SBC...
Page 102: Viewing Certificate Information
Mediant 4000 SBC 10.3 Viewing Certificate Information You can view information of TLS certificates installed on the device for each TLS Context, as described in the following procedure.  To view certificate information: Open the TLS Contexts table (see ''Configuring TLS Certificate Contexts'' on page 95).
Page 103: Assigning Externally Created Private Keys To Tls Contexts
Browse button corresponding to the 'Send Device Certificate file ...' text. After the files successfully load to the device, save the configuration with a device reset. Verify that the private key is correct: Open the TLS Contexts table. Version 7.2 Mediant 4000 SBC...
Page 104: Generating Private Keys For Tls Contexts
Mediant 4000 SBC Select the required TLS Context index row. Click the Certificate Information link located below the table. Make sure that the 'Private key' field displays "OK"; otherwise, consult with your security administrator. Figure 10-5: Verifying Private Key 10.5 Generating Private Keys for TLS Contexts You can let the device generate the private key for a TLS Context.
Page 105: Creating Self-Signed Certificates For Tls Contexts
In the table, select the required TLS Context index row, and then click the Change Certificate link located below the table; the Context Certificates page appears. Under the Certificate Signing Request group, in the 'Subject Name [CN]' field, enter the fully-qualified DNS name (FQDN) as the certificate subject. Version 7.2 Mediant 4000 SBC...
Page 106: Importing Certificates And Certificate Chain Into Trusted Certificate Store
Mediant 4000 SBC Scroll down the page to the Generate New Private Key and Self-signed Certificate group: Figure 10-8: Generate new private key and self-signed certificate Group Click Generate Self-Signed Certificate; a message appears requesting you to confirm generation. Click OK to confirm generation; the device generates a new self-signed certificate...
Page 107 Save certificates to a folder on your PC: Select the required certificate, click Export, and then in the Export Certificate dialog box, browse to the folder on your PC where you want to save the file and click Export. Version 7.2 Mediant 4000 SBC...
Page 108: Configuring Mutual Tls Authentication
Mediant 4000 SBC 10.8 Configuring Mutual TLS Authentication This section describes how to configure mutual (two-way) TLS authentication. 10.8.1 TLS for SIP Clients When Secure SIP (SIPS) is implemented using TLS, it is sometimes required to use two- way (mutual) authentication between the device and a SIP user agent (client). When the device acts as the TLS server in a specific connection, the device demands the authentication of the SIP client’s certificate.
Page 109: Configuring Tls Server Certificate Expiry Check
Open the TLS Contexts table (see ''Configuring TLS Certificate Contexts'' on page 95). Select the required TLS Context index row, and then click the Change Certificate link located below the table; the Context Certificates page appears. Version 7.2 Mediant 4000 SBC...
Page 110 Mediant 4000 SBC Scroll down the page to the TLS Expiry Settings group: Figure 10-12: TLS Expiry Settings Group In the 'TLS Expiry Check Start' field, enter the number of days before the installed TLS server certificate is to expire when the device sends an SNMP trap event to notify of this.
Page 111: Date And Time
• In the 'NTP Authentication Key Identifier' field, configure the NTP authentication key identifier. • In the 'NTP Authentication Secret Key' field, configure the secret authentication key shared between the device and the NTP server. Version 7.2 Mediant 4000 SBC...
Page 112: Configuring Date And Time Manually
Mediant 4000 SBC Verify that the device has received the correct date and time from the NTP server. The date and time is displayed in the 'UTC Time' read-only field under the Time Zone group. Note: If the device does not receive a response from the NTP server, it polls the NTP server for 10 minutes.
Page 113: Configuring The Time Zone
UTC. For example, if your region is GMT +1 (an hour ahead), enter "1" in the 'Hours' field. Click Apply; the updated time is displayed in the 'UTC Time' read-only field and the fields under the Local Time group. Version 7.2 Mediant 4000 SBC...
Page 114: Configuring Daylight Saving Time
Mediant 4000 SBC 11.4 Configuring Daylight Saving Time You can apply daylight saving time (DST) to the date and time of the device. DST defines a date range in the year (summer) where the time is brought forward so that people can experience more daylight.
Page 115: General Voip Configuration
Part IV General VoIP Configuration...
Page 117: Network
The areas of the Network view is shown in the example below and described in the subsequent table. Note: The below figure is used only as an example; your device may show different Ethernet Groups and Ethernet ports. Figure 12-1: Network View (Example) Version 7.2 Mediant 4000 SBC...
Page 118 Mediant 4000 SBC Table 12-1: Description of Network View Item # Description Configures and displays IP Interfaces. The IP Interface appears as an icon, displaying the application type ("OCM" for OAMP, "C" for Control, and "M" for Media), row index number, name, and IP address, as shown in the...
Page 119 To open the Ethernet Groups table, click any Ethernet Group icon, and then from the drop- down menu, choose View Ethernet Group List. You can then view and edit all the Ethernet Groups in the table. Version 7.2 Mediant 4000 SBC...
Page 120: Configuring Physical Ethernet Ports
Mediant 4000 SBC Item # Description Configures and displays the device's Ethernet ports. To configure an Ethernet port: Click the required port icon, and then from the drop-down menu, choose Edit; the Physical Ports table opens with a dialog box for editing the Ethernet port.
Page 121 Open the Physical Ports table (Setup menu > IP Network tab > Core Entities folder > Physical Ports). Select a port that you want to configure, and then click Edit; the following dialog box appears: Version 7.2 Mediant 4000 SBC...
Page 122 Mediant 4000 SBC Configure the port according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 12-2: Physical Ports Table Parameter Descriptions Parameter Description General Index (Read-only) Displays the index number for the table row.
Page 123: Configuring Ethernet Port Groups
Ports with the same MAC address (e.g., GE 1-4 ports) must each be connected to a different Layer-2 switch. • When implementing 1+1 Ethernet port redundancy, each port in the Ethernet Group (port pair) must be connected to a different switch (but in the same subnet). Version 7.2 Mediant 4000 SBC...
Page 124 Mediant 4000 SBC  To configure Ethernet Groups: Open the Ethernet Groups table (Setup menu > IP Network tab > Core Entities folder > Ethernet Groups). Select the Ethernet Group that you want to configure, and then click Edit; the following...
Page 125: Configuring Underlying Ethernet Devices
Note: You cannot delete an Ethernet Device that is associated with an IP network interface (in the IP Interfaces table). You can only delete it once you have disassociated it from the IP network interface. Version 7.2 Mediant 4000 SBC...
Page 126 Mediant 4000 SBC The following procedure describes how to configure Ethernet Devices through the Web interface. You can also configure it through ini file (DeviceTable) or CLI (configure network > network-dev).  To configure an Ethernet Device: Open the Ethernet Devices table (Setup menu > IP Network tab > Core Entities folder >...
Page 127: Configuring Ip Network Interfaces
The device is connected to a VLAN-aware switch for directing traffic from and to the device to the three separated Layer-3 broadcast domains according to VLAN tags (middle pane). Figure 12-2: Multiple Network Interfaces Version 7.2 Mediant 4000 SBC...
Page 128 Mediant 4000 SBC The device is shipped with a default OAMP interface (see ''Default OAMP IP Address'' on page 31). The IP Interfaces table lets you change this OAMP interface and configure additional network interfaces for control and media, if necessary. You can configure up to...
Page 129 "InterfaceTable_<row index>". For example, if you add a new interface to row index 2, the name is "InterfaceName_2". The name of the default OAMP interface is "O+M+C+P". Note: Each row must be configured with a unique name. Version 7.2 Mediant 4000 SBC...
Page 130 Mediant 4000 SBC Parameter Description Application Type Defines the applications allowed on the IP interface.  application-type [0] OAMP = Operations, Administration, Maintenance and Provisioning (OAMP) applications (e.g., Web, Telnet, SSH, [InterfaceTable_ApplicationTypes] and SNMP).  [1] Media = Media (i.e., RTP streams of voice).
Page 131: Assigning Ntp Services To Application Types
The network interface types can be combined: • Example 1: ♦ One combined OAMP-Media-Control interface with an IPv4 address • Example 2: ♦ One OAMP interface with an IPv4 address ♦ One or more Control interfaces with IPv4 addresses Version 7.2 Mediant 4000 SBC...
Page 132: Networking Configuration Examples
Mediant 4000 SBC ♦ One or more Media interfaces with IPv4 interfaces • Example 3: ♦ One OAMP with an IPv4 address ♦ One combined Media-Control interface with IPv4 address ♦ One combined Media-Control interface with IPv6 address  Each network interface can be configured with a Default Gateway. The address of the Default Gateway must be in the same subnet as the associated interface.
Page 133: Voip Interface Per Application Type
Applicatio Interfac Default IP Address Lengt Name n Type e Mode Gateway Device OAMP IPv4 192.168.0.2 192.168.0.1 Mgmt Manual Media & IPv4 200.200.85.14 200.200.85. MediaCntrl1 Control Manual Media & IPv4 200.200.86.14 200.200.86. MediaCntrl2 Control Manual Version 7.2 Mediant 4000 SBC...
Page 134: Voip Interfaces With Multiple Default Gateways
Mediant 4000 SBC Prefix Etherne Inde Applicatio Interfac Default IP Address Lengt Name n Type e Mode Gateway Device Media & IPv6 2000::1:200:200:86:1 V6CntrlMedia Control Manual Static Routes table: A routing rule is required to allow remote management from a host in 176.85.49.0/24:...
Page 135: Configuring Static Ip Routes
10.8.x.x, enter "10.8.0.0" in the 'Destination' field and "16" in the 'Prefix Length'. As a result of the AND operation, the value of the last two octets in the 'Destination' field are ignored. To reach a specific host, enter its IP address in the 'Destination' field and Version 7.2 Mediant 4000 SBC...
Page 136 Mediant 4000 SBC "32" in the 'Prefix Length' field. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Note: Only static routing rules that are inactive can be deleted. Table 12-14: Static Routes Table Parameter Descriptions...
Page 137: Configuration Example Of Static Ip Routes
The static route's Gateway address in the Static Routes table is in the same subnet as the IP address of the IP network interface in the IP Interfaces table. Figure 12-4: Example of using a Static Route Version 7.2 Mediant 4000 SBC...
Page 138: Troubleshooting The Static Routes Table
Mediant 4000 SBC 12.6.2 Troubleshooting the Static Routes Table When adding a new static route to the Static Routes table, the added rule passes a validation test. If errors are found, the static route is rejected and not added to the table.
Page 139: Configuring Nat Translation Per Ip Interface
You can also configure it through ini file (NATTranslation) or CLI (configure network > nat-translation).  To configure NAT translation rules: Open the NAT Translation table (Setup menu > IP Network tab > Core Entities folder > NAT Translation). Version 7.2 Mediant 4000 SBC...
Page 140 Mediant 4000 SBC Click New; the following dialog box appears: Figure 12-6: NAT Translation Table - Dialog Box Configure a NAT translation rule according to the parameters described in the table below. Click Apply, and then save your settings to flash memory.
Page 141: Remote Ua Behind Nat
12.7.2.2 Media (RTP/RTCP/T.38) When a remote UA initiates a call and is not located behind a NAT server, the device sends the media (RTP, RTCP, and T.38) packets to the remote UA using the IP Version 7.2 Mediant 4000 SBC...
Page 142 Mediant 4000 SBC address:port (UDP) indicated in the SDP body of the SIP message received from the UA. However, if the UA is located behind NAT, the device sends the RTP with the IP address of the UA (i.e., private IP address) as the destination instead of that of the NAT server. Thus, the RTP will not reach the UA.
Page 143 For RTP No-Op packets, configure the payload type of the No-Op packets, using the RTPNoOpPayloadType ini file parameter. Note: • The No-OP Packet feature requires DSP resources. • Receipt of No-Op packets is always supported. Version 7.2 Mediant 4000 SBC...
Page 144 Mediant 4000 SBC 12.7.2.2.3 Fax Transmission behind NAT The device supports transmission from fax machines (connected to the device) located inside (behind) a Network Address Translation (NAT). Generally, the firewall blocks T.38 (and other) packets received from the WAN, unless the device behind the NAT sends at least one IP packet from the LAN to the WAN through the firewall.
Page 145: Configuring Quality Of Service
Control Premium: Control protocol (SIP) packets sent to the LAN  Gold: HTTP streaming packets sent to the LAN  Bronze: OAMP packets sent to the LAN The mapping of an application to its CoS and traffic type is shown in the table below: Version 7.2 Mediant 4000 SBC...
Page 146 Mediant 4000 SBC Table 12-16: Traffic/Network Types and Priority Application Traffic / Network Types Class-of-Service (Priority) Debugging interface Management Bronze Management Bronze Telnet Web server (HTTP) Management Bronze SNMP GET/SET Management Bronze Web server (HTTPS) Management Bronze RTP traffic Media...
Page 147: Configuring Diffserv-To-Vlan Priority Mapping
Web interface. You can also configure it through ini file (DiffServToVlanPriority) or CLI (configure network > qos vlan-mapping).  To configure DiffServ-to-VLAN priority mapping: Open the QoS Mapping table (Setup menu > IP Network tab > Quality folder > QoS Mapping). Version 7.2 Mediant 4000 SBC...
Page 148: Configuring Icmp Messages
Mediant 4000 SBC Click New; the following dialog box appears: Figure 12-11: QoS Mapping Table - Add Dialog Box Configure a DiffServ-to-VLAN priority mapping rule according to the parameters described in the table below. Click Apply, and then save your settings to flash memory.
Page 149: Dns
You can also configure it through ini file (DNS2IP) or CLI (configure network > dns dns-to-ip).  To configure the device's DNS table: Open the Internal DNS table (Setup menu > IP Network tab > DNS folder > Internal DNS). Version 7.2 Mediant 4000 SBC...
Page 150: Configuring The Internal Srv Table
Mediant 4000 SBC Click New; the following dialog box appears: Figure 12-13: Internal DNS Table - Add Dialog Box Configure a DNS rule according to the parameters described in the table below. Click Apply. Table 12-19: Internal DNS Table Parameter Description...
Page 151 Defines the host name to be translated. domain-name The valid value is a string of up to 31 characters. By default, no value is defined. [Srv2Ip_InternalDomain] Transport Type Defines the transport type.  transport-type [0] UDP (default)  [1] TCP [Srv2Ip_TransportType] Version 7.2 Mediant 4000 SBC...
Page 152: Robust Receipt Of Media Streams By Media Latching
[Srv2Ip_Port1/2/3] 12.11 Robust Receipt of Media Streams by Media Latching The Robust Media mechanism (or media latching) is an AudioCodes proprietary mechanism to filter out unwanted media (RTP, RTCP, SRTP, SRTCP, and T.38) streams that are sent to the same port number of the device. Media ports may receive additional multiple unwanted media streams (from multiple sources of traffic) as result of traces of previous calls, call control errors, or deliberate malicious attacks (e.g., Denial of Service).
Page 153 ♦ 'Timeout To Relatch RTP' ♦ 'Timeout To Relatch SRTP' ♦ 'Timeout To Relatch Silence' ♦ 'Timeout To Relatch RTCP' ♦ 'Fax Relay Rx/Tx Timeout' Click Apply, and then save your settings to flash memory. Version 7.2 Mediant 4000 SBC...
Page 154: Multiple Routers Support
Mediant 4000 SBC 12.12 Multiple Routers Support Multiple routers support is designed to assist the device when it operates in a multiple routers network. The device learns the network topology by responding to Internet Control Message Protocol (ICMP) redirections and caches them as routing rules (with expiration time).
Page 155: Security
The matched rule can permit (allow) or deny (block) the packet. Once a rule in the table is located, subsequent rules further down the table are ignored. If the end of the table is reached without a match, the packet is accepted. Version 7.2 Mediant 4000 SBC...
Page 156 Mediant 4000 SBC Note: • The rules configured by the Firewall table apply to a very low-level network layer and overrides all other security-related configuration. Thus, if you have configured higher-level security features (e.g., on the Application level), you must also configure firewall rules to permit this necessary traffic.
Page 157 The IP address of the sender of the incoming packet is trimmed in accordance with the prefix length (in bits) and then compared to the parameter ‘Source IP’. The default is 0 (i.e., applies to all packets). You must change Version 7.2 Mediant 4000 SBC...
Page 158 Mediant 4000 SBC Parameter Description this value to any of the above options. Note: A value of 0 applies to all packets, regardless of the defined IP address. Therefore, you must set the parameter to a value other than 0.
Page 159 40,000 bytes/sec with an additional allowance of 50,000 bytes. If, for example, the actual traffic rate is 45,000 bytes/sec, then this allowance would be consumed within 10 seconds, after which all traffic exceeding the allocated 40,000 Version 7.2 Mediant 4000 SBC...
Page 160: Configuring General Security Settings
Mediant 4000 SBC bytes/sec is dropped. If the actual traffic rate then slowed to 30,000 bytes/sec, the allowance would be replenished within 5 seconds.  Rule 4: Allows traffic from the LAN voice interface and limits bandwidth.  Rule 5: Blocks all other traffic.
Page 161: Intrusion Detection System
IDS rules. Each rule defines a type of malicious attack to detect and the number of attacks during an interval (threshold) before an SNMP trap is sent. Each policy is then applied to a target under attack (SIP interface) and/or source of attack (Proxy Set and/or subnet address). Version 7.2 Mediant 4000 SBC...
Page 162: Enabling Ids
Mediant 4000 SBC 13.3.1 Enabling IDS The following procedure describes how to enable IDS.  To enable IDS: Open the IDS General Settings page (Setup menu > Signaling & Media tab > Intrusion Detection folder >IDS General Settings). Figure 13-3: Enabling IDS From the 'Intrusion Detection System' drop-down list, select Enable.
Page 163 The valid value is a string of up to 100 characters. [IDSPolicy_Description] In the IDS Policies table, select the required IDS Policy row, and then click the IDS Rule link located below the table; the IDS Rule table opens. Version 7.2 Mediant 4000 SBC...
Page 164 Mediant 4000 SBC Click New; the following dialog box appears: Figure 13-6: IDS Rule Table - Add Dialog Box The figure above shows a configuration example: If 15 malformed SIP messages ('Reason') are received within a period of 30 seconds ('Threshold Window'), a minor alarm is sent ('Minor-Alarm Threshold').
Page 165 [IDSRule_MajorAlarmThreshold] defined. Critical-Alarm Threshold Defines the threshold that if crossed a critical severity alarm is sent. critical-alrm-thr The valid range is 1 to 1,000,000. A value of 0 or -1 means not [IDSRule_CriticalAlarmThreshold] defined. Deny Version 7.2 Mediant 4000 SBC...
Page 166: Assigning Ids Policies
Mediant 4000 SBC Parameter Description Deny Threshold Defines the threshold that if crossed, the device blocks (blacklists) the remote host (attacker). deny-thr The default is -1 (i.e., not configured). [IDSRule_DenyThreshold] Note: The parameter is applicable only if the 'Threshold Scope' parameter is set to IP or IP+Port.
Page 167 !10.1.0.0/16 & !10.2.2.2: includes all addresses except those of subnet 10.1.0.0/16 and IP address 10.2.2.2. Note that the exclamation mark "!" appears before each subnet.  10.1.0.0/16 & !10.1.1.1: includes subnet 10.1.0.0/16, except IP address 10.1.1.1. Version 7.2 Mediant 4000 SBC...
Page 168: Viewing Ids Alarms
Mediant 4000 SBC Parameter Description Policy Assigns an IDS Policy (configured in ''Configuring IDS Policies'' on page 162). policy [IDSMatch_Policy] 13.3.4 Viewing IDS Alarms For the IDS feature, the device sends the following SNMP traps:  Traps that notify the detection of malicious attacks: •...
Page 169 Malicious signature pattern detected  establish-malicious- signature-db-reject   Requests and responses without a matching flow-no-match-tu Abnormal Flow transaction user (except ACK requests)  flow-no-match-  Requests and responses without a matching transaction transaction (except ACK requests) Version 7.2 Mediant 4000 SBC...
Page 170 Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-41729...
Page 171: Media
To enable silence suppression using the Web interface: Open the Voice Settings page (Setup menu > Signaling & Media tab > Media folder > Voice Settings). Figure 14-2: Enabling Silence Suppression From the 'Silence Suppression' drop-down list (EnableSilenceCompression), select Enable. Click Apply. Version 7.2 Mediant 4000 SBC...
Page 172: Configuring Echo Cancellation
Mediant 4000 SBC 14.1.3 Configuring Echo Cancellation The device supports adaptive linear (line) echo cancellation according to G.168-2002. Echo cancellation is a mechanism that removes echo from the voice channel. Echoes are reflections of the transmitted signal. In this line echo, echoes are generated when two-wire telephone circuits (carrying both transmitted and received signals on the same wire pair) are converted to a four-wire circuit.
Page 173: Fax And Modem Capabilities
Some SIP parameters override these fax and modem parameters. For example, the IsFaxUsed parameter and V.152 parameters in Section ''V.152 Support'' on page 183. • For a detailed description of the parameters appearing on this page, see ''Configuration Parameters Reference'' on page 717. Version 7.2 Mediant 4000 SBC...
Page 174: Fax/Modem Operating Modes
Mediant 4000 SBC  To access the fax and modem parameters: Open the Fax/Modem/CID Settings page (Setup menu > Signaling & Media tab > Media folder > Fax/Modem/CID Settings). Figure 14-5: Fax/Modem/CID Settings Page Configure the parameters, as required. Click Apply.
Page 175: Fax Relay Mode
On the Fax/Modem/CID Settings page, configure the following optional parameters: • 'Fax Relay Redundancy Depth' (FaxRelayRedundancyDepth) • 'Fax Relay Enhanced Redundancy Depth' (FaxRelayEnhancedRedundancyDepth) • 'Fax Relay ECM Enable' (FaxRelayECMEnable) • 'Fax Relay Max Rate' (FaxRelayMaxRate) Version 7.2 Mediant 4000 SBC...
Page 176 RTP method is used, whereby the device encapsulates the entire T.38 packet (payload with all its headers) in the sent RTP. For T.38 over RTP, AudioCodes devices use the proprietary identifier "AcUdptl" in the 'a=ftmp' line of the SDP. For example: o=AudiocodesGW 1357424688 1357424660 IN IP4 10.8.6.68...
Page 177: Fax / Modem Transport Mode
0-15  AudioCodes Call Party with non-AudioCodes Party: The device uses the standard T.38-over-RTP method, which encapsulates the T.38 payload only, without its headers (i.e., includes only fax data) in the sent RTP packet (RFC 4612). The T.38-over-RTP method also depends on call initiator: ...
Page 178: Fax Fallback
Mediant 4000 SBC  'Vxx ModemTransportType' (VxxModemTransportType)  To configure fax / modem transparent mode: Open the Gateway General Settings page (Setup menu > Signaling & Media tab > Gateway folder > Gateway General Settings), and then from the 'Fax Signaling Method' drop-down list (IsFaxUsed), select G.711 Transport:...
Page 179 ModemBypassPayloadType (ini file). • FaxModemBypassBasicRTPPacketInterval (ini file). • FaxModemBypasDJBufMinDelay (ini file). Note: When the device is configured for modem bypass and T.38 fax, V.21 low- speed modems are not supported and fail as a result. Version 7.2 Mediant 4000 SBC...
Page 180: Fax / Modem Nse Mode
INVITE messages are sent. The voice channel is optimized for fax/modem transmission (same as for usual bypass mode). The parameters defining payload type for AudioCodes proprietary Bypass mode -- 'Fax Bypass Payload Type' (RTP/RTCP Settings page) and ModemBypassPayloadType (ini file) -- are not used with NSE Bypass.
Page 181: Fax / Modem Transparent With Events Mode
Set the 'V.22 Modem Transport Type' parameter to Disable (V22ModemTransportType = 0). Set the 'V.23 Modem Transport Type' parameter to Disable (V23ModemTransportType = 0). Set the 'V.32 Modem Transport Type' parameter to Disable (V32ModemTransportType = 0). Version 7.2 Mediant 4000 SBC...
Page 182: Rfc 2833 Ans Report Upon Fax/Modem Detection
Mediant 4000 SBC Set the 'V.34 Modem Transport Type' parameter to Disable (V34ModemTransportType = 0). Set the ini file parameter, BellModemTransportType to 0 (transparent mode). Configure the following optional parameters: Coders in the Coders table - see ''Configuring Coder Groups'' on page 375.
Page 183: Bypass Mechanism For V.34 Fax Transmission
Set the 'V.34 Modem Transport Type' parameter to Disable (V34ModemTransportType = 0). 14.2.4 V.152 Support The device supports the ITU-T recommendation V.152 (Procedures for Supporting Voice- Band Data over IP Networks). Voice-band data (VBD) is the transport of modem, facsimile, Version 7.2 Mediant 4000 SBC...
Page 184: Configuring Rtp/Rtcp Settings
Mediant 4000 SBC and text telephony signals over a voice channel of a packet network with a codec appropriate for such signals. For V.152 capability, the device supports T.38 as well as VBD codecs (i.e., G.711 A-law and G.711 μ-law). The selection of capabilities is performed using the Coder Groups table (see ''Configuring Coder Groups'' on page 375).
Page 185: Configuring Rfc 2833 Payload
Set the 'Dynamic Jitter Buffer Optimization Factor' parameter (DJBufOptFactor) to the Dynamic Jitter Buffer frame error/delay optimization factor. Click Apply. 14.3.2 Configuring RFC 2833 Payload The following procedure describes how to configure the RFC 2833 payload through the Web interface: Version 7.2 Mediant 4000 SBC...
Page 186: Configuring Rtp Base Udp Port
Mediant 4000 SBC  To configure RFC 2833 payload: Open the RTP/RTCP Settings page (Setup menu > Signaling & Media tab > Media folder > RTP/RTCP Settings). Configure the following parameters: • 'RTP Redundancy Depth' (RTPRedundancyDepth) - enables the device to generate RFC 2198 redundant packets.
Page 187: Event Detection And Notification Using X-Detect Header
(for confirmed dialogs) -- sent by the device to the application server specifying which of the requested events it can detect (absence of the X-Detect header indicates that the device cannot detect any of the events): X-Detect: Response=[supported event types] Version 7.2 Mediant 4000 SBC...
Page 188: Detecting Answering Machine Beeps
Mediant 4000 SBC  Each time the device detects the supported event, it sends an INFO message to the remote party with the following message body: Content-Type: Application/X-Detect Type = [event type] Subtype = [subtype of each event type] The table below lists the event types and subtypes that can be detected by the device. The text shown in the table are the strings used in the X-Detect header.
Page 189: Sip Call Flow Examples Of Event Detection And Notification
INFO message to the application server: INFO sip:sipp@172.22.2.9:5060 SIP/2.0 Via: SIP/2.0/UDP 172.22.168.249;branch=z9hG4bKac482466515 Max-Forwards: 70 From: sut <sip:3000@172.22.168.249:5060>;tag=1c419779142 To: sipp <sip:sipp@172.22.2.9:5060>;tag=1 Call-ID: 1-29753@172.22.2.9 CSeq: 1 INFO Contact: <sip:56700@172.22.168.249> Supported: em,timer,replaces,path,resource-priority Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,I NFO,SUBSCRIBE,UPDATE User-Agent: Audiocodes-Sip-Gateway/v.7.20A.000.038 Content-Type: application/x-detect Content-Length: 34 Version 7.2 Mediant 4000 SBC...
Page 190 Mediant 4000 SBC Type= PTT SubType= SPEECH-START Upon detection of the end of voice (i.e., end of the greeting message of the answering machine), the device sends the following INFO message to the application server: INFO sip:sipp@172.22.2.9:5060 SIP/2.0 Via: SIP/2.0/UDP 172.22.168.249;branch=z9hG4bKac482466515 Max-Forwards: 70 From: sut <sip:3000@172.22.168.249:5060>;tag=1c419779142...
Page 191: Answering Machine Detection (Amd)
AudioCodes sales representative for more information on this service. You will be typically required to provide AudioCodes with a database of recorded voices (calls) in the language on which the device's AMD feature can base its voice detector algorithms.
Page 192 Interferences, for example, could include background noises of other people talking, spikes, and car noises. Once you have provided AudioCodes with your database of recordings, AudioCodes compiles it into a loadable file. For a brief description of the file format and for installing the file on the device, see ''AMD Sensitivity File'' on page 581.
Page 193: Configuring Amd
