Page 1 User's Manual AudioCodes Series of Session Border Controllers (SBC) Mediant 4000 SBC Version 7.2...
Page 2 Please contact your local recycling authority for disposal of this product. Customer Support Customer technical support and services are provided by AudioCodes or by an authorized AudioCodes Service Partner. For more information on how to buy technical support for AudioCodes products contact...
Page 3 If any open source software is provided in object code, and its accompanying license requires that it be provided in source code as well, Buyer may receive such source code by contacting AudioCodes , by following the instructions available on AudioCodes website.
Page 4 Notice Mediant 4000 SBC | User's Manual Document Name CLI Wizard User's Guide Document Revision Record LTRT Description 41727 Initial document release for Version 7.2. 41729 ■ Updated patch version 7.20A.001. ■ Updated sections: Computer Requirements (supported browsers); CLI- Based Management (permitted user levels); Configuring TLS Certificate Contexts (TLS versions);...
Page 5 Notice Mediant 4000 SBC | User's Manual LTRT Description 41731 ■ Updated sections: Changing Index Position of Table Rows; Searching for Configuration Parameters; Configuring TLS Certificate Contexts (IPSec removed); Enabling the HTTP Proxy Application (license); Direct Media; Configuring SBC IP-to-IP Routing (IP Group load balancing);...
Page 6 Notice Mediant 4000 SBC | User's Manual LTRT Description ■ Updated parameters: TLSContexts_ServerCipherString; TLSContexts_ ClientCipherString; NATTranslation_SourceStartPort; NATTranslation_ SourceEndPort; NATTranslation_TargetStartPort; NATTranslation_ TargetEndPort; SNMPSysOid; SNMPTrapEnterpriseOid; EnableCoreDump (typo); HTTPSCipherString (removed); SSHAdminKey; SessionExpiresDisconnectTime; BrokenConnectionEventTimeout; RADIUSRetransmission (default); RadiusTO (default); SIPRecRouting_RecordedIPGroupName; SIPRecRouting_SRSIPGroupName. ■ New parameters: WebUsers_SSHPublicKey; TLSContexts_ DTLSVersion;...
Page 7 Notice Mediant 4000 SBC | User's Manual LTRT Description ■ Updated sections: Areas of the GUI (Configuration Wizard button); Enabling Disabling SNMP; Viewing Certificate Information (screen); Assigning Externally Created Private Keys to TLS Contexts (pass- phrase); Generating Private Keys for TLS Contexts (pass-phrase);...
Page 8 Notice Mediant 4000 SBC | User's Manual LTRT Description ■ Updated sections: Configuring the LDAP Search Filter Attribute (Web path); Enabling LDAP Searches for Numbers with Characters; Microsoft Skype for Business Presence of Third-Party Endpoints; Configuring the Device for Skype for Business Presence (example);...
Page 9 Notice Mediant 4000 SBC | User's Manual LTRT Description ■ New sections: Using Conditions for Starting a SIPRec Session; Using the Proprietary SIP X-AC-Action Header; Handling Registered AORs with Same Contact URIs; Configuring Dual Registration; Provisioning the Device using DHCP Option 160; Enabling SIP Call Flow Diagrams in OVOC ■...
Page 10 Notice Mediant 4000 SBC | User's Manual LTRT Description ■ Updated parameters: LdapServerGroups_ServerType (2); SIPInterface_AdditionalUDPPorts; IPGroup_AuthenticationMode; ProxySet_ProxyName (forward slash); IpProfile_TranscodingMode ; IP2IPRouting_DestType (note); IP2IPRouting_DestIPGroupName (note); SBCCDRFormat_FieldType (442, 635); TelnetServerEnable; DisableSNMP; EnableLanWatchDog (removed); CDRLocalMaxFileSize (name change, max.); CDRLocalMaxNumOfFiles (name change); CDRLocalInterval (name change);...
Page 11 Notice Mediant 4000 SBC | User's Manual LTRT Description ■ New Sections: Configuring Default DNS Servers; Configuring a DNS Server for HTTP Services; Configuring HTTP Proxy Servers; Configuring HTTP Locations; Configuring TCP/UDP Proxy Servers; Configuring Upstream Groups; Configuring Upstream Hosts;...
Page 12 Notice Mediant 4000 SBC | User's Manual LTRT Description ■ Updated Sections: Accessing the Web Interface (remember me); Configuring Additional Management Interfaces (CLI removed); Configuring TLS Server Certificate Expiry Check (acCertificateExpiryAlarm); Fax / Modem NSE Mode (removed); Configuring SIP Recording Rules; Building and Viewing SIP Entities in Topology View (access via logo);...
Page 13 Notice Mediant 4000 SBC | User's Manual LTRT Description ■ Updated Sections: TLS for SIP Clients (no reset); Configuring Physical Ethernet Ports; First Incoming Packet Mechanism; Configuring TLS for SIP; Enabling IDS (no reset); SIP-based Media Recording (RFC s updated); Enabling SIP-based Media Recording (removed); Configuring Proxy Sets;...
Page 14 Notice Mediant 4000 SBC | User's Manual LTRT Description ■ New Sections: Configuring a Static NAT IP Address for All Interfaces (returned) ■ Updated Parameters: WebUsers_Password (\); WebUsers_ SSHPublicKey; InterfaceTable_PrefixLength (31); InterfaceTable_ Gateway; IPGroup_AuthenticationMode; IPGroup_Username; IPGroup_Password; ProxySet_ProxyRedundancyMode (note); CallSetupRules_QueryType (ENUM address); CallSetupRules_ QueryTarget (ENUM);...
Page 15 Notice Mediant 4000 SBC | User's Manual LTRT Description ■ Updated parameters: CliScriptURL (typo); CLIStartupScriptUrl (typo); AccessList_Protocol ("sip" removed); IDSRule_Reason (CAC, exclusion of SIP cause codes); IPGroup_SIPConnect (options and descriptions); IPGroup_MethodList ("setup-invite"); IpProfile_ SBCRemote3xxBehavior (new options 3 and 4); IPProfile_ LocalRingbackTone (PRT userdefine);...
Page 16 Notice Mediant 4000 SBC | User's Manual LTRT Description ■ Updated sections: Accessing Files on Redundant Device from Active through SSH (note added); Areas of the GUI (password on toolbar and hostname); Assigning CSR-based Certificates to TLS Contexts; Assigning Externally Created Private Keys to TLS Contexts (Status field);...
Page 17 Notice Mediant 4000 SBC | User's Manual LTRT Description ■ New parameters: MatrixCsvFileUrl; IpProfile_ CreatedByRoutingServer; HTTPRemoteServices_LoginNeeded; HTTPRemoteServices_VerifyCertificateSubjectName; Test_Call_ OfferedCodersGroupName; Test_Call_ AllowedAudioCodersGroupName; Test_Call_AllowedCodersMode; Test_Call_MediaSecurityMode; Test_Call_PlayDTMFMethod; Test_ Call_MediaSecurityMode; QOESettings_ VerifyCertificateSubjectName; Hostname; HAMaintenanceIFDiffServValue; HAOperationalStateDelayInSec; ShortCallSeconds; SyslogLogLevel; CallEndCDRSIPReasonsFilter; CallEndCDRZeroDurationFilter; CLIEnableModePassword; CliObscuredPassword ■ Updated parameters: CallSetupRules_QueryType (HTTP POST Query / HTTP POST Notification);...
Page 18: Table Of Contents
Content Mediant 4000 SBC | User's Manual Table of Contents 1 Introduction Product Overview Typographical Conventions Getting Familiar with Configuration Concepts and Terminology SBC Application Part I Getting Started with Initial Connectivity 2 Introduction 3 Default IP Address 4 Configuring VoIP LAN Interface for OAMP...
Page 19 Content Mediant 4000 SBC | User's Manual Restoring the Default Corporate Logo Image Customizing the Browser Tab Label Customizing the Product Name Customizing the Favicon Creating a Login Welcome Message Configuring Additional Management Interfaces Configuring Management User Accounts Customizing Access Levels per Web Page...
Page 20 Content Mediant 4000 SBC | User's Manual Secured Encoded ini File Configuring Password Display in ini File INI Viewer and Editor Utility 10 REST-Based Management Part III General System Settings 11 Date and Time Configuring Automatic Date and Time using SNTP...
Page 21 Content Mediant 4000 SBC | User's Manual Configuring TLS Certificate Contexts Assigning CSR-based Certificates to TLS Contexts Viewing Certificate Information Assigning Externally Created Private Keys to TLS Contexts Generating Private Keys for TLS Contexts Creating Self-Signed Certificates for TLS Contexts...
Page 22 Content Mediant 4000 SBC | User's Manual Detecting Answering Machine Beeps SIP Call Flow Examples of Event Detection and Notification Answering Machine Detection (AMD) Configuring AMD Automatic Gain Control (AGC) Configuring Media (SRTP) Security SRTP using DTLS Protocol 16 Services...
Page 23 Gathering Location Information of Skype for Business Clients for 911 Calls Adding ELINs to the Location Information Server Passing Location Information to the PSTN Emergency Provider AudioCodes ELIN Device for Skype for Business E9-1-1 Calls to PSTN Detecting and Handling E9-1-1 Calls Pre-empting Existing Calls for E9-1-1 Calls...
Page 24 Content Mediant 4000 SBC | User's Manual Configuring SBC IP-to-IP Routing Rule for E9-1-1 Viewing the ELIN Table Microsoft Skype for Business Presence of Third-Party Endpoints Configuring Skype for Business Server for Presence Configuring the Device for Skype for Business Presence...
Page 25 Content Mediant 4000 SBC | User's Manual Configuring User Information Enabling the User Information Table Configuring SBC User Information Configuring SBC User Information Table through Web Interface Configuring SBC User Information Table through CLI Configuring SBC User Information Table from a Loadable File...
Page 26 Content Mediant 4000 SBC | User's Manual Prioritizing Coder List in SDP Offer SRTP-RTP and SRTP-SRTP Transcoding Multiple RTP Media Streams per Call Session Interworking Miscellaneous Media Handling Interworking DTMF Methods Interworking RTP Redundancy Interworking RTP-RTCP Multiplexing Interworking RTCP Attribute in SDP...
Page 27 Content Mediant 4000 SBC | User's Manual Configuring Specific UDP Ports using Tag-based Routing Configuring a Routing Response Timeout Configuring SIP Response Codes for Alternative Routing Reasons Configuring SBC Routing Policy Rules Configuring IP Group Sets 26 SBC Manipulations Configuring IP-to-IP Inbound Manipulations...
Page 28 Content Mediant 4000 SBC | User's Manual Part VII High-Availability System 31 HA Overview Connectivity and Synchronization between Devices Device Switchover upon Failure Viewing HA Status on Monitor Web Page 32 HA Configuration Initial HA Configuration Network Topology Types and Rx/Tx Ethernet Port Group Settings...
Page 29 Content Mediant 4000 SBC | User's Manual Loading Auxiliary Files through CLI Deleting Auxiliary Files Call Progress Tones File Prerecorded Tones File AMD Sensitivity File User Info File 38 License Key Viewing the License Key Obtaining License Key for Initial Activation...
Page 30 Content Mediant 4000 SBC | User's Manual Automatic Update Configuration Examples Automatic Update for Single Device Automatic Update from Remote Servers Automatic Update for Mass Deployment 41 SBC Configuration Wizard Starting the SBC Configuration Wizard General Setup Page System Page...
Page 31 Content Mediant 4000 SBC | User's Manual Viewing Active IP Interfaces Viewing Ethernet Device Status Viewing Ethernet Port Information Viewing Static Routes Status Viewing IDS Active Blacklist Viewing Data Network Performance Monitoring 50 Viewing Hardware Status Viewing Hardware Components Status...
Page 32 Content Mediant 4000 SBC | User's Manual 55 Enabling SIP Call Flow Diagrams in OVOC 56 Enabling Same Call Session ID over Multiple Devices 57 Testing SIP Signaling Calls Configuring Test Call Endpoints Starting and Stopping Test Calls Viewing Test Call Status...
Page 33 Content Mediant 4000 SBC | User's Manual SSH Parameters IDS Parameters OCSP Parameters Proxy, Registration and Authentication Parameters Network Application Parameters General SIP Parameters Channel Parameters Voice Parameters Coder Parameters DTMF Parameters RTP, RTCP and T.38 Parameters Fax and Modem Parameters...
Page 34: Introduction
CHAPTER 1 Introduction Mediant 4000 SBC | User's Manual Introduction This User's Manual describes how to configure and manage your AudioCodes Mediant 4000 SBC (hereafter, referred to as device). Product Overview AudioCodes Mediant 4000 Session Border Controller (SBC), hereafter referred to as device, is a mid-to-high scale capacity member of AudioCodes’...
Page 35: Getting Familiar With Configuration Concepts And Terminology
CHAPTER 1 Introduction Mediant 4000 SBC | User's Manual Convention Description Example Text enclosed by Indicates values that you need to enter In the 'IP Address' field, double (type) in the Web interface. enter "10.10.1.1". apostrophes "..." Courier font Indicates CLI commands or ini-based file At the CLI prompt, type configuration.
Page 36 CHAPTER 1 Introduction Mediant 4000 SBC | User's Manual Configuration Description Terms Proxy Set The Proxy Set defines the actual address (IP address or FQDN) of SIP entities that are servers (e.g., IP PBX). As the IP Group represents the SIP entity, to associate an address with the SIP entity, the Proxy Set is assigned to the IP Group.
Page 37 CHAPTER 1 Introduction Mediant 4000 SBC | User's Manual Configuration Description Terms IP Profile The IP Profile is an optional configuration entity that defines a wide range of call settings for a specific SIP entity (IP Group). The IP Profile includes...
Page 38 CHAPTER 1 Introduction Mediant 4000 SBC | User's Manual Configuration Description Terms Routing Policy Routing Policy logically groups routing and manipulation (inbound and outbound) rules to a specific SRD. It also enables Least Cost Routing (LCR) for routing rules and associates an LDAP server for LDAP-based routing.
Page 39 CHAPTER 1 Introduction Mediant 4000 SBC | User's Manual The device determines the SIP Interface on which the incoming SIP dialog is received and thus, determines its associated SRD. The device classifies the dialog to an IP Group (origin of dialog), using a specific Classification rule that is associated with the dialog's SRD and that matches the incoming characteristics of the incoming dialog defined for the rule.
Page 40: Part I
Part I Getting Started with Initial Connectivity...
Page 41: Introduction
CHAPTER 2 Introduction Mediant 4000 SBC | User's Manual Introduction This part describes how to initially access the device's management interface and change its default IP address to correspond with your networking scheme. - 8 -...
Page 42: Default Ip Address
CHAPTER 3 Default IP Address Mediant 4000 SBC | User's Manual Default IP Address The device is shipped with a factory default networking address for operations, administration, maintenance, and provisioning (OAMP), through its LAN interface, as shown in the table below.
Page 43: Configuring Voip Lan Interface For Oamp
CHAPTER 4 Configuring VoIP LAN Interface for OAMP Mediant 4000 SBC | User's Manual Configuring VoIP LAN Interface for OAMP You can change the device's default OAMP IP address, using any of the following methods: ■ Embedded HTTP/S-based Web server (see Web Interface) ■...
Page 44: Changing Oamp Address Through Cli
CHAPTER 4 Configuring VoIP LAN Interface for OAMP Mediant 4000 SBC | User's Manual In the 'Username' and 'Password' fields, enter the case-sensitive, default login username ("Admin") and password ("Admin"). Click Log In. Configure the Ethernet port(s) that you want to use for the OAMP interface: In the Ethernet Groups table, configure an Ethernet Group by assigning it up to two ports (two ports provide optional, port-pair redundancy).
Page 45 CHAPTER 4 Configuring VoIP LAN Interface for OAMP Mediant 4000 SBC | User's Manual ➢ To configure the OAMP IP address through CLI: Connect the RS-232 port of the device to the serial communication port on your computer. For more information, refer to the Hardware Installation Manual.
Page 46: Changing Oamp Address Through Ini File
CHAPTER 4 Configuring VoIP LAN Interface for OAMP Mediant 4000 SBC | User's Manual (config-network)# interface network-if 0 (network-if-0)# Configure the IP address: (network-if-0)# ip-address <IP address> Configure the prefix length: (network-if-0)# prefix-length <prefix length / subnet mask, e.g., 16> Configure the Default Gateway address: (network-if-0)# gateway <IP address>...
Page 47 CHAPTER 4 Configuring VoIP LAN Interface for OAMP Mediant 4000 SBC | User's Manual Access the device using the new OAMP interface address. - 14 -...
Page 48: Management Tools
Part II Management Tools...
Page 49: Introduction
CHAPTER 5 Introduction Mediant 4000 SBC | User's Manual Introduction This part describes the various management tools that you can use to configure the device: ■ Embedded HTTP/S-based Web server - see Web-based Management ■ Embedded Command Line Interface (CLI) - see CLI-Based Management ■...
Page 50: Web-Based Management
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Web-Based Management The device provides an embedded Web server (hereafter referred to as Web interface), supporting fault management, configuration, accounting, performance, and security (FCAPS). The Web interface provides a user-friendly, graphical user interface (GUI), which can be accessed using any standard Web browser.
Page 51: Areas Of The Gui
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual In the 'Username' and 'Password' fields, enter the username and password, respectively. If you want the Web browser to remember your username, select the 'Remember Me' check box and then agree to the browser's prompt (depending on your browser). On your next login attempt, the 'Username' field is automatically populated with your username.
Page 52 CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Table 6-1: Description of the Web GUI Areas Item# Description Company logo. To customize the logo, see Replacing the Corporate Logo. If you click the logo, the Topology View page opens (see...
Page 53 CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Item# Description ✔ Configuration Wizard: Opens the SBC Configuration Wizard, which is used for quick-and-easy configuration of the device (see SBC Configuration Wizard). Alarm bell icon displaying the number of active alarms generated by the device. The color of the number indicates the highest severity of an active alarm.
Page 54: Accessing Configuration Pages From Navigation Tree
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Item# Description ✔ IP Network tab ✔ Signaling & Media tab ✔ Administration tab ■ Monitor menu: Monitor tab ■ Troubleshoot menu: Troubleshoot tab SRD filter. When your configuration includes multiple SRDs, you can filter tables in the Web interface by SRD.
Page 55 CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual ● Signaling & Media tab ● Administration tab ■ Monitor menu: Monitor tab ■ Troubleshoot menu: Troubleshoot tab When you open the Navigation tree, folders containing commonly required items are opened by default, allowing quick access to their pages.
Page 56: Configuring Stand-Alone Parameters
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Depending on the access level (e.g., Monitor level) of your Web user account, certain pages may not be accessible or may be read-only (see Configuring Management User Accounts). For read-only privileges: ●...
Page 57: Configuring Table Parameters
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Click Yes to confirm; the changes are save to flash memory. ● If a device reset is required: On the toolbar, click Reset; the Maintenance Actions page opens. Click Reset; the device saves the changes to flash memory and then resets.
Page 58: Adding Table Rows
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Item# Button Description Adds a new row to the table (see Adding Table Rows). Modifies the selected row (see Modifying Table Rows). Adds a new row with similar settings as the selected row (i.e., clones the row).
Page 59: Assigning Rows From Other Tables
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual If the Save button is surrounded by a red border, you must save your settings to flash memory, otherwise they are discarded if the device resets (without a save to flash) or powers off.
Page 60: Modifying Table Rows
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual The table (e.g., IP Groups table) and dialog box in which the Add new option was selected is minimized to the bottom-left corner of the Web interface and a dialog box appears for adding a new row in the referenced-table (e.g., Proxy Sets table).
Page 61: Invalid Value Indications
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Click Yes, Delete; the row is removed from the table and the total number of configured rows that is displayed next to the page title and page item in the Navigation tree is updated to reflect the deletion.
Page 62 CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual ■ Parameters that reference rows of other configuration tables that are configured with invalid values: If a row has a parameter that references a row of another table that has a...
Page 63: Viewing Table Rows
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual If you assign a non-mandatory parameter with a referenced row and then later delete the referenced row (in the table in which the row is configured), the parameter's value auto- matically changes to an empty field (i.e., no row assigned). Therefore, make sure that you are aware of this and if necessary, assign a different referenced row to the para- meter.
Page 64: Changing Index Position Of Table Rows
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual To sort the column in descending order, click the column name again; only the down arrow is displayed in a darker shade of color, indicating that the column is sorted in descending order: Changing Index Position of Table Rows You can change the position (index) of rows in tables.
Page 65: Searching For Configuration Parameters
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Table 6-4: Table Search Tool Description Item# Description 'Specify Columns' drop-down list for selecting the table column (parameter) in which to do the search. By default, the search is done in all columns.
Page 66: Getting Help
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual The search key can include only alphanumerics, periods, and spaces. The use of other characters are invalid. ➢ To search for a parameter: In the search box, enter the search key (parameter name or value).
Page 67: Customizing The Web Interface
SDP "o" line (see the SIPSDPSessionOwner parameter), and Subject header (see the SIPSubject parameter). Replacing the Corporate Logo You can replace the default corporate logo image (i.e., AudioCodes logo) that is displayed in the Web interface. The logo appears in the following Web areas: ■...
Page 68: Replacing The Corporate Logo With An Image
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual You can replace the logo with one of the following: ■ A different image (see Replacing the Corporate Logo with an Image) ■ Text (see Replacing the Corporate Logo with Text) Replacing the Corporate Logo with an Image You can replace the default corporate logo with a different image.
Page 69: Restoring The Default Corporate Logo Image
You can customize the label that appears on the tab of the Web browser that you use to open the device's Web interface. By default, the tab displays "AudioCodes". You can change this to display either the IP address of the device or any customized text.
Page 70: Customizing The Product Name
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual If you have never configured the WebLogoText parameter, you can omit it from the ini file. If you have configured it before, then set it to an empty value, as shown above.
Page 71: Customizing The Favicon
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual UseProductName = 1 UserProductName = < name > Load the ini file using the Auxiliary Files page (see Loading Auxiliary Files). Reset the device with a save-to-flash for your settings to take effect.
Page 72: Creating A Login Welcome Message
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Click Cmd Shell. In the 'Command Line' field, type the following, and then click Enter: CTACI FAVICON Creating a Login Welcome Message You can create a personalized welcome message that is displayed on the Web Login screen. The message always begins with the title "Note"...
Page 73: Configuring Additional Management Interfaces
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Configuring Additional Management Interfaces The Additional Management Interfaces table lets you configure up to 16 management interfaces, in addition to the OAMP management interface configured in the IP Interfaces table. Multiple management interfaces lets you remotely access the device's management interfaces (see note below) through different IP addresses.
Page 74: Configuring Management User Accounts
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Parameter Description ■ Only Control- and/or Media-type IP network interfaces can be associated with additional management interfaces. ■ An IP network interface can be associated with only one additional management interface.
Page 75 CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Numeric User Level Representation Privileges in RADIUS Note: Only Master users can delete Master users. If only one Master user exists, it can be deleted only by itself. Administrator Read-write privileges for all Web pages, except security- related pages (including the Local Users table) where this user has read-only privileges.
Page 76 CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual The following procedure describes how to configure user accounts through the Web interface. You can also configure it through ini file [WebUsers] or CLI (configure system > user). ➢ To configure management user accounts: Open the Local Users table (Setup menu >...