To configure AMD for all calls: Open the DSP Settings page (Setup menu > Signaling & Media tab > Media folder > DSP Settings): From the 'IPMedia Detectors' drop-down list (EnableDSPIPMDetectors), select Enable to enable AMD. Version 7.2 Mediant 4000 SBC...
Page 194: Automatic Gain Control (Agc)
Mediant 4000 SBC Scroll down to the Answer Machine Detector group: Figure 14-12: Configuring AMD Select the AMD algorithm suite: In the 'Answer Machine Detector Sensitivity Parameter Suite' field, select the required Parameter Suite included in the installed AMD Sensitivity file.
Page 195: Configuring Media (Srtp) Security
(by both sides) to declare the various supported cipher suites and to attach the encryption key. If negotiation of the encryption data is successful, the call is established. SRTP supports the following cipher suites (all other suites are ignored):  AES_CM_128_HMAC_SHA1_32  AES_CM_128_HMAC_SHA1_80 Version 7.2 Mediant 4000 SBC...
Page 196 Mediant 4000 SBC When the device is the offering side (SDP offer), it can generate a Master Key Identifier (MKI). You can configure the MKI size globally (using the SRTPTxPacketMKISize parameter) or per SIP entity (using the IP Profile parameter, IpProfile_MKISize). The length of the MKI is limited to four bytes.
Page 197: Srtp Using Dtls Protocol
SDP using the 'a=fingerprint' attribute. At the end of the handshake, each side verifies that the certificate it received from the other side fits the fingerprint from the SDP. To indicate DTLS support, the SDP offer/answer of the SIP message uses the Version 7.2 Mediant 4000 SBC...
Page 198 Mediant 4000 SBC 'a=setup' attribute. The 'a=setup:actpass' attribute value is used in the SDP offer by the device. This indicates that the device is willing to be either a client ('act') or a server ('pass') in the handshake. The 'a=setup:active' attribute value is used in the SDP answer by the device.
Page 199: Services
DHCP Server Identifier Option 51 IP Address Lease Time Option 1 Subnet Mask Option 3 Router Option 6 Domain Name Server Option 44 NetBIOS Name Server Option 46 NetBIOS Node Type Option 42 Network Time Protocol Server Version 7.2 Mediant 4000 SBC...
Page 200 Mediant 4000 SBC DHCP Option Code DHCP Option Name Option 2 Time Offset Option 66 TFTP Server Name Option 67 Boot file Name Option 120 SIP Server Once you have configured the DHCP server, you can configure the following: ...
Page 201 Note: The IP address must belong to the same subnet as the associated interface’s IP address. End IP Address Defines the ending IP address (IPv4 address in dotted-decimal format) of the IP address pool range used by the DHCP server end-address Version 7.2 Mediant 4000 SBC...
Page 202 Mediant 4000 SBC Parameter Description [DhcpServer_EndIPAddress] to allocate addresses. The default value is 192.168.0.149. Note: The IP address must belong to the same subnet as the associated interface’s IP address and must be "greater or equal" to the starting IP address defined in 'Start IP Address'.
Page 203 SIP requests. The value is sent in DHCP [DhcpServer_SipServer] Option 120 (SIP Server). After defining the parameter, use the 'SIP server type' parameter (see below) to define the type of Version 7.2 Mediant 4000 SBC...
Page 204: Configuring The Vendor Class Identifier
The VCI is a string that identifies the vendor and functionality of a DHCP client to the DHCP server. For example, Option 60 can show the unique type of hardware (e.g., "AudioCodes 440HD IP Phone") or firmware of the DHCP client. The DHCP server can then differentiate between DHCP clients and process their requests accordingly.
Page 205: Configuring Additional Dhcp Options
Open the DHCP Servers table (see ''Configuring the DHCP Server'' on page 199). Select the row of the desired DHCP server for which you want to configure additional DHCP Options, and then click the DHCP Option link located below the table; the DHCP Option table opens. Version 7.2 Mediant 4000 SBC...
Page 206 Mediant 4000 SBC Click New; the following dialog box appears: Figure 15-3: DHCP Option Table - Add Dialog Box Configure additional DHCP Options for the DHCP server according to the parameters described in the table below. Click Apply. Table 15-4: DHCP Option Table Parameter Descriptions...
Page 207: Configuring Static Ip Addresses For Dhcp Clients
Select the row of the desired DHCP server for which you want to configure static IP addresses for DHCP clients, and then click the DHCP Static IP link located below the table; the DHCP Static IP table opens. Version 7.2 Mediant 4000 SBC...
Page 208: Viewing And Deleting Dhcp Clients
Mediant 4000 SBC Click New; the following dialog box appears: Figure 15-4: DHCP Static IP Table - Add Dialog Box Configure a static IP address for a specific DHCP client according to the parameters described in the table below. Click Apply.
Page 209: Sip-Based Media Recording
SIP that will manage delivery of RTP media to a recording device. The siprec protocol is based on RFC 6341 (Use Cases and Requirements for SIP-Based Media Recording), Session Recording Protocol (draft-ietf-siprec-protocol-02), and Architecture (draft-ietf-siprec-architecture-03). Version 7.2 Mediant 4000 SBC...
Page 210 • For the maximum number of concurrent sessions that the device can record, contact your AudioCodes sales representative. Session recording is a critical requirement in many business communications environments such as call centers and financial trading floors. In some of these environments, all calls must be recorded for regulatory and compliance reasons.
Page 211 Below is an example of an INVITE sent by the device to an SRS: INVITE sip:VSRP@1.9.64.253 SIP/2.0 Via: SIP/2.0/UDP 192.168.241.44:5060;branch=z9hG4bKac505782914 Max-Forwards: 10 From: <sip:192.168.241.44>;tag=1c505764207 To: <sip:VSRP@1.9.64.253> Call-ID: 505763097241201011157@192.168.241.44 CSeq: 1 INVITE Contact: <sip:192.168.241.44:5060>;src Supported: replaces,resource-priority Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUB SCRIBE,UPDATE Require: siprec User-Agent: Mediant /v.7.20A.000.038 Version 7.2 Mediant 4000 SBC...
Page 212 Mediant 4000 SBC Content-Type: multipart/mixed;boundary=boundary_ac1fffff85b Content-Length: 1832 --boundary_ac1fffff85b Content-Type: application/sdp o=AudiocodesGW 921244928 921244893 IN IP4 10.33.8.70 s=SBC-Call c=IN IP4 10.33.8.70 t=0 0 m=audio 6020 RTP/AVP 8 96 c=IN IP4 10.33.8.70 a=ptime:20 a=sendonly a=label:1 a=rtpmap:8 PCMA/8000 a=rtpmap:96 telephone-event/8000 a=fmtp:96 0-15 m=audio 6030 RTP/AVP 8 96 c=IN IP4 10.33.8.70...
Page 213: Enabling Sip-Based Media Recording
Open the SIP Recording Rules table (Setup menu > Signaling & Media tab > SIP Recording folder > SIP Recording Rules). Click New; the following dialog box appears: Figure 15-8: SIP Recording Rules Table - Add Dialog Box Version 7.2 Mediant 4000 SBC...
Page 214: Configuring Sip User Part For Srs
Mediant 4000 SBC The figure above shows a configuration example where the device records calls made by IP Group "ITSP" to IP Group "IP PBX" that have the destination number prefix, "1800". The device records the calls from the leg interfacing with IP Group "IP PBX"...
Page 215: Interworking Sip-Based Media Recording With Third-Party Vendors
SIP message, typically in the INVITE and the first 18x response. If the device receives a SIP message with Genesys SIP header, it adds the header's information to AudioCodes' proprietary tag in the XML metadata of the SIP INVITE that it sends to the recording server, as shown below: <ac:GenesysUUID...
Page 216: Radius-Based Services
Mediant 4000 SBC 15.3 RADIUS-based Services The device supports Remote Authentication Dial In User Service (RADIUS) by acting as a RADIUS client. You can use RADIUS for the following:  Authentication and authorization of management users (login username and password) to gain access to the device's management interface.
Page 217 RADIUS requests can be sent for Authentication and 402 (201 * 2) for Accounting.  To configure a RADIUS server: Open the RADIUS Servers table (Setup menu > IP Network tab > RADIUS & LDAP folder > RADIUS Servers). Version 7.2 Mediant 4000 SBC...
Page 218 Mediant 4000 SBC Click New; the following dialog box appears: Figure 15-11: RADIUS Servers Table - Add Dialog Box Configure a RADIUS server according to the parameters described in the table below. Click Apply. Table 15-7: RADIUS Servers Table Parameter Descriptions...
Page 219: Configuring Interface For Radius Communication
The Vendor ID must be the same as the Vendor ID set on the third-party RADIUS server. See the example for setting up a third-party RADIUS server in ''Setting Up a Third-Party RADIUS Server'' on page 221. Version 7.2 Mediant 4000 SBC...
Page 220: Radius-Based Management User Authentication
Mediant 4000 SBC  To configure the RADIUS Vendor ID: Open the Authentication Server page (Setup menu > Administration tab > Web & CLI folder > Authentication Server). Figure 15-13: Configuring RADIUS Vendor ID Under the RADIUS group, in the 'RADIUS VSA Vendor ID' field, enter the same vendor ID number as set on the third-party RADIUS server.
Page 221: Setting Up A Third-Party Radius Server
RADIUS servers, see ''Configuring Management User Accounts'' on page 58. # AudioCodes VSA dictionary VENDOR AudioCodes 5003 ATTRIBUTE ACL-Auth-Level 35 integer AudioCodes VALUE ACL-Auth-Level ACL-Auth-UserLevel 50 VALUE ACL-Auth-Level ACL-Auth-AdminLevel 100 VALUE ACL-Auth-Level ACL-Auth-SecurityAdminLevel 200 Define the list of users authorized to use the device, using one of the password authentication methods supported by the server implementation.
Page 222: Configuring Radius-Based User Authentication
Mediant 4000 SBC 15.3.6.2 Configuring RADIUS-based User Authentication The following procedure describes how to configure RADIUS-based login authentication. For a detailed description of the RADIUS parameters, see ''RADIUS Parameters'' on page 818.  To configure RADIUS-based login authentication: Open the Authentication Server page (Setup menu > Administration tab > Web &...
Page 223: Securing Radius Communication
Web interface's login screen. However, authentication with the RADIUS server can also be done immediately after the user enters the URL, if the URL also contains the login credentials. example: http://10.4.4.112/Forms/RadiusAuthentication?WSBackUserName=John&WSBackPasswor d=1234 Note: This feature allows up to five simultaneous users only. Version 7.2 Mediant 4000 SBC...
Page 224: Radius-Based Cdr Accounting
Mediant 4000 SBC 15.3.7 RADIUS-based CDR Accounting Once you have configured a RADIUS server(s) for accounting in ''Configuring RADIUS Servers'' on page 216, you need to enable and configure RADIUS-based CDR accounting (see ''Configuring RADIUS Accounting'' on page 668). 15.4...
Page 225: Enabling The Ldap Service
Open the LDAP Settings page (Setup menu > IP Network tab > RADIUS & LDAP folder > LDAP Settings). Figure 15-20: Enabling LDAP From the 'LDAP Service' drop-down list, select Enable. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Version 7.2 Mediant 4000 SBC...
Page 226: Enabling Ldap-Based Web/Cli User Login Authentication And Authorization
Mediant 4000 SBC 15.4.2 Enabling LDAP-based Web/CLI User Login Authentication and Authorization The LDAP service can be used for authenticating and authorizing device management users (Web and CLI), based on the user's login username and password (credentials). At the same, it can also be used to determine users' management access levels (privileges).
Page 227 "Marketing" and if a result is not found, it searches in "Sales", and if not found, it searches in "Administration", and so on.  [1] Parallel = The query is done in all DN objects at the same Version 7.2 Mediant 4000 SBC...
Page 228: Configuring Ldap Servers
Mediant 4000 SBC Parameter Description time. For example, a search for the DN object record "JohnD" is done at the same time in the "Marketing", "Sales" and "Administration" DN objects. Cache Cache Entry Timeout Defines the duration (in minutes) that an entry in the device's LDAP cache is valid.
Page 229 Enables the device to encrypt the username and password (for Control and Management related queries) using TLS when sending use-tls them to the LDAP server. [LdapConfiguration_useTLS]  [0] No = (Default) Username and password are sent in clear-text Version 7.2 Mediant 4000 SBC...
Page 230 Mediant 4000 SBC Parameter Description format.  [1] Yes TLS Context Assigns a TLS Context for the connection with the LDAP server. tls-context By default, no value is defined and the device uses the default TLS Context (ID 0). [LdapConfiguration_ContextN...
Page 231 LDAP server for authenticating the user's username-password combination. An example configuration for the parameter is $@sales.local, where the device replaces the $ with the entered username, for example, JohnD@sales.local. The username can also be Version 7.2 Mediant 4000 SBC...
Page 232: Configuring Ldap Dns (Base Paths) Per Ldap Server
Mediant 4000 SBC Parameter Description configured with the domain name of the LDAP server. Note: By default, the device sends the username in clear-text format. You can enable the device to encrypt the username using TLS (see the 'Use SSL' parameter below).
Page 233: Configuring The Ldap Search Filter Attribute
The search filter is applicable only to LDAP-based login authentication and authorization queries. • The search filter is a global setting that applies to all LDAP-based login authentication and authorization queries, across all configured LDAP servers. Version 7.2 Mediant 4000 SBC...
Page 234: Configuring Access Level Per Management Groups Attributes
Mediant 4000 SBC  To configure the LDAP search filter for management users: Open the Authentication Server page (Setup menu > Administration tab > Web & CLI folder > Authentication Server). Figure 15-25: Configuring LDAP Search Filter In the 'LDAP Authentication Filter' parameter, enter the LDAP search filter attribute for searching the login username for user authentication.
Page 235 Defines an index number for the new table row. [MgmntLDAPGroups_GroupIndex] Note: Each row must be configured with a unique index. Level Defines the access level of the group(s).  level [0] Monitor (Default)  [1] Admin Version 7.2 Mediant 4000 SBC...
Page 236: Configuring The Device's Ldap Cache
Mediant 4000 SBC Parameter Description  [MgmntLDAPGroups_Level] [2] Security Admin Groups Defines the attribute names of the groups in the LDAP server. groups The valid value is a string of up to 256 characters. To define multiple groups, separate each group name with a semicolon (;).
Page 237 In the 'LDAP Cache Entry Removal Timeout' field, enter the duration (in hours) after which the device removes the LDAP entry from the cache. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Version 7.2 Mediant 4000 SBC...
Page 238: Refreshing The Ldap Cache
Mediant 4000 SBC 15.4.8.1 Refreshing the LDAP Cache You can refresh values of LDAP Attributes associated with a specified LDAP search key that are stored in the device's LDAP cache. The device sends an LDAP query to the LDAP server for the cached Attributes of the specified search key and replaces the old values in the cache with the new values received in the LDAP response.
Page 239: Clearing The Ldap Cache
To use the Local Users table for authenticating management users: Open the Authentication Server page (Setup menu > Administration tab > Web & CLI folder > Authentication Server). Figure 15-31: Local Users Table for Login Authentication Under the General group, do the following: Version 7.2 Mediant 4000 SBC...
Page 240 Mediant 4000 SBC Configure when the Local Users table must be used to authenticate login users. From the 'Use Local Users Database' drop-down list, select one of the following: ♦ When No Auth Server Defined (default): When no LDAP/RADIUS server is configured or if a server is configured but connectivity with the server is down (if the server is up, the device authenticates the user with the server).
Page 241: Ldap-Based Login Authentication Example
The LDAP server's entry data structure schema in the example is as follows:  DN (base path): OU=testMgmt,OU=QA,DC=testqa,DC=local. The DN path to search for the username in the directory is shown below: Figure 15-32: Base Path (DN) in LDAP Server Version 7.2 Mediant 4000 SBC...
Page 242 Mediant 4000 SBC  Search Attribute Filter: (sAMAccountName=$). The login username is found based on this attribute (where the attribute's value equals the username): Figure 15-33: Username Found using sAMAccount Attribute Search Filter  Management Attribute: memberOf. The attribute contains the member groups of the...
Page 243 Figure 15-36: Configuring LDAP Server Group for Management  The DN is configured in the LDAP Server Search Base DN table (see ''Configuring LDAP DNs (Base Paths) per LDAP Server'' on page 232): Figure 15-37: Configuring DN Version 7.2 Mediant 4000 SBC...
Page 244 Mediant 4000 SBC  The search attribute filter based on username is configured by the 'LDAP Authentication Filter' parameter (see ''Configuring the LDAP Search Filter Attribute'' on page 233): Figure 15-38: Configuring Search Attribute Filter  The group management attribute is configured by the 'Management Attribute'...
Page 245: Enabling Ldap Searches For Numbers With Characters
PBX or IP PBX - users not yet migrated to Skype for Business  Mobile - mobile number  Private - private telephone line for Skype for Business users (in addition to the primary telephone line) Version 7.2 Mediant 4000 SBC...
Page 246: Querying The Ad And Routing Priority
Mediant 4000 SBC 15.4.12.1 Querying the AD and Routing Priority The device queries the AD using the initial destination number (i.e., called number). The query can return up to four user phone numbers, each pertaining to one of the IP domains (i.e., private number, Skype for Business number, PBX / IP PBX number, and mobile...
Page 247 - call busy), the device can route the call to an alternative destination if an alternative routing rule is configured. "Redundant" route: If the query failed (i.e., no attribute found in the AD), the device uses the routing rule matching the "LDAP_ERR" prefix destination number value. Version 7.2 Mediant 4000 SBC...
Page 248 Mediant 4000 SBC The flowchart below summarizes the device's process for querying the AD and routing the call based on the query results: Figure 15-41: Querying AD in Skype for Business Environment Note: If you are using the device's local LDAP cache, see ''Configuring the Device's LDAP Cache'' on page 236 for the LDAP query process.
Page 249: Configuring Ad-Based Routing Rules
LDAP server. For alternative routing, enable the alternative routing mechanism and configure corresponding SIP reasons for alternative routing. For this feature, alternative routing starts from the table row located under the LDAP query row. Version 7.2 Mediant 4000 SBC...
Page 250 Mediant 4000 SBC The table below shows an example for configuring AD-based SBC routing rules in the IP- to-IP Routing Table: Table 15-14: AD-Based SBC IP-to-IP Routing Rule Configuration Examples Destination Username Destination Index Destination Type Prefix Address PRIVATE: Dest Address 10.33.45.60...
Page 251: Least Cost Routing
This example shows four defined Cost Groups and the total call cost if the average call duration is 10 minutes: Table 15-15: Call Cost Comparison between Cost Groups for different Call Durations Total Call Cost per Duration Connection Cost Group Minute Cost Cost 1 Minute 10 Minutes 80.3 Version 7.2 Mediant 4000 SBC...
Page 252 Mediant 4000 SBC If four matching routing rules are located in the routing table and each one is assigned a different Cost Group as listed in the table above, then the rule assigned Cost Group "D" is selected. Note that for one minute, Cost Groups "A" and "D" are identical, but due to the average call duration, Cost Group "D"...
Page 253: Configuring Lcr
Time Bands per Cost Group. The following procedure describes how to configure Cost Groups through the Web interface. You can also configure it through ini file (CostGroupTable) or CLI (configure voip > sip-definition least-cost-routing cost-group). Version 7.2 Mediant 4000 SBC...
Page 254 Mediant 4000 SBC  To configure a Cost Group: Open the Cost Groups table (Setup menu > Signaling & Media tab > SIP Definitions folder > Least Cost Routing > Cost Groups). Click New; the following dialog box appears: Configure a Cost Group according to the parameters described in the table below.
Page 255 (i.e., SUN, MON, TUE, WED, THU, FRI, or SAT).  hh and mm denote the time of day, where hh is the hour (00-23) and mm the minutes (00-59) For example, SAT:22:00 denotes Saturday at 10 pm. Version 7.2 Mediant 4000 SBC...
Page 256: Assigning Cost Groups To Routing Rules
Mediant 4000 SBC Parameter Description End Time Defines the day and time of day until when this time band is applicable. For a description of the valid values, see the end-time parameter above. [CostGroupTimebands_EndTime] Connection Cost Defines the call connection cost during the time band. This is added as a fixed charge to the call.
Page 257: Remote Web Services
 Capture: Recording of signaling and RTP packets, and Syslog. The remote host can be, for example, a Syslog server or AudioCodes SEM. Note: • You can configure only one Remote Web Service for Routing, for Call Status, and for Topology.
Page 258 Mediant 4000 SBC  To configure a remote Web service: Open the Remote Web Services table (Setup menu > IP Network tab > Web Services folder > Remote Web Services). Click New; the following dialog box appears: Figure 15-44: Remote Web Services Table - Add Dialog Box Configure a remote Web service according to the parameters described in the table below.
Page 259 HTTP persistent connection messages to keep the connection open. Number of Sockets Defines how many sockets (connection) are established per remote host. http-num-sockets The valid value is 1 to 10. The default is 1. [HTTPRemoteServices_NumOfS ockets] Version 7.2 Mediant 4000 SBC...
Page 260 Mediant 4000 SBC Parameter Description Login Login Needed Enables the use of proprietary REST API Login and Logout commands for connecting to the remote host. The commands http-login-needed verify specific information (e.g., software version) before allowing [HTTPRemoteServices_LoginNe connectivity with the device.
Page 261: Configuring Remote Http Hosts
Click New; the following dialog box appears: Figure 15-45: HTTP Remote Hosts Table - Add Dialog Box Configure an HTTP remote host according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Version 7.2 Mediant 4000 SBC...
Page 262 Mediant 4000 SBC Table 15-19: HTTP Remote Hosts Table Parameter Descriptions Parameter Description Index Defines an index number for the new table row. rest-servers Note:  [HTTPRemoteHosts_RemoteHostindex] Each row must be configured with a unique index.  The parameter is mandatory.
Page 263: Enabling Topology Status Services
15.6.3 Centralized Third-Party Routing Server You can employ a remote, third-party Routing server to handle call routing decisions in deployments consisting of multiple AudioCodes devices. Employing a Routing server replaces the need for the device's routing tables (IP-to-IP Routing table) to determine call destination.
Page 264 Mediant 4000 SBC "Not Found" message), the device routes the call using its routing tables. If the Get Route request is not the first one sent for the call (e.g., in call forwarding or alternative routing) and the Routing server responds with an HTTP 404 "Not Found" message, the device rejects the call.
Page 265 Services'' on page 257). You must configure the 'Type' parameter of the Remote Web Service to Routing, as shown in the following example: Figure 15-49: Configuring Remote Web Service for Routing Server In the IP-to-IP Routing table, configure the 'Destination Type' parameter of the routing Version 7.2 Mediant 4000 SBC...
Page 266 Mediant 4000 SBC rule to Routing Server (see Configuring SBC IP-to-IP Routing Rules on page 464), as shown below: Figure 15-50: Configuring Routing Rule to use Routing Server User's Manual Document #: LTRT-41729...
Page 267: Http-Based Proxy Services
 HTTP-based EMS Services for AudioCodes Equipment behind NAT: You can configure the device to act as an HTTP Proxy that enables AudioCodes EMS to manage AudioCodes equipment (such as IP Phones) over HTTP when the equipment is located behind NAT (e.g., in the LAN) and EMS is located in a public domain (e.g., in the WAN).
Page 268: Enabling The Http Proxy Application
The HTTP Interfaces table lets you configure up to 10 HTTP Interfaces. An HTTP Interface represents a local, listening interface for receiving HTTP/S requests from HTTP-based (Web) clients such as managed equipment (e.g., IP Phones) and/or AudioCodes EMS management tool for HTTP/S-based services.
Page 269 (i.e., handshake fails). The device can also authenticate the certificate by querying with an Online Certificate Status Protocol (OCSP) server whether the certificate has been revoked. This is also configured for the associated TLS Context. Version 7.2 Mediant 4000 SBC...
Page 270: Configuring Http Proxy Services
Mediant 4000 SBC Parameter Description Note: The parameter is applicable only if the connection protocol is HTTPS (defined using the 'Protocol' parameter, above). 15.7.3 Configuring HTTP Proxy Services The HTTP Proxy Services table lets you configure up to 10 HTTP Proxy Services.
Page 271: Configuring Http Proxy Hosts
Open the HTTP Proxy Services table (Setup menu > IP Network tab > HTTP Proxy folder > HTTP Proxy Services). In the table, select the required HTTP Proxy Service index row, and then click the HTTP Proxy Hosts link located below the table; the HTTP Proxy Hosts table appears. Version 7.2 Mediant 4000 SBC...
Page 272 Mediant 4000 SBC Click New; the following dialog box appears: Figure 15-54: HTTP Proxy Hosts Table - Add Dialog Box Configure an HTTP Proxy Host according to the parameters described in the table below. Click Apply, and then save your settings to flash memory.
Page 273: Configuring An Http-Based Ems Service
To configure an EMS Service: Open the EMS Services table (Setup menu > IP Network tab > HTTP Proxy folder > EMS Services). Click New; the following dialog box appears: Figure 15-55: EMS Services Table - Add Dialog Box Version 7.2 Mediant 4000 SBC...
Page 274 Mediant 4000 SBC Configure an EMS Service according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 15-23: EMS Services Table Parameter Descriptions Parameter Description Index Defines an index number for the new table row.
Page 275: E9-1-1 Support For Microsoft Skype For Business
E9-1-1 due to the difficulty in accurately locating the E9-1-1 caller. This section describes the E9-1-1 solution provided by Microsoft Skype for Business and AudioCodes' device's ELIN interworking capabilities, which provides the SIP Trunk to the E9-1-1 emergency service provider. This section also describes the configuration of the device for interoperating between the Skype for Business environment and the E9-1-1 emergency provider.
Page 276: Microsoft Skype For Business And E9-1-1
The figure below illustrates the routing of an E9-1-1 call to the PSAP: The VoIP user dials 9-1-1. AudioCodes' ELIN device eventually sends the call to the emergency service provider over the SIP Trunk (PSAP server). The emergency service provider identifies the call is an emergency call and sends it to an E9-1-1 Selective Router in the Emergency Services provider's network.
Page 277: Gathering Location Information Of Skype For Business Clients For
• Immediately after startup and registering the user with Skype for Business • Approximately every four hours after initial registration • Whenever a network connection change is detected (such as roaming to a new WAP) Version 7.2 Mediant 4000 SBC...
Page 278: Adding Elins To The Location Information Server
Mediant 4000 SBC The Skype for Business client includes in its location request the following known network connectivity information: • Always included: ♦ IPv4 subnet ♦ Media Access Control (MAC) address • Depends on network connectivity: ♦ Wireless access point (WAP) Basic Service Set Identifier (BSSID) ♦...
Page 279: Passing Location Information To The Pstn Emergency Provider
(for example, less than 7000 square feet per ERL). Typically, you would have an ERL for each floor of the building. The ELIN is used as the phone number for 911 callers within this ERL. Version 7.2 Mediant 4000 SBC...
Page 280: Audiocodes Elin Device For Skype For Business E9-1-1 Calls To Pstn
Therefore, IP phones, for example, on a specific floor are in the same subnet and therefore, use the same ELIN when dialing 9-1-1. 15.8.3 AudioCodes ELIN Device for Skype for Business E9-1-1 Calls to PSTN Microsoft Mediation Server sends the location information of the E9-1-1 caller in the XML- based PIDF-LO body contained in the SIP INVITE message.
Page 281: Detecting And Handling E9-1-1 Calls
PSAP, based on ELIN-address match lookup in the emergency service provider's ALI database. The figure below illustrates an AudioCodes ELIN device deployed in the Skype for Business environment for handling E9-1-1 calls between the Enterprise and the emergency service provider.