Page 77 CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Parameter Description ■ For security, password characters are not shown in the Web interface and ini file. In the Web interface, they are displayed as dots when you enter the password and then once applied, the password is displayed as an asterisk (*) in the table.
Page 78 CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Parameter Description ■ Valid = User can log in to the Web interface as normal. ■ Failed Login = The state is automatically set for users that exceed a user-defined number of failed login attempts, set by...
Page 79 CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Parameter Description Note: After logging in with your new password, you must save your settings, by clicking the Save button on the Web interface's toolbar. If not, the next time you attempt to log in, you will be prompted again to change the expired password.
Page 80: Customizing Access Levels Per Web Page
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Parameter Description The valid value is 0 to 100000, where 0 means that the user can do as many login failures without getting blocked. The default is according to the settings of the 'Deny Authentication Timer'...
Page 81 CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Page Name Read-Write Access Level Read-Only Access Level Description Firewall Security Administrator Monitor Assigns read- write privileges to Security Administrator users for the Firewall page. As this is the highest user...
Page 82: Displaying Login Information Upon Login
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Configure the rule according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 6-9: Customize Access Level Table Parameter Descriptions Parameter...
Page 83: Viewing Logged-In User Information
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual Once enabled, each time you login to the device, the Login Information window is displayed, as shown in the example below: To close the window, click Close. Viewing Logged-In User Information The username of the currently logged in user is displayed in the top-right corner of the Web interface.
Page 84: Changing Login Password By All User Levels
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual You can only perform the configuration described in this section if you are a management user with Security Administrator level or Master level. For more information, see Configuring Management User Accounts.
Page 85: Configuring Secured (Https) Web
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual ● Users with Security Administrator level or Master level can also change passwords for themselves and for other user levels in the Local Users table (see Configuring Management User Accounts). ●...
Page 86: Configuring Csrf Protection
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual ➢ To configure secure (HTTPS) Web access: Open the Web Settings page (Setup menu > Administration tab > Web & CLI folder > Web Settings). Under the General group, configure the following: From the 'Secured Web Connection (HTTPS)' drop-down list, select HTTPS Only.
Page 87: Configuring Web And Telnet Access List
CHAPTER 6 Web-Based Management Mediant 4000 SBC | User's Manual ➢ To log in to the Web interface using CAC: Insert the Common Access Card into the card reader. Enter the password only. As some browsers require that the username be provided, it’s recommended to enter the username with an arbitrary value.
Page 88: Cli-Based Management
CHAPTER 7 CLI-Based Management Mediant 4000 SBC | User's Manual CLI-Based Management This chapter provides an overview of the CLI-based management and provides configuration relating to CLI management. ● By default, CLI is disabled for security purposes. ● The CLI provides two access modes - Basic mode (basic commands) and Privileged mode (all commands).
Page 89: Enabling Ssh With Rsa Public Key For Cli
CHAPTER 7 CLI-Based Management Mediant 4000 SBC | User's Manual Enabling SSH with RSA Public Key for CLI Unless configured for TLS, Telnet is not secure as it requires passwords to be transmitted in clear text. To overcome this, you can use Secure SHell (SSH) which is the de-facto standard for secure CLI.
Page 90: Configuring Maximum Telnet/Ssh Sessions
CHAPTER 7 CLI-Based Management Mediant 4000 SBC | User's Manual On the CLI Settings page, do the following: From the 'Enable SSH Server' drop-down list, select Enable. For additional security, you can configure the 'Public Key' field to Enable. This ensures that SSH access is only possible by using the RSA key and not by username and password.
Page 91: Establishing A Cli Session
CHAPTER 7 CLI-Based Management Mediant 4000 SBC | User's Manual ● Before changing the setting, make sure that not more than the number of sessions that you want to configure are currently active; otherwise, the new setting will not take effect.
Page 92: Viewing Current Cli Sessions
CHAPTER 7 CLI-Based Management Mediant 4000 SBC | User's Manual > enable At the prompt, type the password again, and then press Enter: Password: Admin Viewing Current CLI Sessions You can view users that are currently logged in to the device's CLI. This applies to users logged in to the CLI through RS-232 (console), Telnet, or SSH.
Page 93: Configuring Displayed Output Lines In Cli Terminal Window
CHAPTER 7 CLI-Based Management Mediant 4000 SBC | User's Manual Configuring Displayed Output Lines in CLI Terminal Window You can configure the maximum number of lines (height) displayed in the terminal window for the output of CLI commands (Telnet and SSH). The number of displayed lines can be from 0 to 65,535, or determined by re-sizing the terminal window by mouse-dragging the window's border.
Page 94: Configuring Password Display In Cli
CHAPTER 7 CLI-Based Management Mediant 4000 SBC | User's Manual Configuring Password Display in CLI You can enable the deviceto display passwords in the CLI's show running-config output in encrypted (obscured) format instead of in plain text. When passwords are displayed encrypted, the word "obscured"...
Page 95: Snmp-Based Management
Mediant 4000 SBC | User's Manual SNMP-Based Management The device provides an embedded SNMP agent that lets you manage it using AudioCodes One Voice Operations Center (OVOC) or a third-party SNMP manager. The SNMP agent supports standard and proprietary Management Information Base (MIBs). All supported MIB files are supplied to customers as part of the release.
Page 96 CHAPTER 8 SNMP-Based Management Mediant 4000 SBC | User's Manual Configure SNMP community strings for access privileges: ● Under the Read Only Community Strings group, configure read-only community strings (see the table below). ● Under the Read/Write Community Strings group, configure read-write community strings (see the table below).
Page 97: Configuring Snmp Trap Destinations With Ip Addresses
CHAPTER 8 SNMP-Based Management Mediant 4000 SBC | User's Manual Parameter Description The default is "public". For ini file configuration, x is 0 for the 'Read-Only 1' parameter. Read-Write Community Strings Defines read-write SNMP community strings. Up to five read-write community configure system >...
Page 98 CHAPTER 8 SNMP-Based Management Mediant 4000 SBC | User's Manual Configure the SNMP trap manager according to the table below. Select the check boxes corresponding to the configured SNMP managers that you want to enable. Click Apply. ● Rows whose corresponding check boxes are cleared revert to default settings when you click Apply.
Page 99: Configuring An Snmp Trap Destination With Fqdn
CHAPTER 8 SNMP-Based Management Mediant 4000 SBC | User's Manual Parameter Description 'Trap Enable' Activates the sending of traps to the SNMP Manager. [SNMPManagerTrapSendingEnable_ ■ [0] Disable ■ [1] Enable (default) Configuring an SNMP Trap Destination with FQDN Instead of configuring SNMP trap destinations (managers) with IP addresses in dotted-decimal...
Page 100: Enabling Snmp Traps For Web Activity
CHAPTER 8 SNMP-Based Management Mediant 4000 SBC | User's Manual Configure an IP address (in dotted-decimal notation) for one or more SNMP Trusted Managers. Select the check boxes corresponding to the configured SNMP Trusted Managers that you want to enable. Click Apply, and then reset the device with a save-to-flash for your settings to take effect.
Page 101 CHAPTER 8 SNMP-Based Management Mediant 4000 SBC | User's Manual Configure the SNMP V3 parameters according to the table below. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Table 8-3: SNMPv3 Users Table Parameters Description...
Page 102: Customizing Snmp Alarm Severity
CHAPTER 8 SNMP-Based Management Mediant 4000 SBC | User's Manual Parameter Description 'Privacy Key' Privacy key. Keys can be entered in the form of a text password or long hex string. Keys are always persisted as long hex strings and keys are priv-key localized.
Page 103 CHAPTER 8 SNMP-Based Management Mediant 4000 SBC | User's Manual Configure a rule according to the parameters described in the table below. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Table 8-4: Alarms Customization Parameter Descriptions...
Page 104 CHAPTER 8 SNMP-Based Management Mediant 4000 SBC | User's Manual Parameter Description ✔ If configured to any value other than Suppressed, the device always sends the alarm with the configured severity (regardless of condition). ■ [1] Indeterminate ■ [2] Warning ■...
Page 105 CHAPTER 8 SNMP-Based Management Mediant 4000 SBC | User's Manual Parameter Description ✔ To suppress the sending of a specific alarm severity: If the alarm has multiple severity levels (based on conditions), configure the 'Original Severity' parameter to the severity that you don't want the device to send.
Page 106: Ini File-Based Management
CHAPTER 9 INI File-Based Management Mediant 4000 SBC | User's Manual INI File-Based Management You can configure the device through an ini file, which is a text-based file with an *.ini file extension name, created using any standard text-based editor such as Notepad. Once you have created an ini file with all your configuration settings, you need to install (load) it to the device to apply the configuration.
Page 107 CHAPTER 9 INI File-Based Management Mediant 4000 SBC | User's Manual ● A Data line must end with a semicolon ";". ■ End-of-Table Mark: Indicates the end of the table. The same string used for the table’s title, preceded by a backslash "\", e.g., [\MY_TABLE_NAME].
Page 108: General Ini File Formatting Rules
CHAPTER 9 INI File-Based Management Mediant 4000 SBC | User's Manual Do not include read-only parameters in the table ini file parameter. This can cause an error when loading the file to the device. General ini File Formatting Rules The ini file must adhere to the following formatting rules: ■...
Page 109: Loading An Ini File To The Device
HTTP. These protocols are not secure and are vulnerable to potential hackers. To overcome this security threat, the AudioCodes DConvert utility allows you to binary-encode (encrypt) the ini file before loading it to the device. For more information, refer to the DConvert Utility User's Guide.
Page 110: Ini Viewer And Editor Utility
CHAPTER 9 INI File-Based Management Mediant 4000 SBC | User's Manual ● When you load an ini file to the device containing obscured passwords, the passwords are parsed and applied to the device. ● When you load an ini file to the device containing hidden passwords, the passwords are ignored.
Page 111: Rest-Based Management
CHAPTER 10 REST-Based Management Mediant 4000 SBC | User's Manual REST-Based Management You can manage the device through the Representational State Transfer (REST) architecture. REST is a Web-based access service, allowing you to access the device's management interface over HTTP/S. Developers can use the device's REST API to integrate the device into their solution and allow administrators to perform management and configuration tasks through automation scripts.
Page 112 CHAPTER 10 REST-Based Management Mediant 4000 SBC | User's Manual ● If you know the URL of the resource, instead of accessing each resource menu, you can access it directly using the full URL path (e.g., /api/v1/alarms/active). ● For more information on REST API, refer to the document, REST API for Mediant Devices.
Page 113: General System Settings
Part III General System Settings...
Page 114: Date And Time
CHAPTER 11 Date and Time Mediant 4000 SBC | User's Manual Date and Time The date and time of the device can be configured manually or it can be obtained automatically from a Simple Network Time Protocol (SNTP) server. Configuring Automatic Date and Time using SNTP...
Page 115: Configuring Date And Time Manually
CHAPTER 11 Date and Time Mediant 4000 SBC | User's Manual If the device does not receive a response from the NTP server, it polls the NTP server for 10 minutes. If there is still no response after this duration, the device declares the NTP server as unavailable and raises an SNMP alarm (acNTPServerStatusAlarm).
Page 116: Configuring Daylight Saving Time
CHAPTER 11 Date and Time Mediant 4000 SBC | User's Manual In the 'UTC Offset' fields (NTPServerUTCOffset), configure the time offset in relation to the UTC. For example, if your region is GMT +1 (an hour ahead), enter "1" in the 'Hours' field.
Page 117: Configuring A Hostname For The Device
The device's SNMP interface's SysName object (under MIB-2) is set to the hostname. ■ TLS certificates used by the device for HTTPS-based communication with AudioCodes OVOC are issued with a hostname (instead of an IP address). For certificate signing requests (CSR) with a Certification Authority (CA), the hostname is used as the Common Name (CN or Subject Name) and Subject Alternative Name (SAN).
Page 118: General Voip Configuration
Part IV General VoIP Configuration...
Page 119: Network
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Network This section describes network-related configuration. Building and Viewing your Network Topology The Network view lets you easily build and view your voice network topology entities, including IP network interfaces, Ethernet Devices (VLANs), Ethernet Groups, and physical Ethernet ports. The Topology view graphically displays these entities and the associations between them, giving you a better understanding of your network topology and configuration.
Page 120 CHAPTER 13 Network Mediant 4000 SBC | User's Manual Item Description The IP Interface appears as an icon, displaying the application type ("OCM" for OAMP, "C" for Control, and "M" for Media), row index number, name, and IP address, as shown...
Page 121 CHAPTER 13 Network Mediant 4000 SBC | User's Manual Item Description Configure the Ethernet Devices as desired, and then click Apply; the Ethernet Devices table closes and you are returned to the Network View, displaying the newly added Ethernet Device. For more information on configuring Ethernet Devices, see...
Page 122: Configuring Physical Ethernet Ports
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Item Description The connectivity status of the port is indicated by the color of the icon: ■ Green: Network connectivity exists through port (port connected to network). ■ Red: No network connectivity through port (e.g., cable disconnected).
Page 123 CHAPTER 13 Network Mediant 4000 SBC | User's Manual ● The device provides two MAC addresses for the LAN ports which are allocated as follows: a MAC address for ports GE_1 through GE_4, and a MAC address for ports GE_5 through GE_8.
Page 124: Configuring Ethernet Port Groups
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Parameter Description [PhysicalPortsTable_ Mode] 'Speed and Duplex' Defines the speed and duplex mode of the port. ■ [0] 10BaseT Half Duplex speed-duplex [PhysicalPortsTable_ ■ [1] 10BaseT Full Duplex SpeedDuplex] ■ [2] 100BaseT Half Duplex ■...
Page 125 CHAPTER 13 Network Mediant 4000 SBC | User's Manual You can assign Ethernet ports to IP network interfaces. This is done by first configuring an Ethernet Device with the required Ethernet Group containing the port or ports (see Configuring Underlying Ethernet Devices).
Page 126 CHAPTER 13 Network Mediant 4000 SBC | User's Manual Table 13-3: Ethernet Groups Table Parameter Descriptions Parameter Description 'Index' (Read-only) Displays the index number for the table row. 'Name' (Read-only) Displays the Ethernet Group number. group [EtherGroupTable_ Group] 'Mode' Defines the mode of operation of the ports in the Ethernet Group. This applies only to Ethernet Groups containing two ports.
Page 127: Configuring Underlying Ethernet Devices
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Configuring Underlying Ethernet Devices The Ethernet Devices table lets you configure up to 1,024 Ethernet Devices. An Ethernet Device represents a Layer-2 bridging device and is assigned a VLAN ID and an Ethernet Group (Ethernet port group).
Page 128 CHAPTER 13 Network Mediant 4000 SBC | User's Manual Configure an Ethernet Device according to the parameters described in the table below. Click Apply. Table 13-4: Ethernet Devices Table Parameter Descriptions Parameter Description 'Index' Defines an index number for the new table row.
Page 129: Configuring Ip Network Interfaces
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Tagged = (Default for new Ethernet Devices) The Ethernet Device accepts packets that have the same VLAN ID as the Ethernet Device and sends packets with this VLAN ID. For all...
Page 130 CHAPTER 13 Network Mediant 4000 SBC | User's Manual The device is shipped with a default OAMP interface (see Default IP Address). The IP Interfaces table lets you change this OAMP interface and configure additional network interfaces for control and media, if necessary. You can configure up to 1,024 interfaces, consisting of up to 1,023 Control and Media interfaces including a Maintenance interface if your device is deployed in a High Availability (HA) mode, and 1 OAMP interface.
Page 131 CHAPTER 13 Network Mediant 4000 SBC | User's Manual ■ Multiple Control- and Media-type IP interfaces can be configured with overlapping IP addresses and subnets. ■ The prefix length replaces the dotted-decimal subnet mask presentation and must have a value of 0-30 for IPv4 addresses, and a value of 64 for IPv6 addresses.
Page 132 CHAPTER 13 Network Mediant 4000 SBC | User's Manual Configure the IP network interface according to the parameters described in the table below. Click Apply. ● If you modify the OAMP interface's address, after clicking Apply you will lose connectivity with the device and need to access the device with the new address.
Page 133 CHAPTER 13 Network Mediant 4000 SBC | User's Manual Parameter Description [InterfaceTable_ ■ [0] OAMP = Operations, Administration, Maintenance ApplicationTypes] and Provisioning (OAMP) applications (e.g., Web, Telnet, SSH, and SNMP). ■ [1] Media = Media (i.e., RTP streams of voice). ■...
Page 134: Networking Configuration Examples
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Parameter Description 'Prefix Length' Defines the prefix length of the related IP address. This is a Classless Inter-Domain Routing (CIDR)-style prefix-length representation of a dotted-decimal subnet notation. The [InterfaceTable_PrefixLength] CIDR-style representation uses a suffix indicating the number of bits which are set in the dotted-decimal format.
Page 135 CHAPTER 13 Network Mediant 4000 SBC | User's Manual Inter- Prefix Inde- Applic- Eth- Default Name face Lengt- ation Type ernet Address Gateway Mode Device myInterfac OAMP + IPv4 192.168.0. 192.168.0. Media + Manual Control Two routes are configured in the Static Routes table for directing traffic for subnet 201.201.0.0/16 to 192.168.11.10, and all traffic for subnet 202.202.0.0/16 to 192.168.11.1:...
Page 136 CHAPTER 13 Network Mediant 4000 SBC | User's Manual Pre- Applic- Inter- Ind- Eth- Default Name ation face IP Address ernet Leng- Gateway Type Mode Device Mgmt OAMP IPv4 192.168.0.2 192.168.0. Manual MediaCntrl1 Media + IPv4 200.200.85.14 200.200.8 Control Manual MediaCntrl2...
Page 137: Configuring Static Ip Routes
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Inter- Prefix Inde- Applic- Eth- Default Name face IP Address Lengt- ation Type ernet Gateway Mode Device Mgmt OAMP IPv4 192.168.0.2 192.168.0.1 Manual CntrlMedi Media & IPv4 200.200.85.1 200.200.85. Control Manual Configuring the following static routing rules in the Static Routes table enables OAMP applications to access peers on subnet 17.17.0.0 through the Default Gateway 192.168.10.1...
Page 138 CHAPTER 13 Network Mediant 4000 SBC | User's Manual Configure a static route according to the parameters described in the table below. The address of the host/network you want to reach is determined by an AND operation that is applied to the fields 'Destination' and 'Prefix Length'.
Page 139: Configuration Example Of Static Ip Routes
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Parameter Description ■ IPv6: 0 to 128 'Ethernet Output Associates an IP network interface through which the static route's Device' Gateway is reached. The association is done by assigning the parameter the same Ethernet Device that is assigned to the IP network device-name interface in the IP Interfaces table ('Ethernet Device' parameter).
Page 140: Troubleshooting The Static Routes Table
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Troubleshooting the Static Routes Table When adding a new static route to the Static Routes table, the added rule passes a validation test. If errors are found, the static route is rejected and not added to the table. Failed static route validations may result in limited connectivity (or no connectivity) to the destinations specified in the incorrect static route.
Page 141: Device Located Behind Nat
CHAPTER 13 Network Mediant 4000 SBC | User's Manual The design of SIP creates a problem for VoIP traffic to pass through NAT. SIP uses IP addresses and port numbers in its message body. However, the NAT server is unable to modify the SIP messages and thus, can’t change local addresses to global addresses.
Page 142 CHAPTER 13 Network Mediant 4000 SBC | User's Manual ➢ To configure NAT translation rules: Open the NAT Translation table (Setup menu > IP Network tab > Core Entities folder > NAT Translation). Click New; the following dialog box appears: Configure a NAT translation rule according to the parameters described in the table below.
Page 143: Remote Ua Behind Nat
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Parameter Description 'Target Start Port' Defines the optional starting port range (0-65535) of the global address. If not configured, the ports are not replaced. Matching target-start- source ports are replaced with the target ports. This address is set in port the SIP Via and Contact headers and in the 'o=' and 'c=' SDP fields.
Page 144: Media (Rtp/Rtcp/T.38)
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Media (RTP/RTCP/T.38) When a remote UA initiates a call and is not located behind a NAT server, the device sends the media (RTP, RTCP, and T.38) packets to the remote UA using the IP address:port (UDP) indicated in the SDP body of the SIP message received from the UA.
Page 145 CHAPTER 13 Network Mediant 4000 SBC | User's Manual No-Op Packets The device can send No-Op packets to verify Real-Time Transport Protocol (RTP) and T.38 connectivity, and to keep NAT bindings and Firewall pinholes open. The No-Op packets can be sent in RTP and T.38 formats: ■...
Page 146 CHAPTER 13 Network Mediant 4000 SBC | User's Manual These addresses:ports (local, STUN, TURN and any other network address) of the client are termed "candidates". Each client sends its' candidates to the other in the SDP body of the INVITE message. Peers then perform connectivity checks per candidate of the other peer, using STUN binding requests sent on the RTP and RTCP ports.
Page 147: Robust Receipt Of Media Streams By Media Latching
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Robust Receipt of Media Streams by Media Latching The device's Robust Media feature (or media latching) filters out unwanted media (RTP, RTCP, SRTP, SRTCP, and T.38) streams that are sent to the same port number of the device. Media ports may receive additional multiple unwanted media streams (from multiple sources of traffic) as result of traces of previous calls, call control errors, or deliberate malicious attacks (e.g., Denial of...
Page 148: Configuring Quality Of Service
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Click Apply, and then save your settings to flash memory. Configuring Quality of Service This section describes how to configure Layer-2 and Layer-3 Quality of Service (QoS). Configuring Class-of-Service QoS The QoS Settings page lets you configure Layer-3 Class-of-Service Quality of Service (QoS). This configures Differentiated Services (DiffServ) values for each CoS.
Page 149 CHAPTER 13 Network Mediant 4000 SBC | User's Manual Class-of-Service Application Traffic / Network Types (Priority) T.38 traffic Media Media Premium Control Control Premium SIP over TLS (SIPS) Control Control Premium Syslog Management Bronze SNMP Traps Management Bronze DNS client Varies according to DNS settings:...
Page 150: Configuring Diffserv-To-Vlan Priority Mapping
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Parameter Description Note: You can also configure the the parameter per IP Profile (IpProfile_IPDiffServ) or Tel Profile (TelProfile_IPDiffServ). 'Control Premium QoS' Defines the DiffServ value for Premium Control CoS content (Call Control applications).
Page 151: Configuring Icmp Messages
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Configure a DiffServ-to-VLAN priority mapping rule according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 13-10:QoS Mapping Table Parameter Descriptions Parameter...
Page 152: Dns
CHAPTER 13 Network Mediant 4000 SBC | User's Manual ● To enable sending and receipt of ICMP Redirect messages, configure the 'Send and Received ICMP Redirect Messages' [DisableICMPRedirects] parameter to Enable. ● To enable sending of ICMP Destination Unreachable messages, configure the 'Don't Send ICMP Unreachable Messages' [DisableICMPUnreachable] parameter to Disable.
Page 153: Configuring The Internal Dns Table
CHAPTER 13 Network Mediant 4000 SBC | User's Manual In the 'Default Primary DNS Server IP' field, configure the address of the default primary DNS server. In the 'Default Secondary DNS Server IP' field, configure the address of the default secondary DNS server.
Page 154: Configuring The Internal Srv Table
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Click Apply. Table 13-11:Internal DNS Table Parameter Description Parameter Description 'Index' Defines an index number for the new table row. Note: Each row must be configured with a unique index. 'Domain Name' Defines the host name to be translated.
Page 155 CHAPTER 13 Network Mediant 4000 SBC | User's Manual Configure an SRV rule according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 13-12:Internal SRV Table Parameter Descriptions Parameter Description General 'Index' Defines an index number for the new table row.
Page 156: Ip Multicasting
CHAPTER 13 Network Mediant 4000 SBC | User's Manual Parameter Description 'Weight (1-3)' Defines a relative weight for records with the same priority. By default, no value is defined. weight-1|2|3 [Srv2Ip_ Weight1/2/3] 'Port (1-3)' Defines the TCP or UDP port on which the service is to be found.
Page 157: Security
CHAPTER 14 Security Mediant 4000 SBC | User's Manual Security This section describes the VoIP security-related configuration. Configuring SSL/TLS Certificates The TLS Contexts table lets you configure X.509 certificates which are used for secure management of the device, secure SIP transactions, and other security applications.
Page 158 CHAPTER 14 Security Mediant 4000 SBC | User's Manual ■ Online Certificate Status Protocol (OCSP). Some Public-Key Infrastructures (PKI) can revoke a certificate after it has been issued. You can configure the device to check whether a peer's certificate has been revoked, using the OCSP. When OCSP is enabled, the device queries the OCSP server for revocation information whenever a peer certificate is received (TLS client mode, or TLS server mode with mutual authentication).
Page 159 CHAPTER 14 Security Mediant 4000 SBC | User's Manual Configure the TLS Context according to the parameters described in the table below. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Table 14-1: TLS Contexts Parameter Descriptions...
Page 160 CHAPTER 14 Security Mediant 4000 SBC | User's Manual Parameter Description ■ [1] DTLSv1.0 ■ [2] DTLSv1.2 For more information on WebRTC, see WebRTC. 'Cipher Server' Defines the supported cipher suite for the TLS server (in OpenSSL cipher list format). ciphers-server...
Page 161: Assigning Csr-Based Certificates To Tls Contexts
CHAPTER 14 Security Mediant 4000 SBC | User's Manual Parameter Description [TLSContexts_ OcspServerSecondary] 'OCSP Port' Defines the OCSP server's TCP port number. The default port is 2560. ocsp-port [TLSContexts_ OcspServerPort] 'OCSP Default Response' Determines whether the device allows or rejects peer certificates if it cannot connect to the OCSP server.
Page 162 CHAPTER 14 Security Mediant 4000 SBC | User's Manual Click the Create CSR button; a textual certificate signing request is displayed in the area below the button: Copy the text and send it to your security provider (CA) to sign this request.
Page 163: Viewing Certificate Information
CHAPTER 14 Security Mediant 4000 SBC | User's Manual ● The certificate replacement process can be repeated whenever necessary (e.g., when the new certificate expires). ● You can also load the certificate through the device's Automatic Provisioning mechanism, using the [HTTPSCertFileName] parameter.
Page 164: Assigning Externally Created Private Keys To Tls Contexts
CHAPTER 14 Security Mediant 4000 SBC | User's Manual Assigning Externally Created Private Keys to TLS Contexts The following procedure describes how to assign an externally created private key to a TLS Context. ➢ To assign an externally created private key to a TLS Context: Obtain a private key in either textual PEM (PKCS #7) or PFX (PKCS #12) format (typically provided by your security administrator).
Page 165: Generating Private Keys For Tls Contexts
CHAPTER 14 Security Mediant 4000 SBC | User's Manual Open the TLS Contexts table (see Configuring TLS Certificate Contexts). In the table, select the required TLS Context index row, and then click the Change Certificate link located below the table; the Change Certificates page appears.
Page 166: Creating Self-Signed Certificates For Tls Contexts
CHAPTER 14 Security Mediant 4000 SBC | User's Manual From the 'Private Key Size' drop-down list, select the desired private key size (in bits) for RSA public-key encryption for newly self-signed generated keys: ● ● ● 1024 (default) ● 2048 ●...
Page 167: Importing Certificates Into Trusted Root Certificate Store
CHAPTER 14 Security Mediant 4000 SBC | User's Manual Under the Certificate Signing Request group, in the 'Common Name [CN]' field, enter the fully-qualified DNS name (FQDN) as the certificate subject. Alternatively (or in addition), if you want to generate a self-signed SAN certificate (with multiple subject alternate names), then from the 'Subject Alternative Name [SAN]' drop-down list, select the type of SAN (e-mail address, DNS hostname, URI, or IP address), and then enter the relevant value.
Page 168: Configuring Mutual Tls Authentication
CHAPTER 14 Security Mediant 4000 SBC | User's Manual You can also import multiple TLS root certificates in bulk from a single file. Each certificate in the file must be Base64 encoded (PEM). When copying-and-pasting the certificates into the file, each Base64 ASCII encoded certificate string must be enclosed between "-----BEGIN CERTIFICATE---...
Page 169: Tls For Sip Clients
CHAPTER 14 Security Mediant 4000 SBC | User's Manual TLS for SIP Clients When Secure SIP (SIPS) is implemented using TLS, it is sometimes required to use two-way (mutual) authentication between the device and a SIP user agent (client). When the device acts as the TLS server in a specific connection, the device demands the authentication of the SIP client’s...
Page 170: Configuring Tls Server Certificate Expiry Check
CHAPTER 14 Security Mediant 4000 SBC | User's Manual When a user connects to the secured Web interface of the device: ■ If the user has a client certificate from a CA that is listed in the Trusted Root Certificate file, the connection is accepted and the user is prompted for the system password.
Page 171 Protocol: Any ✔ Action Upon Match: Block ● If the device needs to communicate with AudioCodes OVOC, you must also add rules to allow incoming traffic from OVOC. For more information, see Configuring Firewall Rules to Allow Incoming OVOC Traffic on page 142.
Page 172 CHAPTER 14 Security Mediant 4000 SBC | User's Manual Configure a firewall rule according to the parameters described in the table below. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Table 14-2: Firewall Table Parameter Descriptions...
Page 173 CHAPTER 14 Security Mediant 4000 SBC | User's Manual Parameter Description 'Start Port' Defines the first UDP/TCP port in the range of ports on the device on which the incoming packet is received. From the perspective of the remote IP start-port entity, this is the destination port.
Page 174 CHAPTER 14 Security Mediant 4000 SBC | User's Manual Parameter Description 'Packet Size' Defines the maximum allowed packet size. The valid range is 0 to 65535. packet- size Note: When filtering fragmented IP packets, this field relates to the overall [AccessList_ (re-assembled) packet size, and not to the size of each fragment.
Page 175: Configuring Firewall Rules To Allow Incoming Ovoc Traffic
Rule 5: Blocks all other traffic. Configuring Firewall Rules to Allow Incoming OVOC Traffic If the device needs to communicate with AudioCodes OVOC, you need to configure the device's firewall (Firewall table) with the below "allow" firewall rules to permit incoming traffic from OVOC.
Page 176: Configuring Tls For Sip
CHAPTER 14 Security Mediant 4000 SBC | User's Manual Acti- Pre- Pac- Byt- Sou- Spe- Inter- Sour- Pro- Upo- Index cific face ce IP Len- tocol Siz- Port Inter- Name Mat- face <OV Enabl <inter- Allo (HTT OC IP face addre con- ss>...
Page 177 CHAPTER 14 Security Mediant 4000 SBC | User's Manual ● When a TLS connection with the device is initiated by a SIP client, the device also responds using TLS, regardless of whether or not TLS was configured. ● The device regulates the number of new concurrent TLS connections that can be established per second.
Page 178: Intrusion Detection System
CHAPTER 14 Security Mediant 4000 SBC | User's Manual Intrusion Detection System The device's Intrusion Detection System (IDS) feature detects malicious attacks on the device and reacts accordingly. A remote host is considered malicious if it has reached or exceeded a user- defined threshold (counter) of specified malicious attacks.
Page 179: Configuring Ids Policies
CHAPTER 14 Security Mediant 4000 SBC | User's Manual Click Apply. Configuring IDS Policies An IDS Policy is configured using two tables with "parent-child" type relationship: ■ IDS Policies table ("parent"): Defines a name and provides a description for the IDS Policy.
Page 180 CHAPTER 14 Security Mediant 4000 SBC | User's Manual Click Apply. Table 14-5: IDS Policies Table Parameter Descriptions Parameter Description 'Index' Defines an index number for the new table row. Note: Each row must be configured with a unique index. policy...
Page 181 CHAPTER 14 Security Mediant 4000 SBC | User's Manual Parameter Description [IDSRule_RuleID] 'Reason' Defines the type of intrusion attack (malicious event). ■ [0] Any = All events listed below are considered as attacks and reason are counted together. [IDSRule_Reason] ■ [1] Connection abuse = (Default) Connection failures, which includes the following: ✔...
Page 182 CHAPTER 14 Security Mediant 4000 SBC | User's Manual Parameter Description ✔ Requests and responses without a matching transaction user (except ACK requests) ✔ Requests and responses without a matching transaction (except ACK requests) 'Threshold Scope' Defines the source of the attacker to consider in the device's detection count.
Page 183: Assigning Ids Policies
CHAPTER 14 Security Mediant 4000 SBC | User's Manual Parameter Description 'Deny Period' Defines the duration (in sec) to keep the attacker on the blacklist, if configured using the 'Deny Threshold' parameter. deny-period The valid range is 0 to 1,000,000. The default is -1 (i.e., not [IDSRule_DenyPeriod] configured).
Page 184 CHAPTER 14 Security Mediant 4000 SBC | User's Manual Parameter Description [IDSMatch_SIPInterface] The valid value is the ID of the SIP Interface. The following syntax is supported: ■ A comma-separated list of SIP Interface IDs (e.g., 1,3,4) ■ A hyphen "-" indicates a range of SIP Interfaces (e.g., 3,4-7 means IDs 3, and 4 through 7) ■...
Page 185: Viewing Ids Alarms
CHAPTER 14 Security Mediant 4000 SBC | User's Manual Viewing IDS Alarms For the IDS feature, the device sends the following SNMP traps: ■ Traps that notify the detection of malicious attacks: ● acIDSPolicyAlarm: The device sends this alarm whenever a threshold of a specific IDS Policy rule is crossed.
Page 186 CHAPTER 14 Security Mediant 4000 SBC | User's Manual The device also sends IDS notifications and alarms in Syslog messages to a Syslog server. This occurs only if you have configured Syslog (see Enabling Syslog). An example of a Syslog message...
Page 187: Configuring Sip Response Codes To Exclude From Ids
CHAPTER 14 Security Mediant 4000 SBC | User's Manual Reason Description Syslog String Abnormal Flow Requests and responses without a matching flow-no-match-tu transaction user (except ACK requests) Requests and responses without a matching flow-no-match-transaction transaction (except ACK requests) Configuring SIP Response Codes to Exclude from IDS You can specify SIP response codes (reject reasons) that you want the IDS mechanism to ignore in its' count as reasons for SIP-dialog establishment failures.
Page 188: Media
CHAPTER 15 Media Mediant 4000 SBC | User's Manual Media This section describes media-related configuration. Configuring Voice Settings The section describes various voice- related configuration such as voice volume, silence suppression, and DTMF transport type. For a detailed description of these parameters, see Configuration Parameters Reference.
Page 189 CHAPTER 15 Media Mediant 4000 SBC | User's Manual The device also supports acoustic echo cancellation for SBC calls. These echoes are composed of undesirable acoustical reflections (non-linear) of the received signal (i.e., from the speaker) which find their way from multiple reflections such as walls and windows into the transmitted signal (i.e., microphone).
Page 190: Fax And Modem Capabilities
CHAPTER 15 Media Mediant 4000 SBC | User's Manual 'Max Reference Delay' (AcousticEchoSuppMaxRefDelayx10ms) - defines the ◆ acoustic echo suppressor maximum reference delay Open the IP Profiles table, and configure the 'Echo Canceller' parameter to Acoustic (see Configuring IP Profiles). Enable the Forced Transcoding feature (using the TranscodingMode parameter) to allow the device to use DSP channels, which are required for acoustic echo cancellation.
Page 191: Fax/Modem Transport Modes
CHAPTER 15 Media Mediant 4000 SBC | User's Manual ■ Voice-band data (VBD) mode for V.152 implementation (see V.152 Support): fax/modem capabilities are negotiated between the device and the remote endpoint at the establishment of the call. During a call, when a fax/modem signal is detected, transition from voice to VBD (or T.38) is automatically performed and no additional SIP signaling is required.
Page 192 CHAPTER 15 Media Mediant 4000 SBC | User's Manual Switching to T.38 Mode using SIP Re-INVITE In the Switching to T.38 Mode using SIP Re-INVITE mode, upon detection of a fax signal the terminating device negotiates T.38 capabilities using a Re-INVITE message. If the far-end device doesn't support T.38, the fax fails.
Page 193: G.711 Fax / Modem Transport Mode
Call Parties belong to AudioCodes Devices: T.38-over-RTP method is used, whereby the device encapsulates the entire T.38 packet (payload with all its headers) in the sent RTP. For T.38 over RTP, AudioCodes devices use the proprietary identifier "AcUdptl" in the 'a=ftmp' line of the SDP. For example: o=AudioCodesGW 1357424688 1357424660 IN IP4 10.8.6.68...
Page 194: Fax Fallback
CHAPTER 15 Media Mediant 4000 SBC | User's Manual After a few seconds upon detection of fax V.21 preamble or super G3 fax signals, the device sends a second Re-INVITE enabling the echo canceller (the echo canceller is disabled only on modem transmission).
Page 195 ● When the remote (non-AudioCodes) gateway uses the G.711 coder for voice and doesn’t change the coder payload type for fax or modem transmission, it is recommended to use the Bypass mode with the following configuration: ✔...
Page 196: Fax / Modem Nse Mode
G.711 packets with standard payload type (8 for G.711 A-Law and 0 for G.711 Mu-Law). In this mode, no Re-INVITE messages are sent. The voice channel is optimized for fax/modem transmission (same as for usual bypass mode). The following parameters that configure the payload type for the AudioCodes proprietary Bypass mode used...
Page 197: Fax / Modem Transparent Mode
CHAPTER 15 Media Mediant 4000 SBC | User's Manual ● Set the 'Fax Transport Mode' parameter to Events Only (FaxTransportMode = 3). ● Set the 'V.21 Modem Transport Type' parameter to Events Only (V21ModemTransportType = 3). ● Set the 'V.22 Modem Transport Type' parameter to Events Only (V22ModemTransportType = 3).
Page 198: Rfc 2833 Ans Report Upon Fax/Modem Detection
CHAPTER 15 Media Mediant 4000 SBC | User's Manual RFC 2833 ANS Report upon Fax/Modem Detection The device (terminator gateway) sends RFC 2833 ANS/ANSam events upon detection of fax and/or modem answer tones (i.e., CED tone). This causes the originator to switch to fax/modem.
Page 199: Relay Mode For T.30 And V.34 Faxes
CHAPTER 15 Media Mediant 4000 SBC | User's Manual Configure the [V34FaxTransportType] parameter to [2] (Bypass). ➢ To use bypass mode for V.34 faxes, and T.38 for T.30 faxes: On the Fax/Modem/CID Settings page, do the following: ● Set the 'Fax Transport Mode' parameter to T.38 Relay [FaxTransportMode = 1].
Page 200 CHAPTER 15 Media Mediant 4000 SBC | User's Manual ➢ To enable support for V.34 fax relay (T.38) at SG3 speed: In the IP Profiles table (see Configuring IP Profiles), configure an IP Profile with the 'Fax Signaling Method' parameter (IpProfile_IsFaxUsed) set to T.38 Relay.
Page 201: V.152 Support
CHAPTER 15 Media Mediant 4000 SBC | User's Manual c=IN IP4 10.8.6.55 t=0 0 m=audio 6010 RTP/AVP 18 97 a=rtpmap:18 G729/8000 a=fmtp:18 annexb=no a=rtpmap:97 telephone-event/8000 a=fmtp:97 0-15 a=ptime:20 a=sendrecv m=image 6012 udptl t38 a=T38FaxVersion:3 a=T38MaxBitRate:33600 a=T38FaxMaxBuffer:1024 a=T38FaxMaxDatagram:122 a=T38FaxRateManagement:transferredTCF a=T38FaxUdpEC:t38UDPRedundancy V.152 Support The device supports the ITU-T recommendation V.152 (Procedures for Supporting Voice-Band...
Page 202: Configuring Rtp/Rtcp Settings
CHAPTER 15 Media Mediant 4000 SBC | User's Manual Configuring RTP/RTCP Settings This section describes configuration relating to Real-Time Transport Protocol (RTP) and RTP Control Protocol (RTCP). Configuring the Dynamic Jitter Buffer Voice frames are transmitted at a fixed rate. If the frames arrive at the other end at the same rate, voice quality is perceived as good.
Page 203: Configuring Rfc 2833 Payload
CHAPTER 15 Media Mediant 4000 SBC | User's Manual ➢ To configure jitter buffer using the Web interface: Open the RTP/RTCP Settings page (Setup menu > Signaling & Media menu > Media folder > RTP/RTCP Settings). The relevant parameters are listed under the General group, as...
Page 204: Configuring Invalid Rtp/Rtcp Packet Handling
CHAPTER 15 Media Mediant 4000 SBC | User's Manual <BaseUDPPort parameter value> to 65,535 Where, number of channels is the maximum number of purchased channels for the device (included in the installed License Key). For example: If you configure the BaseUDPPort parameter to 6000, the port range is 6000 to 65,535.
Page 205: Event Detection And Notification Using X-Detect Header
CHAPTER 15 Media Mediant 4000 SBC | User's Manual Event Detection and Notification using X-Detect Header The device can detect certain events in the media stream and notify of their detection to a remote application server, using the SIP X-Detect header. The request for event notification is done by the application server when establishing a SIP dialog (i.e., INVITE message) or during an already...
Page 206: Detecting Answering Machine Beeps
CHAPTER 15 Media Mediant 4000 SBC | User's Manual Event Subtype Description and Required Configuration Type ■ Silence (no voice) ■ Unknown ■ Beep (greeting message of answering machine) ■ Busy Event detection of tones using the CPT file. Create a CPT file with the required tone types of the ■...
Page 207: Sip Call Flow Examples Of Event Detection And Notification
CHAPTER 15 Media Mediant 4000 SBC | User's Manual Type= AMD SubType= Beep ■ CPT-detected Beep: Type= CPT SubType=Beep SIP Call Flow Examples of Event Detection and Notification Two SIP call flow examples are provided below of event detection and notification: ■...
Page 208 CHAPTER 15 Media Mediant 4000 SBC | User's Manual Content-Length: 34 Type= PTT SubType= SPEECH-START Upon detection of the end of voice (i.e., end of the greeting message of the answering machine), the device sends the following INFO message to the application server: INFO sip:sipp@172.22.2.9:5060 SIP/2.0...
Page 209: Answering Machine Detection (Amd)
You will be typically required to provide AudioCodes with a database of recorded voices (calls) in the language on which the device's AMD feature can base its voice detector algorithms.
Page 210 Once you have provided AudioCodes with your database of recordings, AudioCodes compiles it into a loadable file. For a brief description of the file format and for installing the file on the device, AMD Sensitivity File.
Page 211: Configuring Amd
CHAPTER 15 Media Mediant 4000 SBC | User's Manual AMD Detection Sensitivity Performance Level 90.42% 91.64% 90.66% 91.30% 94.72% 76.14% (Best for Live Calls) Table 15-3: Approximate AMD High Detection Sensitivity - Parameter Suite 1 (Based on North Amer- ican English)
Page 212: Automatic Gain Control (Agc)
CHAPTER 15 Media Mediant 4000 SBC | User's Manual ➢ To configure AMD for all calls: Open the DSP Settings page (Setup menu > Signaling & Media tab > Media folder > DSP Settings): From the 'IPMedia Detectors' drop-down list (EnableDSPIPMDetectors), select Enable .
Page 213: Configuring Media (Srtp) Security
CHAPTER 15 Media Mediant 4000 SBC | User's Manual Configure the following AGC parameters: ● 'Enable AGC' [EnableAGC] - Enables the AGC mechanism. ● 'AGC Slope' [AGCGainSlope] - Determines the AGC convergence rate. ● 'AGC Redirection' [AGCRedirection] - Determines the AGC direction.
Page 214 CHAPTER 15 Media Mediant 4000 SBC | User's Manual ● The device can forward MKI size transparently for SRTP-to-SRTP media flows or override the MKI size during negotiation (inbound or outbound leg). The key lifetime field is not supported. However, if it is included in the key it is ignored and the call does not fail.
Page 215: Srtp Using Dtls Protocol
CHAPTER 15 Media Mediant 4000 SBC | User's Manual From the 'Media Security' drop-down list (EnableMediaSecurity), select Enable to enable SRTP. From the 'Offered SRTP Cipher Suites' drop-down list (SRTPofferedSuites), select the supported cipher suite. Configure the other SRTP parameters as required.
Page 216 CHAPTER 15 Media Mediant 4000 SBC | User's Manual DTLS cipher suite reuses the TLS cipher suite. The DTLS handshake is done for every new call configured for DTLS. In other words, unlike TLS where the connection remains "open" for future calls, a new DTLS connection is required for every new call.
Page 217: Services
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Services This section describes configuration for various supported services. DHCP Server Functionality The device can serve as a Dynamic Host Configuration Protocol (DHCP) server that assigns and manages IP addresses from a user-defined address pool for DHCP clients. The DHCP server can also be configured to supply additional information to the requesting client such as the IP address of the TFTP server, DNS server, NTP server, and default router (gateway).
Page 218 CHAPTER 16 Services Mediant 4000 SBC | User's Manual DHCP Option Code DHCP Option Name Option 42 Network Time Protocol Server Option 2 Time Offset Option 66 TFTP Server Name Option 67 Boot file Name Option 120 SIP Server Once you have configured the DHCP server, you can configure the following: ■...
Page 219 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configure a DHCP server according to the parameters described in the table below. Click Apply. Table 16-2: DHCP Servers Table Parameter Descriptions Parameter Description General 'Index' Defines an index number for the new table row.
Page 220 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description 'DNS Server 2' Defines the IP address (IPv4) of the secondary DNS server that the DHCP server assigns to the DHCP client. The value is sent in dns-server-2 DHCP Option 6 (Domain Name Server).
Page 221 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description 'Boot File Name' Defines the name of the boot file image for the DHCP client. The boot file stores the boot image for the client. The boot image is boot-file-name...
Page 222: Configuring The Vendor Class Identifier
The VCI is a string that identifies the vendor and functionality of a DHCP client to the DHCP server. For example, Option 60 can show the unique type of hardware (e.g., "AudioCodes 440HD IP Phone") or firmware of the DHCP client. The DHCP server can then differentiate between DHCP clients and process their requests accordingly.
Page 223: Configuring Additional Dhcp Options
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description 'Vendor Class Identifier' Defines the value of the VCI DHCP Option 60. The valid value is a string of up to 80 characters. By default, no vendor-class value is defined.