Page 282 Mediant 4000 SBC ELIN Time Count Index Call From 4257275999 22:11:57 4258359444 4257275615 22:12:03 4258359555 4257275616 22:11:45 4258359777 The ELIN table stores this information for a user-defined period (see ''Configuring the E9-1-1 Callback Timeout'' on page 285), starting from when the E9-1-1 call, established with the PSAP, terminates.
Page 283: Pre-Empting Existing Calls For E9-1-1 Calls
If a match is found in the ELIN table, it routes the call to the Mediation Sever by sending a SIP INVITE, where the values of the To and Request-URI are taken from Version 7.2 Mediant 4000 SBC...
Page 284: Selecting Elin For Multiple Calls Within Same Erl
Mediant 4000 SBC the value of the original From header that is stored in the ELIN table (in the Call From column). The device updates the Time in the ELIN table. (The Count is not affected). The PSAP callback can be done only within a user-defined period (see ''Configuring the E9-1-1 Callback Timeout'' on page 285), started from after the original E9-1-1 call established with the PSAP is terminated.
Page 285: Configuring Audiocodes Elin Device
User's Manual 15. Services 15.8.4 Configuring AudioCodes ELIN Device This section describes E9-1-1 configuration of the AudioCodes ELIN Gateway deployed in the Skype for Business environment. 15.8.4.1 Enabling the E9-1-1 Feature By default, the ELIN device feature for E9-1-1 emergency call handling in a Skype for Business environment is disabled.
Page 286: Viewing The Elin Table
Mediant 4000 SBC 15.8.4.4 Viewing the ELIN Table To view the ELIN table:  # show voip e911 ELIN Time Count Index Call From ------------------------------------------------------------ 4257275678 22:11:52 0 4258359333 4257275999 22:11:57 0 4258359444 4257275615 22:12:03 0 4258359555 4257275616 22:11:45 0...
Page 287: Quality Of Experience
The device can be configured to report voice (media) Quality of Experience (QoE) to AudioCodes' Session Experience Manager (SEM) server, a plug-in for AudioCodes EMS. The reports include real-time metrics of the quality of the actual call experience, which are then processed by the SEM.
Page 288: Configuring Clock Synchronization Between Device And Sem
In other words, you need to configure them with the same NTP server. The NTP server can be one of the following:  AudioCodes EMS server (also acting as an NTP server)  Third-party, external NTP server Once you have determined the NTP server, all the elements--device, SEM, and EMS--must be configured with the same NTP server address.
Page 289: Configuring Quality Of Experience Profiles
(i.e., change in color state). Hysteresis is used to avoid false reports being sent by the device. Hysteresis is used only for threshold crossings toward a lesser severity (i.e., from Red to Yellow, Red to Green, or Yellow to Green). Version 7.2 Mediant 4000 SBC...
Page 290  Report the change in the measured metrics to AudioCodes' Session Experience Manager (SEM) server. The SEM displays this call quality status for the associated SEM link (IP Group, Media Realm, or Remote Media Subnet). To configure the SEM server's address, see ''Configuring the SEM Server'' on page 287.
Page 291 The valid value is a string of up to 20 characters. [QOEProfile_Name] Sensitivity Level Defines the pre-configured threshold profile to use.  sensitivity-level [0] User Defined = Need to define thresholds per monitored parameter in the Quality of Experience Color Rules table. Version 7.2 Mediant 4000 SBC...
Page 292 Mediant 4000 SBC Parameter Description  [QOEProfile_SensitivityLevel] [1] Low = Pre-configured low sensitivity thresholds.  [2] Medium = (Default) Pre-configured medium sensitivity thresholds.  [3] High = Pre-configured high sensitivity thresholds. Reporting is done for small fluctuations in parameter values.
Page 293 MOS values are in multiples of 10. For example, to denote a MOS of 3.2, the value 32 (i.e., 3.2*10) must be entered.  Delay values are in msec.  Packet Loss values are in percentage (%).  Jitter is in msec. Version 7.2 Mediant 4000 SBC...
Page 294: Configuring Bandwidth Profiles
Mediant 4000 SBC Parameter Description  Echo measures the Residual Echo Return Loss (RERL) in Major Hysteresis (Red) Defines the amount of fluctuation (hysteresis) from the Major threshold, configured by the 'Major Threshold (Red)' parameter major-hysteresis-red in order for the threshold to be considered as crossed. The...
Page 295 Minor threshold with [32,000 - (10% x hysteresis. 64,000)] Red to Green (alarm cleared) The change occurs if the current bandwidth 25,600 Kbps crosses the configured Minor threshold with [32,000 - (10% x hysteresis. 64,000)] Version 7.2 Mediant 4000 SBC...
Page 296 Mediant 4000 SBC The following procedure describes how to configure Bandwidth Profiles through the Web interface. You can also configure it through ini file (BWProfile) or CLI (configure voip > qoe bw-profile).  To configure a Bandwidth Profile: Open the Bandwidth Profile table (Setup menu > Signaling & Media tab > Media folder >...
Page 297 Yellow-to-Green (Green-alarm cleared): 25,600 Kbps [32,000 - (10% x 64,000)] Generate Alarm Enables the device to send an SNMP alarm if a bandwidth threshold is crossed. generate-alarms  [0] Disable (default) [BWProfile_GenerateAlarms]  [1] Enable Version 7.2 Mediant 4000 SBC...
Page 298: Configuring Quality Of Service Rules
Mediant 4000 SBC 16.4 Configuring Quality of Service Rules The Quality of Service Rules table lets you configure up to 3,125 Quality of Service rules. A Quality of Service rule defines an action to perform when the threshold (major or minor) of a specific performance monitoring call metric is crossed for a specific IP Group.
Page 299  [0] Major (Default) [QualityOfServiceRules_Severit  [1] Minor Note: If you configure the 'Rule Metric' parameter to ACD, ASR or NER, you must configure the parameter to Major. For all other Version 7.2 Mediant 4000 SBC...
Page 300 Mediant 4000 SBC Parameter Description 'Rule Metric' parameter values, you can configure the parameter to any value. Action Rule Action Defines the action to be done if the rule is matched.  rule-action [0] Reject Calls = (Default) New calls destined to the specified IP Group are rejected for a user-defined duration.
Page 301: Control Network
You can also configure it through ini file (CpMediaRealm) or CLI (configure voip > realm).  To configure a Media Realm: Open the Media Realms table (Setup menu > Signaling & Media tab > Core Entities folder > Media Realms). Version 7.2 Mediant 4000 SBC...
Page 302 Mediant 4000 SBC Click New; the following dialog box appears: Figure 17-1: Media Realms Table - Add Dialog Box Configure the Media Realm according to the parameters described in the table below. Click Apply. Table 17-1: Media Realms table Parameter Descriptions...
Page 303 RTP port 6000, the RTCP port and T.38 port for the session is 6001 and 6002, respectively. However, you can configure the device to use the same port for RTP and T.38 packets, by configuring the Version 7.2 Mediant 4000 SBC...
Page 304: Configuring Remote Media Subnets
Mediant 4000 SBC Parameter Description T38UseRTPPort parameter to 1. For more information on local UDP port range, see ''Configuring RTP Base UDP Port'' on page 186. Default Media Realm Defines the Media Realm as the default Media Realm. The default Media Realm is used for SIP Interfaces and IP Groups is-default for which you have not assigned a Media Realm.
Page 305 Open the Media Realms table (see ''Configuring Media Realms'' on page 301). Select the Media Realm row for which you want to add Remote Media Subnets, and then click the Remote Media Subnet link located below the table; the Remote Media Subnet table appears. Version 7.2 Mediant 4000 SBC...
Page 306 Mediant 4000 SBC Click New; the following dialog box appears: Figure 17-3: Remote Media Subnet Table - Add Dialog Box Configure the Remote Media Subnet according to the parameters described in the table below. Click Apply. Table 17-2: Remote Media Subnet Table Parameter Descriptions...
Page 307: Configuring Media Realm Extensions
Open the Media Realms table (see ''Configuring Media Realms'' on page 301). Select the Media Realm for which you want to add Remote Media Extensions, and then click the Media Realm Extension link located below the table; the Media Realm Extension table appears. Version 7.2 Mediant 4000 SBC...
Page 308 Mediant 4000 SBC Click New; the following dialog box appears: Figure 17-5: Media Realm Extension Table - Add Dialog Box Configure the Media Realm Extension according to the parameters described in the table below. Click Apply. Table 17-3: Media Realm Extension Table Parameter Descriptions...
Page 309: Configuring Srds
Admission Control rule - see Configuring Admission Control Table on page 451  Classification rule - see Configuring Classification Rules on page 455 As mentioned previously, if you use only a single SRD, the device automatically assigns it to the above-listed configuration entities. Version 7.2 Mediant 4000 SBC...
Page 310 Mediant 4000 SBC As each SIP Interface defines a different Layer-3 network (see ''Configuring SIP Interfaces'' on page 319 for more information) on which to route or receive calls and as you can assign multiple SIP Interfaces to the same SRD, for most deployment scenarios (even for multiple Layer-3 network environments), you only need to employ a single SRD to represent your VoIP network (Layer 5).
Page 311 Open the SRDs table (Setup menu > Signaling & Media tab > Core Entities folder > SRDs). Click New; the following dialog box appears: Figure 17-7: SRDs Table - Add Dialog Box Configure an SRD according to the parameters described in the table below. Click Apply. Version 7.2 Mediant 4000 SBC...
Page 312 Mediant 4000 SBC Table 17-4: SRDs table Parameter Descriptions Parameter Description General Index Defines an index for the new table row. [SRD_Index] Note: Each row must be configured with a unique index. Name Defines an arbitrary name to easily identify the row.
Page 313 (Dialog establish failure - Classification failure) using the Intrusion Detection System (IDS) feature (see Configuring IDS Policies on page 162), by sending an SNMP trap.  When the corresponding parameter in the SIP Interfaces table Version 7.2 Mediant 4000 SBC...
Page 314 Mediant 4000 SBC Parameter Description (SIPInterface_BlockUnRegUsers) is configured to any value other than default [-1] for a SIP Interface that is associated with the SRD, the parameter in the SRDs table is ignored for calls belonging to the SIP Interface.
Page 315: Filtering Tables In Web Interface By Srd
Tenant size in a multi-tenant architecture can vary and therefore, the instance CPU, memory and interface allocations should be optimized so as not to waste resources for small-sized Version 7.2 Mediant 4000 SBC...
Page 316 Mediant 4000 SBC tenants on the one hand, and not to allocate too many instances for a single tenant/customer on the other. For example, it would be a waste to allocate a capacity of 100 concurrent sessions to a small tenant for which 10 concurrent sessions suffice.
Page 317: Cloning Srds
To exit the tenant view: # no srd-view 17.2.3 Cloning SRDs You can clone (duplicate) existing SRDs. This is especially useful when operating in a multi-tenant environment and you need to add new tenants (SRDs). The new tenants can Version 7.2 Mediant 4000 SBC...
Page 318: Color-Coding Of Srds In Web Interface
Mediant 4000 SBC quickly and easily be added by simply cloning one of the existing SRDs. Once cloned, all you need to do is tweak configuration entities associated with the SRD clone. When an SRD is cloned, the device adds the new SRD clone to the next available index row in the SRDs table.
Page 319: Automatic Configuration Based On Srd
Interface. For more information, see ''Configuring IDS Policies'' on page 162.  SBC application: • IP-to-IP Routing rules for specifying the destination SIP Interface to where you want to route the call. For more information, see Configuring SBC IP-to-IP Routing Rules on page 464. Version 7.2 Mediant 4000 SBC...
Page 320 Mediant 4000 SBC • Classification rules for specifying the SIP Interface as a matching characteristic of the incoming call. This is especially useful for the single SRD-configuration topology, where each SIP Interface represents a Layer-3 network (SIP entity). Therefore, classification of calls to IP Groups (SIP entities) can be based on SIP Interface.
Page 321 (i.e., ports configured for Media Realms). For example, if the RTP port range is 6000 to 6999, the SIP port can either be less than 6000 or greater than 6999.  The base UDP port number (BaseUDPPort parameter) for RTP Version 7.2 Mediant 4000 SBC...
Page 322 Mediant 4000 SBC Parameter Description traffic must be greater than the highest UDP port configured for a SIP Interface. For example, if your highest configured UDP port for a SIP Interface is 6060, you must configure the BaseUDPPort parameter to any value greater than 6060. For more information on base UDP port, see ''Configuring RTP Base UDP Port'' on page 186.
Page 323 SIP Interface. intra-srd-media-anchoring  [0] Disable = (Default) Media Anchoring is employed, whereby the [SIPInterface_SBCDirectMedi media stream traverses the device (and each leg uses a different coder or coder parameters). Version 7.2 Mediant 4000 SBC...
Page 324 Mediant 4000 SBC Parameter Description  [1] Enable = No Media Anchoring. Media stream flows directly between endpoints (i.e., does not traverse the device - no Media Anchoring).  [2] Enable when Same NAT = No Media Anchoring. Media stream flows directly between endpoints if they are located behind the same NAT.
Page 325 SBC IP-to-IP Routing table where the destination is the user’s User-type IP Group (i.e., call survivability scenarios) and if the parameter is enabled.  [-1] Not Configured = (Default) The corresponding parameter in the SRDs table (SRD_EnableUnAuthenticatedRegistrations) of Version 7.2 Mediant 4000 SBC...
Page 326: Configuring Ip Groups
Mediant 4000 SBC Parameter Description the SRD associated with the SIP Interface is applied.  [0] Disable = The device rejects REGISTER requests from new users that were not authenticated by a proxy server.  [1] Enable = The device accepts REGISTER requests from new users even if they were not authenticated by a proxy server, and registers the user in its registration database.
Page 327 The parameter is mandatory.  For the parameter to take effect, a device reset is required. General Index Defines an index for the new table row. [IPGroup_Index] Note: Each row must be configured with a unique index. Version 7.2 Mediant 4000 SBC...
Page 328 Mediant 4000 SBC Parameter Description Name Defines an arbitrary name to easily identify the row. name The valid value is a string of up to 40 characters. [IPGroup_Name] Note: Each row must be configured with a unique name. Topology Location Defines the display location of the IP Group in the Topology view.
Page 329 The valid value is a string of up to 100 characters. By default, no value is defined. Note:  If the parameter is not configured, the value of the global Version 7.2 Mediant 4000 SBC...
Page 330 Mediant 4000 SBC Parameter Description parameter, ProxyName is used instead (see ''Configuring Proxy and Registration Parameters'' on page 355).  The parameter overrides inbound message manipulation rules that manipulate the host name in Request-URI, To, and/or From SIP headers. If you configure the parameter and you want to...
Page 331 INVITEs to their appropriate IP Groups.  Classification by Proxy Set occurs only if classification based on the device's registration database fails (i.e., the INVITE is not from a registered user). Version 7.2 Mediant 4000 SBC...
Page 332 Mediant 4000 SBC Parameter Description SBC Operation Mode Defines the device's operational mode for the IP Group.  sbc-operation-mode [-1] Not Configured = (Default)  [0] B2BUA = Device operates as a back-to-back user agent [IPGroup_SBCOperationMo (B2BUA), changing the call identifiers and headers between the inbound and outbound legs.
Page 333 [5] P-Preferred  [6] Route  [7] Diversion  [8] P-Associated-URI  [9] P-Called-Party-ID  [10] Contact  [11] Referred-by Note:  The parameter is applicable only when classification is done according to the Classification table. Version 7.2 Mediant 4000 SBC...
Page 334 Mediant 4000 SBC Parameter Description  If the configured SIP header does not exist in the incoming INVITE message, the classification of the message to a source IP Group fails.  If the device receives an INVITE as a result of a REFER request or a 3xx response, then the incoming INVITE is routed according to the Request-URI.
Page 335 Call Setup rule immediately before the routing stage (i.e., only after the call-setup-rules-set-id classification and manipulation stages). [IPGroup_CallSetupRulesSe By default, no value is assigned. tId] To configure Call Setup Rules, see Configuring Call Setup Rules on page 366. Version 7.2 Mediant 4000 SBC...
Page 336 Mediant 4000 SBC Parameter Description Quality of Experience QoE Profile Assigns a Quality of Experience Profile rule. qoe-profile By default, no value is defined. [IPGroup_QOEProfile] To configure Quality of Experience Profiles, see ''Configuring Quality of Experience Profiles'' on page 289.
Page 337 Defines the shared username for authenticating the IP Group, when the device acts as an Authentication server. username The valid value is a string of up to 51 characters. By default, no [IPGroup_Username] username is defined. Note: Version 7.2 Mediant 4000 SBC...
Page 338: Configuring Proxy Sets
Mediant 4000 SBC Parameter Description  The parameter is applicable only to Server-type IP Groups and when the 'Authentication Mode' parameter is set to SBC as Server (i.e., authentication of servers).  To specify the SIP request types (e.g., INVITE) that must be challenged by the device, use the 'Authentication Method List' parameter.
Page 339 Open the Proxy Sets table (Setup menu > Signaling & Media tab > Core Entities folder >Proxy Sets). Click New; the following dialog box appears: Configure a Proxy Set according to the parameters described in the table below. Click Apply. Version 7.2 Mediant 4000 SBC...
Page 340 Mediant 4000 SBC Select the index row of the Proxy Set that you added, and then click the Proxy Address link located below the table; the Proxy Address table opens. Click New; the following dialog box appears: Figure 17-10: Proxy Address Table - Add Dialog Box Configure the address of the Proxy Set according to the parameters described in the table below.
Page 341 For Survivability mode for User-type IP Groups, the parameter must be enabled (1 or 2).  If the parameter is enabled and the proxy uses the TCP/TLS transport type, you can enable CRLF Keep-Alive feature, using the UsePingPongKeepAlive parameter. Version 7.2 Mediant 4000 SBC...
Page 342 Mediant 4000 SBC Parameter Description Proxy Keep-Alive Time Defines the interval (in seconds) between keep-alive messages sent by the device when the Proxy Keep-Alive feature is enabled (see the proxy-keep-alive-time 'Proxy Keep-Alive' parameter in this table). [ProxySet_ProxyKeepAliveTi The valid range is 5 to 2,000,000. The default is 60.
Page 343 10.1.1.1:5070) and the parameter is configured to IP Address, Port & Transport Type, classification to the correct IP Group is achieved. Therefore, when classification is by Proxy Set, pay attention to the configured IP addresses and this parameter. Version 7.2 Mediant 4000 SBC...
Page 344 Mediant 4000 SBC Parameter Description When more than one Proxy Set is configured with the same IP address, the device selects the matching Proxy Set in the following order:  Selects the Proxy Set whose IP address, port, and transport type match the source of the incoming dialog (regardless of the settings of this parameter).
Page 345 Defines the transport type for communicating with the proxy.  transport-type [0] UDP  [1] TCP [ProxyIp_TransportType]  [2] TLS  [-1] = (Default) The transport type is according to the settings of the global parameter, SIPTransportType. Version 7.2 Mediant 4000 SBC...
Page 346: Building And Viewing Sip Entities In Topology View
Mediant 4000 SBC 17.6 Building and Viewing SIP Entities in Topology View The Topology view lets you easily build and view your main SIP entities, including IP Groups, SIP Interfaces, and Media Realms. The Topology view graphically displays these entities and the associations between them, giving you a better understanding of your SIP topology and configuration.
Page 347 Interface"-titled icon, which includes the name and row index number: If you hover your mouse over the icon, a pop-up appears displaying the following basic information (example): If you click the icon, a drop-down menu appears listing the following commands: Version 7.2 Mediant 4000 SBC...
Page 348 Mediant 4000 SBC Item # Description  Edit: Opens a dialog box in the SIP Interfaces table to modify the SIP Interface.  Show List: Opens the SIP Interfaces table.  Delete: Opens the SIP Interfaces table where you are prompted to confirm deletion of the SIP Interface.
Page 349 IP Group. A solid line indicates that you have configured a routing rule for the IP Group; a dashed line indicates that you have yet to configure a routing rule. Note: Version 7.2 Mediant 4000 SBC...
Page 350 Mediant 4000 SBC Item # Description  You can also view connectivity status in the IP Groups table.  To support the connectivity status feature, you must enable the keep-alive mechanism for the Proxy Set that is associated with the IP Group (see ''Configuring Proxy Sets'' on page 338).
Page 351: Sip Definitions
You can also configure it through ini file (Account) or CLI (configure voip > sip-definition account).  To configure an Account: Open the Accounts table (Setup menu > Signaling & Media tab > SIP Definitions folder > Accounts). Version 7.2 Mediant 4000 SBC...
Page 352 Mediant 4000 SBC Click New; the following dialog box appears: Figure 18-1: Accounts Table - Add Dialog Box Configure an account according to the parameters described in the table below. Click Apply. Once you have configured Accounts, you can register or un-register them, as described below: ...
Page 353 Defines the digest MD5 Authentication username. user-name The valid value is a string of up to 50 characters. [Account_Username] Password Defines the digest MD5 Authentication password. password The valid value is a string of up to 50 characters. Version 7.2 Mediant 4000 SBC...
Page 354: Regular Registration Mode
Mediant 4000 SBC Parameter Description [Account_Password] 18.1.1 Regular Registration Mode When you configure the registration mode in the Accounts table to Regular, the device sends REGISTER requests to the Serving IP Group. The host name (in the SIP From/To headers) and contact user (user in From/To and Contact headers) are taken from the configured Accounts table upon successful registration.
Page 355: Configuring Proxy And Registration Parameters
To configure the Proxy and registration parameters: Open the Proxy & Registration page (Setup menu > Signaling & Media tab > SIP Definitions folder > Proxy & Registration). Configure the parameters as required. Click Apply. Version 7.2 Mediant 4000 SBC...
Page 356: Sip Message Authentication Example
REGISTER request is created. Since the algorithm is MD5: • The username is equal to the endpoint phone number "122". • The realm return by the proxy is "audiocodes.com". • The password from the ini file is "AudioCodes". User's Manual Document #: LTRT-41729...
Page 357 User's Manual 18. SIP Definitions • The equation to be evaluated is "122:audiocodes.com:AudioCodes". According to the RFC, this part is called A1. • The MD5 algorithm is run on this equation and stored for future usage. • The result is "a8f17d4b41ab8dab6c95d3c14e34a9e1".
Page 358: Configuring Sip Message Manipulation
Mediant 4000 SBC 18.3 Configuring SIP Message Manipulation The Message Manipulations table lets you configure up to 625 Message Manipulation rules. A Message Manipulation rule defines a manipulation sequence for SIP messages. SIP message manipulation enables the normalization of SIP messaging fields between communicating network segments.
Page 359 Current Condition). For more information, see the description of the 'Row Rule' parameter in this section. Figure 18-2: Configuration Example of Message Manipulation Rules using Same Condition The figure below illustrates a SIP message manipulation example: Figure 18-3: SIP Header Manipulation Example Version 7.2 Mediant 4000 SBC...
Page 360 Mediant 4000 SBC Note: • For a detailed description of the syntax used for configuring Message Manipulation rules, refer to the SIP Message Manipulations Quick Reference Guide. • Inbound message manipulation is done only after the Classification, inbound/outbound number manipulations, and routing processes.
Page 361 Index 3. A configuration example is shown in the beginning of this section. The option allows you to use the same condition for multiple manipulation rules. Note:  When configured to Use Previous Condition, the 'Message Version 7.2 Mediant 4000 SBC...
Page 362 Mediant 4000 SBC Parameter Description Type' and 'Condition' parameters are not applicable and if configured are ignored.  When multiple manipulation rules apply to the same header, the next rule applies to the resultant string of the previous rule. Match Message Type Defines the SIP message type that you want to manipulate.
Page 363: Configuring Sip Message Policy Rules
IP Group (see ''Configuring SIP Interfaces'' on page 319). The following procedure describes how to configure Message Policy rules through the Web interface. You can also configure it through ini file (MessagePolicy) or CLI (configure voip > message message-policy). Version 7.2 Mediant 4000 SBC...
Page 364 Mediant 4000 SBC  To configure SIP Message Policy rules: Open the Message Policies table (Setup menu > Signaling & Media tab > Message Manipulation folder > Message Policies). Click New; the following dialog box appears: Figure 18-6: Message Policies Table - Add Dialog Box Configure a Message Policy rule according to the parameters described in the table below.
Page 365 The values of the parameter are case-sensitive. Body List Type Defines the policy (blacklist or whitelist) for the SIP body specified in the 'Body List' parameter (above). body-list-type  [0] Policy Blacklist =The specified SIP body is [MessagePolicy_BodyListType] Version 7.2 Mediant 4000 SBC...
Page 366: Configuring Call Setup Rules
Mediant 4000 SBC Parameter Description rejected.  [1] Policy Whitelist = (Default) Only the specified SIP body is allowed; the others are rejected. Malicious Signature Malicious Signature Database Enables the use of the Malicious Signature database (signature-based detection). signature-db-enable ...
Page 367 You can also configure it through ini file (CallSetupRules) or CLI (configure voip > message call-setup-rules).  To configure a Call Setup rule: Open the Call Setup Rules table (Setup menu > Signaling & Media tab > SIP Definitions folder > Call Setup Rules). Version 7.2 Mediant 4000 SBC...
Page 368 Mediant 4000 SBC Click New; the following dialog box appears: Figure 18-7: Call Setup Rules Table - Add Dialog Box Configure a Call Setup rule according to the parameters described in the table below. Click Apply, and then save your settings to flash memory.
Page 369 Defines the condition that must exist for the device to perform the action. condition The valid value is a string of up to 200 characters (case- [CallSetupRules_Condition] insensitive). Regular Expression (regex) can also be used. Examples: Version 7.2 Mediant 4000 SBC...
Page 370 Mediant 4000 SBC Parameter Description  LDAP:  ldap.attr.mobile exists (if Attribute "mobile" exists in AD)  param.call.dst.user == ldap.attr.msRTCSIP-PrivateLine (if called number is the same as the number in the Attribute "msRTCSIP-PrivateLine")  ldap.found !exists (if LDAP record not found) ...
Page 371: Call Setup Rule Examples
"displayName" and uses this as the calling name in the incoming call. • Call Setup Rules table configuration: ♦ 'Rules Set ID': 2 ♦ 'Query Type': LDAP ♦ 'Query Target': LDAP-DC-CORP ♦ 'Search Key': ‘telephoneNumber=’ + param.call.src.user ♦ 'Attributes to Get': displayName Version 7.2 Mediant 4000 SBC...
Page 372 Mediant 4000 SBC ♦ 'Row Role': Use Current Condition ♦ 'Condition': ldap.attr. displayName exists ♦ 'Action Subject': param.call.src.name ♦ 'Action Type': Modify ♦ 'Action Value': ldap.attr. displayName • Routing table configuration: A single routing rule is assigned the Call Setup Rule Set ID.
Page 373 IP Groups table: 'Call Setup Rules Set ID': 4 • IP-to-IP Routing table: ♦ Index 1: 'Destination Tag': dep-sales 'Destination IP Group': SALES ♦ Index 2: 'Destination Tag': dep-mkt 'Destination IP Group': MKT ♦ Index 3: 'Destination Tag': dep-rd 'Destination IP Group': RD Version 7.2 Mediant 4000 SBC...
Page 374 Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-41729...
Page 375: Coders And Profiles
IpProfile_SBCAllowedCodersMode parameter to Restriction or Restriction and Preference). The following procedure describes how to configure the Coder Groups table through the Web interface. You can also configure it through ini file (AudioCodersGroups and AudioCoders) or CLI (configure voip > coders-and-profiles audio-coders-groups). Version 7.2 Mediant 4000 SBC...
Page 376 For supported audio coders, see ''Supported Audio Coders'' on page 378. • Some coders are license-dependent and are available only if purchased from AudioCodes and included in the License Key installed on your device. For more information, contact your AudioCodes sales representative. •...
Page 377  [0] 0 = Bandwidth Efficient  [1] 1 = Octet Aligned (default) Note: The AMR payload type can be configured globally using the AmrOctetAlignedEnable parameter. However, the Coder Group configuration overrides the global parameter. Version 7.2 Mediant 4000 SBC...
Page 378: Supported Audio Coders
Mediant 4000 SBC 19.1.1 Supported Audio Coders The table below lists the coders supported by the device. Table 19-2: Supported Audio Coders Coder Name Packetization Time Rate (kbps) Payload Silence (msec) Type Suppression [1] 10, [2] 20, [3] 30, [4] 40,...
Page 379: Configuring Various Codec Attributes
Open the Coder Settings page (Setup menu > Signaling & Media tab > Coders & Profiles folder > Coder Settings). Configure the following parameters: • AMR coder: ♦ 'AMR Payload Format' (AmrOctetAlignedEnable): Defines the AMR payload format type: Version 7.2 Mediant 4000 SBC...
Page 380: Configuring Allowed Audio Coder Groups
Mediant 4000 SBC • SILK coder (Skype's default audio codec): ♦ 'Silk Tx Inband FEC': Enables forward error correction (FEC) for the SILK coder. ♦ 'Silk Max Average Bit Rate': Defines the maximum average bit rate for the SILK coder.
Page 381 Configure a name for the Allowed Audio Coders Group according to the parameters described in the table below. Click Apply. Select the new row that you configured, and then click the Allowed Audio Coders link located below the table; the Allowed Audio Coders table opens. Version 7.2 Mediant 4000 SBC...
Page 382 Mediant 4000 SBC Click New; the following dialog box appears: Figure 19-5: Allowed Audio Coders Table - Add Dialog Box Configure coders for the Allowed Audio Coders Group according to the parameters described in the table below. Click Apply. Table 19-3: Allowed Audio Coders Groups and Allowed Audio Coders Tables Parameter...
Page 383: Configuring Allowed Video Coder Groups
Configure a name for the Allowed Video Coders Group according to the parameters described in the table below. Click Apply. Select the new row that you configured, and then click the Allowed Video Coders link located below the table; the Allowed Video Coders table opens. Version 7.2 Mediant 4000 SBC...
Page 384: Configuring Ip Profiles
Mediant 4000 SBC Click New; the following dialog box appears: Figure 19-7: Allowed Video Coders Table - Add Dialog Box Configure coders for the Allowed Video Coders Group according to the parameters described in the table below. Click Apply. Table 19-4: Allowed Video Coders Groups and Allowed Video Coders Tables Parameter...
Page 385 Click New; the following dialog box appears: Figure 19-8: IP Profiles Table - Add Dialog Box Configure an IP Profile according to the parameters described in the table below. Click Apply. Table 19-5: IP Profiles Table Parameter Descriptions Parameter Description General Version 7.2 Mediant 4000 SBC...
Page 386 Mediant 4000 SBC Parameter Description Index Defines an index number for the new table row. [IpProfile_Index] Note: Each row must be configured with a unique index. Name Defines an arbitrary name to easily identify the row. profile-name The valid value is a string of up to 40 characters.
Page 387 RTP. Therefore, RTCP and RTP should be multiplexed over the same port.  The device does not support forwarding of DTLS transparently between endpoints (SIP entities).  As DTLS has been defined by the WebRTC standard as mandatory Version 7.2 Mediant 4000 SBC...
Page 388 Mediant 4000 SBC Parameter Description for encrypting media channels for SRTP key exchange, the support is important for deployments implementing WebRTC. For more information on WebRTC, see WebRTC on page 514. Reset SRTP Upon Re-key Enables synchronization of the SRTP state between the device and a server when a new SRTP key is generated upon a SIP session expire.
Page 389 SDP answers (with different To-header tags). In this case, the SBCRemoteMultipleAnswersMode parameter is ignored. Note: If the parameter and the SBCRemoteMultipleAnswersMode parameter are disabled, multiple SDP answers are not reflected to the Version 7.2 Mediant 4000 SBC...
Page 390 Mediant 4000 SBC Parameter Description SIP entity (i.e., the device sends the same SDP answer in multiple 18x and 200 responses). Remote Multiple Answers Enables interworking multiple SDP answers within the same SIP Mode dialog (non-standard). The parameter enables the device to forward multiple answers to the SIP entity associated with the IP Profile.
Page 391 Allowed Audio Coders Group or Allowed Video Coders Group. The coders in the original SDP offer are listed after the Allowed coders.  [2] Restriction and Preference = Performs both Restriction and Version 7.2 Mediant 4000 SBC...
Page 392 Mediant 4000 SBC Parameter Description Preference. Note:  The parameter is applicable only if Allowed coders are assigned to the IP Profile (see the 'Allowed Audio Coders' or 'Allowed Video Coders' parameters).  For more information on the Allowed Coders feature, see Restricting Coders on page 428.
Page 393 RTP redundancy SDP offer/answer negotiation, the device uses or discards the RTP redundancy packets. The parameter enables asymmetric RTP redundancy, whereby the device can transmit and receive RTP redundancy packets to and from a specific SIP entity, Version 7.2 Mediant 4000 SBC...
Page 394 Mediant 4000 SBC Parameter Description while transmitting and receiving regular RTP packets (no redundancy) for the other SIP entity involved in the voice path. The device can identify the RTP redundancy payload type in the SDP for indicating that the RTP packet stream includes redundant packets.
Page 395  This functionality may require DSP resources. For more information, contact your AudioCodes sales representative. ICE Mode Enables Interactive Connectivity Establishment (ICE) Lite for the SIP entity associated with the IP Profile. ICE is a methodology for NAT...
Page 396 Mediant 4000 SBC Parameter Description sbc-rtcp-mux local port, between SIP entities. The parameter enables multiplexing of RTP and RTCP traffic onto a single local port, for the SIP entity [IPProfile_SBCRTCPMux] associated with the IP Profile. Multiplexing of RTP data packets and RTCP packets onto a single local UDP port is done for each RTP session (according to RFC 5761).
Page 397 Defines the Dynamic Jitter Buffer frame error/delay optimization factor. Optimization Factor The valid range is 0 to 12. The default factor is 10. jitter-buffer-optimization- For more information on Jitter Buffer, see Configuring the Dynamic factor Jitter Buffer on page 184. Version 7.2 Mediant 4000 SBC...
Page 398 Mediant 4000 SBC Parameter Description [IpProfile_JitterBufOptFactor Note:  For data (fax and modem) calls, set the parameter to 12.  The corresponding global parameter is DJBufOptFactor. Silence Suppression Enables the Silence Suppression feature. When enabled, the device, upon detection of silence period during a call does not send packets, thereby conserving bandwidth during the VoIP call.
Page 399 If the session is not refreshed on time, the device disconnects the call.  [2] Not Supported = The device does not allow a session timer with this SIP entity. Version 7.2 Mediant 4000 SBC...
Page 400 Mediant 4000 SBC Parameter Description  [3] Supported = The device enables the session timer with this SIP entity. If the incoming SIP message does not include any session timers, the device adds the session timer information to the sent message.
Page 401 SUBSCRIBE and REFER messages. Keep User-Agent Header Enables interworking SIP User-Agent headers between SIP entities. The parameter defines the device's handling of User-Agent headers sbc-keep-user-agent for response/request messages sent to the SIP entity associated with [IpProfile_SBCKeepUserAge Version 7.2 Mediant 4000 SBC...
Page 402 Mediant 4000 SBC Parameter Description ntHeader] the IP Profile.  [-1] According to Operation Mode = (Default) Depends on the setting of the 'Operation Mode' parameter in the IP Group or SRDs table:  B2BUA: Device operates as if this parameter is set to Disable [0].
Page 403 [1] Database URL = Changes the Refer-To header so that the re- routed INVITE is sent through the SBC: Before forwarding the REFER request, the device changes the host part to the device's IP address and adds a special prefix Version 7.2 Mediant 4000 SBC...
Page 404 Mediant 4000 SBC Parameter Description ("T~&R_") to the Contact user part. The incoming INVITE is identified as a REFER-resultant INVITE according to this special prefix. The device replaces the host part in the Request-URI with the host from the REFER contact. The special prefix remains in the user part for regular classification, manipulation, and routing.
Page 405 FEU. The FEU then sends a new INVITE to the device, which the device then sends to the correct destination.  [2] Handle Locally = The device handles SIP 3xx responses on behalf of the dialog-initiating UA and retries the request (e.g., Version 7.2 Mediant 4000 SBC...
Page 406 Mediant 4000 SBC Parameter Description INVITE) using one or more alternative URIs included in the 3xx response. The device sends the new request to the alternative destination according to the IP-to-IP Routing table (the 'Call Trigger' field must be set to 3xx).
Page 407 Coder Group. Note: The parameter is applicable only if you set the IpProfile_SBCFaxBehavior parameter to a value other than [0]. Remote Renegotiate on Fax Enables local handling of fax detection and negotiation by the device Version 7.2 Mediant 4000 SBC...
Page 408 Mediant 4000 SBC Parameter Description Detection on behalf of the SIP entity associated with the IP Profile. This applies to faxes sent immediately upon the establishment of a voice channel sbc-rmt-renegotiate-on-fax- (i.e., after 200 OK). detect The device attempts to detect the fax (CNG tone) from the originating...
Page 409 The parameter is applicable only when the device offers an SDP.  The IP addressing version is determined according to the first SDP "m=" field.  The feature is applicable to any type of media (e.g., audio and Version 7.2 Mediant 4000 SBC...
Page 410 [2] 2 to [7]7 = Optional Parameter Suites that you can create based on any language (16 sensitivity levels, from 0 to 15). This requires a customized AMD Sensitivity file that needs to be installed on the device. For more information, contact your AudioCodes sales representative. Note: ...
Page 411 AMD Max Post Silence Defines the maximum duration of silence from after the greeting time Greeting Time is over (configured by AMDMaxGreetingTime) until the device's AMD decision. amd-max-post-silence- greeting-time Note: The corresponding global parameter is AMDMaxPostGreetingSilenceTime. [IpProfile_AMDMaxPostSilen ceGreetingTime] Version 7.2 Mediant 4000 SBC...
Page 412 Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-41729...
Page 413: Session Border Controller Application
Part V Session Border Controller Application...
Page 415: Sbc Overview
For example, IP addresses of ITSPs' equipment (e.g. proxies, gateways, and application servers) can be hidden from outside parties. The device's topology hiding is provided by implementing back-to-back user agent (B2BUA) leg routing: Version 7.2 Mediant 4000 SBC...
Page 416: B2Bua And Stateful Proxy Operating Modes
Mediant 4000 SBC • Strips all incoming SIP Via header fields and creates a new Via value for the outgoing message. • Each leg has its own Route/Record Route set. • User-defined manipulation of SIP To, From, and Request-URI host names.
Page 417 Some SIP functionalities are achieved by conveying the SIP call identifiers either in SIP specific headers (e.g., Replaces) or in the message bodies (e.g. Dialog Info in an XML body). Version 7.2 Mediant 4000 SBC...
Page 418 Mediant 4000 SBC  In some setups, the SIP client authenticates using a hash that is performed on one or more of the headers that B2BUA changes (removes). Therefore, implementing B2BUA would cause authentication to fail.  For facilitating debugging procedures, some administrators require that the value in the Call-ID header remains unchanged between the inbound and outbound SBC legs.
Page 419: Call Processing Of Sip Dialog Requests
The device obtains the source and destination URLs from certain SIP headers. Once the URLs are determined, the user and host parts of the URLs can be used as matching rule characteristics for classification, message manipulation, and call routing. Version 7.2 Mediant 4000 SBC...
Page 420 Mediant 4000 SBC • All SIP requests (e.g., INVITE) except REGISTER: ♦ Source URL: Obtained from the From header. If the From header contains the value 'Anonymous', the source URL is obtained from the P-Preferred- Identity header. If the P-Preferred-Identity header does not exist, the source URL is obtained from the P-Asserted-Identity header.
Page 421: User Registration
You can configure Call Admission Control (CAC) rules for incoming and outgoing REGISTER messages. For example, you can limit REGISTER requests from a specific IP Group or SRD. Note that this applies only to concurrent REGISTER dialogs and not concurrent registrations in the device's registration database. Version 7.2 Mediant 4000 SBC...
Page 422: Classification And Routing Of Registered Users
Mediant 4000 SBC The device provides a dynamic registration database that it updates according to registration requests traversing it. Each database entry for a user represents a binding between an AOR (obtained from the SIP To header), optional additional AORs, and one or more contacts (obtained from the SIP Contact headers).
Page 423: General Registration Request Processing
If you configure this grace period, the device keeps the user in the database (and does not send an un-register to the registrar server), allowing the user to send a "late" re-registration to the device. The device removes the Version 7.2 Mediant 4000 SBC...
Page 424: Registration Restriction Control
Mediant 4000 SBC user from the database only when this additional time expires.  The graceful period is also used before removing a user from the registration database when the device receives a successful unregister response (200 OK) from the registrar/proxy server. This is useful in scenarios, for example, in which users (SIP user agents) such as IP Phones erroneously send unregister requests.
Page 425: Media Anchoring
SDP:  Origin: IP address, session and version id  Session connection attribute ('c=' field)  Media connection attribute ('c=' field)  Media port number  RTCP media attribute IP address and port Version 7.2 Mediant 4000 SBC...
Page 426: Direct Media
Mediant 4000 SBC The device uses different local ports (e.g., for RTP, RTCP and fax) for each leg (inbound and outbound). The local ports are allocated from the Media Realm associated with each leg. The Media Realm assigned to the leg's IP Group (in the IP Groups table) is used. If not assigned to the IP Group, the Media Realm assigned to the leg's SIP Interface (in the SIP Interfaces table) is used.
Page 427 Microsoft Server (direct media is required in the Skype for Business environment). For more information, see ''Configuring IP Groups'' on page 326. IP Groups of the endpoints use the same SIP Interface and the SIP Interface's 'SBC Version 7.2 Mediant 4000 SBC...
Page 428: Restricting Audio Coders
Mediant 4000 SBC Direct Media' parameter is set to Enable (SIPInterface_SBCDirectMedia = 1). IP Groups of the endpoints use the same SIP Interface and the SIP Interface's 'SBC Direct Media' parameter Enable When Single (SIPInterface_SBCDirectMedia = 2), and the endpoints are located behind the same NAT.
Page 429: Coder Transcoding
Since this coder was not included in the original incoming SDP offer from the LAN IP phone, the device performs G.729-G.711 transcoding between the inbound and outbound legs. Figure 20-5: Transcoding using Extended Coders (Example) Version 7.2 Mediant 4000 SBC...
Page 430 Mediant 4000 SBC Note: • If you assign a SIP entity an Allowed Audio Coders Group for coder restriction (allowed coders) and a Coders Group for extension coders, the allowed coders take precedence over the extension coders. In other words, if an extension coder is not listed as an allowed coder, the device does not add the extension coder to the SDP offer.
Page 431 In the IP Profiles table, configure the IP Profile associated with the SIP entity: Assign the Coders Group to the IP Profile, using the 'Extension Coders Group' parameter (SBCExtensionCodersGroupName). Enable extension coders by configuring the 'Allowed Coders Mode' parameter to Restriction or Restriction and Preference. Version 7.2 Mediant 4000 SBC...
Page 432: Transcoding Mode
Mediant 4000 SBC Note: • To implement transcoding, you must configure the number of required DSP channels for transcoding (for example, MediaChannels = 120). Each transcoding session uses two DSP resources. • The transcoding mode can be configured globally, using the TranscodingMode parameter or for specific calls, using the IP Profiles table.
Page 433: Srtp-Rtp And Srtp-Srtp Transcoding
(negotiate) BFCP streams between clients. The BFCP stream is identified in the SDP as 'm=application <port> UDP/BFCP' and a dedicated UDP port is used for the BFCP streams. Version 7.2 Mediant 4000 SBC...
Page 434: Interworking Miscellaneous Media Handling
Mediant 4000 SBC 20.5.9 Interworking Miscellaneous Media Handling This section describes various interworking features relating to media handling. 20.5.9.1 Interworking DTMF Methods The device supports interworking between various DTMF methods such as RFC 2833, In- Band DTMF’s, and SIP INFO (Cisco\Nortel\Korea). By default, the device allows the remote user agents to negotiate (in case of RFC 2833) and passes DTMF without intervention.
Page 435: Interworking Crypto Lifetime Field
(i.e., after 200 OK) and within a user-defined interval. If detected, it can then handle the subsequent fax renegotiation by sending re-INVITE messages to both SIP entities (originating and terminating faxes). For more information, see the parameter in ''Configuring IP Profiles'' on page 384. Version 7.2 Mediant 4000 SBC...
Page 436: Limiting Sbc Call Duration
Mediant 4000 SBC Note: The voice-related coder configuration (Allowed and Extension coders) is independent of the fax-related coder configuration, with the exception of the G.711 coder. If the G.711 coder is restricted by the Allowed Audio Coders Groups table, it is not used for fax processing even if it is listed in the Coder Groups table for faxes.
Page 437: User Authentication Based On Radius
The device supports interworking of SIP signaling messages to ensure interoperability between communicating SIP UAs or entities. This is critical in network environments where the UAs on opposing SBC legs have different SIP signaling support. For example, some Version 7.2 Mediant 4000 SBC...
Page 438: Interworking Sip 3Xx Redirect Responses
Mediant 4000 SBC UAs may support different versions of a SIP method while others may not event support a specific SIP method. The configuration method for assigning specific SIP message handling modes to UAs, includes configuring an IP Profile with the required interworking mode, and then assigning the IP Profile to the relevant IP Group.
Page 439: Local Handling Of Sip 3Xx
Routing table rules. (where the 'Call Trigger' field is set to 3xx). It is also possible to specify the IP Group that sent the 3xx request as matching criteria for the re-routing rule in this table ('ReRoute IP Group ID' field). Version 7.2 Mediant 4000 SBC...
Page 440: Interworking Sip Diversion And History-Info Headers
Mediant 4000 SBC 20.9.2 Interworking SIP Diversion and History-Info Headers This device can be configured to interwork between the SIP Diversion and History-Info headers. This is important, for example, to networks that support the Diversion header but not the History-Info header, or vice versa. Therefore, mapping between these headers is crucial for preserving the information in the SIP dialog regarding how and why (e.g., call...
Page 441: Interworking Sip Prack Messages
20.9.6 Interworking SIP Early Media The device supports early media. Early media is when the media flow starts before the SIP call is established (i.e., before the 200 OK response). This occurs when the first SDP offer- Version 7.2 Mediant 4000 SBC...
Page 442 Mediant 4000 SBC answer transaction completes. The offer-answer options can be included in the following SIP messages:  Offer in first INVITE, answer on 180, and no or same answer in the 200 OK  Offer in first INVITE, answer on 180, and a different answer in the 200 OK (not standard) ...
Page 443 Media RTP Detection Mode', 'SBC Remote Supports RFC 3960', and 'SBC Remote Can Play Ringback'. See the flowcharts below for the device's handling of such scenarios: Figure 20-8: SBC Early Media RTP 18x without SDP Version 7.2 Mediant 4000 SBC...
Page 444: Interworking Sip Re-Invite Messages
Mediant 4000 SBC Figure 20-9: Early Media RTP - SIP 18x with SDP 20.9.7 Interworking SIP re-INVITE Messages The device supports interworking of SIP re-INVITE messages. This enables communication between endpoints that generate re-INVITE requests and those that do not support the receipt of re-INVITEs.
Page 445: Interworking Sip Re-Invite To Update
Interworking generation of held tone where the device generates the tone to the held party instead of the call hold initiator. This is configured by the IP Profile parameter, 'SBC Reliable Held Tone Source'. To configure IP Profiles, see ''Configuring IP Profiles'' on page 384. Version 7.2 Mediant 4000 SBC...
Page 446: Interworking Sip Via Headers
Mediant 4000 SBC 20.9.12 Interworking SIP Via Headers The device supports the interworking of SIP Via headers between SIP entities. For the outgoing message sent to a SIP entity, the device can remove or retain all the Via headers received in the incoming SIP request from the other side. Employing IP Profiles, you can configure this interworking feature per SIP entity, using the IpProfile_SBCKeepVIAHeaders parameter (see ''Configuring IP Profiles'' on page 384).
Page 447: Enabling The Sbc Application
Open the Applications Enabling page (Setup menu > Signaling & Media tab > Core Entities folder > Applications Enabling). From the 'SBC Application' drop-down list, select Enable: Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Version 7.2 Mediant 4000 SBC...
Page 448 Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-41729...
Page 449: Configuring General Sbc Settings
XML body. Below is an example of an XML body where the call-id, tags, and URIs have been replaced by the device: <?xml version="1.0"?> <dialog-info xmlns="urn:ietf:params:xml:ns:dialog-info" version="10" state="partial" entity="sip:alice@example.com"> <dialog id="zxcvbnm3" call-id="67402270@10.132.10.150" local-tag="1c137249965" Version 7.2 Mediant 4000 SBC...
Page 450 Mediant 4000 SBC remote-tag="CCDORRTDRKIKWFVBRWYM" direction="initiator"> <state event="replaced">terminated</state> </dialog> <dialog id="sfhjsjk12" call-id="67402270@10.132.10.150" local-tag="1c137249965" remote-tag="CCDORRTDRKIKWFVBRWYM" direction="receiver"> <state reason="replaced">confirmed</state> <replaces call-id="67402270@10.132.10.150" local-tag="1c137249965" remote-tag="CCDORRTDRKIKWFVBRWYM"/> <referred-by> sip:bob-is-not-here@vm.example.net </referred-by> <local> <identity display="Jason Forster"> sip:jforsters@home.net </identity> <target uri="sip:alice@pc33.example.com"> <param pname="+sip.rendering" pval="yes"/> </target> </local> <remote> <identity display="Cathy Jones">...
Page 451: Configuring Admission Control
(e.g., of 200). Requests that reach the user-defined call limit (maximum concurrent calls and/or call rate) are sent to an alternative route if configured in the IP-to-IP Routing table. If no alternative Version 7.2 Mediant 4000 SBC...
Page 452 Mediant 4000 SBC routing rule exists, the device rejects the SIP request with a SIP 480 "Temporarily Unavailable" response. Note: The device applies the CAC rule for the incoming leg immediately after the Classification process. If the call/request is rejected at this stage, no routing is performed.
Page 453 'Reserved Capacity' parameter at its' default (i.e., 0).  Reserved call capacity is applicable only to INVITE and SUBSCRIBE messages.  Reserved call capacity must be less than the maximum capacity (limit) configured for the CAC rule (see the 'Limit' parameter below). Version 7.2 Mediant 4000 SBC...
Page 454 Mediant 4000 SBC Parameter Description  The total reserved call capacity configured for all CAC rules must be within the device's total call capacity support. Limit Defines the maximum number of concurrent SIP dialogs per IP Group, SIP Interface or SRD. You can also use the following special...
Page 455: Routing Sbc
 To configure the action for unclassified calls: Open the SBC General Settings (Setup menu > Signaling & Media tab > SBC folder > SBC General Settings). Version 7.2 Mediant 4000 SBC...
Page 456 Mediant 4000 SBC From the 'Unclassified Calls' drop-down list, select Reject to reject unclassified calls or Allow to accept unclassified calls: Figure 24-1: Configuring Action for Classification Failure Click Apply. If you configure the parameter to Allow, the incoming SIP dialog is assigned to an IP Group as follows: The device determines on which SIP listening port (e.g., 5061) the incoming SIP...
Page 457 Proxy Set feature). • The device saves incoming SIP REGISTER messages in its registration database. If the REGISTER message is received from a User-type IP Group, the device sends the message to the configured destination. Version 7.2 Mediant 4000 SBC...
Page 458 Mediant 4000 SBC The flowchart below illustrates the classification process: Figure 24-2: Classification Process (Identifying IP Group or Rejecting Call) The following procedure describes how to configure Classification rules through the Web interface. You can also configure it through ini file (Classification) or CLI (configure voip >...
Page 459 SIP dialog. src-sip-interface-name The default is Any (i.e., all SIP Interfaces belonging to the SRD [Classification_SrcSIPInterfac assigned to the rule). eName] Note: The SIP Interface must belong to the SRD assigned to the rule Version 7.2 Mediant 4000 SBC...
Page 460 Mediant 4000 SBC Parameter Description (see the 'SRD' parameter in the table). Source IP Address Defines a source IP address as a matching characteristic for the incoming SIP dialog. src-ip-address The valid value is an IP address in dotted-decimal notation. In...
Page 461 Assigns an IP Profile to the matched incoming SIP dialog. ip-profile-id The assigned IP Profile overrides the IP Profile assigned to the IP Group (in the IP Groups table) to which the SIP dialog is classified. Version 7.2 Mediant 4000 SBC...
Page 462: Classification Based On Uri Of Selected Header Example
Mediant 4000 SBC Parameter Description [Classification_IpProfileName] Therefore, assigning an IP Profile during classification allows you to assign different IP Profiles to specific users (calls) that belong to the same IP Group (User or Server type). For example, you can configure two Classification rules to classify incoming calls to the same IP Group.
Page 463: Configuring Message Condition Rules
Web interface. You can also configure it through ini file (ConditionTable) or CLI (configure voip > sbc routing condition-table).  To configure a Message Condition rule: Open the Message Conditions table (Setup menu > Signaling & Media tab > Message Manipulation folder > Message Conditions). Version 7.2 Mediant 4000 SBC...
Page 464: Configuring Sbc Ip-To-Ip Routing
Mediant 4000 SBC Click New; the following dialog box appears: Figure 24-4: Message Conditions Table - Add Dialog Box Configure a Message Condition rule according to the parameters described in the table below. Click Apply. An example of configured Message Condition rules is shown in the figure below: Figure 24-5: Example of Configured SIP Message Conditions ...
Page 465 Third-party routing server, which determines the destination (next hop) of the call (IP Group). The IP Group represents the next device in the routing path to the final destination. For more information, see ''Centralized Third-Party Routing Server'' on page 263. Version 7.2 Mediant 4000 SBC...
Page 466 Mediant 4000 SBC Figure 24-6: IP-to-IP Routing Destination Types To configure and apply an IP-to-IP Routing rule, the rule must be associated with a Routing Policy. The Routing Policy associates the routing rule with an SRD(s). Therefore, the Routing Policy lets you configure routing rules for calls belonging to specific SRD(s).
Page 467 For more information on tags, see ''Configuring Dial Plans'' on Version 7.2 Mediant 4000 SBC...
Page 468 Mediant 4000 SBC page 495. Note: Call forking is not applicable to LDAP-based IP-to-IP routing rules. The following procedure describes how to configure IP-to-IP routing rules through the Web interface. You can also configure it through ini file (IP2IPRouting) or CLI (configure voip >...
Page 469 Forking routing rule, or below an alternative routing rule for the main rule, if configured.  For IP-to-IP alternative routing, configure alternative routing reasons upon receipt of 4xx, 5xx, and 6xx SIP Version 7.2 Mediant 4000 SBC...