Page 224 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Table 16-4: DHCP Option Table Parameter Descriptions Parameter Description 'Index' Defines an index number for the new table row. Note: Each row must be configured with a unique dhcp option index. [DhcpOption_Index]...
Page 225: Configuring Static Ip Addresses For Dhcp Clients
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description ■ <IP>: Replaced by the IP address assigned by the DHCP server to the client. For example, the parameter can be set to: http://192.168.3.155:5000/provisioning/cfg_ <IP>.txt 'Expand Value' Enables the use of the special placeholder strings, "<MAC>"...
Page 226: Viewing And Deleting Dhcp Clients
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Table 16-5: DHCP Static IP Table Parameter Descriptions Parameter Description 'Index' Defines an index number for the new table row. Note: Each row must be configured with a unique index. dhcp static- ip <index>...
Page 227: Sip-Based Media Recording
CHAPTER 16 Services Mediant 4000 SBC | User's Manual ➢ To view or delete DHCP clients: Open the DHCP Servers table (see Configuring the DHCP Server). Select the row of the desired DHCP server for which you want to view DHCP clients, and then click the DHCP Clients link located below the table;...
Page 228 CHAPTER 16 Services Mediant 4000 SBC | User's Manual ● The SIP-based Media Recording feature is available only if the device is installed with a License Key that includes this feature. The License Key specifies the maximum number of supported SIP recording sessions. For installing a License...
Page 229 CHAPTER 16 Services Mediant 4000 SBC | User's Manual The device can send recorded SBC calls to multiple SRSs. To achieve this, you can configure up to three groups of SRSs, where each group can contain one SRS (standalone), or two SRSs operating in an active-standby (1+1) mode for SRS redundancy.
Page 230 CHAPTER 16 Services Mediant 4000 SBC | User's Manual ● The device can send recordings (media) to up to three active SRSs. In other words, any one of the following configurations are supported: ✔ Up to three standalone (active) SRSs. ✔...
Page 231 CHAPTER 16 Services Mediant 4000 SBC | User's Manual You can configure the format of the recording metadata (i.e., based on RFC 7865 or "legacy") that is generated by the device. For more information, see Configuring Format of SIPRec Metadata on page 203.
Page 232 CHAPTER 16 Services Mediant 4000 SBC | User's Manual ■ Legacy XML metadata: <?xml version="1.0" encoding="UTF-8"?> <recording xmlns='urn:ietf:params:xml:ns:recording'> <datamode>complete</datamode> <group id="00000000-0000-0000-0000-00003a36c4e3"> <associate-time>2010-01-24T01:11:57Z</associate-time> </group> <session id="0000-0000-0000-0000-00000000d0d71a52"> <group-ref>00000000-0000-0000-0000-00003a36c4e3</group-ref> <start-time>2010-01-24T01:11:57Z</start-time> <ac:AvayaUCID xmlns="urn:ietf:params:xml:ns:Avaya">FA080030C4E34B5B9E59</ac:AvayaUCID> </session> <participant id="1056" session="0000-0000-0000-0000-00000000d0d71a52"> <nameID aor="1056@192.168.241.20"></nameID> <associate-time>2010-01-24T01:11:57Z</associate-time> <send>00000000-0000-0000-0000-1CF23A36C4E3</send> <recv>00000000-0000-0000-0000-BF583A36C4E3</recv> </participant> <participant id="182052092" session="0000-0000-0000-0000-00000000d0d71a52">...
Page 233: Configuring Sip Recording Rules
CHAPTER 16 Services Mediant 4000 SBC | User's Manual </participant> <stream stream_id="mBfiAAAAAL1hFQENAPA=" session_id="OWc4Md2PHao="> <label>1</label> </stream> <stream stream_id="hBfiAAAAAL1hFQENAPA=" session_id="OWc4Md2PHao="> <label>2</label> </stream> <sessionrecordingassoc session_id="OWc4Md2PHao="> <associate-time>2018-04-17T09:35:41</associate-time> </sessionrecordingassoc> <participantsessionassoc participant_id="MjAw" session_id="OWc4Md2PHao="> <associate-time>2018-04-17T09:35:41</associate-time> </participantsessionassoc> <participantsessionassoc participant_id="MTAw" session_id="OWc4Md2PHao="> <associate-time>2018-04-17T09:35:41</associate-time> </participantsessionassoc> <participantstreamassoc participant_id="MjAw"> <send>mBfiAAAAAL1hFQENAPA=</send> <recv>hBfiAAAAAL1hFQENAPA=</recv> </participantstreamassoc> <participantstreamassoc participant_id="MTAw">...
Page 234 CHAPTER 16 Services Mediant 4000 SBC | User's Manual The following configuration records calls made by IP Group "ITSP" to IP Group "IP-PBX" that have the destination number prefix "1800". The device records the calls from the leg interfacing with IP Group "IP PBX" (peer) and sends the recorded media to IP Group "SRS-1". SRS redundancy has also been configured, where IP Group "SRS-1"...
Page 235: Using Conditions For Starting A Siprec Session
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description You can use special patterns (notations) to denote the recorded-dst-prefi number or URI. For example, if you want to match this rule [SIPRecRouting_ to user parts whose last four digits (i.e., suffix) are 4 followed RecordedDestinationPrefix] by any three digits (e.g., 4008), then configure this parameter...
Page 236: Configuring Format Of Siprec Metadata
CHAPTER 16 Services Mediant 4000 SBC | User's Manual For this feature, you can use only the following keywords for the syntax of the Message Condition rule: ■ var.global ■ var.session.0 ■ srctags/dsttags For more information on using the above syntax for message manipulation, refer to the Syntax for SIP Message Manipulation Reference Guide.
Page 237: Configuring Sip User Part For Srs
SIP INVITE from Avaya, it adds the UCID value, received in the User-to-User SIP header to the AudioCodes proprietary tag in the XML metadata of the SIP INVITE that it sends to the recording server. For example, if the received SIP header is: User-to-User: 00FA080019001038F725B3;encoding=hex...
Page 238: Customizing Recorded Sip Messages Sent To Srs
CHAPTER 16 Services Mediant 4000 SBC | User's Manual xml metadata: <ac:AvayaUCID xmlns="urn:ietf:params:xml:ns:Avaya"> FA080019001038F725B3</ac:AvayaUCID> For calls sent from the device to Avaya equipment, the device can generate the Avaya UCID, if required. To configure this support, use the following parameters: ●...
Page 239 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Assign the above manipulation rules to the relevant IP Groups: In the IP Group of the recorded call leg which sends this header, configure the ◆ 'Inbound Message Manipulation Set' parameter to 11 (i.e., rule configured in Index 0).
Page 240: Radius-Based Services
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Value Condition Var.Session.0 regex (.*),(.*),(.*) Action Subject Header.My-header2 Action Type Action Value Row Rule Use Previous Condition Index Name Send My-header3 to SRS Manipulation Set ID Message Type Invite.Request Condition Var.Session.0 regex (.*),(.*),(.*) Action Subject Header.My-header3...
Page 241: Configuring Radius Servers
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Under the RADIUS group, from the 'Enable RADIUS Access Control' drop-down list, select Enable. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Configuring RADIUS Servers The RADIUS Servers table lets you configure up to three RADIUS servers.
Page 242 CHAPTER 16 Services Mediant 4000 SBC | User's Manual servers 1 ip-address 10.4.4.202 auth-port 1812 auth-ha-state "STANDBY" acc-port 1813 acc-ha-state "STANDBY" Where auth-ha-state and acc-ha-state display the authentication and accounting redundancy status respectively. "ACTIVE" means that the server was used for the last sent authentication or accounting request;...
Page 243: Configuring Interface For Radius Communication
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description 'IP Address' Defines the IP address of the RADIUS server (in dotted-decimal notation). ip-address [RadiusServers_ IPAddress] 'Authentication Defines the port of the RADIUS Authentication server for authenticating Port' the device with the RADIUS server. When set to any value other than...
Page 244: Configuring The Radius Vendor Id
CHAPTER 16 Services Mediant 4000 SBC | User's Manual ● In the 'RADIUS Packets Retransmission' field (RADIUSRetransmission), enter the maximum number of RADIUS retransmissions that the device performs if no response is received from the RADIUS server. ● In the 'RADIUS Response Time Out' field (RadiusTO), enter the interval (in seconds) that the device waits for a response before sending a RADIUS retransmission.
Page 245: Setting Up A Third-Party Radius Server
CHAPTER 16 Services Mediant 4000 SBC | User's Manual When RADIUS authentication is used, the RADIUS server stores the user accounts - usernames, passwords, and access levels (authorization). When a management user (client) tries to access the device, the device sends the RADIUS server the user's username and password for authentication.
Page 246: Configuring Radius-Based User Authentication
CHAPTER 16 Services Mediant 4000 SBC | User's Manual If access levels are required, set up a Vendor-Specific Attributes (VSA) dictionary for the RADIUS server and select an attribute ID that represents each user's access level. The example below shows a dictionary file for FreeRADIUS that defines the attribute "ACL-Auth- Level"...
Page 247: Securing Radius Communication
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configure RADIUS timeout handling: From the 'Behavior upon Authentication Server Timeout' drop-down list, select the option if the RADIUS server does not respond within five seconds: Deny Access: device denies user login access.
Page 248: Radius-Based Cdr Accounting
CHAPTER 16 Services Mediant 4000 SBC | User's Manual RADIUS-based CDR Accounting Once you have configured a RADIUS server(s) for accounting in Configuring RADIUS Servers, you need to enable and configure RADIUS-based CDR accounting (see Configuring RADIUS Accounting). LDAP-based Management and SIP Services The device supports the Lightweight Directory Access Protocol (LDAP) application protocol and can operate with third-party, LDAP-compliant servers such as Microsoft Active Directory (AD).
Page 249 CHAPTER 16 Services Mediant 4000 SBC | User's Manual CN=\# Support Dept,OU=R&D Groups,OU=Groups,OU=APC,OU=Japan,OU=ABC,DC=corp,DC=abc,DC=com CN=\#AllCellular,OU=Groups,OU=APC,OU=Japan,OU=ABC,DC=corp,DC=abc,DC =com The device then assigns the user the access level configured for that group (in Configuring Access Level per Management Groups Attributes). The location in the directory where you want to search for the user's member group(s) is configured using the following: ●...
Page 250: Enabling The Ldap Service
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Enabling the LDAP Service Before you can configure LDAP support, you need to enable the LDAP service. ➢ To enable LDAP: Open the LDAP Settings page (Setup menu > IP Network tab > RADIUS & LDAP folder >...
Page 251 CHAPTER 16 Services Mediant 4000 SBC | User's Manual ■ Management: To use an LDAP server for management where it does user login authentication and user authorization, you need to configure the LDAP Server Group as a Management type. Additional LDAP-based management parameters need to be configured, as described in...
Page 252 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description ■ Each row must be configured with a unique name. ■ The parameter value cannot contain a forward slash (/). 'Type' Defines whether the servers in the group are used for SIP-...
Page 253: Configuring Ldap Servers
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configuring LDAP Servers The LDAP Servers table lets you configure up to 500 LDAP servers. The table defines the address and connectivity settings of the LDAP server. The LDAP server can be configured for SIP-related queries (e.g., routing and manipulation) or LDAP-based management user login authentication and...
Page 254 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description 'LDAP Network Interface' Assigns one of the device's IP network interfaces through which communication with the LDAP server is interface-type done. [LdapConfiguration_Interface] By default, no value is defined and the device uses the OAMP network interface, configured in the IP Interfaces table.
Page 255 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description Note: If the response time expires, you can configure the device to use the Local Users table for authenticating the user. For more information, see Configuring Local Database for Management User Authentication.
Page 256 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description [LdapConfiguration_ ■ LDAP-based SIP queries: The parameter is the LdapConfPassword] password used by the device to authenticate itself, as a client, to obtain LDAP service from the LDAP server. ■...
Page 257: Configuring Ldap Dns (Base Paths) Per Ldap Server
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description 'Management Attribute' Defines the LDAP attribute name to query, which contains a list of groups to which the user is a member. mgmt-attr For Active Directory, this attribute is typically [LdapConfiguration_MngmAuthAtt] "memberOf".
Page 258: Configuring The Ldap Search Filter Attribute
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configure an LDAP DN base path according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 16-10:LDAP Server Search Base DN Table Parameter Descriptions...
Page 259: Configuring Access Level Per Management Groups Attributes
CHAPTER 16 Services Mediant 4000 SBC | User's Manual ● The search filter is applicable only to LDAP-based login authentication and authorization queries. ● The search filter is a global setting that applies to all LDAP-based login authentication and authorization queries, across all configured LDAP servers.
Page 260 CHAPTER 16 Services Mediant 4000 SBC | User's Manual ■ Search base object (distinguished name or DN, e.g., "ou=ABC,dc=corp,dc=abc,dc=com"), which defines the location in the directory from which the LDAP search begins. This is configured in Configuring LDAP DNs (Base Paths) per LDAP Server.
Page 261: Configuring The Device's Ldap Cache
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description ■ [0] Monitor (Default) level [MgmntLDAPGroups_ ■ [1] Admin Level] ■ [2] Security Admin 'Groups' Defines the attribute names of the groups in the LDAP server. The valid value is a string of up to 256 characters. To define multiple groups groups, separate each group name with a semicolon (;).
Page 262: Refreshing The Ldap Cache
CHAPTER 16 Services Mediant 4000 SBC | User's Manual The following table shows an example of different scenarios of LDAP queries of a cached key whose cached Attributes include a, b , c , and d, where a is the oldest and d the most recent...
Page 263: Clearing The Ldap Cache
CHAPTER 16 Services Mediant 4000 SBC | User's Manual example, assume cache contains previously queried LDAP Attribute "telephoneNumber=1004" whose associated Attributes include "displayName", "mobile" and "ipPhone". If you perform a cache refresh based on the search key "telephoneNumber=1004", the device sends an LDAP query to the server requesting values for the "displayName", "mobile" and "ipPhone"...
Page 264: Configuring Local Database For Management User Authentication
CHAPTER 16 Services Mediant 4000 SBC | User's Manual ➢ To clear the LDAP cache: Open the LDAP Settings page (Setup menu > IP Network tab > RADIUS & LDAP folder > LDAP Settings). Under the Cache Actions group, do the following:...
Page 265: Ldap-Based Login Authentication Example
CHAPTER 16 Services Mediant 4000 SBC | User's Manual LDAP-based Login Authentication Example To facilitate your understanding on LDAP entry data structure and how to configure the device to use and obtain information from this LDAP directory, a brief configuration example is described in this section.
Page 266 CHAPTER 16 Services Mediant 4000 SBC | User's Manual ■ Management Attribute: memberOf. The attribute contains the member groups of the user: ■ Management Group: mySecAdmin. The group to which the user belongs, as listed under the memberOf attribute: - 233 -...
Page 267 CHAPTER 16 Services Mediant 4000 SBC | User's Manual The configuration to match the above LDAP data structure schema is as follows: ■ LDAP-based login authentication (management) is enabled in the LDAP Server Groups table (see Configuring LDAP Server Groups): ■...
Page 268: Enabling Ldap Searches For Numbers With Characters
CHAPTER 16 Services Mediant 4000 SBC | User's Manual ■ The group management attribute is configured by the 'Management Attribute' parameter in the LDAP Servers table: ■ The management group and its corresponding access level is configured in the Management LDAP Groups table (see...
Page 269: Ad-Based Routing For Microsoft Skype For Business
CHAPTER 16 Services Mediant 4000 SBC | User's Manual To enable the device to search the AD for numbers that may contain characters between its digits, you need to specify the Attribute (up to five) for which you want to apply this functionality, using the LDAPNumericAttributes parameter.
Page 270 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Queried User Query or Query Result Parameter Domain Example (Attribute) in AD MSLDAPOCSNumAttributeName Mediation Server / msRTCSIP- Skype for Line=john.smith@company.co Business client number (e.g., "msRTCSIP- Line") MSLDAPMobileNumAttributeNam Mobile number mobile=+3247647156 (e.g., "mobile") MSLDAPPrivateNumAttributeNam Any attribute (e.g.,...
Page 271 CHAPTER 16 Services Mediant 4000 SBC | User's Manual The device adds unique prefix keywords to the query results in order to identify the query type (i.e., IP domain). These prefixes are used as the prefix destination number value in the Tel-to- IP Routing table to denote the IP domains: ●...
Page 272: Configuring Ad-Based Routing Rules
CHAPTER 16 Services Mediant 4000 SBC | User's Manual If you are using the device's local LDAP cache, see Configuring the Device's LDAP Cache for the LDAP query process. Configuring AD-Based Routing Rules The following procedure describes how to configure outbound IP routing based on LDAP queries.
Page 273 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configure the LDAP attribute names as desired. SBC application: Configure AD-based IP-to-IP routing rules: Open the IP-to-IP Routing table (see Configuring SBC IP-to-IP Routing Rules). Configure query-result routing rules for each IP domain (private, PBX / IP PBX, Skype for...
Page 274: Least Cost Routing
CHAPTER 16 Services Mediant 4000 SBC | User's Manual ■ Rule 1: Sends call to private telephone line (at 10.33.45.60) upon successful AD query result for the private attribute. ■ Rule 2: Sends call to IP PBX (at 10.33.45.65) upon successful AD query result for the PBX attribute.
Page 275 CHAPTER 16 Services Mediant 4000 SBC | User's Manual In addition to Cost Groups, the device can calculate the call cost using an optional, user-defined average call duration value. The logic in using this option is that a Cost Group may be cheap if the call duration is short, but due to its high minute cost, may prove very expensive if the duration is lengthy.
Page 276 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Cost Group Connection Cost Minute Cost 1. "A" 2. "B" ● The Cost Groups are assigned to routing rules: Routing Index Dest Phone Prefix Destination IP Cost Group x.x.x.x "A' x.x.x.x "B"...
Page 277: Configuring Lcr
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configuring LCR To configure LCR, perform the following main steps: Enable LCR: ● SBC application: Configuring SBC Routing Policy Rules Configure Cost Groups - see Configuring Cost Groups. Configure Time Bands for a Cost Group - see Configuring Time Bands for Cost Groups.
Page 278 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description ■ The parameter value cannot contain a forward slash (/). 'Default Connection Defines the call connection cost (added as a fixed charge to the Cost' call) for a call outside the time bands.
Page 279 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configure a Time Band according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 16-17:Time Band Table Description Parameter Description 'Index' Defines an index number for the new table row.
Page 280: Assigning Cost Groups To Routing Rules
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Assigning Cost Groups to Routing Rules To use your configured Cost Groups, you need to assign them to routing rules: ■ SBC application: IP-to-IP Routing table - see Configuring SBC IP-to-IP Routing on page 545...
Page 281 CHAPTER 16 Services Mediant 4000 SBC | User's Manual ● You can configure only one Remote Web Service for each of the following server types: Routing, Call Status, Topology Status, and QoS. ● The Routing service also includes the Call Status and Topology Status services.
Page 282 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description [HTTPRemoteServices_ ■ [0] Routing = (Default) Routing service (also includes HTTPType] Call Status and Topology Status). ■ [1] Call Status = Call status service. ■ [2] Topology Status = Topology status service (e.g., change in configuration).
Page 283 HTTP keep-alive messages to keep the connection open all the time. Login Needed Enables the use of the AudioCodes proprietary REST API Login and Logout commands for connecting to the remote http-login-needed host. The commands verify specific information (e.g.,...
Page 284 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Enable (default) Note: The parameter is applicable only if you configure the 'Type' parameter to any value except General. Authentication 'Username' Defines the username for HTTP authentication. rest-user-name The valid value is a string of up to 80 characters.
Page 285 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description ■ [1] On = The device verifies the subject name of the certificate received from the HTTPS peer. If the server's URL contains a hostname, it verifies the certificate against the hostname; otherwise, it verifies the certificate against the server's IP address.
Page 286: Configuring Remote Http Hosts
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configuring Remote HTTP Hosts The HTTP Remote Hosts table lets you configure up to 10 remote HTTP hosts per Remote Web Service. The HTTP Remote Hosts table is a "child" of the Remote Web Services table (configured Configuring Remote Web Services).
Page 287 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description [HTTPRemoteHosts_ Note: Address] ■ An IPv6 address can only be configured if the interface is a CONTROL type. ■ If the address is an FQDN and the DNS resolution results in multiple IP addresses, the device device attempts to establish multiple connections (sessions) for each IP address.
Page 288: Enabling Topology Status Services
You can employ a remote, third- party Routing server to handle call routing decisions in deployments consisting of multiple AudioCodes devices. The Routing server can be used to handle SBC, Tel-to-IP, and IP-to-Tel calls. Employing a Routing server replaces the need for the device's routing tables--IP-to-IP Routing table for SBC calls--to determine call destination.
Page 289 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Once the device receives the resultant destination hop from the Routing server, it sends the call to that destination. The Routing server can provide the device with an appropriate route or reject the call.
Page 290 CHAPTER 16 Services Mediant 4000 SBC | User's Manual ■ Alternative Routing: If a call fails to be established, the device "closest" to the failure and configured to send "additional" routing requests (through REST API - "additionalRoute" attribute in HTTP Get Route request) to the Routing server, sends a new routing request to the Routing server.
Page 291: Configuring Qos-Based Routing By Routing Server
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configure the address and connection settings of the Routing server, referred to as a Remote Web Service and HTTP remote host (see Configuring Remote Web Services). You must configure the 'Type' parameter of the Remote Web Service to Routing, as shown in the...
Page 292: Configuring An Http Get Web Service
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Click Apply. Open the Remote Web Services table (see Configuring Remote Web Services), and then for the Remote Web Service entry that you configured for the routing server, do the following: From the 'Type' [HTTPRemoteServices_HTTPType] drop-down list, select QoS.
Page 293: Http-Based Proxy Services
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Contact: <sip:1000@10.7.2.15> Supported: em,100rel,timer,replaces Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO ,SUBSCRIBE User-Agent: Sip Message Generator V1.0.0.5 Outgoing HTTP GET: Header=GET /v3/phone/15551234567?account_sid=SID&auth_token=TOKEN HTTP/1.1 Content-Type: html/text Host: 52.7.189.114 Connection: keep-alive Content-Length: 0 Cache-Control: no-cache User-Agent: 1 Incoming HTTP response: HTTP/1.1 200 OK...
Page 294 CHAPTER 16 Services Mediant 4000 SBC | User's Manual This feature integrates the NGINX platform, which is an open source proxy server. When you enable the HTTP Proxy application, the NGINX daemon is launched. When you then configure the various HTTP Proxy tables, the configuration is reflected in the NGINX configuration file (nginx.conf).
Page 295: Enabling The Http Proxy Application
For more information, see Configuring TCP-UDP Proxy Servers page 269. ■ HTTP-based OVOC service for AudioCodes equipment located behind NAT that are managed by the AudioCodes OVOC server: For more information, see Configuring an HTTP-based OVOC Service on page 278...
Page 296: Configuring A Dns Server For Http Services
CHAPTER 16 Services Mediant 4000 SBC | User's Manual From the 'HTTP Proxy Debug Level' drop-down list, select a begug level. Click Apply. Configuring a DNS Server for HTTP Services You can configure the DNS server (primary and secondary for redundancy) that you want to use for your HTTP services.
Page 297 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configure an HTTP Proxy server according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 16-20:HTTP Proxy Servers Table Parameter Descriptions Parameter...