Page 470 Mediant 4000 SBC Parameter Description responses (see ''Configuring SIP Response Codes for Alternative Routing Reasons'' on page 476). However, if no response, ICMP, or a SIP 408 response is received, the device attempts to use the alternative route even if no entries are configured in the Alternative Routing Reasons table.
Page 471 Message Condition Rules'' on page 463. Call Trigger Defines the reason (i.e., trigger) for re-routing (i.e., alternative routing) the SIP request: trigger  [0] Any = (Default) This routing rule is used for all [IP2IPRouting_Trigger] scenarios (re-routes and non-re-routes). Version 7.2 Mediant 4000 SBC...
Page 472 Mediant 4000 SBC Parameter Description  [1] 3xx = Re-routes the request if it was triggered as a result of a SIP 3xx response.  [2] REFER = Re-routes the INVITE if it was triggered as a result of a REFER request.
Page 473 Proxy Set that is associated with the IP Group.  User-type IP Group: The device checks if the SIP dialog is from a registered user, by searching for a match between the Request-URI of the received SIP dialog Version 7.2 Mediant 4000 SBC...
Page 474 Mediant 4000 SBC Parameter Description and an AOR registration record in the device's database. If found, the device sends the SIP dialog to the IP address specified in the database for the registered contact. By default, no value is defined.
Page 475 To implement LCR and its Cost Groups, you must enable LCR for the Routing Policy assigned to the routing rule (see ''Configuring SBC Routing Policy Rules'' on page 478). If LCR is disabled, the device Version 7.2 Mediant 4000 SBC...
Page 476: Configuring Sip Response Codes For Alternative Routing Reasons
Mediant 4000 SBC Parameter Description ignores the parameter.  The Routing Policy also determines whether matched routing rules that are not assigned Cost Groups are considered as a higher or lower cost route compared to matching routing rules that are assigned Cost Groups.
Page 477 [4] 4xx; [5] 5xx; [6] 6xx; [400] Bad Request; [402] 402 Payment [SBCAlternativeRoutingReasons Required; [403] Forbidden; [404] Not Found; [405] Method Not _ReleaseCause] Allowed; [406] Not Acceptable; [408] Request Timeout (Default); Version 7.2 Mediant 4000 SBC...
Page 478: Configuring Sbc Routing Policy Rules
Mediant 4000 SBC Parameter Description [409] Conflict; [410] Gone; [413] Request Too Large; [414] Request URI Too Long; [415] Unsupported Media; [420] Bad Extension; [421] Extension Required; [423] Session Interval Too Small; [480] Unavailable; [481] Transaction Not Exist; [482] Loop Detected;...
Page 479 SRD is used. However, if a Routing Policy is configured in the Classification table, it overrides the Routing Policy assigned to the SRD. The regular manipulation (inbound and outbound) and routing processes are done according to the associated Routing Policy. Version 7.2 Mediant 4000 SBC...
Page 480 Mediant 4000 SBC Note: • The Classification table is used only if classification by registered user in the device's users registration database or by Proxy Set fails. • If the device receives incoming calls (e.g., INVITE) from users that have already...
Page 481 This is useful, for lcr-call-length example, when the average call duration spans over multiple time [SBCRoutingPolicy_LCRAverag bands. The LCR is calculated as follows: cost = call connect cost + eCallLength] (minute cost * average call duration). Version 7.2 Mediant 4000 SBC...
Page 482 Mediant 4000 SBC Parameter Description The valid value is 0-65533. The default is 1. For example, assume the following Cost Groups:  "Weekend A": call connection cost is 1 and charge per minute is 6. Therefore, a call of 1 minute cost 7 units.
Page 483: Sbc Manipulations
IP Groups respectively (if any, in the IP Groups table). Below is an example of a call flow and consequent SIP URI manipulations:  Incoming INVITE from LAN: INVITE sip:1000@10.2.2.3;user=phone;x=y;z=a SIP/2.0 Via: SIP/2.0/UDP 10.2.2.6;branch=z9hGLLLLLan From:<sip:7000@10.2.2.6;user=phone;x=y;z=a>;tag=OlLAN;paramer1 =abe To: <sip:1000@10.2.2.3;user=phone> Call-ID: USELLLAN@10.2.2.3 Version 7.2 Mediant 4000 SBC...
Page 484 Mediant 4000 SBC CSeq: 1 INVITE Contact: <sip:7000@10.2.2.3> Supported: em,100rel,timer,replaces Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK User-Agent: Sip Message Generator V1.0.0.5 Content-Type: application/sdp Content-Length: 155 o=SMG 791285 795617 IN IP4 10.2.2.6 s=Phone-Call c=IN IP4 10.2.2.6 t=0 0 m=audio 6000 RTP/AVP 8 a=rtpmap:8 pcma/8000 a=sendrecv a=ptime:20 ...
Page 485: Configuring Ip-To-Ip Inbound Manipulations
Routing Policy ("Default_SBCRoutingPolicy"), when only one Routing Policy is required, the device automatically assigns the default Routing Policy to the routing rule. If you are implementing LDAP-based routing (with or without Call Setup Rules) and/or Version 7.2 Mediant 4000 SBC...
Page 486 Mediant 4000 SBC Least Cost Routing (LCR), you need to configure these settings for the Routing Policy (regardless of the number of Routing Policies employed). For more information on Routing Policies, see ''Configuring SBC Routing Policy Rules'' on page 478.
Page 487  [2] REGISTER = Only REGISTER messages.  [3] SUBSCRIBE = Only SUBSCRIBE messages.  [4] INVITE and REGISTER = All SIP messages except SUBSCRIBE.  [5] INVITE and SUBSCRIBE = All SIP messages except Version 7.2 Mediant 4000 SBC...
Page 488 Mediant 4000 SBC Parameter Description REGISTER. Source IP Group Defines the IP Group from where the incoming INVITE is CLI: src-ip-group-name received. [IPInboundManipulation_SrcIpGr The default is Any (i.e., any IP Group). oupName] Source Username Prefix Defines the prefix of the source SIP URI user name (usually in CLI: src-user-name-prefix the From header).
Page 489: Configuring Ip-To-Ip Outbound Manipulations
IP Groups, respectively. The following procedure describes how to configure Outbound Manipulations rules through the Web interface. You can also configure it through ini file (IPOutboundManipulation) or CLI (configure voip > sbc manipulation ip-outbound-manipulation). Version 7.2 Mediant 4000 SBC...
Page 490 Mediant 4000 SBC  To configure Outbound Manipulation rules: Open the Outbound Manipulations table (Setup menu > Signaling & Media tab > SBC folder > Manipulation > Outbound Manipulations). Click New; the following dialog box appears: Figure 25-3: Outbound Manipulations Table- Add Dialog Box Configure an Outbound Manipulation rule according to the parameters described in the table below.
Page 491 Defines the prefix of the source SIP URI user name, typically used in the SIP From header. src-user-name-prefix The default value is the asterisk (*) symbol (i.e., any source [IPOutboundManipulation_SrcUsern username prefix). The prefix can be a single digit or a range of amePrefix] Version 7.2 Mediant 4000 SBC...
Page 492 Mediant 4000 SBC Parameter Description digits. For available notations, see ''Dialing Plan Notation for Routing and Manipulation'' on page 713. Note: If you need to manipulate calls of many different source URI user names, you can use tags (see 'Source Tags' parameter below) instead of this parameter.
Page 493 Prefix to Add Defines the number or string to add in the front of the manipulated item. For example, if you enter 'user' and the user prefix-to-add name is "john", the new user name is "userjohn". [IPOutboundManipulation_Prefix2Ad Version 7.2 Mediant 4000 SBC...
Page 494 Mediant 4000 SBC Parameter Description If you set the 'Manipulated Item' parameter to Source URI or Destination URI, you can configure the parameter to a string of up 49 characters. If you set the 'Manipulated Item' parameter to Calling Name, you can configure the parameter to a string of up 36 characters.
Page 495: Configuring Dial Plans
The Dial Plan itself is a set of dial plan rules having the following attributes:  Prefix: The prefix is matched against the source and/or destination number of the incoming SIP dialog-initiating request. Version 7.2 Mediant 4000 SBC...
Page 496 Mediant 4000 SBC  Tag: The tag corresponds to the matched prefix of the source and/or destination number and is the categorization result. You can use various syntax notations to configure the prefix numbers in dial plan rules. You can configure the prefix as a complete number (all digits) or as a partial number using some digits and various syntax notations (patterns) to allow the device to match a dial pan rule for similar source and/or destination numbers.
Page 497 Open the Dial Plan table (Setup menu > Signaling & Media tab > SBC folder > Dial Plan). Click New; the following dialog box appears: Figure 26-2: Dial Plan Table - Add Dialog Box Configure a Dial Plan name according to the parameters described in the table below. Click Apply. Version 7.2 Mediant 4000 SBC...
Page 498 Mediant 4000 SBC Table 26-2: Dial Plan Table Parameter Descriptions Parameter Description Index Defines an index number for the new table row. [DialPlans_Index] Note: Each row must be configured with a unique index. Name Defines an arbitrary name to easily identify the row.
Page 499: Importing And Exporting Dial Plans
Web client. The CLI lets you import and export Dial Plans from and to a remote server. The following procedures describe how to export configured Dial Plans.  To export all configured dial plan rules:  Web interface (to a local folder): Open the Dial Plan table. Version 7.2 Mediant 4000 SBC...
Page 500 Mediant 4000 SBC From the 'Action' drop-down menu, choose Export; the following dialog box appears: Figure 26-4: Exporting Dial Plan Select the Save File option, and then click OK; the file is saved to the default folder on your PC for downloading files.
Page 501 Web interface (from a local folder): Open the Dial Plan table. Select the required Dial Plan, and then click the Dial Plan Rule link; the Dial Plan Rule table opens, displaying all the rules of the selected Dial Plan. Version 7.2 Mediant 4000 SBC...
Page 502: Creating Dial Plan Files
Mediant 4000 SBC From the 'Action' drop-down menu, choose Import; the following dialog box appears: Figure 26-6: Importing Dial Plan Rules for Specific Dial Plan Use the Browse button to select the Dial Plan file on your PC, and then click OK.
Page 503: Using Dial Plan Tags For Ip-To-Ip Routing
Dial Plan in Step 1. The tags are assigned under the Match group, using the following parameters: • 'Source Tags' parameter (IP2IPRouting_SrcTags): tag denoting the calling user • 'Destination Tags' parameter (IP2IPRouting_DestTags): tag denoting the called user Version 7.2 Mediant 4000 SBC...
Page 504: Dial Plan Backward Compatibility
Mediant 4000 SBC 26.3.1 Dial Plan Backward Compatibility Note: This section is for backward compatibility only. It is recommended to migrate your Dial Plan configuration to the latest Dial Plan feature (see ''Using Dial Plan Tags for IP-to-IP Routing'' on page 503).
Page 505: Using Dial Plan Tags For Outbound Manipulation
Dial Plan in Step 1. The tags are assigned using the following parameters: • 'Source Tags' parameter (IPOutboundManipulation_SrcTags): tag denoting the calling users • 'Destination Tags' parameter (IPOutboundManipulation_DestTags): tag denoting the called users Version 7.2 Mediant 4000 SBC...
Page 506: Using Dial Plan Tags For Call Setup Rules
Mediant 4000 SBC 26.5 Using Dial Plan Tags for Call Setup Rules You can use Dial Plan tags in Call Setup rules, configured in the Call Setup Rules table (see Configuring Call Setup Rules on page 366). The Call Setup rule can be assigned to an IP Group and is processed by the device for the classified source IP Group immediately before the routing process (i.e., Classification >...
Page 507: Configuring Malicious Signatures
(i.e., IP Group). To configure Message Policies, see ''Configuring SIP Message Policy Rules''. The following procedure describes how to configure Malicious Signatures through the Web interface. You can also configure it through ini file (MaliciousSignatureDB) or CLI (configure voip > sbc malicious-signature-database). Version 7.2 Mediant 4000 SBC...
Page 508 Mediant 4000 SBC  To configure a Malicious Signature: Open the Malicious Signature table (Setup menu > Signaling & Media tab > SBC folder > Malicious Signature). Click New; the following dialog box appears: Figure 27-1: Malicious Signature Table - Add Dialog Box Configure a Malicious Signature according to the parameters described in the table below.
Page 509: Advanced Sbc Features
The device does not monitor emergency calls with regards to Quality of Experience (QoE).  To configure SBC emergency call preemption: In the Message Conditions table (see ''Configuring Message Condition Rules'' on page 463), configure a Message Condition rule to identify incoming emergency calls. See Version 7.2 Mediant 4000 SBC...
Page 510: Emergency Call Routing Using Ldap To Obtain Elin
Mediant 4000 SBC above for examples. Open the SBC General Settings page (Setup menu > Signaling & Media tab > SBC folder > SBC General Settings), and then scroll down to the Call Priority and Preemption group: Figure 28-2: Configuring Emergency SBC Call Preemption From the 'Preemption Mode' drop-down list (SBCPreemptionMode), select Enable to enable call preemption.
Page 511: Enabling Interworking Of Sip And Sip-I Endpoints
SIP-I is SIP encapsulated with ISUP and the interworking is between SIP signaling and ISUP signaling. This allows you to deploy the device in a SIP environment where part of the call path involves the PSTN. Version 7.2 Mediant 4000 SBC...
Page 512 Mediant 4000 SBC The SIP-I sends calls, originating from the SS7 network, to the SIP network by adding ISUP messaging in the SIP INVITE message body. The device can receive such a message from the SIP-I and remove the ISUP information before forwarding the call to the SIP endpoint.
Page 513 ''Configuring SIP Message Manipulation'' on page 358). For a complete description of the ISUP manipulation syntax, refer to the SIP Message Manipulation Reference Guide. In addition, you can use AudioCodes proprietary SIP header X-AC-Action in Message Manipulation rules to support the following call actions (e.g., SIP-I SUS and RES messages) for the ISUP SPIROU variant: ...
Page 514: Webrtc
Mediant 4000 SBC 28.4 WebRTC The device supports interworking of Web Real-Time Communication (WebRTC) and SIP- based VoIP communication. The device interworks WebRTC calls made from a Web browser (WebRTC client) and the SIP destination. The device provides the media interface to WebRTC.
Page 515 The WebRTC feature is a license-dependent feature and is available only if it is included in the License Key that is installed on the device. For ordering the feature, please contact your AudioCodes sales representative. • The maximum concurrent WebRTC sessions (signaling-over-secure WebSocket and media-over-DTLS) supported by the device is 1,000.
Page 516: Sip Over Websocket
Mediant 4000 SBC The WebRTC client uses a Web browser to visit the Web site page. The Web page receives Web page elements and JavaScript code for WebRTC from the Web hosting server. The JavaScript code runs locally on the Web browser.
Page 517 The SIP messages over WebSocket are indicated by the "ws" value, as shown in the example below of a SIP REGISTER request received from a client: REGISTER sip:10.132.10.144 SIP/2.0 Via: SIP/2.0/WS v6iqlt8lne5c.invalid;branch=z9hG4bK7785666 Max-Forwards: 69 To: <sip:101@10.132.10.144> From: "joe" <sip:101@10.132.10.144>;tag=ub50pqjgpr Call-ID: fhddgc3kc3hhu32h01fghl CSeq: 81 REGISTER Version 7.2 Mediant 4000 SBC...
Page 518: Configuring Webrtc
For the WebRTC deployment environment, you need to install a signed certificate by a Certificate Authority (CA) on you Web server machine (hosting the WebRTC JavaScript) and on your AudioCodes SBC device (i.e., WebSocket server). Note: • Google announced a security policy change that impacts new versions of the Chrome Web browser.
Page 519 From the 'TLS Context Name' drop-down list, assign the TLS Context that you configured in Step 1 (e.g., "WebRTC"). Figure 28-7: Configuring SIP Interface for WebRTC Clients Click Apply. Configure an IP Profile for the WebRTC clients: Version 7.2 Mediant 4000 SBC...
Page 520 Mediant 4000 SBC Open the IP Profiles table (see ''Configuring IP Profiles'' on page 384). Do the following: ♦ From the 'ICE Mode' drop-down list (IPProfile_SBCIceMode), select Lite to enable ICE. ♦ From the 'RTCP Mux' drop-down list (IPProfile_SBCRTCPMux), select Supported to enable RTCP multiplexing.
Page 521: Call Forking
("active" UA) and it forwards only subsequent requests and responses from this active UA to the INVITE-initiating UA. All requests/responses from the other UAs are handled by the device; SDP offers from these UAs are answered with an "inactive" media. Version 7.2 Mediant 4000 SBC...
Page 522: Configuring Call Forking-Based Ip-To-Ip Routing Rules
Mediant 4000 SBC The device supports two forking modes:  Latch On First: The device forwards only the first received 18x response to the INVITE-initiating UA and disregards subsequently received 18x forking responses (with or without SDP).  Sequential: The device forwards all 18x responses to the INVITE-initiating UA, sequentially (one after another).
Page 523: Configuring Broadsoft's Shared Phone Line Call Appearance For Survivability
600 is shared with secondary extensions 601 and 602. In the case of an incoming call to 600, all three phone extensions ring simultaneously, using the device's call forking feature as described in ''Configuring SIP Forking Initiated by Version 7.2 Mediant 4000 SBC...
Page 524 Mediant 4000 SBC SIP Proxy'' on page 521. Note that incoming calls specific to extensions 601 or 602 ring only at these specific extensions. Figure 28-11: Call Survivability for BroadSoft's Shared Line Appearance To configure this capability, you need to configure a shared-line, inbound manipulation rule for registration requests to change the destination number of the secondary extension numbers (e.g.
Page 525: Configuring Call Survivability For Call Centers
Figure 28-12: Normal Operation in Call Center Application Figure 28-13: Call Survivability for Call Center  To configure call survivability for a call center application: In the IP Groups table (see ''Configuring IP Groups'' on page 326), add IP Groups for Version 7.2 Mediant 4000 SBC...
Page 526 Mediant 4000 SBC the following entities: • TDM Gateway (Server-type IP Group). This entity forwards the customer calls through the device to the Application server. • Application server (Server-type IP Group). This entity processes the call and sends the call through the device to the specific call center agent located on a different network (remote).
Page 527: Enabling Survivability Display On Aastra Ip Phones
If the device does not receive a SIP ACK in response to this, it sends a new 200 OK to the next alternative destination. This new destination can be the next given IP address resolved from a DNS from the Contact or Record-Route header in the request related to the response. Version 7.2 Mediant 4000 SBC...
Page 528: Voiperfect
25%. ISPs can therefore offer service level agreements (SLAs) to their customers based on the VoIPerfect feature. For more information, contact your AudioCodes sales representative. In addition, by ensuring high call quality even in adverse network conditions, VoIPerfect may reduce costs for ISPs such...
Page 529 Coders Group with Opus • Allowed Audio Coders Group with Opus • IP Profile: ♦ Extension Coders Group: Coders Group with Opus ♦ Allowed Audio Coders: Allowed Audio Coders Group with Opus ♦ Allowed Coders Mode: Restriction Version 7.2 Mediant 4000 SBC...
Page 530 Mediant 4000 SBC ♦ Voice Quality Enhancement: Enable ♦ RTCP Feedback: Feedback On ♦ Max Opus Bandwidth: 0 Configuration of the Access SBC for both methods:  Coder Groups: • Coders Group with G.711 and Opus • Coders Group with Opus ...
Page 531: Cloud Resilience Package
Part VI Cloud Resilience Package...
Page 533: Crp Overview
 Short number dialog (short numbers are learned dynamically in the registration process)  Survivability indication to IP phone  Call hold and retrieve Version 7.2 Mediant 4000 SBC...
Page 534 Mediant 4000 SBC Survivability Quality of Experience/Service Security  Call transfer (if IP phone initiates REFER)  Basic Shared Line Appearance (excluding correct busy line indications)  Call waiting (if supported by IP phone) One of the main advantages of CRP is that it enables quick-and-easy configuration. This is accomplished by its pre-configured routing entities, whereby only minimal configuration is required.
Page 535: Crp Configuration
Open the Applications Enabling page (Setup menu > Signaling & Media tab > Core Entities folder > Applications Enabling). From the 'CRP Application' drop-down list, select Enable. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Version 7.2 Mediant 4000 SBC...
Page 536: Configuring Call Survivability Mode
Mediant 4000 SBC 30.2 Configuring Call Survivability Mode The CRP can be configured to operate in one of the following call survivability modes:  Normal (Default): The CRP interworks between the branch users and the IP PBX located at headquarters. The CRP forwards all requests (such as for registration) from the branch users to the IP PBX, and routes the calls based on the IP-to-IP routing rules.
Page 537: Pre-Configured Ip Groups
The IP Groups can be edited, except for the fields listed above, which are read-only. • For accessing the IP Groups table and for a description of its parameters, see ''Configuring IP Groups'' on page 326. Version 7.2 Mediant 4000 SBC...
Page 538: Pre-Configured Ip-To-Ip Routing Rules
Mediant 4000 SBC 30.4 Pre-Configured IP-to-IP Routing Rules For the CRP application, the IP-to-IP Routing table is pre-configured with IP-to-IP routing rules. These rules depend on the configured Call Survivability mode, as described in ''Configuring Call Survivability Mode'' on page 536.
Page 539: Emergency Mode
For the routing rule of Index 2, the destination is the source IP Group (i.e., from where the REGISTER message was received). Index 7 appears only if the CRPGatewayFallback parameter is enabled (see ''Configuring PSTN Fallback'' on page 540). Version 7.2 Mediant 4000 SBC...
Page 540: Configuring Pstn Fallback
Mediant 4000 SBC 30.5 Configuring PSTN Fallback You can enable the CRP to route emergency calls (or PSTN-intended calls) such as "911" from the Proxy server (IP Group 2) to the PSTN (IP Group 3). In addition, for calls from the...
Page 541: High Availability System
Part VII High Availability System...
Page 543: Ha Overview
(.cmp) if the redundant device is running a different software version. Once loaded to the redundant device, the redundant device reboots to apply the new configuration and/or software. This ensures that the two units are synchronized regarding configuration and software. Version 7.2 Mediant 4000 SBC...
Page 544: Device Switchover Upon Failure
Mediant 4000 SBC Note: If the active unit runs an earlier version (e.g., 7.0) than the redundant unit (e.g., 7.2), the redundant unit is downgraded to the same version as the active unit (e.g., 7.0). Thus, under normal operation, one of the devices is in active state while the other is in redundant state, where both devices share the same configuration and software.
Page 545: Viewing Ha Status On Monitor Web Page
Title above device is "Active Device". The default name is "Device 1".  Redundant device: • Color of border surrounding device is blue. • Title above device is "Redundant Device". The default name is "Device 2". Version 7.2 Mediant 4000 SBC...
Page 546 Mediant 4000 SBC The Monitor page also displays the HA operational status of the device to which you are currently logged in. This is displayed in the 'HA Status' field under the Device Information:  "Synchronizing": Redundant device is synchronizing with Active device ...
Page 547: Ha Configuration
Maintenance interface is as follows (not applicable to Mediant VE):  (Recommended Physical Connectivity) If the Maintenance ports of both devices are connected directly to each other without intermediation of switches, configure the mode to 2RX/1TX: Figure 32-1: Rx/Tx Mode for Direct Connection Version 7.2 Mediant 4000 SBC...
Page 548: Configuring The Ha Devices
Mediant 4000 SBC  If the two devices are connected through two (or more) isolated LAN switches (i.e., packets from one switch cannot traverse the second switch), configure the mode to 2RX/2TX: Figure 32-2: Redundancy Mode for Two Isolated Switches ...
Page 549: Step 1: Configure The First Device
Make sure that the Maintenance interface uses an Ethernet Device and Ethernet Group that is not used by any other IP network interface. The Ethernet Group is associated with the Ethernet Device, which is assigned to the interface. Version 7.2 Mediant 4000 SBC...
Page 550 Mediant 4000 SBC The IP Interfaces table below shows an example where the Maintenance interface is configured with Ethernet Device "vlan 2" (which is associated with Ethernet Group "GROUP_2"), while the other interface is assigned "vlan 1" (associated with Ethernet Group "GROUP_1"):...
Page 551: Step 2: Configure The Second Device
Configure the same Ethernet port Tx / Rx mode of the Ethernet Group used by the Maintenance interface as configured for the first device. Configure HA parameters in the HA Settings page: In the 'HA Remote Address' field, enter the Maintenance IP address of the first device. Version 7.2 Mediant 4000 SBC...
Page 552: Step 3: Initialize Ha On The Devices
Mediant 4000 SBC (Optional) Enable the HA Preempt feature by configuring the 'Preempt Mode' parameter to Enable, and then setting the priority level of the device in the 'Preempt Priority' field. Make sure that you configure different priority levels for the two devices.
Page 553 After it synchronizes with the active device, it initiates a switchover and becomes the new active device (the former active device resets and becomes the new redundant device). Version 7.2 Mediant 4000 SBC...
Page 554: Configuring Firewall Allowed Rules
Mediant 4000 SBC 32.3 Configuring Firewall Allowed Rules If you have configured firewall rules in the Firewall table (see ''Configuring Firewall Rules'' on page 155) that block specific traffic, you also need to configure rules that ensure traffic related to HA is allowed: ...
Page 555 If the feature is operational, the status of the connectivity to the pinged destination is displayed in the 'Monitor Destination Status' read-only field:  “Enabled": Ping is sent as configured.  "Disabled by configuration and HA state": HA and ping are not configured. Version 7.2 Mediant 4000 SBC...
Page 556 Mediant 4000 SBC  "Disabled by HA state": same as above.  "Disabled by configuration”: same as above.  “Disabled by invalid configuration": invalid configuration, for example, invalid interface name or destination address (destination address must be different than a local address and from the redundant device's Maintenance address).
Page 557: Ha Maintenance
''Configuring the HA Devices'' on page 548. 33.3 Forcing a Switchover If required, you can force a switchover between active and redundant devices. For more information, see ''High Availability Maintenance'' on page 565. Version 7.2 Mediant 4000 SBC...
Page 558: Software Upgrade
Mediant 4000 SBC 33.4 Software Upgrade You can perform the following types of software upgrades on the HA system:  Software Upgrade with Device Reset: Both active and redundant devices burn and reboot with the new software version. This method is quick and simple, but it disrupts traffic (i.e., traffic affecting).
Page 559: Maintenance
Part VIII Maintenance...
Page 561: Basic Maintenance
Timeout' field (see next step). During this interval, no new traffic is accepted. If no traffic exists and the time has not yet expired, the device resets immediately. • No: Reset begins immediately, regardless of traffic. Any existing traffic is immediately terminated. Version 7.2 Mediant 4000 SBC...
Page 562: Remotely Resetting Device Using Sip Notify
Remotely Resetting Device using SIP NOTIFY The device can be remotely reset upon the receipt of a SIP NOTIFY that contains an Event header that is set to 'check-sync;reboot=true' (proprietary to AudioCodes), as shown in the example below: NOTIFY sip:<user>@<dsthost> SIP/2.0 To: sip:<user>@<dsthost>...
Page 563 'Gateway Operational State' read-only field displays "LOCKED" and the device does not process any calls.  To unlock the device:  Click the UNLOCK button; the device unlocks immediately and accepts new incoming calls. The 'Gateway Operational State' read-only field displays "UNLOCKED". Version 7.2 Mediant 4000 SBC...
Page 564: Saving Configuration
Mediant 4000 SBC 34.4 Saving Configuration When you configure parameters and tables in the Web interface and then click the Apply button on the pages in which the configurations are done, changes are saved to the device's volatile memory (RAM). These changes revert to their previous settings if the device subsequently resets (hardware or software) or powers down.
Page 565: High Availability Maintenance
When resetting the Redundant device, the HA mode becomes temporarily unavailable.  To reset the Redundant device: Open the High Availability Maintenance page: • Toolbar: Click the Actions button, and then from the drop-down menu, choose Switchover. Version 7.2 Mediant 4000 SBC...