Page 298 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description 'HTTP Listening Port' Defines the HTTP listening port, which is the local port for incoming packets for the HTTP service. http-port Note: [HTTPServer_ HTTPListeningPort] ■ The port number must not conflict with the ports used for the Web interface, which is usually 80 for HTTP and 443 for HTTPS.
Page 299: Configuring Http Locations
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description 'URL Prefix' Defines the URL prefix that is used to access the managed equipment's embedded Web server. The URL prefix is matched url-prefix against the target of the HTTP requests sent by the client (such as [HTTPProxyService_ GET and POST).
Page 300 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configure an HTTP Location according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 16-21:HTTP Locations Table Parameter Descriptions Parameter Description General 'Index' Defines an index number for the new table row.
Page 301 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description ■ 2) /files/phone – Prefix pattern type ■ 3) /files/firmware -- Prefix-Ignore-Regex pattern type ■ 4) *.jpg – Regex pattern type Therefore, the request URL "/files/phone/aaa" matches Location 2 and the request URL "/files/phone/logo.jpg" matches Location 4.
Page 302: Configuring Tcp-Udp Proxy Servers
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description 'TLS Context' Assigns a TLS Context for the TLS connection with the HTTP location. tls-context To configure TLS Contexts, see Configuring TLS Certificate [HTTPLocation_ Contexts. TLSContext] Note: ■ The parameter is applicable only if the connection protocol is HTTPS (configured in the 'Upstream Scheme' parameter, above).
Page 303 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configure a TCP/UDP Proxy Server according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 16-22:TCP/UDP Proxy Servers Table Parameter Descriptions Parameter...
Page 304 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description Note: udp-port [TcpUdpServer_ ■ You must configure a TCP and/or UDP port. UDPListeningPort] ■ The NGINX directive for this parameter is "listen ip:port udp". 'Listen Side SSL' Enables SSL on the listening side (i.e., listening to incoming connection requests).
Page 305: Configuring Upstream Groups
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description 'Upstream TLS Context' Assigns a TLS Context for the TLS connection with the HTTP location. To configure TLS Contexts, see Configuring TLS upstream-tls- Certificate Contexts on page 124. context Note: [TcpUdpServer_ UpstreamTLSContext] ■...
Page 306 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Click New; the following dialog box appears: Configure an Upstream Group according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 16-23:Upstream Groups Table Parameter Descriptions...
Page 307: Configuring Upstream Hosts
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description [UpstreamGroup_ ■ [0] Round Robin = (Default) Traffic requests are balanced across LoadBalancingMode] all hosts. Every consecutive request is sent to the next available host. ■ [1] IP Hash = All requests from a given client (by IP address) is sent to the same host, regardless of current load.
Page 308: Configuring Http Directive Sets
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description 'Host' Defines the address of the host as an FQDN or IP address (in dotted-decimal notation). host Note: The NGINX directive for this parameter is "server [UpstreamHost_Host] host:port". 'Port' Defines the port number.
Page 309 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Directives are grouped into Directive Sets, which you can then assign to HTTP Proxy Servers (see Configuring HTTP Proxy Servers on page 263), HTTP Locations (see Configuring HTTP Locations on page 266 ), and TCP/UDP Proxy Servers (see Configuring TCP- UDP Proxy Servers page 269), using the 'Additional Directive Set' parameter in their respective tables.
Page 310: Configuring Http Directives
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Table 16-25:HTTP Directive Sets Table Parameter Descriptions Parameter Description 'Index' Defines an index number for the new table row. [HTTPDirectiveSets_ Note: Index] ■ Each row must be configured with a unique index.
Page 311: Configuring An Http-Based Ovoc Service
Make sure that you end the directive with a semicolon (;). Configuring an HTTP-based OVOC Service The OVOC Services table lets you configure a single HTTP- based AudioCodes One Voice Operations Center (OVOC) service. You can configure the device to act as an HTTP Proxy that enables OVOC to manage AudioCodes equipment (such as IP Phones) over HTTP when the equipment is located behind NAT (e.g., in the LAN) and OVOC is located in a public domain (e.g., in...
Page 312 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Configure an OVOC Service according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 16-27:OVOC Services Table Parameter Descriptions Parameter Description General 'Index' Defines an index number for the new table row.
Page 313 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description Note: If configured to HTTPS, you must assign a TLS Context (see the 'Device Login TLS Context' parameter, below). 'Device Login TLS Context' Assigns a TLS Context (TLS certificate) for the interface with the requesting client.
Page 314 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Description ■ The NGINX directive for this parameter is "proxy_pass scheme://upstream". 'OVOC Interface TLS Assigns a TLS Context (TLS certificate) for the OVOC listening Context' interface. This is required if you have configured the 'OVOC Scheme' parameter to HTTPS (see above).
Page 315: Troubleshooting Nginx Configuration
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Troubleshooting NGINX Configuration Troubleshooting may be necessary when configuring your HTTP or TCP/UDP proxy services with NGINX directives. Due to the large and complex dictionary of directives supported by NGINX and their complex grammatical structure, the device assists you by validating your configured directives.
Page 316: E9-1-1 Support For Microsoft Skype For Business
This section describes the E9- 1- 1 solution provided by Microsoft Skype for Business and AudioCodes' device's ELIN interworking capabilities, which provides the SIP Trunk connectivity to the E9-1-1 emergency service provider. This section also describes the configuration of the device for interoperating between the Skype for Business environment and the E9-1-1 emergency provider.
Page 317: Microsoft Skype For Business And E9-1-1
CHAPTER 16 Services Mediant 4000 SBC | User's Manual The AudioCodes' ELIN device sends the call to the emergency service provider over the SIP Trunk (PSAP server). The emergency service provider identifies the call is an emergency call and sends it to an E9-1- 1 Selective Router in the Emergency Services provider's network.
Page 318 CHAPTER 16 Services Mediant 4000 SBC | User's Manual The Administrator provisions the LIS database with the location of each network element in the Enterprise. The location is a civic address, which can include contextual in-building and company information. In other words, it associates a specific network entity (for example, a WAP) with a physical location in the Enterprise (for example, Floor 2, Wing A, and the Enterprise's street address).
Page 319: Adding Elins To The Location Information Server
CHAPTER 16 Services Mediant 4000 SBC | User's Manual If there is no match and the LIS cannot determine the location, the user may be prompted to manually enter the location. For example, the client may be located in an undefined subnet, at home, in a coffee shop or anywhere else outside the network.
Page 320 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Skype for Business passes the location information of the Skype for Business client in an IETF- standard format - Presence Information Data Format - Location Object (PIDF-LO)–in a SIP INVITE message. However, this content cannot be sent on the SIP Trunksince they do no support such a content.
Page 321: Audiocodes Elin Device For Skype For Business E9-1-1 Calls To Pstn
PSAP, based on ELIN-address match lookup in the emergency service provider's ALI database. The figure below illustrates an AudioCodes ELIN device deployed in the Skype for Business environment for handling E9-1-1 calls between the company and the emergency service provider.
Page 322 CHAPTER 16 Services Mediant 4000 SBC | User's Manual ELIN Time Count Index Call From 4257275678 22:11:52 4258359333 4257275999 22:11:57 4258359444 4257275615 22:12:03 4258359555 4257275616 22:11:45 4258359777 The ELIN table stores this information for a user-defined period (see Configuring the E9-1-1 Callback Timeout), starting from when the E9-1-1 call, established with the PSAP, terminates.
Page 323: Pre-Empting Existing Calls For E9-1-1 Calls
CHAPTER 16 Services Mediant 4000 SBC | User's Manual a=rtpmap:8 PCMA/8000 a=ptime:20------=_NextPart_000_4A6D_01CAB3D6.7519F890 Content-Type: application/pidf+xml Content-ID: <voip_911_user1@contoso.com> <?xml version="1.0" encoding="utf-8"?> <presence xmlns="urn:ietf:params:xml:ns:pidf" xmlns:gp="urn:ietf:params:xml:ns:pidf:geopriv10" xmlns:bp="urn:ietf:params:xml:ns:pidf:geopriv10:basicPolicy" xmlns:ca="urn:ietf:params:xml:ns:pidf:geopriv10:civicAddr" xmlns:ms="urn:schema:Rtc.LIS.msftE911PidfExtn.2008" entity="sip:voip_911_ user1@contoso.com"><tuple id="0"><status><gp:geopriv><gp:location- info><ca:civicAddress><ca:country>US</ca:country><ca:A1>WA</ca:A1><ca:A3>Red mond</ca:A3><ca:RD>163rd</ca:RD><ca:STS>Ave</ca:STS><ca:POD>NE</ca:POD ><ca:HNO>3910</ca:HNO><ca:LOC>40/4451</ca:LOC> <ca:NAM>1111-222-333; 1234567890 </ca:NAM> <ca:PC>98052</ca:PC></ca:civicAddress></gp:location-info><gp:usage- rules><bp:retransmission-allowed>true</bp:retransmission-allowed></gp:usage- rules></gp:geopriv><ms:msftE911PidfExtn><ms:ConferenceUri>sip:+14255550199@con toso.com;user=phone</ms:ConferenceUri><ms:ConferenceMode>twoway</ms:Conferen ceMode><LocationPolicyTagID xmlns="urn:schema:Rtc.Lis.LocationPolicyTagID.2008">user-tagid</LocationPolicyTagID ></ms:msftE911PidfExtn></status><timestamp>1991-09- 22T13:37:31.03</timestamp></tuple></presence>...
Page 324: Selecting Elin For Multiple Calls Within Same Erl
CHAPTER 16 Services Mediant 4000 SBC | User's Manual In the ELIN table of the device, the temporarily stored From header value of the SIP INVITE message originally received from the E9-1-1 caller is used for PSAP callback. When the PSAP makes a callback to the E9-1-1 caller, the device translates the called number (i.e., ELIN) received...
Page 325: Configuring Audiocodes Elin Device
ELIN 4257275678. In this scenario, multiple E9-1-1 calls are sent with the same ELIN. Configuring AudioCodes ELIN Device This section describes E9-1-1 configuration of the AudioCodes ELIN Gateway deployed in the Skype for Business environment. Enabling the E9-1-1 Feature By default, the ELIN device feature for E9-1-1 emergency call handling in a Skype for Business environment is disabled.
Page 326: Viewing The Elin Table
CHAPTER 16 Services Mediant 4000 SBC | User's Manual Viewing the ELIN Table To view the ELIN table: ■ CLI: # show voip e911 ELIN Time Count Index Call From ------------------------------------------------------------ 4257275678 22:11:52 0 4258359333 4257275999 22:11:57 0 4258359444 257275615 22:12:03 0...
Page 327 CHAPTER 16 Services Mediant 4000 SBC | User's Manual CSeq: 1 PUBLISH Event: presence Expires: 600 Content-Type: application/pidf+xml Content-Length: 489 <?xml version="1.0" encoding="utf-8"?> <presence xmlns="urn:ietf:params:xml:ns:pidf" xmlns:ep="urn:ietf:params:xml:ns:pidf:status:rpid-status" xmlns:et="urn:ietf:params:xml:ns:pidf:rpid-tuple" xmlns:ci="urn:ietf:params:xml:ns:pidf:cipid" entity="sip:john.doe@sfb.example"> <tuple id="0"> <status> <basic>open</basic> <ep:activities> <ep:activity>on-the-phone</ep:activity> </ep:activities> </status> </tuple> <ci:display-name>John Doe</ci:display-name> </presence>...
Page 328: Configuring Skype For Business Server For Presence
CHAPTER 16 Services Mediant 4000 SBC | User's Manual User-Agent: sur1-vg1.ecarecenters.net/v.7.20A.001.080 SIP-If-Match: 2545777538-1-1 Content-Length: 0 The following figure shows a basic illustration of the device's integration into Microsoft Skype for Business Presence feature for third-party endpoints. Configuring Skype for Business Server for Presence On the Skype for Business Server side, you need to define the device in the Skype for Business Topology as a Trusted Application.
Page 329: Configuring The Device For Skype For Business Presence
CHAPTER 16 Services Mediant 4000 SBC | User's Manual New-CsTrustedApplicationPool -Identity <Pool FQDN> -Registrar <Registrar FQDN> -Site <Site Id> where: ● Identity is the FQDN of the device, which sends the SIP PUBLISH messages with the presence status to Skype for Business Server ●...
Page 330 CHAPTER 16 Services Mediant 4000 SBC | User's Manual ➢ To configure the device for Skype for Business presence: Enable the Microsoft presence feature: open the SIP Definitions General Settings page (Setup menu > Signaling & Media tab > SIP Definitions folder > SIP Definitions General...
Page 331 CHAPTER 16 Services Mediant 4000 SBC | User's Manual Parameter Rule 1 Rule 2 'Action Value' ldap.attr.ipPhone ldap.attr.ipPhone Configure routing rules to route the calls in the network. Configure IP Groups to represent your call party entities, and assign them the group of Call Setup Rules (Set ID) that you configured in Step 7 (above).
Page 332: Quality Of Experience
This chapter describes how to configure the Quality of Experience feature. Reporting Voice Quality of Experience to OVOC The device can be configured to report voice (media) Quality of Experience (QoE) to AudioCodes' One Voice Operations Center (OVOC). The reports include real-time metrics of the quality of the actual call experience, which are then processed by OVOC.
Page 333: Configuring The Ovoc Server For Qoe
CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual ● For SNMP v3: In the SNMPv3 Users table (see Configuring SNMP V3 Users), configure an SNMPv3 user for authentication and privacy. In the SNMP Trap Destinations table (see Configuring SNMP Trap Destinations with IP Addresses), configure OVOC (defined by IP address and port) as the destination to where the device sends traps.
Page 334 CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Table 17-1: Quality of Experience Settings Parameter Descriptions Parameter Description General 'Index' Defines an index number for the new table row.
Page 335 CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual Parameter Description 'TLS Context' Assigns a TLS Context (certificate) for the TLS connection with the OVOC server. tls-context-name The default is the default TLS Context (ID 0). [QOESettings_ContextName] Note: The parameter is applicable only if the 'Use TLS' parameter is configured to Enable.
Page 336: Configuring Clock Synchronization Between Device And Ovoc
Enabling RTCP XR Reporting to OVOC For the device to be able to send voice metric reports to AudioCodes OVOC, you need to enable the RTP Control Protocol Extended Reports (RTCP XR) VoIP management protocol. RTCP XR defines a set of voice metrics that contain information for assessing VoIP call quality and diagnosing problems.
Page 337 CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual ■ Packet Loss: Lost packets are RTP packets that are not received by the voice endpoint. Packet loss can result in choppy voice transmission. ■ Jitter: Jitter can result from uneven delays between received voice packets. To space evenly, the device's jitter buffer adds delay.
Page 338 Each time a voice metric threshold is crossed (i.e., color changes), the device can do the following depending on configuration: ■ Report the change in the measured metrics to AudioCodes' OVOC. OVOC displays this call quality status for the associated link (IP Group, Media Realm, or Remote Media Subnet). To configure the OVOC's address, see Configuring the SEM Server.
Page 339 CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual Configure a QoE Profile according to the parameters described in the table below. Click Apply. Table 17-3: Quality of Experience Profile Table Parameter Descriptions Parameter Description 'Index' Defines an index number for the new table row.
Page 340 CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual Click New, and then save your settings to flash memory. Table 17-4: Quality of Experience Color Rules Table Parameter Descriptions Parameter Description General 'Index' Defines an index number for the new table row.
Page 341: Configuring Bandwidth Profiles
CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual Parameter Description ■ Echo measures the Residual Echo Return Loss (RERL) in dB. 'Minor Hysteresis Defines the amount of fluctuation (hysteresis) from the Minor (Yellow)' threshold, configured by the 'Minor Threshold (Yellow)' parameter in order for the threshold to be considered as crossed.
Page 342 ■ Send an SNMP alarm (acMediaRealmBWThresholdAlarm). The device clears the alarm when bandwidth utilization returns to normal (Green). AudioCodes One Voice Operations Center (OVOC) displays bandwidth utilization using color- coded states: ■ Green: Indicates bandwidth utilization is within normal range.
Page 343 CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual Table 17-5: Threshold Crossings based on Threshold and Hysteresis Threshold Threshold Calculation based on Crossing Example Green to The change occurs if the current bandwidth crosses the 32,000 Kbps Yellow (Minor configured Minor threshold only (i.e., hysteresis is not...
Page 344 CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual Configure a rule according to the parameters described in the table below. Click Apply, and then reset the device with a save to flash memory. Table 17-6: Bandwidth Profile Table Parameter Descriptions...
Page 345 CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual Parameter Description 'Total Egress Bandwidth' Defines the major (total) threshold for video and audio outgoing bandwidth (in Kbps). total-egress-bandwidth [BWProfile_ TotalEgressBandwidth] 'Total Ingress Bandwidth' Defines the major (total) threshold for video and audio incoming bandwidth (in Kbps).
Page 346: Configuring Quality Of Service Rules
CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Enable Configuring Quality of Service Rules The Quality of Service Rules table lets you configure up to 3,125 Quality of Service rules. A Quality of Service rule defines an action to perform when the threshold (major or minor) of a specific performance monitoring call metric is crossed for a specific IP Group.
Page 347 CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual Configure a rule according to the parameters described in the table below. Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Table 17-7: Quality of Service Rules Table Parameter Descriptions...
Page 348 CHAPTER 17 Quality of Experience Mediant 4000 SBC | User's Manual Parameter Description Action 'Rule Action' Defines the action to be done if the rule is matched. ■ [0] Reject Calls = (Default) New calls destined to the rule-action specified IP Group are rejected for a user-defined duration. To...
Page 349: Core Entities
CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Core Entities This section describes configuration of core SIP entities. Configuring Media Realms The Media Realms table lets you configure a pool of up to 1,024 SIP media interfaces, termed Media Realms . Media Realms lets you divide a Media- type interface (configured in the IP Interfaces table) into several media realms, where each realm is specified by a UDP port range.
Page 350 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Configure the Media Realm according to the parameters described in the table below. Click Apply. Table 18-1: Media Realms table Parameter Descriptions Parameter Description General 'Index' Defines an index number for the new table row.
Page 351 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description To configure IP network interfaces, see Configuring IP Network ipv6if Interfaces. [CpMediaRealm_ IPv6IF] 'Port Range Start' Defines the starting port for the range of media interface UDP ports. By default, no value is defined.
Page 352: Configuring Remote Media Subnets
CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description 'Default Media Defines the Media Realm as the default Media Realm. The default Realm' Media Realm is used for SIP Interfaces and IP Groups for which you have not assigned a Media Realm.
Page 353 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual The following procedure describes how to configure Remote Media Subnets through the Web interface. You can also configure it through ini file [RemoteMediaSubnet] or CLI (configure voip > remote-media-subnet). ➢ To configure a Remote Media Subnet:...
Page 354: Configuring Media Realm Extensions
CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description [RemoteMediaSubnet_ Note: Each row must be configured with a unique index. RemoteMediaSubnetIndex] 'Name' Defines a descriptive name, which is used when associating the row in other tables. name The valid value is a string of up to 20 characters.
Page 355 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Media Realm Extensions can be useful, for example, to overcome limitations of the maximum number of media ports supported per interface. Instead of configuring only a single Media Realm in the Media Realms table (see Configuring Media Realms), you can also configure additional "Media...
Page 356 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Table 18-3: Media Realm Extension Table Parameter Descriptions Parameter Description 'Index' Defines an index number for the new table row. [MediaRealmExtension_ Note: Each row must be configured with a unique index.
Page 357: Configuring Srds
CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ The port range must not overlap with any other media port range configured for other Media Realm Extensions, Media Realms, or SIP Interfaces that are associated with the same IP network interface.
Page 358 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual ● It is recommended to use a single-SRD configuration topology, unless you are deploying the device in a multi-tenant environment, in which case multiple SRDs are required. ● Each SIP Interface, Proxy Set, and IP Group can be associated with only one SRD.
Page 359 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Configure an SRD according to the parameters described in the table below. Click Apply. Table 18-4: SRDs table Parameter Descriptions Parameter Description General 'Index' Defines an index for the new table row.
Page 360 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description [SRD_SBCOperationMode] ■ [0] B2BUA = (Default) Device operates as a back-to-back user agent (B2BUA), changing the call identifiers and headers between the inbound and outbound legs. ■ [1] Call Stateful Proxy = Device operates as a...
Page 361 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description 'Dial Plan' Assigns a Dial Plan to the SRD. The device searches the Dial Plan for a dial plan rule that matches the sbc-dial-plan-name source number and if not found, for a rule that [SRD_SBCDialPlanName] matches the destination number.
Page 362 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ The option, Accept Registered Users from Same Source [2] does not apply to registration refreshes. These requests are accepted even if the source address is different to that registered with the device.
Page 363: Filtering Tables In Web Interface By Srd
CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ For a SIP Interface that is associated with the SRD, if the corresponding parameter in the SIP Interfaces table (SIPInterface_ EnableUnAuthenticatedRegistrations) is configured to Disable or Enable, the parameter in the SRD is ignored for calls belonging to the SIP Interface.
Page 364 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual While some enterprises are large enough to justify a dedicated standalone device, many enterprises require only a fraction of the device's capacity and capabilities. Service providers offering SIP Trunking services can funnel multiple enterprises into a single device and thereby, reap significant cost improvements over a device-per-customer model.
Page 365 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual To facilitate multi-tenant configuration through CLI, you can access a specific tenant "view". Once in a specific tenant view, all configuration commands apply only to the currently viewed tenant. Only table rows (indexes) belonging to the viewed tenant can be modified. New table rows are automatically associated with the viewed tenant (i.e., SRD name).
Page 366: Cloning Srds
CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Cloning SRDs You can clone (duplicate) existing SRDs. This is especially useful when operating in a multi-tenant environment and you need to add new tenants (SRDs). The new tenants can quickly and easily be added by simply cloning one of the existing SRDs.
Page 367: Automatic Configuration Based On Srd
CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Automatic Configuration based on SRD To facilitate configuration and eliminate possible flaws in configuration due to invalid associations between configuration entities, the Web interface automatically configures configuration entities based on SRD: ■...
Page 368 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual ■ IP-to-IP Routing rules for specifying the destination SIP Interface to where you want to route the call. For more information, see Configuring SBC IP-to-IP Routing Rules. ■ Classification rules for specifying the SIP Interface as a matching characteristic of the incoming call.
Page 369 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Table 18-5: SIP Interfaces table Parameter Descriptions Parameter Description 'SRD' Assigns an SRD to the SIP Interface. If only one SRD is configured in the SRDs table, the srd-name SRD is assigned to the SIP Interface by default. If...
Page 370 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description [SIPInterface_UDPPort] The valid range is 1 to 65534. The default is 5060. Note: ■ The port must be different from ports configured for RTP traffic (i.e., ports configured for Media Realms and Media Realm Extensions) using the same IP network interface.
Page 371 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ Assigning a specific local port to each SIP entity (e.g., PBX) communicating with a common SIP entity (e.g., proxy server). This is the port on the leg interfacing with the proxy server. In other words, the SIP Interface associated with the proxy server.
Page 372 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description 'Additional UDP Ports Mode' Enables the device to open sockets (ports) for signaling only when needed. The parameter applies to additional-udp-ports-mode the Additional UDP Port feature with dynamic port...
Page 373 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ [1] WebSocket = Traffic received on the SIP Interface is identified by the device as WebSocket signaling traffic (encapsulated by WebSocket frames). For outgoing traffic, the device encapsulates the traffic using the WebSocket protocol (frames) on the TCP/TLS ports.
Page 374 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description Classification 'Classification Failure Response Defines the SIP response code that the device sends Type' if a received SIP request (OPTIONS, REGISTER, or INVITE) fails the SBC Classification process. classification_fail_...
Page 375 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ If Classification fails or the request is rejected prior to the Classification stage, then manipulation rules according to this parameter are applied to the reject response. In this case, the device adds a Reason header to the reject response.
Page 376 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ [0] Disable = (Default) Media Anchoring is employed, whereby the media stream traverses the device (and each leg uses a different coder or coder parameters). ■ [1] Enable = No Media Anchoring. Media stream flows directly between endpoints (i.e., does not...
Page 377 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ To configure TLS Contexts, see Configuring SSL/TLS Certificates. 'TLS Mutual Authentication' Enables TLS mutual authentication for the SIP Interface (when the device acts as a server). tls-mutual-auth ■...
Page 378 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ The option, Accept Registered Users from Same Source [2] does not apply to registration refreshes. These requests are accepted even if the source address is different to that registered with the device.
Page 379: Configuring Ip Groups
CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ Regardless of the parameter, the device always accepts registration refreshes from users that are already registered in its database. ■ If configured to Disable or Enable, the parameter...
Page 380 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual ● If you delete an IP Group or modify the 'Type' or 'SRD' parameters, the device immediately terminates currently active calls that are associated with the IP Group. In addition, all users belonging to the IP Group are removed from the device's users database.
Page 381 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description 'Name' Defines a descriptive name, which is used when associating the row in other tables. name The valid value is a string of up to 40 characters. [IPGroup_Name] Note: ■...
Page 382 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ [2] Gateway = In scenarios where the device receives requests to and from a gateway representing multiple users. This IP Group type is necessary for any of the following scenarios: ✔...
Page 383 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ Proxy Sets are used for Server-type IP Groups, but may in certain scenarios also be used for User-type IP Groups. For example, this is required in deployments where the device mediates between an IP PBX and a SIP Trunk, and the SIP Trunk requires SIP registration for each user that requires service.
Page 384 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ If the parameter is not configured, the value of the global parameter, ProxyName is used instead (see Configuring Proxy and Registration Parameters). ■ The parameter overrides inbound message manipulation rules that manipulate the host name in Request-URI, To, and/or From SIP headers.
Page 385 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ The feature is applicable only to Server-type IP Groups. ■ To support the feature, you must enable the keep- alive mechanism of the Proxy Set that is associated...
Page 386 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description The reason for preferring classification based on Proxy Set when the IP address is unknown is that IP address forgery (commonly known as IP spoofing) is more difficult than malicious SIP message tampering and therefore, using a Classification rule without an IP address offers a weaker form of security.
Page 387 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ [2] Sequential Available Only = Sequentially sends the INVITE only to available contacts (i.e., not busy). If there is no answer from the first available contact, it sends the INVITE to the second contact, and so on until a contact answers.
Page 388 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description This is interworked in to the SIP header as follows: User-to-User: 00FA080019001038F725B3;en- coding=hex Note: To define the Network Node Identifier of the device for Avaya UCID, use the 'Network Node ID' (NetworkNodeId) parameter.
Page 389 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ If the device receives an INVITE as a result of a REFER request or a 3xx response, then the incoming INVITE is routed according to the Request- URI. The device identifies such INVITEs according to a specific prefix in the Request-URI header, configured by the SBCXferPrefix parameter.
Page 390 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description 'SIP Connect' Defines the IP Group as representing multiple registering servers, each of which may use a single registration, yet sip-connect represent multiple users. In addition, it defines how the...
Page 391 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description [IPGroup_SBCPSAPMode] ■ [0] Disable (default) ■ [1] Enable For more information, see E9-1-1 Support for Microsoft Skype for Business. 'Route Using Request URI Port' Enables the device to use the port indicated in the...
Page 392 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description Note: For IP-to-IP Routing rules that are configured for destination based on tags (i.e., 'Destination Type' parameter configured to Destination Tag), the parameter is applicable only to the source IP Group and the device searches the Dial Plan for a dial plan rule that matches the prefix of the destination number only.
Page 393 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description [IPGroup_QOEProfile] To configure Quality of Experience Profiles, see Configuring Quality of Experience Profiles. 'Bandwidth Profile' Assigns a Bandwidth Profile rule. By default, no value is defined. bandwidth-profile [IPGroup_BWProfile] To configure Bandwidth Profiles, see...
Page 394 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description 'Message Manipulation User- Defines a value for the SIP user part that can be used in Defined String 2' Message Manipulation rules configured in the Message Manipulations table. The Message Manipulation rule...
Page 395 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ [0] User Initiates Registration (default) registration-mode [IPGroup_RegistrationMode] ■ [1] SBC Initiates Registration = Used when the device serves as a client (e.g., with an IP PBX). This functions only with the User Information table (see...
Page 396 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ✔ If you modify the Proxy Set. ✔ If the Proxy Set is configured with an FQDN and a DNS resolution refresh removes the IP address to which the user is bound.
Page 397 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description The device assigns a unique port upon the first REGISTER request received from the user. Sub- sequent SIP messages other than REGISTER mes- sages (e.g., INVITE) from the user are sent to the proxy server on this unique local port.
Page 398 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description If there is no Account in the Accounts table for the Served IP Group and Serving IP Group (i.e., the IP Group you are now configuring), the device uses the username and password con- figured for this IP Group in the IP Groups table ('Username' and 'Password' parameters).
Page 399 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description [IPGroup_ ■ [-1] According to Global Parameter = (Default) TypeSBCServerAuthType] Authentication is according to the settings of the SBCServerAuthMode parameter. ■ [0] Authentication is performed locally = The device authenticates incoming SIP requests locally.
Page 400: Configuring Proxy Sets
CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description Note: If you configure the 'Authentication Mode' parameter to SBC as Server, you can specify the SIP request (method) types (e.g., INVITE) that must be challenged by the device, using the IP Group's 'Authentication Method List' parameter.
Page 401 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual You can assign each Proxy Set a specific SSL/TLS certificate the (TLS Context), enabling you to use different TLS certificates per SIP entity (IP Group). You can also enable the device to classify incoming SBC SIP dialogs to IP Groups, based on Proxy Set.
Page 402 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Select the index row of the Proxy Set that you added, and then click the Proxy Address link located below the table; the Proxy Address table opens. Click New; the following dialog box appears: Configure the address of the Proxy Set according to the parameters described in the table below.
Page 403 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ To configure SIP Interfaces, see Configuring SIP Interfaces. 'SBC IPv6 SIP Assigns an IPv6-based SIP Interface for SBC calls to the Proxy Interface' Set. Note: sbcipv6-sip-int- name ■...
Page 404 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ [2] Using REGISTER = Enables the Proxy Keep-Alive feature using SIP REGISTER messages. The device sends a REGISTER message every user-defined interval, configured by the SBCProxyRegistrationTime parameter. Any SIP response from the proxy - success (200 OK) or failure (4xx response) - is considered as if the proxy is "alive".
Page 405 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description 'Success Detection Defines the minimum number of consecutive, successful keep- Retries' alive messages that the device sends to an offline proxy, before the device considers the proxy as being online. The interval between...
Page 406 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Homing = The device always attempts to operate with the proxy that has the highest priority of all currently online proxies. For example, if the device is currently operating with proxy server 200.10.1.1 that has priority 4, and then a previously...
Page 407 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description You can employ alternative routing with this option. If no response is received from any of the redundant (online) proxies or the proxies reject the message with a SIP response code...
Page 408 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ■ [1] IP Address, Port & Transport Type = Classifies calls to the Proxy Set according to IP address, port, and transport type. Note: ■ The parameter is applicable only if the IP Groups table's...
Page 409 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description ✔ Incoming SIP request from 10.10.10.10:5080;TLS: Best match is #2, #3 and #4 (same priority). ✔ Incoming SIP request from 10.10.10.10:5070;TCP: Best match is #4 (due to transport type); second best match is #2 and #3 (same priority).
Page 410 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description 'Proxy Address' Defines the address of the proxy server (Proxy Set). The address can be defined as an IP address in dotted-decimal notation (e.g., proxy-address 201.10.8.1) or FQDN. You can also specify the port using the...
Page 411: Building And Viewing Sip Entities In Topology View
CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Parameter Description Note: ■ You must configure both priority and weight (or none of them). In other words, if you configure this parameter, you must also configure the 'Proxy Random Weight' parameter. If you don't configure this parameter, you must also not configure the 'Proxy Random Weight' parameter.
Page 412 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual ■ Click the Topology View home icon (Setup menu > Signaling & Media tab > Topology View). ■ Click the logo, which is located in the top-left corner of the Web interface.
Page 413 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Item # Description By default, configuration entities are displayed on the bottom border. To define the position, use the 'Topology Location' parameter when configuring the entity, where Down is the bottom border and Up the top border: Configured SIP Interfaces.
Page 414 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Item # Description Click the Add SIP Interface plus icon. The icon appears next to existing SIP Interfaces, or as when no SIP Interfaces exist on a topo- logy border, or as when there are no SIP Interfaces at all.
Page 415 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Item # Description Configured IP Groups. Each IP Group is displayed using the following "IP Group [Server]" or "IP Group [User]" titled icon (depending on whether it's a Server- or User-type IP Group respectively), which includes the name and row index number...
Page 416 CHAPTER 18 Core Entities Mediant 4000 SBC | User's Manual Item # Description ■ To support the connectivity status feature, you must enable the keep-alive mechanism for the Proxy Set that is associated with the IP Group (see Configuring Proxy Sets).
Page 417: Coders And Profiles
CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Coders and Profiles This section describes configuration of coders and SIP profiles. Configuring Coder Groups The Coder Groups table lets you configure up to 21 Coder Groups. The Coder Group determines the audio (voice) coders used for calls.
Page 418 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual ● For supported audio coders, see Supported Audio Coders. ● Some coders are license-based and are available only if included in the License Key installed on your device. For more information, contact the sales representative of your purchased device.
Page 419 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual ➢ To delete a Coder Group: From the 'Coder Group Name' drop-down list, select the Coder Group that you want to delete. Click Delete Group. Table 19-1: Coder Groups Table Parameter Descriptions...
Page 420: Supported Audio Coders
CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description Note: The AMR payload type can be configured globally using the AmrOctetAlignedEnable parameter. However, the Coder Group configuration overrides the global parameter. Supported Audio Coders The table below lists the coders supported by the device.
Page 421 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Packetization Time (msec) Coder Silence [1] 10, [2] 20, [3] 30, [4] Rate (kbps) Payload Type Name Suppression 40, [5] 50, [6] 60, [8] 80, [9] 90, [10] 100, [12] 120 ■...
Page 422 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Packetization Time (msec) Coder Silence [1] 10, [2] 20, [3] 30, [4] Rate (kbps) Payload Type Name Suppression 40, [5] 50, [6] 60, [8] 80, [9] 90, [10] 100, [12] 120...
Page 423: Configuring Various Codec Attributes
CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Configuring Various Codec Attributes The following procedure describes how to configure various coder attributes such as bit rate. ➢ To configure codec attributes: Open the Coder Settings page (Setup menu > Signaling & Media tab > Coders & Profiles folder >...
Page 424 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual ■ The SDP offer in the incoming SIP message contains the G.729, G.711, and G.723 coders. ■ The allowed coders configured for the SIP entity include G.711 and G.729. The device removes the G.723 coder from the SDP offer, re-orders the coder list so that G.711 is listed first, and sends the SIP message containing only the G.711 and G.729 coders in the SDP.
Page 425 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Configure coders for the Allowed Audio Coders Group according to the parameters described in the table below. Click Apply. Table 19-3: Allowed Audio Coders Groups and Allowed Audio Coders Tables Parameter Descriptions...
Page 426: Configuring Allowed Video Coder Groups
CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Configuring Allowed Video Coder Groups The Allowed Video Coders Groups table lets you configure up to four Allowed Video Coders Groups for SBC calls. Each Allowed Video Coders Group can be configured with up to 10 coders. An Allowed Video Coders Group defines a list of video coders that can be used when forwarding video streams to a specific SIP entity.
Page 427 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Configure coders for the Allowed Video Coders Group according to the parameters described in the table below. Click Apply. Table 19-4: Allowed Video Coders Groups and Allowed Video Coders Tables Parameter Descriptions...
Page 428: Configuring Ip Profiles
CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Configuring IP Profiles The IP Profiles table lets you configure up to 125 IP Profiles. An IP Profile is a set of parameters with user-defined settings relating to signaling (e.g., SIP message terminations such as REFER) and media (e.g., coder type).
Page 429 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description Note: The parameter value cannot contain a forward slash (/). 'Created By Routing Server' (Read-only) Indicates whether the IP Profile was created by a third-party routing server: [IpProfile_ CreatedByRoutingServer] ■...
Page 430 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Enable = The answer crypto line contains (or excludes) an MKI value according to the selected crypto line in the offer. For example, assume that the...
Page 431 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Enforce = Device changes the MKI length according to the settings of the IP Profile parameter, MKISize. 'SBC Media Security Method' Defines the media security protocol for SRTP, for the SIP entity associated with the IP Profile.
Page 432 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Enable = If the session expires causing a session refresh through a re-INVITE, the device or server generates a new key and the device resets the ROC index (and other SRTP fields) as done by the server, resulting in a synchronized SRTP.
Page 433 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description SBC Early Media 'Remote Early Media' Defines whether the remote side can accept early media or not. sbc-rmt-early-media- ■ [0] Not Supported = Early media is not supported.
Page 434 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description In non-standard behavior (when the parameter is configured to Disable), the device forwards all the SDP answers with the same tag. In the example, endpoint "tag 3" is sent with the same tag as endpoint "tag 2"...
Page 435 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'Remote Early Media RTP Defines whether the destination UA sends RTP Detection Mode' immediately after it sends a 18x response. ■ [0] By Signaling = (Default) Remote client sends RTP...
Page 436 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ■ [0] RTP Mediation = (Default) Transcoding is done only ifrequired. If not required, many of the media settings (such as gain control) are not applied to the voice stream.
Page 437 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ■ [0] Restriction = In the incoming SDP offer, the device sbc-allowed-coders-mode uses only Allowed coders; the rest are removed from the SDP offer (i.e., only coders common between those...
Page 438 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'Direct Media Tag' Defines an identification tag for enabling direct media (no Media Anchoring) for the SIP entity associated with the IP sbc-dm-tag Profile. Direct media occurs between all endpoints whose [IPProfile_SBCDirectMediaTag] IP Profiles have the same tag value (non-empty value).
Page 439 UPDATE) from the SIP entity to where the SIP INFO is being sent (and keep sending the DTMF digits using the RFC 2833 method). This is done using the AudioCodes proprietary SIP header X-AC-Action and a Message Manipulation rule (inbound) to instruct the device to switch to a different IP Profile that is configured to disable the sending of DTMF digits using both methods (i.e., 'Send...
Page 440 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description The Message Manipulation rule adds the proprietary header with the value of the new IP Profile to the incoming re- INVITE or UPDATE message and as a result, the device uses the new IP Profile for the SIP entity and stops sending it SIP INFO messages.
Page 441 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ■ When using the X-AC-Action header to switch IP Profiles, it is recommended that the settings of the switched IP Profile are identical (except for the 'Send Multiple DTMF Methods' parameter) to the initial IP Profile in order to avoid any possible call handling errors.
Page 442 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ■ [2] Preferred Value = Use the ptime according to the 'Preferred Ptime' parameter (see below) if it is configured to a non-zero value. Note: ■ Regardless of the settings of this parameter, if a non-...
Page 443 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description RTP redundancy is useful when there is packet loss; the missing information may be reconstructed at the receiver side from the redundant packets. ■ [0] As Is = (Default) The device does not interfere in the...
Page 444 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'Jitter Compensation' Enables the on-demand jitter buffer for SBC calls. The jitter buffer can be used when other functionality such as voice sbc-jitter-compensation transcoding are not done on the call. The jitter buffer is...
Page 445 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ■ [0] Don't Care = (Default) The device forwards the SDP as is without interfering in the RTCP attribute (regardless if present or not). ■ [1] Add = The device adds the 'a=rtcp' attribute to the outgoing SDP offer sent to the SIP entity if the attribute was not present in the original incoming SDP offer.
Page 446 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'RTCP Feedback' Enables RTCP-based feedback indication in outgoing SDPs sent to the SIP entity associated with the IP Profile. sbc-rtcp-feedback The parameter supports indication of RTCP-based [IPProfile_ feedback, according to RFC 5124, during RTP profile SBCRTCPFeedback] negotiation between two communicating SIP entities.
Page 447 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'Max Opus Bandwidth' Defines the VoIPerfect mode of operation, which is based on the Opus coder. sbc-max-opus-bandwidth ■ 0 = (Default) Managed Opus [IpProfile_SBCMaxOpusBW] ■ 80000 = Smart Transcoding Note: The parameter is applicable only to the VoIPerfect feature (see VoIPerfect).
Page 448 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description [IpProfile_ ■ [0] Disable EnableEchoCanceller] ■ [1] Line (default) ■ [2] Acoustic For a detailed description of the Echo Cancellation feature, Configuring Echo Cancellation. Note: The corresponding global parameter is EnableEchoCanceller.
Page 449 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'Diversion Header Mode' Defines the device’s handling of the SIP Diversion header for the SIP entity associated with the IP Profile. sbc-diversion-mode ■ [0] As Is = (Default) Diversion header is not handled.
Page 450 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Supported Only After Connect = UPDATE message is supported only after the call is connected. ■ [2] Supported = (Default) UPDATE message is supported during call setup and after call establishment.
Page 451 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ✔ B2BUA: Device operates as if the parameter is set to Replace Contact [0]. ✔ Call State-full Proxy: Device operates as if the parameter is set to Add Routing Headers [1].
Page 452 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ✔ B2BUA: Device operates as if the parameter is set to Disable [0]. ✔ Call State-full Proxy: Device operates as if the parameter is set to Enable [1].
Page 453 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'ISUP Body Handling' Defines the handling of ISUP data for interworking SIP and SIP-I endpoints. sbc-isup-body-handling ■ [0] Transparent = (Default) ISUP data is passed [IpProfile_ transparently (as is) between endpoints (SIP-I to SIP-I SBCISUPBodyHandling] calls).
Page 454 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'NAT UDP Registration Time' Defines the registration time (in seconds) that the device includes in register responses, in response to SIP sbc-usr-udp-nat-reg- REGISTER requests from users belonging to the SIP time entity associated with the IP Profile.
Page 455 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'Remote REFER Mode' Defines the device's handling of SIP REFER requests for the IP entity (transferee - call party that is transfered to the sbc-rmt-refer-behavior transfer target) associated with the IP Profile.
Page 456 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ■ [5] Keep URI (user@host) = The device forwards the REFER message without changing the URI (user@host) in the SIP Refer-To header. If you configure the 'Remote Replaces Mode' parameter (see...
Page 457 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description For example, assume that the device establishes a call between A and B. If B initiates a call transfer to C, the device receives an INVITE with the Replaces header from C.
Page 458 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'Remote 3xx Mode' Defines the device's handling of SIP 3xx redirect responses for the SIP entity associated with the IP Profile. sbc-rmt-3xx-behavior By default, the device's handling of SIP 3xx responses is [IpProfile_ to send the Contact header unchanged.
Page 459 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description Note: ■ When the parameter is changed from Database URL to Transparent, new 3xx Contact headers remain unchanged. However, requests with the special prefix continue using the device's database to locate the new destination.
Page 460 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ■ [6] Hold and Retrieve Not Supported = This option can be used when the remote side does not support call hold and retrieve (resume). The device terminates call...
Page 461 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'Fax Mode' Enables the device to handle fax offer-answer negotiations for the SIP entity associated with the IP Profile. sbc-fax-behavior ■ [0] As Is = (Default) Device forwards fax transparently, [IpProfile_SBCFaxBehavior] without interference.
Page 462 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'Remote Renegotiate on Fax Enables local handling of fax detection and negotiation by Detection' the device on behalf of the SIP entity associated with the IP Profile. This applies to faxes sent immediately upon the sbc-rmt-renegotiate-on- establishment of a voice channel (i.e., after 200 OK).
Page 463 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'Broken Connection Mode' Defines the device's handling of calls when RTP packets (media) are not received within a user-defined timeout. The disconnect-on-broken- timeout can be during call setup (configured by the...
Page 464 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description ■ [3] Prefer IPv6 = SDP offer includes IPv4 and IPv6 media IP addresses, but the first (preferred) media is IPv6. To indicate ANAT support, the device uses the SIP Allow...
Page 465 CHAPTER 19 Coders and Profiles Mediant 4000 SBC | User's Manual Parameter Description 'RTP Redundancy Depth' Enables the device to generate RFC 2198 redundant packets. This can be used for packet loss where the rtp-redundancy-depth missing information (audio) can be reconstructed at the...
Page 466 Prerecorded Tones (PRT) file, which is created using AudioCodes DConvert utility. When you create the PRT file, each recorded tone file must be added to the PRT file with the tone type "acUserDefineTone<Index>". When you want to specify the ringback tone for this parameter, use the index number.
Page 467 Prerecorded Tones (PRT) file, which is created using AudioCodes DConvert utility. When you create the PRT file, each recorded tone file must be added to the PRT file with the tone type "acUserDefineTone<Index>". When you want to specify the held tone for this parameter, use the index number.
Page 468: Sip Definitions
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual SIP Definitions This section describes configuration of various SIP-related functionality. Configuring Registration Accounts The Accounts table lets you configure up to 625 Accounts. An Account defines information for registering and authenticating (digest) IP Groups (e.g., IP PBX) with a "serving" IP Group (e.g., ITSP).
Page 469 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual ● For the SBC application: The device uses the username and password configured for the Serving IP Group in the IP Groups table for user registration and authentication, in the scenarios listed below. For this mode of operation, the...
Page 470 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description 'Index' Defines an index for the new table row. Note: Each row must be configured with a unique index. 'Name' Defines an arbitrary name to easily identify the row.
Page 471 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description Note: ■ If the parameter is not configured, the 'Contact User' parameter in the IP Groups table is used instead. ■ If registration fails, the user part in the INVITE Contact header contains the source party number.
Page 472 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Enable = Enables the Register Stickiness feature. The device always routes SIP requests of a registered Account to the same registrar server to where the last successful REGISTER request was routed. In other...
Page 473 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description ■ [1] According to IMS Specifications = For the initial registration request, the device performs DNS resolution if the address of the Proxy Set is configured as an FQDN. It then attempts to register to one of the...
Page 474 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Enable = If the device receives a SIP response for a failed INVITE message and the response code is configured in the global parameter, Accoun- tInviteFailureTriggerCodes, the device re-registers the Account according to the settings of the Proxy Set associated with the Account's Serving IP Group.
Page 475 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description The Served IP Group's connectivity status is determ- ined by the keep-alive mechanism of its associated Proxy Set (i.e., the 'Proxy Keep-Alive' parameter is con- figured to Using OPTIONS).