Page 566 Mediant 4000 SBC • Navigation tree: Setup menu > Administration tab > Maintenance folder > High Availability Maintenance. Figure 35-2: Resetting Redundant Device click Reset; a confirmation box appears requesting you to confirm. Click OK. User's Manual Document #: LTRT-41729...
Page 567: Channel Maintenance
You can forcibly disconnect all active calls, or disconnect specific calls based on Session  To disconnect calls through CLI:  Disconnect all active calls: # clear voip calls  Disconnect active calls belonging to a specified Session ID: # clear voip calls <Session ID> Version 7.2 Mediant 4000 SBC...
Page 568 Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-41729...
Page 569: Software Upgrade
Saving Auxiliary files to flash memory may disrupt traffic on the device. To avoid this, disable all traffic on the device by performing a graceful lock as described in ''Locking and Unlocking the Device'' on page 562. Version 7.2 Mediant 4000 SBC...
Page 570: Loading Auxiliary Files Through Web Interface
Mediant 4000 SBC 37.1.1.1 Loading Auxiliary Files through Web Interface The following procedure describes how to load Auxiliary files through the Web interface. Note: • When loading an ini file through the Auxiliary Files page (as described in this section), only parameter settings specified in the ini file are applied to the device;...
Page 571: Loading Auxiliary Files Through Cli
(in any standard text editor) to suit your specific requirements and then convert the modified ini file into binary dat file format, using AudioCodes DConvert utility. For more information, refer to the DConvert Utility User's Guide.
Page 572 Mediant 4000 SBC Note: The CPT file can only be loaded in .dat file format. You can create up to 32 different Call Progress Tones, each with frequency and format attributes. The frequency attribute can be single or dual-frequency (in the range of 300 to 1980 Hz) or an Amplitude Modulated (AM).
Page 573 Below shows an example of a configured dial tone to 440 Hz only: [NUMBER OF CALL PROGRESS TONES] Number of Call Progress Tones=1 #Dial Tone [CALL PROGRESS TONE #0] Tone Type=1 Tone Form =1 (continuous) Version 7.2 Mediant 4000 SBC...
Page 574: Prerecorded Tones File
For SBC calls, the PRT file supports only the ringback tone and hold tone. The prerecorded tones can be created using standard third-party, recording utilities such as Adobe Audition, and then combined into a single file (PRT file) using AudioCodes DConvert utility. For more information, refer to DConvert Utility User's Guide.
Page 575: Dial Plan File
Plans as required. Save the file with the ini file extension name (e.g., mydialplanfile.ini). Convert the ini file to a dat binary file, using AudioCodes DConvert utility. For more information, refer to DConvert Utility User's Guide. Load the converted file to the device, as described in ''Loading Auxiliary Files'' on page 569.
Page 576: Obtaining Ip Destination From Dial Plan File
Mediant 4000 SBC 37.1.5.2 Obtaining IP Destination from Dial Plan File You can use a Dial Plan index listed in a loaded Dial Plan file for determining the IP destination of SBC (see note below) calls. This enables the mapping of called numbers to IP addresses (in dotted-decimal notation) or FQDNs (up to 15 characters).
Page 577: User Information File
578  CLI - see Configuring SBC User Info Table through CLI on page 579  Loadable User Info file - see ''Configuring SBC User Info Table in Loadable Text File'' on page 580 Version 7.2 Mediant 4000 SBC...
Page 578 Mediant 4000 SBC 37.1.6.2.1 Configuring SBC User Info Table through Web Interface The following procedure describes how to configure the SBC User Info table through the Web interface. Note: • To configure the User Info table, make sure that you have enabled the feature as described in Enabling the User Info Table on page 577.
Page 579 (not-resgistered) ---- sbc-user-info-1 ---- local-user (SuePark) username (userSue) password (t6sn+un=) ip-group-id (1) status (not-resgistered)  To view a specific entry (example): (sip-def-proxy-and-reg)# user-info sbc-user-info <index, e.g., 0> (sbc-user-info-0)# display local-user (JohnDee) username (userJohn) password (s3fn+fn=) Version 7.2 Mediant 4000 SBC...
Page 580 Mediant 4000 SBC ip-group-id (1) status (not-resgistered)  To search a user by local-user: (sip-def-proxy-and-reg)# user-info find <local-user, e.g., JohnDoe> JohnDee: Found at index 0 in SBC user info table, not registered Note: To configure the User Info table, make sure that you have enabled the feature as described in Enabling the User Info Table on page 577.
Page 581: Viewing The Installed User Info File Name
The XML-to-binary format conversion can be done using AudioCodes DConvert utility. For more information on using this utility, refer to DConvert Utility User's Guide. Only one AMD Sensitivity file can be installed on the device.
Page 582: Viewing The License Key
Before you can install a new License Key, you need to obtain a License Key file for your device with the required features from your AudioCodes representative. The License Key is an encrypted key in string format that is associated with the device's serial number ("S/N") and supplied in a text-based file.
Page 583: Installing The License Key
Install the License Key on the device, as described in ''Installing the License Key'' on page 583. 37.2.3 Installing the License Key After you have received your License Key file from your AudioCodes representative, you can install it on the device as described in this section. Note: When you install a new License Key, it is loaded to the device's non-volatile flash memory and overwrites the previously installed License Key.
Page 584: Installing License Key Through Cli
Mediant 4000 SBC Click Load File; the new License Key is installed on the device and saved to flash memory. The License Key is displayed in the 'Current License Key' field. Figure 37-6: Loading License Key File Note: If the device is operating in High-Availability mode, you can only install the License Key by loading a License Key file, as the file includes two License Keys (for active and redundant devices).
Page 585: Upgrading Sbc Capacity Licenses By License Pool Manager Server
Manager Server The device can receive SBC capacity licenses from a centralized pool of SBC resources managed by the License Pool Manager Server running on AudioCodes EMS. The License Pool Manager Server can dynamically allocate and de-allocate SBC capacity licenses from the pool to devices in the network to meet capacity demands of each device whenever required.
Page 586 Mediant 4000 SBC The following displays an example of the indication of SBC licenses allocated by the License Pool Manager Server in the License Key page: If communication with the License Pool Manager Server is lost for a long duration, the device discards the allocated SBC license (i.e., expires) and resets with its initial, "local"...
Page 587: Software Upgrade Wizard
An HA switchover occurs from active device (i.e., the initial redundant device) to redundant device (i.e., the initial active device) to return the devices to their original HA state. Only the initial redundant deviceundergoes a reset to return to redundant state. Version 7.2 Mediant 4000 SBC...
Page 588 Mediant 4000 SBC Note: • You can obtain the latest software files from AudioCodes Web site at http://www.audiocodes.com/downloads. • When you start the wizard, the rest of the Web interface is unavailable. After the files are successfully installed with a device reset, access to the full Web interface is restored.
Page 589 Cancel. However, if you continue with the wizard and start loading the cmp file, the upgrade process must be completed with a device reset. Click Browse, and then navigate to and select the .cmp file. Version 7.2 Mediant 4000 SBC...
Page 590 Mediant 4000 SBC Click Load File; the device begins to install the .cmp file and a progress bar displays the status of the loading process: Figure 37-9: CMP File Loading Progress Bar When the file is loaded, a message is displayed to inform you.
Page 591 (according to the .cmp file) and thereby, overwrite values previously configured for these parameters. Click Reset; a progress bar is displayed, indicating the progress of saving the files to flash and device reset. Figure 37-11: Progress Bar Indicating Burning Files to Flash Version 7.2 Mediant 4000 SBC...
Page 592 Mediant 4000 SBC Note: Device reset may take a few minutes (even up to 30 minutes), depending on .cmp file version. When the device finishes the installation process and resets, the wizard displays the following, which lists the installed .cmp software version and other files that you may...
Page 593: Backing Up And Loading Configuration File
To save the ini file on your computer: Click the Save INI File button; a dialog box appears. Select the 'Save File' option, and then click OK. Figure 38-1: Saving Configuration File using Configuration File Page Version 7.2 Mediant 4000 SBC...
Page 594 Mediant 4000 SBC To load an ini file to the device: Click the Browse button, navigate to and select the file, and then click Open; the file name is displayed next to the Browse button. Click the Load INI File button, and then at the prompt, click OK; the device uploads the file and then resets.
Page 595: Automatic Provisioning
Open the Network Settings page (Setup menu > IP Network tab > Advanced folder > Network Settings). From the 'Enable DHCP" drop-down list, select Enable. Figure 39-1: Enabling DHCP Client Functionality Click Apply. To activate the DHCP process, reset the device. Version 7.2 Mediant 4000 SBC...
Page 596: Http-Based Provisioning
Mediant 4000 SBC The following shows an example of a configuration file for a Linux DHCP server (dhcpd.conf). The devices are allocated temporary IP addresses in the range 10.31.4.53 to 10.31.4.75. TFTP is assumed to be on the same computer as the DHCP server (alternatively, the "next-server"...
Page 597: Ftp-Based Provisioning
Provisioning'' on page 596 is that the protocol in the URL is "ftp" (instead of "http"). 39.1.4 Provisioning using AudioCodes EMS AudioCodes EMS server functions as a core-network provisioning server. The device's SNMP Manager should be configured with the IP address of the EMS server, using one of the methods detailed in the previous sections.
Page 598: Files Provisioned By Automatic Update
Mediant 4000 SBC Warning: If you use the IniFileURL parameter for the Automatic Update feature, do not use the Web interface to configure the device. If you do configure the device through the Web interface and save (burn) the new settings to the device's flash memory, the IniFileURL parameter is automatically set to 0 and Automatic Updates is consequently disabled.
Page 599: Mac Address Placeholder In Configuration File Name
URL address of the provisioning server it uses a placeholder for the file names which is replaced by hardcoded file names and extensions according to file type, as described in more detail below. Version 7.2 Mediant 4000 SBC...
Page 600 Mediant 4000 SBC Note: • Unlike the parameters that define specific URLs for Auxiliary files (e.g., CptFileURL), the file template feature always retains the URLs after each automatic update process. Therefore, with the file template the device always attempts to download the files upon each automatic update process.
Page 601: Triggers For Automatic Update
Upon receipt of an SNMP request from the provisioning server. • Upon receipt of a special SIP NOTIFY message from the provisioning server. The NOTIFY message includes an Event header with the AudioCodes proprietary value, "check-sync;reboot=false", as shown in the example below: NOTIFY sip:<user>@<dsthost> SIP/2.0 To: sip:<user>@<dsthost>...
Page 602: Access Authentication With Http Server
Mediant 4000 SBC CSeq: 10 NOTIFY Call-ID: 1234@<srchost> Event: check-sync;reboot=false To enable the feature: Open the Gateway Advanced Settings page (Setup menu > Signaling & Media tab > Gateway folder > Gateway Advanced Settings). From the 'Remote Management by Notify' (EnableSIPRemoteReset) drop-...
Page 603 INIFileVersion or CLI command, configuration-version The device automatically populates these tag variables with actual values in the sent header. By default, the device sends the following in the User-Agent header: User-Agent: Mozilla/4.0 (compatible; AudioCodes; <NAME>;<VER>;<MAC>;<CONF>) For example, if you set AupdHttpUserAgent = MyWorld-<NAME>;<VER>(<MAC>), the device sends the following User-Agent header: User-Agent: MyWorld-Mediant;7.00.200.001(00908F1DD0D3)
Page 604 Mediant 4000 SBC or discard the downloaded file. For more information, see ''Cyclic Redundancy Check on Downloaded Configuration Files'' on page 606. Note: • When this method is used, there is typically no need for the provisioning server to check the device’s current firmware version using the HTTP-User-Agent header.
Page 605: File Download Sequence
Warning: If you use the ResetNow parameter in an ini file for periodic automatic provisioning with non-HTTP (e.g., TFTP) and without CRC, the device resets after every file download. Therefore, use the parameter with caution and only if necessary for your deployment requirements. Version 7.2 Mediant 4000 SBC...
Page 606: Cyclic Redundancy Check On Downloaded Configuration Files
Mediant 4000 SBC Note: • For ini file downloads, by default, parameters not included in the file are set to defaults. To retain the current settings of these parameters, set the SetDefaultOnINIFileProcess parameter to 0. • If you have configured one-time software file (.cmp) download (configured by the ini file parameter CmpFileURL or CLI command configure system >...
Page 607: Automatic Update For Single Device
Automatic Update of software file (.cmp): ♦ ini File: AutoCmpFileUrl = 'https://www.company.com/sw.cmp' ♦ CLI: # configure system (config-system)# automatic update (automatic-update)# auto-firmware 'http://www.company.com/sw.cmp' Automatic Update of Call Progress Tone file: ♦ ini File: CptFileURL = 'https://www.company.com/call_progress.dat' ♦ CLI: Version 7.2 Mediant 4000 SBC...
Page 608: Automatic Update From Remote Servers
Mediant 4000 SBC # configure system (config-system)# automatic update (automatic-update)# call-progress-tones 'http://www.company.com/call_progress.dat' Automatic Update of ini configuration file: ♦ ini File: IniFileURL = 'https://www.company.com/config.ini' ♦ CLI: # configure system (config-system)# automatic update (automatic-update)# voice-configuration 'http://www.company.com/config.ini' Enable Cyclical Redundancy Check (CRC) on downloaded ini file: ♦...
Page 609: Automatic Update For Mass Deployment
Device queries the provisioning server daily at 24:00 (midnight) for software, configuration and Auxiliary files.  HTTP-based provisioning server at www.company.com for storing the files.  DNS server at 80.179.52.100 for resolving the domain name of the provisioning server. Version 7.2 Mediant 4000 SBC...
Page 610 Mediant 4000 SBC  To set up automatic provisioning for mass provisioning (example): Create a "master" configuration file template named "master_configuration.ini" with the following settings: • Common configuration for all devices: ♦ ini file: AutoUpdatePredefinedTime = '24:00' CptFileURL = 'https://www.company.com/call_progress.dat' AutoCmpFileUrl = 'https://www.company.com/sw.cmp'...
Page 611 User's Manual 39. Automatic Provisioning ♦ CLI: # configure network (config-network)# interface network-if 0 (network-if-0)# primary-dns 80.179.52.100 Power down and then power up the device. Version 7.2 Mediant 4000 SBC...
Page 612 Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-41729...
Page 613: Restoring Factory Defaults
# enable At the prompt, type the password again, and then press Enter: # Password: Admin At the prompt, type the following to reset the device to default settings, and then press Enter: # write factory Version 7.2 Mediant 4000 SBC...
Page 614: Restoring Factory Defaults Through Web Interface
Mediant 4000 SBC 40.2 Restoring Factory Defaults through Web Interface You can restore the device to factory defaults through the Web interface. Note: When restoring to factory defaults, you can preserve your IP network settings that are configured in the IP Interfaces table (see ''Configuring IP Network Interfaces'' on page 127), as described in the procedure below.
Page 615: Status, Performance Monitoring And Reporting
Part IX Status, Performance Monitoring and Reporting...
Page 617: System Status
(see ''Deleting Auxiliary Files'' on page 571).  To view device information:  Open the Device Information page (Monitor menu > Monitor menu > Summary tab > Device Information). Figure 41-1: Viewing Device Information (Example) Version 7.2 Mediant 4000 SBC...
Page 618: Viewing Device Status On Monitor Page
Mediant 4000 SBC 41.2 Viewing Device Status on Monitor Page The Web interface's Monitor page provides basic status and information on the device. The page is useful in that it allows you to easily obtain an overview of the device's operating status at a single glance.
Page 619 To view detailed information on the device's hardware components, click these icons to open the Components Status page (see Viewing Hardware Components Status on page 645). Power Supply Unit 1 status indicator. See Item #3 for a description. Version 7.2 Mediant 4000 SBC...
Page 620 Mediant 4000 SBC Item # Description Module status icon:  (green): Module has been inserted or is correctly configured  (gray): Module was removed. "Reserved" is displayed alongside the module's name  (red): Module failure. "Failure" is displayed instead of the module's name Chassis slot number.
Page 621: Reporting Dsp Utilization Through Snmp Mib
SNMP MIB table, acPMDSPUsage. You can also configure low and high DSP utilization thresholds this MIB, that crossed, SNMP trap event, acPerformanceMonitoringThresholdCrossing is sent by the device. For more information on this MIB, refer to the SNMP Reference Guide. Version 7.2 Mediant 4000 SBC...
Page 622 Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-41729...
Page 623: Viewing Carrier-Grade Alarms
Critical (red)  Major (orange)  Minor (yellow) Source Component of the device from which the alarm was raised. Brief description of the alarm. Description Date Date (DD/MM/YYYY) and time (HH:MM:SS) the alarm was raised. Version 7.2 Mediant 4000 SBC...
Page 624: Viewing History Alarms
Mediant 4000 SBC 43.2 Viewing History Alarms You can view all SNMP alarms, in the Web interface's Alarms History table, that have been raised (active alarms) as well as cleared (resolved). One of the benefits of this is that you can view alarms that may have been raised and then cleared on a continuous basis.
Page 625 Description Date Date (DD/MM/YYYY) and time (HH:MM:SS) the alarm was raised.  To delete all the alarms in the table: Click the Delete History Table button; a confirmation message box appears. Click OK to confirm. Version 7.2 Mediant 4000 SBC...
Page 626 Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-41729...
Page 627: Viewing Management User Activity Logs
Username of the user account that performed the activity. Interface Protocol used for connecting to the management interface (e.g., Telnet, SSH, Web, or HTTP). Client IP address of the client PC from where the user accessed the management interface. Version 7.2 Mediant 4000 SBC...
Page 628 Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-41729...
Page 629: Viewing Performance Monitoring
From the 'SRD/IP Group' drop-down list, select whether you want to view statistic for an SRD or IP Group. From the 'Index' drop-down list, select the SRD or IP Group index. From the 'Direction' drop-down list, select the call direction: Version 7.2 Mediant 4000 SBC...
Page 630 Mediant 4000 SBC • In: incoming calls • Out: outgoing calls • Both: incoming and outgoing calls From the 'Type' drop-down list, select the SIP message type: • INVITE: INVITE • SUBSCRIBE: SUBSCRIBE • Other: all SIP messages If there is no data for the charts, the chart appears gray and "No Data" is displayed to the right of the chart.
Page 631: Viewing Average Call Duration
The minimum resolution is about 30 seconds; the maximum resolution is about an hour. To pause the graph, click the Pause button; click Play to resume. Version 7.2 Mediant 4000 SBC...
Page 632: Configuring Performance Profiles
Mediant 4000 SBC 45.3 Configuring Performance Profiles The Performance Profile table lets you configure up to 2628 Performance Profile rules. A Performance Profile rule defines thresholds of performance monitoring call metrics for Major and Minor severity alarms. If the threshold is crossed, the device raises the corresponding severity alarm.
Page 633 92 (i.e., 90 + 2) crosses the configured Minor threshold with hysteresis. Yellow to Green (alarm The change occurs if the measured metric 92 (i.e., 90 + 2) cleared) crosses the configured Minor threshold with hysteresis. Version 7.2 Mediant 4000 SBC...
Page 634 Mediant 4000 SBC Note: • Forwarded calls are not considered in the calculation for ASR and NER. • If you don't configure thresholds for a specific metric, the device still provides current performance monitoring values of the metric, but does not raise any threshold alarms for it.
Page 635 For example, if you configure the 'Major Threshold' parameter to 70% and the 'Hysteresis' parameter to 2%, the device considers a threshold crossing from Red to Yellow only if the ASR crosses 72% (i.e., 70% + 2%). Version 7.2 Mediant 4000 SBC...
Page 636 Mediant 4000 SBC Parameter Description Minimum Samples Defines the minimum number of call sessions (sample) that is required for the device to calculate the performance minimum-samples monitoring metrics (per window size). If the number of call [PerformanceProfile_MinimumSample] sessions is less than the configured value, no calculation is done.
Page 637: Viewing Voip Status
10 seconds from the proxy/registrar server.  CLI: • SBC users: # show voip register db sbc list • SBC contacts of a specified AOR: # show voip register db sbc user <Address Of Record> Version 7.2 Mediant 4000 SBC...
Page 638: Viewing Call Routing Status
Mediant 4000 SBC 46.2 Viewing Call Routing Status You can view information on the current call routing method used by the device. The information includes the IP address (or FQDN) of the Proxy server with which the device routes the call.
Page 639: Viewing Registration Status
 To view test call CDRs:  Web: Open the Test Call CDR History table (Monitor menu > Monitor tab > VoIP Status folder > Test Call CDR History). Figure 46-3: SBC CDR History Table Version 7.2 Mediant 4000 SBC...
Page 640: Viewing Sbc Cdr History
Mediant 4000 SBC  CLI: • All CDR history: # show voip calls history test • CDR history for a specific SIP session ID: # show voip calls history test <session ID> Table 46-4: SBC CDR History Table Field Description Call End Time Displays the time at which the call ended.
Page 641 For example, 00:01:20 denotes 1 minute and 20 seconds. Termination Reason Displays the reason for the call being released (ended). For example, "NORMAL_CALL_CLEAR" indicates a normal termination. Displays the SIP session ID of the call. Session ID Version 7.2 Mediant 4000 SBC...
Page 642 Mediant 4000 SBC This page is intentionally left blank. User's Manual Document #: LTRT-41729...
Page 643: Viewing Network Status
Navigation tree: Monitor menu > Monitor tab > Network Status folder > Ethernet Port Information. • Monitor home page: Click an Ethernet port on the graphical display of the device (see ''Viewing Device Status on Monitor Page'' on page 618). Version 7.2 Mediant 4000 SBC...
Page 644: Viewing Static Routes Status
Mediant 4000 SBC Table 47-1: Ethernet Port Information Table Description Parameter Description Port Name Displays the name of the port. Active Displays whether the port is active ("Yes") or not ("No"). Speed Displays the speed of the Ethernet port. Duplex Mode Displays whether the port is half- or full-duplex.
Page 645: Viewing Hardware Status
Navigation tree: Monitor menu > Monitor tab > Hardware folder > Components Status. • Monitor home page: Click a power supply or fan tray icon (see ''Viewing Device Status on Monitor Page'' on page 618). Version 7.2 Mediant 4000 SBC...
Page 646 Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-41729...
Page 647: Reporting Information To External Party
Description CallID Call ID - call ID from the SIP dialog LocalID Local ID - identifies the reporting endpoint for the media session Remote ID - identifies the remote endpoint of the media session RemoteID Version 7.2 Mediant 4000 SBC...
Page 648 Mediant 4000 SBC Metric Parameter Description OrigID Originating ID - Identifies the endpoint which originated the session LocalAddr Local Address - IP address, port, and SSRC of the endpoint/UA which is the receiving end of the stream being measured RemoteAddr...
Page 649 MOSCQEstAlg MOS-CQ Est. Algorithm - name (string) of the algorithm used to estimate MOSCQ QoEEstAlg QoE Est. Algorithm - name (string) of the algorithm used to estimate all voice quality metrics DialogID Identification of the SIP dialog with which the media session is related Version 7.2 Mediant 4000 SBC...
Page 650 Mediant 4000 SBC Below shows an example of a SIP PUBLISH message sent with RTCP XR and QoE information: PUBLISH sip:172.17.116.201 SIP/2.0 Via: SIP/2.0/UDP 172.17.116.201:5060;branch=z9hG4bKac2055925925 Max-Forwards: 70 From: <sip:172.17.116.201>;tag=1c2055916574 To: <sip:172.17.116.201> Call-ID: 20559160721612201520952@172.17.116.201 CSeq: 1 PUBLISH Contact: <sip:172.17.116.201:5060> Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUB...
Page 651: Generating Call Detail Records
Syslog server. The CDR Syslog message complies with RFC 3164 and is identified by Facility 17 (local1) and Severity 6 (Informational).  RADIUS server. For CDR in RADIUS format, see ''Configuring RADIUS Accounting'' on page 668. To configure RADIUS servers for CDR reporting, see ''Configuring Version 7.2 Mediant 4000 SBC...
Page 652: Cdr Field Description
Mediant 4000 SBC RADIUS Servers'' on page 216. Note: To view SBC CDRs stored on the device's memory, see Viewing SBC CDR History on page 640. 49.2.1 CDR Field Description This section describes the default CDR fields that are generated by the device.
Page 653 "3". If the call is then transferred, the leg ID for the transfer leg is "4". Orig Call originator: String  "LCL": local  "RMT": remote SourceIp Source IP address String (up to Version 7.2 Mediant 4000 SBC...
Page 654 Mediant 4000 SBC CDR Field Description CDR Report Type Format (SBCReportType) characters) SourcePort Source UDP port String (up to characters) DestIp Destination IP address String (up to characters) DestPort Destination UDP port String (up to characters) TransportType Transport type: String ...
Page 655 Redirection URI "CALL_END" String (up to characters) RedirectURINumB Redirect URI number before manipulation "CALL_END" String (up to eforeMap characters) TxSigIPDiffServ Signaling IP DiffServ String (up to characters) IPGroup IP Group ID and name String (up to Version 7.2 Mediant 4000 SBC...
Page 656 Mediant 4000 SBC CDR Field Description CDR Report Type Format (SBCReportType) characters) SrdId SRD ID and name String (up to characters) SIPInterfaceId SIP Interface ID String (up to characters) ProxySetId Proxy Set ID String (up to characters) IpProfileId IP Profile ID and name...
Page 657: Cdr Fields For Sbc Media
Table 49-3: Default CDR Fields for SBC Media CDR Field Range Description MediaReportType Report type:  "MEDIA_START": CDR is sent upon 200 OK response or early media  "UPDATE": CDR is sent upon a re- Version 7.2 Mediant 4000 SBC...
Page 658 Mediant 4000 SBC CDR Field Range Description INVITE message  "END": CDR sent is upon a BYE message SIPCallId Unique call ID LegId Unique ID number of the call leg within a specific call session. The field is included in all Report Types (MediaReportType).
Page 659: Cdr Fields For Sbc Local Storage
The CDR fields for SBC calls that are stored locally (history) on the device are listed in the table below. For storing CDRs locally, see ''Storing CDRs on the Device'' on page 665. Table 49-4: Default CDR Fields for Locally Stored (History) CDRs CDR Field Title Report Type SBCReportType Version 7.2 Mediant 4000 SBC...
Page 660 Mediant 4000 SBC CDR Field Title Endpoint Type EPTyp Call Id SIPCallId Session ID SessionId Leg ID LegId Call Orig Orig Source IP SourceIp Source Port SourcePort Destination IP DestIp Destination Port DestPort Transport Type TransportType Source URI SrcURI Source URI Before Manipulation...
Page 661: Customizing Cdrs For Sbc Calls
You can also configure it through ini file (SBCCDRFormat) or CLI (configure troubleshoot > cdr > cdr-format sbc-cdr-format).  To customize SBC-related CDRs: Open the SBC CDR Format table (Troubleshoot menu > Troubleshoot tab > Call Detail Record folder > SBC CDR Format). Version 7.2 Mediant 4000 SBC...
Page 662 Mediant 4000 SBC Click New; the following dialog box appears: Figure 49-5: SBC CDR Format Table - Add Dialog Box Configure the CDR according to the parameters described in the table below. Click Apply. Examples of configured CDR customization rules are shown below:...