Page 476: Regular Registration Mode
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description Credentials 'User Name' Defines the digest MD5 Authentication username. The valid value is a string of up to 60 characters. By user-name default, no value is defined. [Account_Username] 'Password' Defines the digest MD5 Authentication password.
Page 477: Registrar Stickiness
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual The figure below illustrates the GIN registration process: The figure below illustrates an incoming call using GIN: Registrar Stickiness You can enable the Registrar Stickiness feature per Account. Registrar Stickiness binds an Account to one of the IP addresses (configured or DNS-resolved) in the Proxy Set associated with the Serving IP Group.
Page 478: Sip Message Authentication Example
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual To view the registration status of endpoints with a SIP Registrar/Proxy server, see Viewing Registration Status. ➢ To configure the Proxy and registration parameters: Open the Proxy & Registration page (Setup menu > Signaling & Media tab > SIP Definitions folder >...
Page 479 ● The password from the ini file is "AudioCodes". ● The equation to be evaluated is "122:AudioCodes.com:AudioCodes". According to the RFC, this part is called A1. ● The MD5 algorithm is run on this equation and stored for future usage.
Page 480: Configuring User Information
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual uri=”10.2.2.222”, response=“b9c45d0234a5abf5ddf5c704029b38cf” Upon receiving this request and if accepted by the Proxy, the Proxy returns a 200 OK response, completing the registration transaction: SIP/2.0 200 OK Via: SIP/2.0/UDP 10.1.1.200 From: <sip: 122@10.1.1.200>;tag=1c23940 To: <sip: 122@10.1.1.200>...
Page 481: Configuring Sbc User Information Table Through Web Interface
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual ■ Registering each user to an external registrar server. ■ Authenticating (for any SIP request and as a client) each user if challenged by an external server. ■ Authenticating as a server incoming user requests (for SBC security).
Page 482 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual ➢ To configure User Information table through the Web interface: Open the User Information table (Setup menu > Signaling & Media tab > SBC folder > User Information). Click New; the following dialog box appears: Configure a user according to the table below.
Page 483: Configuring Sbc User Information Table Through Cli
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description ■ "N/A": Invalid configuration as the user has not been assigned an IP Group. ■ "NA": Invalid configuration as the user has been assigned a Server-type IP Group instead of a User-type IP Group.
Page 484: Configuring Sbc User Information Table From A Loadable File
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual (sip-def-proxy-and-reg)# user-info sbc-user-info <index, e.g., 0> (sbc-user-info-0)# display local-user (JohnDee) username (userJohn) password (s3fn+fn=) ip-group-id (1) status (not-resgistered) ■ To search a user by local-user: (sip-def-proxy-and-reg)# user-info find <local-user, e.g., JohnDoe>...
Page 485: Configuring Call Setup Rules
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual You can load the User Information file using any of the following methods: ■ Web interface - User Information table (see Configuring SBC User Information Table through Web Interface on page 448) ■...
Page 486 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual ● Manipulation of call parameters such as source number, destination number, and redirect number and SBC SIP messages, while using LDAP query results. ● Multiple LDAP queries. ■ Dial Plan queries: For SBC calls, you can use Call Setup rules to query the Dial Plan table (see...
Page 487 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual You can also configure a Call Setup rule that determines whether the device must discontinue with the Call Setup Rules Set ID and route the call accordingly. This is done using the Exit optional value of the ‘Action Type’...
Page 488 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Table 20-3: Call Setup Rules Parameter Descriptions Parameter Description General 'Index' Defines an index number for the new table record. [CallSetupRules_ Note: Each rule must be configured with a unique index.
Page 489 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description [CallSetupRules_ ■ LDAP: Defines an LDAP server (LDAP Server Group) on which to QueryTarget] perform an LDAP query for a defined key. To configure LDAP Server Groups, see Configuring LDAP Server Groups.
Page 490 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description param.call.dst.user ■ To send an HTTP POST to notify the HTTP server of call connection status: 'connectionStatus' Note: The parameter is applicable only if the 'Request Type' parameter is configured to any value other than None.
Page 491 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description ✔ dialplan.found !exists (if Dial Plan queried key not found) ✔ dialplan.result=='uk' (if corresponding tag of the searched key is "uk") ■ ENUM: ✔ enum.found exists (if ENUM record of E.164 number exists) ■...
Page 492: Call Setup Rule Examples
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description ■ [5] Remove Suffix = Removes value from the end of the string (string element only). ■ [6] Remove Prefix = Removes value from the beginning of the string (string element only).
Page 493 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual ● IP-to-IP Routing table: A single routing rule is assigned the Call Setup Rule Set ID. (Index 1) 'Call Setup Rules Set ID': 1 ◆ ■ Example 2: The example configures the device to replace (manipulate) the incoming call's calling name (caller ID) with a name retrieved from the AD by an LDAP query.
Page 494 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual 'Destination IP Group ID': 4 (IP Group of PBX) ◆ ■ Example 4: The example enables routing based on LDAP queries and destination tags. The device queries the LDAP server for the attribute record "telephoneNumber" whose value is the destination number of the incoming call (e.g., "telephoneNumber=4064").
Page 495: Configuring Dial Plans
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual ■ Example 6: See Configuring an HTTP GET Web Service on page 259 for an example on HTTP GET. Configuring Dial Plans Dial Plans let you categorize incoming calls (source and/or destination) according to source and/or destination numbers .
Page 496 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual The Dial Plan itself is a set of dial plan rules having the following attributes: ■ Prefix: The prefix is matched against the source and/or destination number of the incoming call (e.g., SIP dialog-initiating request for IP calls).
Page 497 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual 523x 523[1-9] ■ For incoming calls with prefix number "53211111", the rule with tag B is chosen (more specific for fourth digit): Prefix 532[1-9]1111 5321 ■ For incoming calls with prefix number "53124", the rule with tag B is chosen (more specific for digit "1"):...
Page 498 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual The maximum group of numbers (consisting of single numbers and/or range of numbers) that can be configured for prefixes and suffixes for all the Dial Plan rules can be calculated by multiplying the maximum number of supported Dial Plan rules by six.
Page 499 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description ■ Each row must be configured with a unique name. ■ The parameter value cannot contain a forward slash (/). In the Dial Plan table, select the row for which you want to configure dial plan rules, and then click the Dial Plan Rule link located below the table;...
Page 500 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description ■ \\: (Backslash escape character) When it prefixes a wildcard character (*, z, n, and x), the character itself is used and not the meta-meaning. For example, "\\x" denotes the character "x", while "x"...
Page 501: Importing Dial Plans
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Parameter Description ■ The tag cannot start with a dot (.); it can be used anywhere after the first character. For example, ".Country" is an invalid configuration. Examples of valid configurations are "10.1.1.2"...
Page 502: Creating Dial Plan Files
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual ➢ To import Dial Plan rules for a specific Dial Plan: Open the Dial Plan table. Select the required Dial Plan, and then click the Dial Plan Rule link; the Dial Plan Rule table opens, displaying all the rules of the selected Dial Plan.
Page 503: Using Dial Plan Tags For Sbc Ip-To-Ip Routing
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual The CLI lets you export Dial Plans and Dial Plan rules to a remote server, using the export-csv-to command under (config-voip)# sbc dial-plan. For more information, refer to the CLI Reference Guide.
Page 504: Using Dial Plan Tags For Matching Routing Rules
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Using Dial Plan Tags for Matching Routing Rules For deployments requiring hundreds of routing rules (which may exceed the maximum number of rules that can be configured in the IP-to-IP Routing table), you can employ tags to represent the many different calling (source URI user name) and called (destination URI user name) prefix numbers in your routing rules.
Page 505: Using Dial Plan Tags For Routing Destinations
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual Using Dial Plan Tags for Routing Destinations You can use Dial Plan tags for determining the destination (IP Group) of an IP-to-IP Routing rule. One of the benefits of using Dial Plan tags is that it can reduce the number of IP-to-IP Routing rules that you would normally need to configure.
Page 506 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual The following procedure describes how to configure routing to destination IP Groups determined by Dial Plan tags. The procedure is based on the following example scenario: Calls from IP Group "HQ" with destination (called) prefix number 102 are sent to IP Group "ENG" while calls with destination prefix number 103 are sent to IP Group "BEL".
Page 507 CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual In the IP Groups table, configure your IP Groups. Make sure that you assign the source IP Group with the Dial Plan that you configured in Step 1 and that you configure each destination IP Group with one of the required Dial Plan tags.
Page 508: Dial Plan Backward Compatibility
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual ● Please adhere to the following regarding the 'Tag' parameter in the Dial Plan Rule table: ✔ Only one tag name without a value can be configured. In the above example, "Holland"...
Page 509: Using Dial Plan Tags For Sbc Outbound Manipulation
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual The following procedure describes how to configure IP-to-IP routing using prefix tags. ➢ To configure IP-to-IP routing using prefix tags: Configure a Dial Plan file with prefix tags, and then load the file to the device.
Page 510: Using Dial Plan Tags For Call Setup Rules
CHAPTER 20 SIP Definitions Mediant 4000 SBC | User's Manual ● 'Source Tags' parameter (IPOutboundManipulation_SrcTags): tag denoting the calling users ● 'Destination Tags' parameter (IPOutboundManipulation_DestTags): tag denoting the called users Using Dial Plan Tags for Call Setup Rules You can use Dial Plan tags in Call Setup rules, configured in the Call Setup Rules table (see Configuring Call Setup Rules ).
Page 511: Sip Message Manipulation
CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual SIP Message Manipulation This section describes SIP message manipulation. Configuring SIP Message Manipulation The Message Manipulations table lets you configure up to 500 Message Manipulation rules. A Message Manipulation rule defines a manipulation sequence for SIP messages. SIP message manipulation enables the normalization of SIP messaging fields between communicating network segments.
Page 512 CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual ■ Deletion of SIP body (e.g., if a message body is not supported at the destination network this body is removed) ■ Translating one SIP response code to another ■...
Page 513 CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual This manipulation example is done by configuring two Message Manipulation rules, where Rule #1 is assigned to the source IP Group and Rule #2 to the destination IP Group. Parameter...
Page 514 CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual ● For a detailed description of the syntax used for configuring Message Manipulation rules, refer to the Syntax for SIP Message Manipulation Reference Guide. ● Inbound message manipulation is done only after the Classification, inbound and outbound number manipulation, and routing processes.
Page 515 CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual ■ Index 3: If the user part of the From header equals "unknown", then it is changed according to the srcIPGroup call’s parameter. ■ Index 4: Removes the Priority header from an incoming INVITE message.
Page 516 CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual Parameter Description ■ Invite = rule applies to all INVITE requests and responses ■ Invite.Request = rule applies to INVITE requests ■ Invite.Response = rule applies to INVITE responses ■...
Page 517: Configuring Message Condition Rules
CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual Parameter Description [MessageManipulations_ ■ string/<message-element>/<call-param> + ActionValue] ■ string/<message-element>/<call-param> For example: ■ 'itsp.com' ■ header.from.url.user ■ param.call.dst.user ■ param.call.dst.host + '.com' ■ param.call.src.user + '<' + header.from.url.user + '@' + header.p-asserted-id.url.host + '>'...
Page 518: Configuring Sip Message Policy Rules
CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual Configure a Message Condition rule according to the parameters described in the table below. Click Apply. An example of configured Message Condition rules is shown in the figure below: ■...
Page 519 CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual ■ Maximum header length ■ Maximum message body length ■ Maximum number of headers ■ Maximum number of bodies ■ Option to send 400 "Bad Request" response if message request is rejected ■...
Page 520 CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual Parameter Description 'Name' Defines a descriptive name, which is used when associating the row in other tables. name The valid value is a string of up to 40 characters. [MessagePolicy_Name] Note: ■...
Page 521: Configuring Pre-Parsing Manipulation Rules
CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual Parameter Description 'Method List' Defines SIP methods (e.g., INVITE\BYE) to blacklist or whitelist. method-list Multiple methods are separated by a backslash (\). The method [MessagePolicy_ values are case-insensitive. MethodList] 'Method List Type' Defines the policy (blacklist or whitelist) for the SIP methods specified in the 'Method List' parameter (above).
Page 522 CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual For a detailed description of supported regex syntax, refer to the Syntax for SIP Message Manipulation Reference Guide Pre-Parsing Manipulation is configured using two tables with "parent-child" relationship: ■ Pre-Parsing Manipulation Sets table ("parent"): Defines a descriptive name for the Pre-Parsing Manipulation Set.
Page 523 CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual In the Pre-Parsing Manipulation Sets table, select the row, and then click the Pre-Parsing Manipulation Rules link located below the table; the Pre-Parsing Manipulation Rules table appears. Click New; the following dialog box appears: Configure a rule according to the parameters described in the table below.
Page 524: Precedence Ring Tone
CHAPTER 21 SIP Message Manipulation Mediant 4000 SBC | User's Manual Parameter Description For more information on regex, refer to the Syntax for SIP Message Manipulation Reference Guide. Precedence Ring Tone - 491 -...
Page 525: Session Border Controller Application
Part V Session Border Controller Application...
Page 526: Sbc Overview
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual SBC Overview This section provides an overview of the device's SBC application. ● For guidelines on how to deploy your SBC device, refer to the SBC Design Guide document. ● The SBC feature is available only if the device is installed with a License Key that includes this feature.
Page 527: B2Bua And Stateful Proxy Operating Modes
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual ● Generates a new SIP Call-ID header value (different between legs). ● Changes the SIP Contact header and sets it to the device's address. ● Layer-3 topology hiding by modifying source IP address in the SIP IP header.
Page 528 CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual In contrast, when the device operates in Stateful Proxy mode, the device by default forwards SIP messages transparently (unchanged) between SIP endpoints (from inbound to outbound legs). The device retains the SIP dialog identifiers and topology headers received in the incoming message and sends them as is in the outgoing message.
Page 529: Call Processing Of Sip Dialog Requests
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual If the operation mode is configured in both tables, the operation mode of the IP Group is applied. Once configured, the device uses default settings in the IP Profiles table for handling the SIP headers, as mentioned previously.
Page 530 CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual The first stage of the SIP dialog-initiating process is determining source and destination URLs. The SIP protocol has more than one URL in a dialog-initiating request that may represent the source and destination URLs. The device obtains the source and destination URLs from certain SIP headers.
Page 531 CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual You can specify the SIP header from where you want the device to obtain the source URL in the incoming dialog request. This is configured in the IP Groups table using the...
Page 532: User Registration
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual Applying Call Setup Rules for Various Functions: If configured, the device can run Call Setup Rules to apply various functions to the call. The Call Setup Rule is configured in the Call...
Page 533: Classification And Routing Of Registered Users
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual ■ If registration succeeds (replied with 200 OK by the destination server), the device adds a record to its' registration database, which identifies the specific contact of the specific user (AOR). The device uses this record to route subsequent SIP requests to the specific user (in normal or survivability modes).
Page 534: General Registration Request Processing
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual If registrations are destined to the database (using the above rules), the device does not attempt to find a database match, but instead replies with a SIP 200 OK (used for Survivability). Once a match is found, the request is routed either to the contact received in the initial registration or (if the device identifies that the user agent is behind a NAT) to the source IP address of the initial registration.
Page 535: Registration Refreshes
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual Registration Refreshes Registration refreshes are incoming REGISTER requests from users that are registered in the device's registration database. The device sends these refreshes to the serving proxy only if the serving proxy's Expires time is about to expire; otherwise, the device responds with a 200 OK to the user without routing the REGISTER.
Page 536: Media Handling
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual # clear voip register db sbc user John@10.33.2.22 # clear voip register db sbc user John ■ To delete all registered users belonging to a specific IP Group: # clear voip register db sbc ip-group <ID or name>...
Page 537: Media Anchoring
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual Media Anchoring By default, the device anchors the media (RTP) traffic. In other words, the media between SIP endpoints traverses the device. You can change this default mode by enabling direct media between SIP endpoints.
Page 538 CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual ■ Avoids interference in SDP negotiation and header manipulation on RTP/SRTP Direct media is typically implemented for calls between users located in the same LAN or domain, and where NAT traversal is not required and other media handling features such as media transcoding is not required.
Page 539: Restricting Audio Coders
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual IP Groups of the endpoints use the same SIP Interface and the SIP Interface's 'SBC Direct Media' parameter is set to Enable When Single NAT (SIPInterface_SBCDirectMedia = 2), and the endpoints are located behind the same NAT.
Page 540: Coder Transcoding
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual If you assign the SIP entity an Allowed Audio Coders Group for coder restriction and a Coders Group for extension coders (i.e., voice transcoding), the allowed coders take precedence over the extension coders. In other words, if an extension coder is not listed as an allowed coder, the device does not add the extension coder to the SDP offer.
Page 541 CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual ● If you assign a SIP entity an Allowed Audio Coders Group for coder restriction (allowed coders) and a Coders Group for extension coders, the allowed coders take precedence over the extension coders. In other words, if an extension coder is not listed as an allowed coder, the device does not add the extension coder to the SDP offer.
Page 542 CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual On the inbound leg for the incoming SDP offer: The device allows and keeps the coders in the SDP that also appear in the Allowed Audio Coders Group for coder restriction (i.e., G.711 and G.729).
Page 543: Transcoding Mode
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual Assign the Coders Group to the IP Profile, using the 'Extension Coders Group' parameter (SBCExtensionCodersGroupName). Enable extension coders by configuring the 'Allowed Coders Mode' parameter to Restriction or Restriction and Preference.
Page 544: Srtp-Rtp And Srtp-Srtp Transcoding
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual ■ Outgoing SDP offer: If only Allowed coders are used, the device arranges the coders in the SDP offer as described above. However, if Extension coders are also used, the coder list is arranged according to the SBCPreferencesMode parameter.
Page 545: Interworking Miscellaneous Media Handling
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual The device transparently forwards Binary Floor Control Protocol (BFCP) signaling over UDP between IP entities (RFC 4582). BFCP is a signaling protocol used by some third- party conferencing servers to share content (such as video conferencing, presentations or documents) between conference participants (SIP clients supporting BFCP).
Page 546: Interworking Rtcp Attribute In Sdp
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual Interworking RTCP Attribute in SDP The device supports interworking the RTCP attribute 'a=rtcp' in the SDP between SIP entities. Employing IP Profiles, you can configure RTCP attribute handling (add, remove or transparent) per...
Page 547: Limiting Sbc Call Duration
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual The voice-related coder configuration (Allowed and Extension coders) is independent of the fax-related coder configuration, with the exception of the G.711 coder. If the G.711 coder is restricted by the Allowed Audio Coders Groups table, it is not used for fax processing even if it is listed in the Coder Groups table for faxes.
Page 548: Radius-Based User Authentication
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual The device challenges the received SIP message only if it is configured as a SIP method (e.g., INVITE) for authorization. This is configured in the IP Groups table, using the 'Authentication Method List' parameter.
Page 549 CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual When the user wants to register with the device or make a call, the client application (e.g., Web browser for the WebRTC application) through which the user communicates with the device, sends a SIP REGISTER or INVITE request that includes the user's Access Token in the SIP Authorization header ("Bearer"...
Page 550 CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual Content-Length:… Authorization: Basic dGVzdEludHJvc3BlY3Q6NTliZDA4NGUtMTJlNi00N2I5LWJmNz token=<Access Token from Bearer in SIP Authorization header> The OAuth Authorization server checks (introspects) if the token is currently active (or if it has expired or revoked). Upon a successful introspection, the OAuth Authorization server sends to the device a 200 OK response containing a JSON body ("application/ json").
Page 551 CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual Parameter Value Comment 'Path' "auth/realms/demo/protocol/openid- Relative URL for the connect/token/introspect" introspection service on the server. 'Username' "device234" Username that the device uses for authenticating the HTTP POST introspection request which it sends to the OAuth server.
Page 552: Interworking Sip Signaling
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual Interworking SIP Signaling The device supports interworking of SIP signaling messages to ensure interoperability between communicating SIP UAs or entities. This is critical in network environments where the UAs on opposing SBC legs have different SIP signaling support. For example, some UAs may support different versions of a SIP method while others may not event support a specific SIP method.
Page 553: Local Handling Of Sip 3Xx
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual The process of this feature is described using an example: The device receives the Redirect server's SIP 3xx response (e.g., Contact: <sip:User- @IPPBX:5060;transport=tcp;param=a>;q=0.5). The device replaces the Contact header value with the special prefix and database key value as user part, and with the device's URL as host part (e.g., Contact: <sip:Prefix_Key_User-...
Page 554: Interworking Sip Diversion And History-Info Headers
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual Interworking SIP Diversion and History-Info Headers This device can be configured to interwork between the SIP Diversion and History-Info headers. This is important, for example, to networks that support the Diversion header but not the History- Info header, or vice versa.
Page 555: Interworking Sip Refer Messages
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual SIP Header Present IP Header Present Parameter in incoming SIP Device Action in outgoing SIP Value Message Message 'Diversion Present Diversion added from Present Present Header Mode' present History-Info = Add...
Page 556: Interworking Sip Prack Messages
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual The handling of REFER can be configured for all calls, using the global parameter [SBCReferBehavior]. To configure different REFER handling options for different UAs (i.e., IP Groups), use the IP Profiles table parameter, 'Remote REFER Mode'.
Page 557 CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual ■ In a SIP dialog life time, media characteristics after originally determined by the first offer- answer transaction can be changed by using subsequent offer-answer transactions. These transactions may be carried either in UPDATE or re-INVITE transactions. The media handling is similar to the original offer-answer handling.
Page 558 CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual Figure 22-2: SBC Early Media RTP 18x without SDP Figure 22-3: SBC Early Media RTP 18x with SDP - 525 -...
Page 559: Interworking Sip Re-Invite Messages
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual Interworking SIP re-INVITE Messages The device supports interworking of SIP re- INVITE messages. This enables communication between endpoints that generate re-INVITE requests and those that do not support the receipt of re- INVITEs.
Page 560: Interworking Call Hold
CHAPTER 22 SBC Overview Mediant 4000 SBC | User's Manual Interworking Call Hold The device supports the interworking of call hold / retrieve requests between SIP entities supporting different call hold capabilities: ■ Interworking SDP call hold formats. This is configured by the IP Profile parameter, 'SBC Remote Hold Format'.
Page 561: Configuring General Sbc Settings
CHAPTER 23 Configuring General SBC Settings Mediant 4000 SBC | User's Manual Configuring General SBC Settings This section describes configuration of various SBC features. Interworking Dialog Information in SIP NOTIFY Messages You can enable the device to interwork dialog information (XML body) received in SIP NOTIFY messages from a remote (WAN) application server.
Page 562 CHAPTER 23 Configuring General SBC Settings Mediant 4000 SBC | User's Manual <dialog id="sfhjsjk12" call-id="67402270@10.132.10.150" local-tag="1c137249965" remote-tag="CCDORRTDRKIKWFVBRWYM" direction="receiver"> <state reason="replaced">confirmed</state> <replaces call-id="67402270@10.132.10.150" local-tag="1c137249965" remote-tag="CCDORRTDRKIKWFVBRWYM"/> <referred-by> sip:bob-is-not-here@vm.example.net </referred-by> <local> <identity display="Jason Forster"> sip:jforsters@home.net </identity> <target uri="sip:alice@pc33.example.com"> <param pname="+sip.rendering" pval="yes"/> </target> </local> <remote>...