Page 663 'Phone Duration', you must configure the parameter to 'Phone Duration'. You can also configure the CDR field name with an equals (=) sign, for example "call-connect-time=". Note:  For VSA's that do not require a prefix name, leave the parameter undefined. Version 7.2 Mediant 4000 SBC...
Page 664: Configuring Cdr Reporting
Mediant 4000 SBC Parameter Description  The parameter's value is case-sensitive. For example, if you want the CDR field name to be Phone-Duration, you must configure the parameter to "Phone-Duration" (i.e., upper case "P" and "D"). RADIUS Attribute Type Defines whether the RADIUS Attribute of the CDR field is a standard or vendor-specific attribute.
Page 665: Storing Cdrs On The Device
The locally stored CDRs are saved in a comma-separated values file (*.csv), where each CDR is shown on a dedicated row. An example of a CSV file with two CDRs are shown below:  CSV file viewed in Excel: Version 7.2 Mediant 4000 SBC...
Page 666 Mediant 4000 SBC  CSV file viewed in a text editor (Notepad): Figure 49-8: CSV File of CDRs in Text Editor (Notepad) To view the CDR column headers corresponding to the CDR data in the CSV file, run the following CLI command: ...
Page 667 50 to 10), the device stores the remaining files (e.g., 40) in its memory (i.e., unused files). • When the device operates in High-Availability mode, stored CDRs are deleted upon device switchover. • For customizing CDR fields for SBC calls, see Customizing CDRs for SBC Calls on page 661. Version 7.2 Mediant 4000 SBC...
Page 668: Configuring Radius Accounting
Mediant 4000 SBC 49.3 Configuring RADIUS Accounting The device can send accounting data of SIP calls as call detail records (CDR) to a RADIUS Accounting server. CDR-based accounting messages can be sent upon call release, call connection and release, or call setup and release. This section lists the CDR attributes for RADIUS accounting.
Page 669 Customizing CDRs for SBC Calls on page 661. To configure the address of the RADIUS Accounting server, see ''Configuring RADIUS Servers'' on page 216. For all RADIUS-related configuration, see ''RADIUS-based Services'' on page 216. Version 7.2 Mediant 4000 SBC...
Page 670 Mediant 4000 SBC  To configure RADIUS accounting: Open the Call Detail Record Settings page (Troubleshoot menu > Troubleshoot tab > Call Detail Record folder > Call Detail Record Settings). Configure the following parameters: • From the 'Enable RADIUS Access Control' drop-down list (EnableRADIUS), select Enable.
Page 671 String h323-gw-id=<SIP Start gateway ID string> Stop sip-call-id SIP Call ID String sip-call- Start id=abcde@ac.com Stop call-terminator Terminator of the String call-terminator=yes Stop call:  "yes": Call terminated by the outgoing leg  "no": Call Version 7.2 Mediant 4000 SBC...
Page 672 Mediant 4000 SBC Vendor- Attribute Attribute Specific Value Description Example Name Attribute Format (VSA) ID terminated by the incoming leg terminator Terminator of the String terminator=originate Stop call:  "answer": Call originated from the incoming leg  "originate": Call originated from...
Page 673 (4923 23) h323-remote-address = 212.179.22.214 (4923 1) h323-ivr-out = h323-incoming-conf-id:02102944 600a1899 3fd61009 0e2f3cc5 (4923 30) h323-disconnect-cause = 22 (0x16) (4923 27) h323-call-type = VOIP (4923 26) h323-call-origin = Originate (4923 24) h323-conf-id = 02102944 600a1899 3fd61009 0e2f3cc5 Version 7.2 Mediant 4000 SBC...
Page 674 Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-41729...
Page 675: Diagnostics
Part X Diagnostics...
Page 677: Syslog And Debug Recording
Syslog messages, or CDRs. Disabling a rule is useful, for example, if you no longer require the rule, but may need it in the future. Thus, instead of deleting the rule entirely, you can simply disable it. Version 7.2 Mediant 4000 SBC...
Page 678 Mediant 4000 SBC Note: • If you want to configure a Log Filter rule that logs Syslog messages to a Syslog server (i.e., not to a Debug Recording server), you must enable Syslog functionality, using the 'Enable Syslog' (EnableSyslog) parameter (see ''Enabling Syslog'' on page 687).
Page 679 IP Group at Index 2 with the name "SIP Trunk", configure the parameter to either "2" or "SIP Trunk" (without apostrophes).  For IP trace expressions, see ''Filtering IP Network Traces'' on Version 7.2 Mediant 4000 SBC...
Page 680 Mediant 4000 SBC Parameter Description page 681. Log Destination Defines where the device sends the log file.  log-dest [0] Syslog Server = The device generates Syslog messages based on the configured log filter and sends them to a user- [LoggingFilters_LogDestination] defined Syslog server.
Page 681: Filtering Ip Network Traces
Transport layer for destination port and, &&, ==, <, > Between expressions Below are examples of configured expressions for the 'Value' parameter:  udp && ip.addr==10.8.6.55  ip.src==10.8.6.55 && udp.port>=5000 and udp.port<6000  ip.dst==10.8.0.1/16 Version 7.2 Mediant 4000 SBC...
Page 682: Configuring Syslog
Mediant 4000 SBC  ip.addr==10.8.6.40 For conditions requiring the "or" / "||" expression, add multiple table rows. For example, the Wireshark condition "(ip.src == 1.1.1.1 or ip.src == 2.2.2.2) and ip.dst == 3.3.3.3" can be configured using the following two table row entries: ip.src == 1.1.1.1 and ip.dst == 3.3.3.3...
Page 683 2ed1c8 is the device's MAC address.  96 is the number of times the device has reset.  5 is a unique SID session number (in other words, this is the fifth call session since the last device reset). Version 7.2 Mediant 4000 SBC...
Page 684: Event Representation In Syslog Messages
Mediant 4000 SBC Message Item Dscription   A session includes both the outgoing and incoming legs, where both legs share the same session number.  Forked legs and alternative legs share the same session number. Board ID (BID) Unique non-SIP session related (e.g., device reset) and device identifier.
Page 685: Identifying Audiocodes Syslog Messages Using Facility Levels
Unknown Aggregation Payload Type Invalid Routing Flag Received 50.2.1.2 Identifying AudioCodes Syslog Messages using Facility Levels The device’s Syslog messages can easily be identified and distinguished from Syslog messages from other equipment, by setting its Facility level. The Facility levels of the device's Syslog messages are numerically coded with decimal values.
Page 686: Syslog Fields For Answering Machine Detection (Amd)
Mediant 4000 SBC  To configure the Facility level:  Configure the SyslogFacility ini file parameter to one of the following options: Table 50-5: Syslog Facility Levels Numerical Value Facility Level 16 (default) local use 0 (local0) local use 1 (local1)
Page 687: Enabling Syslog
To configure the Syslog server address: Open the Syslog Settings page (Troubleshoot menu > Troubleshoot tab > Logging folder > Syslog Settings). In the 'Syslog Server IP' field (SyslogServerIP), enter the IP address of the Syslog server. Version 7.2 Mediant 4000 SBC...
Page 688: Configuring Syslog Debug Level
Mediant 4000 SBC In the 'Syslog Server Port' field, enter the port of the Syslog server. Figure 50-3: Configuring the Syslog Server Address Click Apply. 50.2.4 Configuring Syslog Debug Level You can configure the amount of information (debug level) to include in Syslog messages.
Page 689: Configuring Reporting Of Management User Activities
Web interface. You can also configure it through ini file (ActivityListToLog) or CLI (configure troubleshoot > activity-log).  To configure reporting of Web user activities: Open the Syslog Settings page (Troubleshoot tab > Troubleshoot menu > Logging folder > Syslog Settings). Version 7.2 Mediant 4000 SBC...
Page 690: Viewing Syslog Messages
When debug recording is enabled and Syslog messages are also included in the debug recording, to view Syslog messages using Wireshark, you must install AudioCodes' Wireshark plug-in (acsyslog.dll). Once the plug-in is installed, the Syslog messages are decoded as "AC SYSLOG" and displayed using the "acsyslog" filter (instead of the regular "syslog"...
Page 691: Configuring Debug Recording
You can select the Syslog messages displayed on the page, and copy and paste them into a text editor such as Notepad. This text file (txt) can then be sent to AudioCodes Technical Support for diagnosis and troubleshooting. 50.3 Configuring Debug Recording This section describes how to configure debug recording and how to collect debug recording packets.
Page 692: Configuring The Debug Recording Server Address
Click Apply. 50.3.2 Collecting Debug Recording Messages To collect debug recording packets, use the open source packet capturing program, Wireshark. AudioCodes proprietary plug-in files for Wireshark are required. Note: • The default debug recording port is 925. You can change the port in Wireshark (Edit menu >...
Page 693: Debug Capturing On Physical Voip Interfaces
Note that the source IP address of the messages is always the OAMP IP address of the device. The device adds the header "AUDIOCODES DEBUG RECORDING" to each debug recording message, as shown below: 50.3.3 Debug Capturing on Physical VoIP Interfaces You can capture traffic on the device's physical (Ethernet LAN) VoIP interfaces (Layer-2 VLAN tagged packets).
Page 694 Mediant 4000 SBC  Specifies the destination (FTP, TFTP, or USB) where you want the PCAP file sent: # debug capture VoIP physical target <ftp|tftp|usb>  Stops the debug capture, creates a file named debug-capture-voip-<timestamp>.pcap, and sends it to the TFTP or FTP server: # debug capture voip physical stop <TFTP/FTP server IP...
Page 695: Creating Core Dump And Debug Files Upon Device Crash
The files may assist you in identifying the cause of the crash. The core dump can either be included in or excluded from the debug file, or alternatively, sent separately to a TFTP server. You can then provide the files to AudioCodes support team for troubleshooting. ...
Page 696 Mediant 4000 SBC  To delete the core dump file:  Navigate to the root CLI directory (enable mode), and then enter the following command: # clear debug-file The following procedure describes how to retrieve the debug file from the device through the Web interface.
Page 697: Testing Sip Signaling Calls
By default, you can configure up to five test calls. However, this number can be increased by installing the relevant License Key. For more information, contact your AudioCodes sales representative. The following procedure describes how to configure test calls through the Web interface.
Page 698 Mediant 4000 SBC Click New; the following dialog box appears: Figure 52-1: Test Call Rules Table - Add Dialog Box Configure a test call according to the parameters described in the table below. Click Apply, and then save your settings to flash memory.
Page 699 To configure QoE Profiles, see ''Configuring Quality of Experience Profiles'' on page 289. Bandwidth Profile Assigns a Bandwidth Profile to the test call. bandwidth-profile By default, no value is defined. To configure Bandwidth Profiles, see ''Configuring Bandwidth Version 7.2 Mediant 4000 SBC...
Page 700 Mediant 4000 SBC Parameter Description [Test_Call_BWProfile] Profiles'' on page 294. Authentication Note: These parameters are applicable only if the 'Call Party' parameter (see below) is configured to Caller. Auto Register Enables automatic registration of the endpoint. The endpoint can register to the device itself or to the 'Destination Address' or 'IP auto-register Group' parameter settings (see above).
Page 701: Starting And Stopping Test Calls
Dial: Starts the test call (applicable only if the test call party is the caller). • Drop Call: Stops the test call. • Restart: Ends all established calls and then starts the test call session again. Version 7.2 Mediant 4000 SBC...
Page 702: Viewing Test Call Status
Mediant 4000 SBC 52.3 Viewing Test Call Status You can view the status of test call rules in the 'Test Status' field of the Test Call Rules table. The status can be one of the following: Table 52-2: Test Call Status Description...
Page 703 "Done - Established Calls: <number of established calls>, ASR: <ASR>%": Test call has been successfully completed (or was prematurely stopped by clicking the Drop Call command) and shows the following:  Total number of test calls that were established. Version 7.2 Mediant 4000 SBC...
Page 704: Configuring Dtmf Tones For Test Calls
Mediant 4000 SBC Statistics Field Description  Number of successfully answered calls out of the total number of calls attempted (ASR). MOS Status MOS count and color threshold status of local and remote sides according to the assigned QoE Profile.
Page 705 "101".  To configure SBC call testing: Configure the test call parameters (for a full description, see ''SIP Test Call Parameters'' on page 741): Version 7.2 Mediant 4000 SBC...
Page 706: Test Call Configuration Examples
Mediant 4000 SBC Open the Test Call Settings page (Troubleshooting tab > Troubleshooting menu > Test Call folder > Test Call Settings). Figure 52-5: Configuring SBC Test Call with Proxy In the 'Test Call ID' field, enter a prefix number for the simulated test endpoint on the device.
Page 707 The test call is done between two AudioCodes devices - Device A and Device B - with simulated test endpoints. This eliminates the need for phone users, who would otherwise need to answer and end calls many times for batch testing.
Page 708 Mediant 4000 SBC  Registration Test Call Scenario: This example describes the configuration for testing the registration and authentication (i.e., username and pas,sword) process of a simulated test endpoint on the device with an external proxy/registrar server. This is useful, for example, for verifying that endpoints located in the LAN can register with an external proxy and subsequently, communicate with one another.
Page 709: Pinging A Remote Host Or Ip Address
IPv4 address. The ping is done using the following CLI command: # ping <IPv4 ip address or host name> source [voip] interface For a complete description of the ping command, refer to the CLI Reference Guide. Version 7.2 Mediant 4000 SBC...
Page 710 Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-41729...
Page 711: Appendix
Part XI Appendix...
Page 713: Dialing Plan Notation For Routing And Manipulation
4 to 8, and suffix is 234, 235, or 236. The entered value would be the following: [4-8](23[4,5,6]). [n-m] or (n-m) Represents a range of numbers. Examples:  To depict prefix numbers from 5551200 to 5551300: Version 7.2 Mediant 4000 SBC...
Page 714 Mediant 4000 SBC Notation Description  [5551200-5551300]#  To depict prefix numbers from 123100 to 123200:  123[100-200]#  To depict prefix and suffix numbers together:  03(100): for any number that starts with 03 and ends with 100. ...
Page 715 User's Manual 54. Dialing Plan Notation for Routing and Manipulation Notation Description Version 7.2 Mediant 4000 SBC...
Page 716 Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-41729...
Page 717: Configuration Parameters Reference
The default is 0.0.0.0 (i.e., the device can be accessed from any IP address). For example: WebAccessList_0 = 10.13.2.66 WebAccessList_1 = 10.13.77.7 For a description of the parameter, see ''Configuring Web and Telnet Access List'' on page 67. Version 7.2 Mediant 4000 SBC...
Page 718: Web Parameters
Mediant 4000 SBC 55.1.2 Web Parameters The Web parameters are described in the table below. Table 55-2: Web Parameters Parameter Description Enable web access from all interfaces Enables Web access from any of the device's IP network interfaces. The feature applies to HTTP and HTTPS web-access-from-all-interfaces protocols.
Page 719  [0] = (Default) Password and username retain their values.  [1] = Password and username are reset. Note:  For the parameter to take effect, a device reset is Version 7.2 Mediant 4000 SBC...
Page 720: Telnet Parameters
Mediant 4000 SBC Parameter Description required.  You cannot reset the username and password through the Web interface (by loading an ini file or on the AdminPage). To reset the username and password:   SNMP: 1) Set acSysGenericINILine to...
Page 721: Ini File Parameters
(e.g., $1$S3p+fno=).  [1] = Enable. All passwords are hidden and replaced by an asterisk (*). 55.1.5 SNMP Parameters The SNMP parameters are described in the table below. Table 55-5: SNMP Parameters Parameter Description Version 7.2 Mediant 4000 SBC...
Page 722 > snmp trap > auto- Enables the device to send NAT keep-alive traps to the port send-keep-alive of the SNMP network management station (e.g., AudioCodes EMS). This is used for NAT traversal, and allows SNMP [SendKeepAliveTrap] communication with AudioCodes EMS management platform, located in the WAN, when the device is located behind NAT.
Page 723 [0] (Check box cleared) = Disabled (default)  [1] (Check box selected) = Enabled IP Address Defines the IP address of the remote host used as an SNMP Manager. The device sends SNMP traps to this IP address. ip-address Version 7.2 Mediant 4000 SBC...
Page 724 Mediant 4000 SBC Parameter Description [SNMPManagerTableIP_x] Enter the IP address in dotted-decimal notation, e.g., 108.10.1.255. Trap Port Defines the port number of the remote SNMP Manager. The device sends SNMP traps to this port. port The valid SNMP trap port range is 100 to 4000. The default [SNMPManagerTrapPort_x] port is 162.
Page 725: Serial Parameters
The serial interface parameters are described in the table below. Table 55-6: Serial Parameters Parameter Description [DisableRS232] Enables the device's RS-232 (serial) port.  [0] = Enabled  [1] = (Default) Disabled The RS-232 serial port can be used to change the networking Version 7.2 Mediant 4000 SBC...
Page 726: Auxiliary And Configuration File Name Parameters
Mediant 4000 SBC Parameter Description parameters and view error/notification messages. To establish serial communication with the device, see ''Establishing a CLI Session'' on page 76. Note: For the parameter to take effect, a device reset is required. [SerialBaudRate] Defines the serial communication baud rate.
Page 727: Automatic Update Parameters
Note: For the parameter to take effect, a device reset is required. Dial Plan File Defines the name of the Dial Plan file. This file should be created using AudioCodes DConvert utility (refer to DConvert Utility User's [DialPlanFileName] Guide). For the ini file, the name must be enclosed by single apostrophes, for example, 'dial_plan.dat'.
Page 728 Mediant 4000 SBC Parameter Description Note:  For the parameter to take effect, a device reset is required.  The actual update time is randomized by five minutes to reduce the load on the Web servers. http-user-agent Defines the information sent in the HTTP User-Agent header in the...
Page 729 (i.e., not on-the-fly) parameters that are loaded using the parameter IniFileUrl.  [0] = (Default) The immediate restart mechanism is disabled.  [1] = The device immediately resets after an ini file with the parameter set to 1 is loaded. Version 7.2 Mediant 4000 SBC...
Page 730 Mediant 4000 SBC Parameter Description Note: If you use the parameter in an ini file for periodic automatic provisioning with non-HTTP (e.g., TFTP) and without CRC, the device resets upon every file download. Software/Configuration File URL Path for Automatic Update Parameters CLI path: configure system >...
Page 731: Networking Parameters
The format of the ini file table parameter is as follows: physical-port [ PhysicalPortsTable ] [PhysicalPortsTable] FORMAT PhysicalPortsTable_Index = PhysicalPortsTable_Port, PhysicalPortsTable_Mode, PhysicalPortsTable_SpeedDuplex, PhysicalPortsTable_PortDescription, PhysicalPortsTable_GroupMember, PhysicalPortsTable_GroupStatus; [ \PhysicalPortsTable ] For a detailed description of the table, see Configuring Physical Ethernet Version 7.2 Mediant 4000 SBC...
Page 732: Multiple Voip Network Interfaces And Vlan Parameters
Mediant 4000 SBC Parameter Description Ports on page 120. Ethernet Groups Table Ethernet Groups Defines the transmit (Tx) and receive (Rx) settings for the Ethernet port groups. The format of the ini file table parameter is: configure network > ether-...
Page 733: Routing Parameters
The table configures DiffServ-to-VLAN Priority mapping. For each packet sent to the LAN, the VLAN Priority of the packet configure network > qos vlan-mapping is set according to the DiffServ value in the IP header of the Version 7.2 Mediant 4000 SBC...
Page 734: Nat Parameters
Mediant 4000 SBC Parameter Description [DiffServToVlanPriority] packet. The format of this ini file is as follows: [ DiffServToVlanPriority ] FORMAT DiffServToVlanPriority_Index = DiffServToVlanPriority_DiffServ, DiffServToVlanPriority_VlanPriority; [ \DiffServToVlanPriority ] For example: DiffServToVlanPriority 0 = 46, 6; DiffServToVlanPriority 1 = 40, 6; DiffServToVlanPriority 2 = 26, 4;...
Page 735 1. The parameter is used to allow SNMP communication with AudioCodes EMS management platform, located in the WAN, when the device is located behind NAT. It is needed to keep the NAT pinhole open for the SNMP messages sent from EMS to the device.
Page 736: Dns Parameters
Mediant 4000 SBC Parameter Description [SIPNatDetection] standard.  [1] Enable (default) = Enables the device's NAT Detection mechanism. 55.2.6 DNS Parameters The Domain name System (DNS) parameters are described in the table below. Table 55-14: DNS Parameters Parameter Description Internal DNS Table...
Page 737 Defines Vendor Class Identifier (VCI) names (DHCP Option 60) for the device's DHCP server. Only if the DHCPDiscover request message, configure network > dhcp- received from the DHCP client, contains this value does the device server vendor-class provide DHCP services. [DhcpVendorClass] Version 7.2 Mediant 4000 SBC...
Page 738: Ntp And Daylight Saving Time Parameters
Mediant 4000 SBC Parameter Description The format of the ini file table parameter is as follows: [ DhcpVendorClass ] FORMAT DhcpVendorClass_Index = DhcpVendorClass_DhcpServerIndex, DhcpVendorClass_VendorClassId; [ \DhcpVendorClass ] For a detailed description of the table, see Configuring the Vendor Class Identifier on page 204.
Page 739 (e.g., FRI)  wk denotes week of the month (e.g., 03)  hh denotes hour (e.g., 23)  mm denotes minutes (e.g., 10) For example, "04:FRI/03:23:00" denotes Friday, the third week of Version 7.2 Mediant 4000 SBC...
Page 740: Debugging And Diagnostics Parameters
Mediant 4000 SBC Parameter Description April, at 11 P.M. The week field can be 1-5, where 5 denotes the last occurrence of the specified day in the specified month. For example, "04:FRI/05:23:00" denotes the last Friday of April, at 11 P.M.
Page 741: Sip Test Call Parameters
[Test_Call] Test_Call_DestAddress, Test_Call_DestTransportType, Test_Call_SIPInterfaceName, Test_Call_ApplicationType, Test_Call_AutoRegister, Test_Call_UserName, Test_Call_Password, Test_Call_CallParty, Test_Call_MaxChannels, Test_Call_CallDuration, Test_Call_CallsPerSecond, Test_Call_TestMode, Test_Call_TestDuration, Test_Call_Play, Test_Call_ScheduleInterval, Test_Call_QOEProfile, Test_Call_BWProfile; [ \Test_Call ] For a description of the table, see ''Configuring Test Call Endpoints'' on page 697. Version 7.2 Mediant 4000 SBC...
Page 742: Syslog, Cdr And Debug Parameters
Mediant 4000 SBC 55.3.3 Syslog, CDR and Debug Parameters The Syslog, CDR and debug parameters are described in the table below. Table 55-19: Syslog, CDR and Debug Parameters Parameter Description Enable Syslog Determines whether the device sends logs and error messages (e.g., CDRs) generated by the device to a Syslog server.
Page 743 The valid value is 2 to 1440. The default is 60. Debug Level Enables Syslog debug reporting and logging level.  configure troubleshoot > [0] No Debug = (Default) Debug is disabled and Syslog Version 7.2 Mediant 4000 SBC...
Page 744 Mediant 4000 SBC Parameter Description syslog > debug-level messages are not sent.  [1] Basic = Sends debug logs of incoming and outgoing SIP [GwDebugLevel] messages.  [5] Detailed = Sends debug logs of incoming and outgoing SIP message as well as many other logged processes.
Page 745 [naa] Non-Authorized Access = Attempts to log in to the Web interface with a false or empty username or password.  [spc] Sensitive Parameters Value Change = Changes made to "sensitive" parameters:  (1) IP Address Version 7.2 Mediant 4000 SBC...
Page 746 Mediant 4000 SBC Parameter Description  (2) Subnet Mask  (3) Default Gateway IP Address  (4) ActivityListToLog  [ll] Login and Logout = Web login and logout attempts.  [cli] = CLI commands entered by the user.  [ae] Action Executed = Logs user actions that are not related to parameter changes.
Page 747: Resource Allocation Indication Parameters
Defines the time interval (in seconds) that the device periodically checks [RAILoopTime] call resource availability. The valid range is 1 to 200. The default is 10. 55.4 HA Parameters The High Availability (HA) parameters are described in the table below. Version 7.2 Mediant 4000 SBC...
Page 748 Mediant 4000 SBC Table 55-21: HA Parameters Parameter Description HA Device Name Defines a name for the active device, which is displayed on the Home page to indicate the active device. configure network > high- availability > unit-id-name The valid value is a string of up to 128 characters. The default value is "Device 1".
Page 749: Security Parameters
Table 55-22: General Security Parameters Parameter Description Firewall Table Firewall The table defines the device's access list (firewall), which defines network traffic filtering rules. configure network > access-list The format of the ini file table parameter is: [AccessList] [AccessList] Version 7.2 Mediant 4000 SBC...
Page 750 Mediant 4000 SBC Parameter Description FORMAT AccessList_Index = AccessList_Source_IP, AccessList_Source_Port, AccessList_PrefixLen, AccessList_Source_Port, AccessList_Start_Port, AccessList_End_Port, AccessList_Protocol, AccessList_Use_Specific_Interface, AccessList_Interface_ID, AccessList_Packet_Size, AccessList_Byte_Rate, AccessList_Byte_Burst, AccessList_Allow_Type; [\AccessList] For example: AccessList 10 = mgmt.customer.com, , , 32, 0, 80, tcp, 1, OAMP, 0, 0, 0, allow;...
Page 751 Defines a period (sec) during which if no T.38 packets are received or sent from the current T.38 fax relay session, the channel can re- [FaxRelayTimeoutSec] latch onto another stream. The valid range is 0 to 255. The default is 10. Version 7.2 Mediant 4000 SBC...
Page 752: Https Parameters
Mediant 4000 SBC 55.5.2 HTTPS Parameters The Secure Hypertext Transport Protocol (HTTPS) parameters are described in the table below. Table 55-23: HTTPS Parameters Parameter Description Secured Web Connection Determines the protocol used to access the Web interface. (HTTPS)  [0] HTTP and HTTPS (default).
Page 753 The valid value range is 228 to 1500. The default is 1500. Disable Authentication On Enables authentication on transmitted RTP packets in a secured RTP Transmitted RTP Packets session.  configure voip > media [0] Enable (default) security > RTP-  [1] Disable authentication-disable-tx Version 7.2 Mediant 4000 SBC...
Page 754: Tls Parameters
Mediant 4000 SBC Parameter Description [RTPAuthenticationDisableTx] Disable Encryption On Enables encryption on transmitted RTP packets in a secured RTP Transmitted RTP Packets session.  configure voip > media [0] Enable (default) security > RTP-encryption-  [1] Disable disable-tx [RTPEncryptionDisableTx] Disable Encryption On...
Page 755 TLSRemoteSubjectName parameter or for the Proxy Set. If they are the same, the device establishes a TLS connection; otherwise, the device rejects the call. Note:  If you configure the parameter to Server & Client, you also Version 7.2 Mediant 4000 SBC...
Page 756: Ssh Parameters
Mediant 4000 SBC Parameter Description need to configure the SIPSRequireClientCertificate parameter to Enable.  For FQDN, the certificate may use wildcards (*) to replace parts of the domain name. TLS Client Verify Server Determines whether the device, when acting as a client for TLS Certificate connections, verifies the Server certificate.
Page 757: Ids Parameters
Defines the interval (in seconds) after which an IDS alarm is cleared from the Active Alarms table if no thresholds are crossed during this time. [IDSAlarmClearPeriod] However, this "quiet" period must be at least twice the Threshold Window Version 7.2 Mediant 4000 SBC...
Page 758: Ocsp Parameters
Mediant 4000 SBC Parameter Description value. For example, if IDSAlarmClearPeriod is set to 20 sec and the Threshold Window is set to 15 sec, the IDSAlarmClearPeriod parameter is ignored and the alarm is cleared only after 30 seconds (2 x 15 sec).
Page 759: Quality Of Experience Parameters
Enables a TLS connection with the SEM server.  configure voip > qoe [0] Disable (default) settings > tls-enable  [1] Enable [QOEEnableTLS] Note: For the parameter to take effect, a device reset is required. Version 7.2 Mediant 4000 SBC...
Page 760 Mediant 4000 SBC Parameter Description QoE TLS Context Name Selects a TLS Context (configured in the TLS Contexts table) for the TLS connection with the SEM server. configure voip > qoe settings > tls-context- The valid value is a string representing the name of the TLS Context as name configured in the 'Name' field of the TLS Contexts table.
Page 761: Control Network Parameters
This table configures IP Groups. configure voip > ip-group The format of the ini file table parameter is: [IPGroup] [ IPGroup ] FORMAT IPGroup_Index = IPGroup_Type, IPGroup_Name, IPGroup_ProxySetName, IPGroup_SIPGroupName, IPGroup_ContactUser, IPGroup_SipReRoutingMode, IPGroup_AlwaysUseRouteTable, IPGroup_SRDName, IPGroup_MediaRealm, IPGroup_ClassifyByProxySet, IPGroup_ProfileName, IPGroup_MaxNumOfRegUsers, IPGroup_InboundManSet, IPGroup_OutboundManSet, Version 7.2 Mediant 4000 SBC...
Page 762 Mediant 4000 SBC Parameter Description IPGroup_RegistrationMode, IPGroup_AuthenticationMode, IPGroup_MethodList, IPGroup_EnableSBCClientForking, IPGroup_SourceUriInput, IPGroup_DestUriInput, IPGroup_ContactName, IPGroup_Username, IPGroup_Password, IPGroup_UUIFormat, IPGroup_QOEProfile, IPGroup_BWProfile, IPGroup_AlwaysUseSourceAddr, IPGroup_MsgManUserDef1, IPGroup_MsgManUserDef2, IPGroup_SIPConnect, IPGroup_SBCPSAPMode, IPGroup_DTLSContext, IPGroup_CreatedByRoutingServer, IPGroup_UsedByRoutingServer, IPGroup_SBCOperationMode, IPGroup_SBCRouteUsingRequestURIPort, IPGroup_SBCKeepOriginalCallID, IPGroup_TopologyLocation, IPGroup_SBCDialPlanName; [/IPGroup] For a description of the table, see ''Configuring IP Groups'' on page 326.
Page 763 Contact/Record-Route headers, or the IP address configured in the routing tables contain a domain name with a port definition, the device performs a regular DNS A-record query.  If a specific Transport Type is configured, a NAPTR query is Version 7.2 Mediant 4000 SBC...
Page 764 Mediant 4000 SBC Parameter Description not performed.  To enable NAPTR/SRV queries for Proxy servers only, use the global parameter ProxyDNSQueryType, or use the Proxy Sets table. Proxy DNS Query Type Global parameter that defines the DNS query record type for resolving the Proxy server's configured domain name (FQDN) configure voip >...
Page 765 Defines the Proxy Sets. configure voip > proxy-set The format of the ini file table parameter is as follows: [ProxySet] [ ProxySet ] FORMAT ProxySet_Index = ProxySet_ProxyName, ProxySet_EnableProxyKeepAlive, ProxySet_ProxyKeepAliveTime, ProxySet_ProxyLoadBalancingMethod, ProxySet_IsProxyHotSwap, ProxySet_SRDName, ProxySet_ClassificationInput, ProxySet_TLSContextName, ProxySet_ProxyRedundancyMode, ProxySet_DNSResolveMethod, ProxySet_KeepAliveFailureResp, Version 7.2 Mediant 4000 SBC...
Page 766 Mediant 4000 SBC Parameter Description ProxySet_GWIPv4SIPInterfaceName, ProxySet_SBCIPv4SIPInterfaceName, ProxySet_GWIPv6SIPInterfaceName, ProxySet_SBCIPv6SIPInterfaceName; [ \ProxySet ] For a description of the table, see ''Configuring Proxy Sets'' on page 338. Registrar Parameters Registration Time Defines the time interval (in seconds) for registering to a Proxy server.
Page 767 > sip-definition Enables the use of the carriage-return and line-feed sequences settings > ping-pong-keep-alive (CRLF) Keep-Alive mechanism, according to RFC 5626 “Managing Client-Initiated Connections in the Session Initiation [UsePingPongKeepAlive] Protocol (SIP)” for reliable, connection-orientated transport types Version 7.2 Mediant 4000 SBC...
Page 768 Mediant 4000 SBC Parameter Description such as TCP.  [0] Disable (default)  [1] Enable The SIP user agent/client (i.e., device) uses a simple periodic message as a keep-alive mechanism to keep their flow to the proxy or registrar alive (used for example, to keep NAT bindings open).
Page 769: Network Application Parameters
> sip- Defines the interval (in sec) between the last data packet sent and the first keep-alive probe to send. definition settings > tcp- keepalive-time The valid value is 10 to 65,000. The default is 60. Version 7.2 Mediant 4000 SBC...
Page 770 Mediant 4000 SBC Parameter Description [TCPKeepAliveTime] Note:  Simple ACKs such as keepalives are not considered data packets.  TCP keepalive is enabled per SIP Interface in the SIP Interfaces table. configure voip > Defines the interval (in sec) between consecutive keep-alive probes, sip-definition regardless of what the connection has exchanged in the meantime.
Page 771: General Sip Parameters
INVITE messages, if necessary. Remote Management by Enables a specific device action upon the receipt of a SIP NOTIFY SIP Notify request, where the action depends on the value received in the Event header. configure voip > sip- Version 7.2 Mediant 4000 SBC...
Page 772 (if Automatic Update has been enabled on the device)  'check-sync;reboot=true': triggers a device reset Note: The Event header value is proprietary to AudioCodes. Max SIP Message Defines the maximum size (in Kbytes) for each SIP message that can be Length [KB] sent over the network.
Page 773 (e.g., ringing) before the call is established. early-media You can also configure this functionality per specific calls, using IP Profiles [EnableEarlyMedia] (IpProfile_EnableEarlyMedia). For a detailed description of the parameter and for configuring the functionality, see ''Configuring IP Profiles'' on page 384. Version 7.2 Mediant 4000 SBC...
Page 774 Mediant 4000 SBC Parameter Description Note: If the functionality is configured for a specific profile, the settings of the global parameter is ignored for calls associated with the profile. Session Expires Defines a session expiry timeout. The device disconnects the session...
Page 775 TCP/TLS handshakes with the UA, allowing sessions to be established rapidly.  [0] Disable = The device uses a new TCP or TLS connection with the Version 7.2 Mediant 4000 SBC...
Page 776 Mediant 4000 SBC Parameter Description  [1] Enable = (Default) The device uses the same TCP or TLS connection for all SIP requests with the UA. Note: For SIP responses, the device always uses the same TCP/TLS connection, regardless of the parameter settings.
Page 777 The parameter contains a SIP or SIPS URI that represents a GRUU corresponding to the UA instance that registered the contact. The server provides the same GRUU for the same AOR and instance-id when sending REGISTER again after registration expiration. RFC 5627 specifies Version 7.2 Mediant 4000 SBC...
Page 778 > user- agent-info User-Agent: myproduct/v.7.20A.000.038 [UserAgentDisplayInfo] If not configured, the default string, <AudioCodes product-name>/software version' is used, for example: User-Agent: Audiocodes-Sip-Gateway-Mediant 4000 SBC/v.7.20A.000.038 The maximum string length is 50 characters. Note: The software version number and preceding forward slash (/) cannot be modified.
Page 779 Retry-After SIP header in SIP 503 (Service Unavailable) responses to indicate an unavailable service. The Retry-After header is used with the 503 (Service Unavailable) response to indicate how long the service is expected to be unavailable to Version 7.2 Mediant 4000 SBC...
Page 780 Mediant 4000 SBC Parameter Description the requesting SIP client. The device maintains a list of available proxies, by using the Keep-Alive mechanism. The device checks the availability of proxies by sending SIP OPTIONS every keep-alive timeout to all proxies. If the device receives a SIP 503 response to an INVITE, it also marks that the proxy is out of service for the defined "Retry-After"...
Page 781 > user- [0] Disable (default) inf-usage  [1] Enable [EnableUserInfoUsage] Note: For the parameter to take effect, a device reset is required. configure voip > Determines whether the device uses the value of the incoming SIP Version 7.2 Mediant 4000 SBC...
Page 782 Mediant 4000 SBC Parameter Description sip-definition Reason header for Release Reason mapping. settings > handle-  [0] = Disregard Reason header in incoming SIP messages. reason-header  [1] = (Default) Use the Reason header value for Release Reason [HandleReasonHeader] mapping.
Page 783 [1] Enable [IgnoreRemoteSDPMKI] configure voip > sip- Defines the echo canceller format in the outgoing SDP. The 'ecan' attribute definition settings > sdp- is used in the SDP to indicate the use of echo cancellation. Version 7.2 Mediant 4000 SBC...
Page 784 Mediant 4000 SBC Parameter Description  ecan-frmt [0] = (Default) The 'ecan' attribute appears on the 'a=gpmd' line.  [1] = The 'ecan' attribute appears as a separate attribute. [SDPEcanFormat]  [2] = The 'ecan' attribute is not included in the SDP.
Page 785 Defines SIP message policy rules for blocking (blacklist) unwanted incoming SIP messages or allowing (whitelist) receipt of desired configure voip > message messages. message-policy The format of the ini file table parameter is as follows: [MessagePolicy] [MessagePolicy] FORMAT MessagePolicy_Index = MessagePolicy_Name, MessagePolicy_MaxMessageLength, MessagePolicy_MaxHeaderLength, Version 7.2 Mediant 4000 SBC...
Page 786: Coders And Profile Parameters
Mediant 4000 SBC Parameter Description MessagePolicy_MaxBodyLength, MessagePolicy_MaxNumHeaders, MessagePolicy_MaxNumBodies, MessagePolicy_SendRejection, MessagePolicy_MethodList, MessagePolicy_MethodListType, MessagePolicy_BodyList, MessagePolicy_BodyListType, MessagePolicy_UseMaliciousSignatureDB; [/MessagePolicy] For a detailed description of the table, see Configuring SIP Message Policy Rules. configure voip > sip- Defines the SIP response code that the device sends when it rejects an definition settings >...
Page 787 IpProfile_SBCRemoteSupportsRFC3960, IpProfile_SBCRemoteCanPlayRingback, IpProfile_EnableEarly183, IpProfile_EarlyAnswerTimeout, IpProfile_SBC2833DTMFPayloadType, IpProfile_SBCUserRegistrationTime, IpProfile_ResetSRTPStateUponRekey, IpProfile_AmdMode, IpProfile_SBCReliableHeldToneSource, IpProfile_GenerateSRTPKeys, IpProfile_SBCPlayHeldTone, IpProfile_SBCRemoteHoldFormat, IpProfile_SBCRemoteReplacesBehavior, IpProfile_SBCSDPPtimeAnswer, IpProfile_SBCPreferredPTime, IpProfile_SBCUseSilenceSupp, IpProfile_SBCRTPRedundancyBehavior, IpProfile_SBCPlayRBTToTransferee, IpProfile_SBCRTCPMode, IpProfile_SBCJitterCompensation, IpProfile_SBCRemoteRenegotiateOnFaxDetection, IpProfile_JitterBufMaxDelay, IpProfile_SBCUserBehindUdpNATRegistrationTime, IpProfile_SBCUserBehindTcpNATRegistrationTime, IpProfile_SBCSDPHandleRTCPAttribute, IpProfile_SBCRemoveCryptoLifetimeInSDP, IpProfile_SBCIceMode, IpProfile_SBCRTCPMux, IpProfile_SBCMediaSecurityMethod, IpProfile_SBCHandleXDetect, IpProfile_SBCRTCPFeedback, IpProfile_SBCRemoteRepresentationMode, IpProfile_SBCKeepVIAHeaders, IpProfile_SBCKeepRoutingHeaders, IpProfile_SBCKeepUserAgentHeader, Version 7.2 Mediant 4000 SBC...
Page 788: Channel Parameters
Mediant 4000 SBC Parameter Description IpProfile_SBCRemoteMultipleEarlyDialogs, IpProfile_SBCRemoteMultipleAnswersMode, IpProfile_SBCDirectMediaTag, IpProfile_SBCAdaptRFC2833BWToVoiceCoderBW, IpProfile_SBCMaxCallDuration, IpProfile_SBCGenerateRTP, IpProfile_SBCISUPBodyHandling, IpProfile_SBCVoiceQualityEnhancement; [\IPProfile] For a description of the table, see ''Configuring IP Profiles'' on page 384. 55.10 Channel Parameters This subsection describes the device's channel parameters. 55.10.1 Voice Parameters The voice parameters are described in the table below.
Page 789 The valid range is 0 to 60. The default is 10. [AcousticEchoSuppMaxERLThreshold] Min Reference Delay x10 msec Defines the acoustic echo suppressor minimum reference delay (in 10-ms units). configure voip/media voice/acoustic- echo-suppressor-min-reference-delay The valid range is 0 to 40. The default is 0. Version 7.2 Mediant 4000 SBC...
Page 790 Mediant 4000 SBC Parameter Description [AcousticEchoSuppMinRefDelayx10ms] Max Reference Delay x10 msec Defines the acoustic echo suppressor maximum reference delay (in 10-ms units). configure voip/media voice/acoustic- echo-suppressor-max-reference-delay The valid range is 0 to 40. The default is 40 (i.e., 40 x 10 = 400 ms).
Page 791: Coder Parameters
Group (see Configuring Coder Groups on page 375). The Coder Group configuration overrides the parameter. configure voip > media settings Determines the payload format of the AMR header. > amr-header-format  [0] = Non-standard multiple frames packing in a single RTP Version 7.2 Mediant 4000 SBC...
Page 792: Dtmf Parameters
Mediant 4000 SBC Parameter Description [AMRCoderHeaderFormat] frame. Each frame has a CMR and TOC header.  [1] = AMR frame according to RFC 3267 bundling.  [2] = AMR frame according to RFC 3267 interleaving.  [3] = AMR is passed using the AMR IF2 format.
Page 793: Rtp, Rtcp And T.38 Parameters
IP Profile. RFC 2198 Payload Type Defines the RTP redundancy packet payload type (according to RFC 2198). configure voip > media rtp-rtcp > RTP-redundancy-payload-type The valid value is 96 to 127. The default is 104. Version 7.2 Mediant 4000 SBC...
Page 794 Mediant 4000 SBC Parameter Description [RFC2198PayloadType] Note: The parameter is applicable only if the RTPRedundancyDepth parameter is set to 1. Packing Factor N/A. Controlled internally by the device according to the selected coder. [RTPPackingFactor] RFC 2833 TX Payload Type Defines the Tx RFC 2833 DTMF relay dynamic payload type for outbound calls.
Page 795 Defines the voice quality monitoring - minimum gap size (number of frames). [VQMonGMin] The default is 16. Burst Threshold Defines the voice quality monitoring - excessive burst alert threshold. [VQMonBurstHR] The default is -1 (i.e., no alerts are issued). Version 7.2 Mediant 4000 SBC...
Page 796: Sbc Parameters
Mediant 4000 SBC Parameter Description Delay Threshold Defines the voice quality monitoring - excessive delay alert threshold. [VQMonDelayTHR] The default is -1 (i.e., no alerts are issued). R-Value Delay Threshold Defines the voice quality monitoring - end of call low quality alert threshold.
Page 797 The device starts the timeout count [SBCAlertTimeout] upon receipt of a SIP 180 Ringing response from the called party. If no other SIP response (for example, 200 OK) is received thereafter within this timeout, the call is released. Version 7.2 Mediant 4000 SBC...
Page 798 Mediant 4000 SBC Parameter Description The valid range is 0 to 3600 seconds. the default is 600. configure voip > sbc settings > Defines the maximum number of concurrent SIP SUBSCRIBE num-of-subscribes sessions permitted on the device. [NumOfSubscribes] The valid value is any value between 0 and the maximum supported SUBSCRIBE sessions.
Page 799 User Registration database when a SIP INVITE configure voip > sbc settings > sbc- message is received for routing to a user. If the registered user db-route-mode is found (i.e., destination URI in INVITE), the device routes the [SBCDBRoutingSearchMode] Version 7.2 Mediant 4000 SBC...
Page 800 Mediant 4000 SBC Parameter Description call to the user's corresponding contact address specified in the database.  [0] All permutations = (Default) Device searches for the user in the database using the entire Request-URI (user@host). If not found, it searches for the user part of the Request-URI.
Page 801 [0] (default) = Authentication is done by the device (locally).  [1] = Authentication is done by the RFC 5090 compliant [SBCServerAuthMode] RADIUS server.  [2] = Authentication is done according to the Draft Sterman- Version 7.2 Mediant 4000 SBC...
Page 802 Mediant 4000 SBC Parameter Description aaa-sip-01 method. Note: Currently, option [1] is not supported. Lifetime of the nonce in seconds Defines the lifetime (in seconds) that the current nonce is valid for server-based authentication. The device challenges a configure voip > sbc settings >...
Page 803 10 (e.g., 12 – 4 = 8). However, the expiry time will be set to 10.  The expiry time received from the user can be changed by the device before forwarding it to the proxy. This is configured by the SBCUserRegistrationTime parameter. Version 7.2 Mediant 4000 SBC...
Page 804 Mediant 4000 SBC Parameter Description SBC Survivability Registration Time Defines the duration of the periodic registrations between the user and the device, when the device is in survivability state configure voip > sbc settings > sbc- (i.e., when REGISTER requests cannot be forwarded to the surv-rgstr-time proxy and are terminated by the device).
Page 805 SIP Interface (in the SIP Interfaces table), calls between endpoints belonging to the SIP Interface employ direct media.  For more information on No Media Anchoring, see ''Direct Version 7.2 Mediant 4000 SBC...
Page 806 Mediant 4000 SBC Parameter Description Media'' on page 426. Transcoding Mode Global parameter that defines the voice transcoding mode (media negotiation). You can also configure this functionality configure voip > sbc settings > per specific calls, using IP Profiles transcoding-mode (IpProfile_TranscodingMode).
Page 807 Configuring IP Profiles on page 384). Admission Control Table Admission Control Defines Call Admission Control (CAC) rules. configure voip > sbc sbc- The format of the ini file table parameter is as follows: admission-control [SBCAdmissionControl] [SBCAdmissionControl] FORMAT SBCAdmissionControl_Index = Version 7.2 Mediant 4000 SBC...
Page 808 Mediant 4000 SBC Parameter Description SBCAdmissionControl_AdmissionControlName, SBCAdmissionControl_LimitType, SBCAdmissionControl_IPGroupName, SBCAdmissionControl_SRDName, SBCAdmissionControl_SIPInterfaceName, SBCAdmissionControl_RequestType, SBCAdmissionControl_RequestDirection, SBCAdmissionControl_Limit, SBCAdmissionControl_LimitPerUser, SBCAdmissionControl_Rate, SBCAdmissionControl_MaxBurst, SBCAdmissionControl_Reservation; [\SBCAdmissionControl] For a description of the table, see ''Configuring Admission Control'' on page 451. Allowed Audio Coders Table Allowed Audio Coders Defines audio coders for the Allowed Audio Coders Group.
Page 809 > sbc routing ip2ip- The format of the ini file table parameter is as follows: routing [ IP2IPRouting ] [IP2IPRouting] FORMAT IP2IPRouting_Index = IP2IPRouting_RouteName, IP2IPRouting_RoutingPolicyName, IP2IPRouting_SrcIPGroupName, IP2IPRouting_SrcUsernamePrefix, IP2IPRouting_SrcHost, IP2IPRouting_DestUsernamePrefix, IP2IPRouting_DestHost, IP2IPRouting_RequestType, IP2IPRouting_MessageConditionName, IP2IPRouting_ReRouteIPGroupName, IP2IPRouting_Trigger, IP2IPRouting_CallSetupRulesSetId, IP2IPRouting_DestType, IP2IPRouting_DestIPGroupName, IP2IPRouting_DestSIPInterfaceName, Version 7.2 Mediant 4000 SBC...
Page 810 Mediant 4000 SBC Parameter Description IP2IPRouting_DestAddress, IP2IPRouting_DestPort, IP2IPRouting_DestTransportType, IP2IPRouting_AltRouteOptions, IP2IPRouting_GroupPolicy, IP2IPRouting_CostGroup, IP2IPRouting_DestTags, IP2IPRouting_SrcTags; [ \IP2IPRouting ] For a description of the table, see ''Configuring SBC IP-to-IP Routing Rules'' on page 464. Alternative Routing Reasons Table Alternative Routing Reasons Defines SBC alternative routing reason rules.
Page 811 For a description of the table, see ''Configuring Dial Plans'' on plan-rule page 495. [DialPlanRule] Note:  The table is hidden in the ini file.  To configure Dial Plan rules from a file, see ''Importing and Exporting Dial Plans'' on page 499. Version 7.2 Mediant 4000 SBC...
Page 812: Supplementary Services
Mediant 4000 SBC Parameter Description Malicious Signature Table Malicious Signature Defines the malicious signature patterns configure voip > sbc The format of the ini file table parameter is as follows: malicious-signature- [ MaliciousSignatureDB ] database FORMAT MaliciousSignatureDB_Index = [MaliciousSignatureDB] MaliciousSignatureDB_Name, MaliciousSignatureDB_Pattern;...
Page 813 [9] 9 = 3.00 dB/sec  [10] 10 = 3.50 dB/sec  [11] 11 = 4.00 dB/sec  [12] 12 = 4.50 dB/sec  [13] 13 = 5.00 dB/sec  [14] 14 = 5.50 dB/sec Version 7.2 Mediant 4000 SBC...
Page 814 Mediant 4000 SBC Parameter Description  [15] 15 = 6.00 dB/sec  [16] 16 = 7.00 dB/sec  [17] 17 = 8.00 dB/sec  [18] 18 = 9.00 dB/sec  [19] 19 = 10.00 dB/sec  [20] 20 = 11.00 dB/sec ...
Page 815 Note: If this functionality is configured for a specific IP Profile, the settings of this global parameter is ignored for calls associated with the IP Profile. [AMDTimeout] Defines the timeout (in msec) between receiving Connect messages from the Tel side and sending AMD results. Version 7.2 Mediant 4000 SBC...
Page 816: Services
Mediant 4000 SBC Parameter Description The valid range is 1 to 30,000. The default is 2,000 (i.e., 2 seconds). AMD Beep Detection Mode Determines the AMD beep detection mode. This mode detects the beeps played at the end of an answering machine configure voip >...
Page 817: Radius And Ldap Parameters
Local Users table. If no user is found (based on the username-password combination), it attempts to authenticate the user using the LDAP/RADIUS server. Behavior upon Authentication Defines the device's response when a connection timeout occurs Server Timeout with the LDAP/RADIUS server. Version 7.2 Mediant 4000 SBC...
Page 818: Radius Parameters
Mediant 4000 SBC Parameter Description  configure system > mgmt-auth [0] Deny Access = User is denied access to the management > timeout-behavior platform.  [1] Verify Access Locally = (Default) Device verifies the user's [MgmtBehaviorOnTimeout] credentials in its Local Users table (local database).
Page 819 RADIUS server. settings > local-cache- timeout The valid range is 1 to 0xFFFFFF. The default is 300 (5 minutes).  [RadiusLocalCacheTimeout] [-1] = Never expires.  [0] = Each request requires RADIUS authentication. Version 7.2 Mediant 4000 SBC...
Page 820: Ldap Parameters
Mediant 4000 SBC Parameter Description RADIUS VSA Access Level Defines the code that indicates the access level attribute in the Vendor Attribute Specific Attributes (VSA) section of the received RADIUS packet. configure system > radius The valid range is 0 to 255. The default is 35.
Page 821 LDAP Cache Service Enables the LDAP cache service.  configure system > ldap settings > [0] Disable (default) ldap-cache-enable  [1] Enable [LDAPCacheEnable] Note:  For the parameter to take effect, a device reset is required. Version 7.2 Mediant 4000 SBC...
Page 822 Mediant 4000 SBC Parameter Description  For more information on LDAP caching, see ''Configuring the Device's LDAP Cache'' on page 236. LDAP Servers Table LDAP Servers Defines LDAP servers. configure system > ldap ldap- The format of the ini file table parameter is as follows:...
Page 823: Least Cost Routing Parameters
Table 55-46: Call Setup Rules Parameters Parameter Description Call Setup Rules Defines Call Setup Rules that the device runs at call setup for LDAP- based routing and other advanced routing logic requirements including configure voip > message Version 7.2 Mediant 4000 SBC...
Page 824: Http-Based Services
Mediant 4000 SBC Parameter Description call-setup-rules manipulation. [CallSetupRules] [ CallSetupRules ] FORMAT CallSetupRules_Index = CallSetupRules_RulesSetID, CallSetupRules_AttributesToQuery, CallSetupRules_AttributesToGet, CallSetupRules_RowRole, CallSetupRules_Condition, CallSetupRules_ActionSubject, CallSetupRules_ActionType, CallSetupRules_ActionValue; [ \CallSetupRules ] For a description of the table, see ''Configuring Call Setup Rules'' on page 366. 55.13.5 HTTP-based Services The HTTP-based service parameters are described in the table below.
Page 825: Http Proxy Parameters
Services'' on page 270. HTTP Proxy Hosts Table HTTP Proxy Hosts Defines HTTP Proxy hosts. The table is a "child" of the HTTP Proxy Services table (HTTPProxyService). An HTTP Proxy Host represents configure network > Version 7.2 Mediant 4000 SBC...
Page 826 Defines an HTTP-based EMS Service so that the device can act as an HTTP Proxy that enables AudioCodes EMS to manage configure network > AudioCodes equipment (such as IP Phones) over HTTP when the http-proxy ems-serv equipment is located behind NAT (e.g., in the LAN) and EMS is [EMSService] located in a public domain (e.g., in the WAN).
Page 827: Channel Capacity
The figures listed in the table are accurate at the time of publication of this document. However, these figures may change due to a later software update. For the latest figures, please contact your AudioCodes sales representative. • Registered Users is the maximum number of users that can be registered with the device.
Page 828: Mediant 4000 Sbc
Mediant 4000 SBC 56.1 Mediant 4000 SBC The maximum number of supported SBC sessions is listed in ''Channel Capacity'' on page 827. The SBC sessions also support SRTP and RTCP XR. When DSP capabilities are required, the number of sessions that can use DSP capabilities is reduced, as shown in the table below.
Page 829: Mediant 4000B Sbc
(in voice channel), and Silence Compression. • Acoustic Echo Suppressor reduces performance by about 30%. For more information, contact your AudioCodes sales representative. • MPM is the optional, Media Processing Module that provides additional DSPs, allowing greater capacity.
Page 830 Mediant 4000 SBC This page is intentionally leftblank. User's Manual Document #: LTRT-41729...
Page 831: Technical Specifications
The device's technical specifications are listed in the table below. Note: • All specifications in this document are subject to change without prior notice. • The compliance and regulatory information can be downloaded from AudioCodes Web site at http://www.audiocodes.com/library. Table 57-1: Technical Specifications Function Specification...
Page 832 Direct Media (No Media Hair-pinning of local calls to avoid unnecessary media delays and bandwidth consumption Anchoring) Voice Quality Monitoring RTCP-XR, AudioCodes Session Experience Manager (SEM) High Availability SBC high availability with two-box redundancy, active calls (Redundancy) preserved Quality of Experience...
Page 833: Supported Sip Standards
Representing trunk groups in tel/sip URIs transparently) √ RFC 4733 RTP Payload for DTMF Digits √ (forwarded RFC 4715 Interworking of ISDN Sub Address to sip isub parameter transparently) √ (forwarded RFC 4582 The Binary Floor Control Protocol (BFCP) transparently) Version 7.2 Mediant 4000 SBC...
Page 834 Mediant 4000 SBC Description √ (forwarded draft- Revision of the Binary Floor Control Protocol (BFCP) for use over sandbakken- an unreliable transport transparently) dispatch-bfcp- udp-03 √ (forwarded draft-ietf- Session Description Protocol (SDP) Format for Binary Floor bfcpbis- Control Protocol (BFCP) Streams...
Page 835 A DNS RR for specifying the location of services √ RFC 2617 HTTP Authentication: Basic and Digest Access Authentication √ RFC 2327 √ (forwarded ECMA-355, QSIG tunneling ISO/IEC transparently) 22535 √ draft-mahy- Signaled Telephony Events in the Session Initiation Protocol sipping- signaled- Version 7.2 Mediant 4000 SBC...
Page 836: Sip Message Compliancy
Mediant 4000 SBC Description digits-01 √ (forwarded draft-mahy- The Calling Party's Category tel URI Parameter iptel-cpc-06 transparently) √ draft-levy-sip- Diversion Indication in SIP diversion-08 √ (forwarded draft-johnston- Transporting User to User Information for Call Centers using SIP sipping-cc-uui- transparently) √...
Page 837: Sip Headers
 Alert-Info  Allow  Also  Asserted-Identity  Authorization  Call-ID  Call-Info  Contact  Content-Disposition  Content-Encoding  Content-Length  Content-Type  Cseq  Date  Diversion  Expires   From Version 7.2 Mediant 4000 SBC...
Page 838 Mediant 4000 SBC  History-Info  Join  Max-Forwards  Messages-Waiting  MIN-SE  P-Associated-URI  P-Asserted-Identity  P-Charging-Vector  P-Preferred-Identity  Priority  Proxy- Authenticate  Proxy- Authorization  Proxy- Require  Prack  Reason  Record- Route ...
Page 839: Sdp Fields
6xx Response - Global Responses Table 57-6: Supported SIP Responses SIP Response Comments 1xx Response Trying The device generates this response upon receiving a Proceeding message from ISDN or immediately after placing a call for CAS Version 7.2 Mediant 4000 SBC...
Page 840 Mediant 4000 SBC SIP Response Comments signaling. Ringing The device generates this response for an incoming INVITE message. Upon receiving this response, the device waits for a 200 OK response. Call is Being The device doesn't generate these responses. However, the device Forwarded does receive them.
Page 841 This response is issued if there is no response from remote. Call The device doesn't generate this response. Upon receipt of this Leg/Transaction message and before a 200 OK has been received, the device Does Not Exist responds with an ACK and disconnects the call. Version 7.2 Mediant 4000 SBC...
Page 842 Mediant 4000 SBC SIP Response Comments Loop Detected The device doesn't generate this response. Upon receipt of this message and before a 200 OK has been received, the device responds with an ACK and disconnects the call. Too Many Hops The device doesn't generate this response.
Page 843 User's Manual 57. Technical Specifications SIP Response Comments Not Acceptable Version 7.2 Mediant 4000 SBC...
Page 844 International Headquarters AudioCodes Inc. 1 Hayarden Street, 27 World’s Fair Drive, Airport City Somerset, NJ 08873 Lod 7019900, Israel Tel: +1-732-469-0880 Tel: +972-3-976-4000 Fax: +1-732-469-2298 Fax: +972-3-976-4040 Contact us: www.audiocodes.com/info www.audiocodes.com Website: Document #: LTRT-41729...

AudioCodes Mediant 4000 SBC User Manual

1 Introduction

Getting Started with Initial Connectivity

2 Introduction

3 Default OAMP IP Address

4 Configuring Voip LAN Interface for OAMP

Management Tools

5 Introduction

6 Web-Based Management

7 CLI-Based Management

8 SNMP-Based Management

9 INI File-Based Management

General System Settings

10 Configuring SSL/TLS Certificates

11 Date and Time

General Voip Configuration

12 Network

13 Security

14 Media

15 Services

16 Quality of Experience

17 Control Network

18 SIP Definitions

19 Coders and Profiles

Session Border Controller Application

20 SBC Overview

Quick Links

Related Manuals for AudioCodes Mediant 4000 SBC

Summary of Contents for AudioCodes Mediant 4000 SBC