Page 563: Configuring Call Admission Control
CHAPTER 24 Configuring Call Admission Control Mediant 4000 SBC | User's Manual Configuring Call Admission Control You can implement Call Admission Control (CAC) to regulate the volume of voice traffic handled by the device. CAC configuration is done using two tables with parent-child type relationship: ■...
Page 564 CHAPTER 24 Configuring Call Admission Control Mediant 4000 SBC | User's Manual Your CAC rule can also define a guaranteed number of concurrent calls (reserved capacity) for the assigned SIP entity (see above) . Reserved capacity is especially useful when the device operates with multiple entities.
Page 565 CHAPTER 24 Configuring Call Admission Control Mediant 4000 SBC | User's Manual In the Call Admission Control Profile table, select the required row, and then click the Call Admission Control Rule link located below the table; the Call Admission Control Rule table appears.
Page 566 CHAPTER 24 Configuring Call Admission Control Mediant 4000 SBC | User's Manual Parameter Description [SBCAdmissionRule_ You can also use the following special values: LimitPerUser] ■ [-1] -1 = (Default) Unlimited. ■ [0] 0 = Block all the SIP dialog types specified in the 'Request Type' parameter (above).
Page 567 CHAPTER 24 Configuring Call Admission Control Mediant 4000 SBC | User's Manual Parameter Description 'Maximum Burst Per User' Defines the maximum number of tokens (SIP dialogs) per user that the bucket can hold (see the 'Maximum Burst' max-burst-per-user parameter for a detailed description).
Page 568: Routing Sbc
CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Routing SBC This section describes configuration of call routing for the SBC application. Configuring Classification Rules The Classification table lets you configure up to 625 Classification rules. A Classification rule classifies incoming SIP dialog-initiating requests (e.g., INVITE messages) to a "source" IP Group.
Page 569 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual From the 'Unclassified Calls' drop-down list, select Reject to reject unclassified calls or Allow to accept unclassified calls: Click Apply. If you configure the parameter to Allow, the incoming SIP dialog is assigned to an IP Group as follows: The device determines on which SIP listening port (e.g., 5061) the incoming SIP dialog request...
Page 570 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual If classification based on Proxy Set fails (or classification based on Proxy Set is disabled), the device proceeds to classification based on the Classification table. ● For security, it is recommended to classify SIP dialogs based on Proxy Set only if the IP address of the Server-type IP Group is unknown.
Page 571 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual The following procedure describes how to configure Classification rules through the Web interface. You can also configure it through ini file [Classification] or CLI (configure voip > sbc classification). ➢ To configure a Classification rule: Open the Classification table (Setup menu >...
Page 572 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Click Apply. Table 25-1: Classification Table Parameter Descriptions Parameter Description 'SRD' Assigns an SRD to the rule as a matching characteristic for the incoming SIP dialog. srd-name If only one SRD is configured in the SRDs table, the SRD is [Classification_ assigned to the rule by default.
Page 573 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description ■ [-1] Any = (Default) All transport types src-transport-type ■ [0] UDP [Classification_ ■ [1] TCP SrcTransportType] ■ [2] TLS 'Source Port' Defines the source port number as a matching characteristic for the incoming SIP dialog.
Page 574 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description [Classification_ The default is the asterisk (*) symbol, which represents any DestHost] destination host prefix. 'Message Condition' Assigns a Message Condition rule to the Classification rule as a matching characteristic for the incoming SIP dialog.
Page 575: Classification Based On Uri Of Selected Header Example
CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description ■ The IP Group must be associated with the assigned SRD (see the 'SRD' parameter in the table). 'IP Group Tag Name' Defines the source tag of the incoming SIP dialog. The tag is used for classifying the SIP dialog to an IP Group.
Page 576 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Via: SIP/2.0/UDP 10.33.4.226;branch=z9hG4bKVEBTDAHSUYRTEXEDEGJY From: <sip:100@10.33.4.226>;tag=YSQQKXXREVDPYPTNFMWG To: <sip:8000@10.33.4.226> Call-ID: FKPNOYRNKROIMEGBSSKS@10.33.4.226 CSeq: 1 INVITE Contact: <sip:100@10.33.4.226> Route: <sip:2000@10.10.10.10.10>,<sip:300@10.10.10.30> Supported: em,100rel,timer,replaces P-Called-Party-ID: <sip:1111@10.33.38.1> User-Agent: Sip Message Generator V1.0.0.5 Content-Length: 0 In the Classification table, add the following classification rules:...
Page 577: Configuring Classification Based On Tags
CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Configuring Classification Based on Tags You can classify incoming SIP dialogs to IP Groups, using tags (source tags) that are obtained from Call Setup Rules associated with the SIP Interfaces on which dialogs are received. Using tags can significantly reduce the number of required Classification rules.
Page 578: Configuring Sbc Ip-To-Ip Routing
CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual General 'Request Type' Dial Plan 'Request Target' ITSP 'Request Key' Param.Call.Src.User 'Condition ' DialPlan.Found exists Action 'Action Subject' SrcTags 'Action Type' Modify 'Action Value' DialPlan.Result Open the SIP Interfaces table (see Configuring SIP Interfaces on page 334), and then...
Page 579 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual ■ Action: Defines the action that is done if the incoming call matches the characteristics of the rule (i.e., routes the call to the specified destination). The device searches the table from top to bottom for the first rule that matches the characteristics of the incoming call.
Page 580 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual To configure and apply an IP-to-IP Routing rule, the rule must be associated with a Routing Policy. The Routing Policy associates the routing rule with an SRD(s). Therefore, the Routing Policy lets you configure routing rules for calls belonging to specific SRD(s).
Page 581 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual If the Proxy Set (see Configuring Proxy Sets) associated with the destination of the call is configured with multiple IP addresses, the device first attempts to route the call to one of these IP addresses, starting with the first listed address. Only when the call cannot be routed to any of the Proxy Set’s IP addresses does the device search the IP-...
Page 582 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual The LCR feature can also be employed with call forking. The device calculates a maximum call cost for each Forking group and routes the call to the Forking group with the lowest cost. Thus, even if the call can successfully be routed to the main routing rule, a different routing rule can be chosen (even an alternative route, if configured) based on LCR.
Page 583 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Table 25-2: IP-to-IP Routing Table Parameter Descriptions Parameter Description 'Routing Policy' Assigns a Routing Policy to the rule. The Routing Policy associates the rule with an SRD(s). The Routing Policy also defines default...
Page 584 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description ■ The Forking Group members must be configured in a table row that is immediately below the main Forking routing rule, or below an alternative routing rule for the main rule, if configured.
Page 585 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description 'Source Username Defines the user part of the incoming SIP dialog's source URI Pattern' (usually the From URI). You can use special patterns (notations) to denote the user part. For...
Page 586 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description Note: If you need to route calls of many different destination URI user names to the same destination, you can use tags (see 'Source Tags' parameter below) instead of this parameter.
Page 587 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description ■ [5] Broken Connection = If the device detects a broken RTP connection during the call and the Broken RTP Connection feature is enabled (IpProfile_DisconnectOnBrokenConnection parameter is configured to [2]), you can use this option as an explicit matching characteristics to route the call to an alternative destination.
Page 588 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description ■ [4] Hunt Group = Used for call center survivability. For more information, see Configuring Call Survivability for Call Centers. ■ [5] Dial Plan = (For Backward Compatibility Only - see Note below) The IP destination is determined by a Dial Plan index of the loaded Dial Plan file.
Page 589 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description ■ If you configure the parameter to Dest Address, Request URI, ENUM, Dial Plan or LDAP, you must specify a destination IP Group using the 'Destination IP Group' parameter, even though these calls are not sent to the specified IP Group (i.e., its...
Page 590 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description ✔ User-type IP Groups: SIP Interface is determined during user registration with the device. ■ For multi-tenancy, if the assigned Routing Policy is not shared (i.e., the Routing Policy is associated with an Isolated SRD), the SIP Interface must be one that is associated with the Routing Policy or with a shared Routing Policy (i.e., the Routing Policy is...
Page 591 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description 'IP Group Set' Assigns an IP Group Set to the routing rule. The device routes the call to one of the IP Groups in the IP Group Set according to the ipgroupset-name load-balancing policy configured for the IP Group Set.
Page 592 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description The default value is "default", meaning that the device uses the first tag name in the Dial Plan rule that is configured without a value. For example, if the Dial Plan rule is configured with tags "Country=England;City=London;Essex", the default tag is "Essex".
Page 593: Configuring Rerouting Of Calls To Fax Destinations
CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description Note: ■ The parameter can be used for normal and alternative routing. ■ The response code for redirect messages can only be 3xx. Configuring Rerouting of Calls to Fax Destinations You can configure the device to reroute incoming SBC calls identified as fax calls to a new IP destination.
Page 594: Configuring Specific Udp Ports Using Tag-Based Routing
CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual In the IP Groups table, edit IP Group #2, and then from the 'IP Profile' drop-down list, select the IP Profile that you configured above. For the voice destination (IP Group #1), do the following:...
Page 595 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual For each IP PBX, the device sends SIP messages to the proxy server using the specific local, UDP port on the leg interfacing with the proxy server. For SIP messages received from the proxy server, the device routes the messages to the appropriate IP PBX according to the local UDP port on which the message was received.
Page 596 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual For guidelines on configuring the 'Additional UDP Ports' parameter (SIPInterface_ AdditionalUDPPorts), see Configuring SIP Interfaces. Open the IP Groups table (see Configuring IP Groups), and then configure the following IP Groups: ●...
Page 597 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual General Index Name ITSP Type Server SBC Advanced Call Setup Rules Set ID Tags Type=ITSP Open the Call Setup Rules table (see Configuring Call Setup Rules), and then configure the following Call Setup rules: ●...
Page 598 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual ● If the source tag name "Type" equals "ITSP" (i.e., SIP message from the ITSP), then use the value (port number) of the local port on which the incoming message from the proxy server is received by the device, as the value of the destination tag name "Port".
Page 599: Configuring A Routing Response Timeout
CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual General Destination Type Destination Tag Routing Tag Name Port Configuring a Routing Response Timeout If you have routing rules in the IP-to-IP Routing table that need to query external servers (e.g., an LDAP server or ENUM server) on whose responses the device uses to determine where to route the SBC calls, you can configure a timeout for the responses.
Page 600 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual ● If any attempted proxy server sends a response code that you have not configured in the Alternative Routing Reasons table, the routing of the SIP message fails and the device does not make any further attempts to route the message.
Page 601: Configuring Sbc Routing Policy Rules
CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Click New; the following dialog box appears: Configure a SIP response code for alternative routing according to the parameters described in the table below. Click Apply. Table 25-3: Alternative Routing Reasons Table Parameter Descriptions...
Page 602 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual ■ Enables Least Cost Routing (LCR), and configures default call cost (highest or lowest) and average call duration for routing rules that are not assigned LCR Cost Groups. The default call...
Page 603 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual ■ If the Routing Policy is assigned to only one SRD and the SRD is an Isolated SRD, the routing rules of the Routing Policy can be configured with IP Groups belonging to the Isolated SRD and IP Groups belonging to all Shared SRDs.
Page 604 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Configure the Routing Policy rule according to the parameters described in the table below. Click Apply. Table 25-4: Routing Policies table Parameter Descriptions Parameter Description General 'Index' Defines an index number for the new table row.
Page 605: Configuring Ip Group Sets
CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Parameter Description Least Cost Routing 'LCR Feature' Enables the Least Cost Routing (LCR) feature for the Routing Policy. lcr-enable ■ [0] Disable (default) [SBCRoutingPolicy_ LCREnable] ■ [1] Enable For more information on LCR, see Least Cost Routing.
Page 606 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Alternative routing within the IP Group Set is also supported, whereby if a chosen destination IP Group responds with a reject response that is configured as a reason for alternative routing (see Configuring SIP Response Codes for Alternative Routing Reasons) or doesn't respond at all (i.e.,...
Page 607 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Table 25-5: IP Group Set Table Parameter Descriptions Parameter Description 'Index' Defines an index number for the new table row. [IPGroupSet_ Note: Each row must be configured with a unique index.
Page 608 CHAPTER 25 Routing SBC Mediant 4000 SBC | User's Manual Click New; the following dialog box appears: Configure IP Group Set members according to the parameters described in the table below. Click Apply, and then save your settings to flash memory.
Page 609: Sbc Manipulations
CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual SBC Manipulations This section describes the configuration of the manipulation rules for the SBC application. For additional manipulation features, see the following: ● Configuring SIP Message Policy Rules ● Configuring SIP Message Manipulation The device supports SIP URI user part (source and destination) manipulations for inbound and outbound routing.
Page 610 CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual Content-Type: application/sdp Content-Length: 155 o=SMG 791285 795617 IN IP4 10.2.2.6 s=Phone-Call c=IN IP4 10.2.2.6 t=0 0 m=audio 6000 RTP/AVP 8 a=rtpmap:8 pcma/8000 a=sendrecv a=ptime:20 ■ Outgoing INVITE to WAN: INVITE sip: 9721000@ITSP;user=phone;x=y;z=a SIP/2.0 Via: SIP/2.0/UDP 212.179.1.12;branch=z9hGWwan...
Page 611: Configuring Ip-To-Ip Inbound Manipulations
CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual From: <sip:97000@IP_PBX;user=phone;x=y;z=a>;tag=OWan;paramer1=abe ■ Inbound destination SIP URI user name from "1000" to 9721000": INVITE sip:1000@10.2.2.3;user=phone;x=y;z=a SIP/2.0 To: <sip:1000@10.2.2.3;user=phone> INVITE sip:9721000@ITSP;user=phone;x=y;z=a SIP/2.0 To: <sip:9721000@ITSP;user=phone> ■ Destination IP Group name (SIP URI host name) from "10.2.2.3" to "ITSP": INVITE sip:1000@10.2.2.3;user=phone;x=y;z=a SIP/2.0...
Page 612 CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual Configure stricter classification rules higher up in the table than less strict rules to ensure the desired rule is used to manipulate the incoming dialog. Strict refers to the number of matching characteristics configured for the rule. For example, a rule configured with source host name and source IP Group as matching characteristics is stricter than a rule configured with only source host name.
Page 613 CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual Table 26-1: Inbound Manipulations Table Parameter Descriptions 'Routing Policy' Assigns an Routing Policy to the rule. The Routing Policy associates the rule with an SRD(s). The Routing Policy also routing-policy-name defines default LCR settings as well as the LDAP servers if the routing rule is based on LDAP routing (and Call Setup Rules).
Page 614 CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual 'Request Type' Defines the SIP request type to which the manipulation rule is applied. request-type ■ [0] All = (Default) All SIP messages. [IPInboundManipulation_ RequestType] ■ [1] INVITE = All SIP messages except REGISTER and SUBSCRIBE.
Page 615: Configuring Ip-To-Ip Outbound Manipulations
CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual 'Remove From Left' Defines the number of digits to remove from the left of the user name prefix. For example, if you enter 3 and the user name is remove-from-left "john", the new user name is "n".
Page 616 CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual ● Configure stricter classification rules higher up in the table than less strict rules to ensure the desired rule is used to manipulate the outbound dialog. Strict refers to the number of matching characteristics configured for the rule. For example, a rule configured with source host name and source IP Group as matching characteristics is stricter than a rule configured with only source host name.
Page 617 CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual Parameter Description General 'Index' Defines an index number for the new table row. [IPOutboundManipulation_ Note: Each row must be configured with a unique index. Index] 'Name' Defines a descriptive name, which is used when associating the row in other tables.
Page 618 CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual Parameter Description 'Source IP Group' Defines the IP Group from where the INVITE is received. The default value is Any (i.e., any IP Group). src-ip-group-name [IPOutboundManipulation_ SrcIPGroupName] 'Destination IP Group' Defines the IP Group to where the INVITE is to be sent.
Page 619 CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual Parameter Description You can use special patterns (notations) to denote the user part. dst-user-name- For example, if you want to match this rule to user parts whose pattern last four digits (i.e., suffix) are 4 followed by any three digits [IPOutboundManipulation_ (e.g., 4008), then configure this parameter to "(4xxx)".
Page 620 CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual Parameter Description 'ReRoute IP Group' Defines the IP Group that initiated (sent) the SIP redirect response (e.g., 3xx) or REFER message. The parameter is re-route-ip-group- typically used for re-routing requests (e.g., INVITEs) when...
Page 621: Using The Proprietary Sip X-Ac-Action Header
"id". Using the Proprietary SIP X-AC-Action Header You can use AudioCodes proprietary SIP header, X-AC-Action in Message Manipulation rules to trigger certain actions. These actions can be used to support, for example, interworking of SIP-I and SIP endpoints for the ISUP SPIROU variant (see Enabling Interworking of SIP and SIP-I Endpoints).
Page 622 CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual X-AC-Action: 'disconnect' X-AC-Action: 'disconnect;delay=<time in ms>' ■ To resume a previously suspended call: X-AC-Action: 'abort-disconnect' ■ To automatically reply to a message without forwarding the response to the other side: X-AC-Action: 'reply' ■...
Page 623 CHAPTER 26 SBC Manipulations Mediant 4000 SBC | User's Manual For example, to use the X-AC-Action header to switch IP Profiles from "ITSP-Profile-1" to "ITSP- Profile-2" during a call for an IP Group (e.g., IP PBX) if the negotiated media port changes to 7550, perform the following configuration: In the IP Profiles table, configure two IP Profiles ("ITSP-Profile-1"...
Page 624: Configuring Malicious Signatures
CHAPTER 27 Configuring Malicious Signatures Mediant 4000 SBC | User's Manual Configuring Malicious Signatures The Malicious Signature table lets you configure up to 30 Malicious Signature patterns. Malicious Signatures are signature patterns that identify SIP user agents (UA) who perform malicious attacks on SIP servers by SIP scanning.
Page 625 CHAPTER 27 Configuring Malicious Signatures Mediant 4000 SBC | User's Manual ➢ To configure a Malicious Signature: Open the Malicious Signature table (Setup menu > Signaling & Media tab > SBC folder > Malicious Signature). Click New; the following dialog box appears: Configure a Malicious Signature according to the parameters described in the table below.
Page 626: Advanced Sbc Features
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual Advanced SBC Features This section describes configuration of advanced SBC features. Configuring Call Preemption for SBC Emergency Calls The device supports emergency call preemption for SBC calls by prioritizing emergency calls over regular calls.
Page 627: Emergency Call Routing Using Ldap To Obtain Elin
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual ➢ To configure SBC emergency call preemption: In the Message Conditions table (see Configuring Message Condition Rules), configure a Message Condition rule to identify incoming emergency calls. See above for examples.
Page 628: Configuring Dual Registration For Sip Entity
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual Enable the E9-1-1 feature, by configuring the 'PSAP Mode' parameter to PSAP Server in the IP Groups table for the IP Group of the PSAP server (see Enabling the E9-1-1 Feature).
Page 629 CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual The device performs SIP message manipulation (Pre-classification Manipulation) on the REGISTER messages to add a special parameter ("ac-int=<value>") to the Contact header to identify the SIP Interface on which each message is received. For example: ●...
Page 630 CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual ➢ To configure support for dual registration: On the SIP entity (IP Phone), configure the primary and secondary proxy server addresses as the IP address of the device and where each address has a different SIP port number.
Page 631: Handling Registered Aors With Same Contact Uris
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual Classify By Proxy Set: Enable ◆ ● Index 2: Type: User ◆ Name: IP-Phone-A ◆ ● Index 3: Type: User ◆ Name: IP-Phone-B ◆ In the Classification table, configure rules to classify calls from the IP Phones based on SIP Interface: ●...
Page 632: Enabling Interworking Of Sip And Sip-I Endpoints
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual Call-ID: XDRXGAAWNVBTFHBMQCKE@10.33.2.38 CSeq: 1 REGISTER Contact: <sip:300@10.33.2.40> ■ User 2 Registration: REGISTER sip:300@10.33.4.140;user=phone SIP/2.0 Via: SIP/2.0/UDP 10.33.2.40;branch=YHDWUJRMMOEIJRXVYKHD From: <sip:300@domain2;user=phone>;tag=CVYTCHLIVMPBCGNGRTUA To: <sip:300@domain2;user=phone> Call-ID: INRNGFCHFHETRXAQNAIT@10.33.2.38 CSeq: 1 REGISTER Contact: <sip:300@10.33.2.40> For two such user registrations as shown in the example above, the device adds two AORs ("300@domain1"...
Page 633 CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual The SIP-I sends calls, originating from the SS7 network, to the SIP network by adding ISUP messaging in the SIP INVITE message body. The device can receive such a message from the SIP-I and remove the ISUP information before forwarding the call to the SIP endpoint.
Page 634: Configuring Sbc Moh From External Media Source
Manipulation). For a complete description of the ISUP manipulation syntax, refer to the Syntax for SIP Message Manipulation Reference Guide. In addition, you can use the AudioCodes proprietary SIP header X-AC-Action in Message Manipulation rules to support the various call actions (e.g., SIP-I SUS and RES messages) for the ISUP SPIROU variant.
Page 635 CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual ➢ To configure an external media source: Open the External Media Source table (Setup menu > Signaling & Media tab > SBC folder > External Media Source). Click New; the following dialog box appears: Configure the external media source according to the parameters described in the table below.
Page 636 CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual ■ Configuring an IP Profile (namely, the 'Extension Coders Group' parameter) and IP Group (namely, the 'IP Profile' parameter) for the media source ■ Designating the media source IP Group as the external media source (in the External Media Source table, as described above) ■...
Page 637: Webrtc
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual WebRTC The device supports interworking of Web Real-Time Communication (WebRTC) and SIP-based VoIP communication. The device interworks WebRTC calls made from a Web browser (WebRTC client) and the SIP destination. The device provides the media interface to WebRTC.
Page 638 CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual ■ DTLS-SRTP (RFCs 5763/5764): Media channels must be encrypted (secured) through Datagram Transport Layer Security (DTLS) for SRTP key exchange. For more information, see SRTP using DTLS Protocol. ■ SRTP (RFC 3711): Secures media channels by SRTP.
Page 639: Sip Over Websocket
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual The Web page receives Web page elements and JavaScript code for WebRTC from the Web hosting server. The JavaScript code runs locally on the Web browser. When the client clicks the Call button or call link, the browser runs the JavaScript code which sends the HTTP upgrade request for WebSocket in order to establish a WebSocket session with the device.
Page 640 CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual Sec-WebSocket-Accept: rLHCkw/SKsO9GAH/ZSFhBATDKrU= Sec-WebSocket-Protocol: SIP Server: SBC At this stage, the HTTP connection breaks down and is replaced by a WebSocket connection over the same underlying TCP/IP connection. By default, the WebSocket connection uses the same ports as HTTP (80) and HTTPS (443).
Page 641: Configuring Webrtc
● For integrating the device's WebRTC functionality into client Web browsers for making calls from their Web browsers through the device, you can use AudioCodes WebRTC client Software Development Kit (SDK) and Application Program Interface (API). For more information, refer to the WebRTC Web Browser Client SDK API Reference Guide.
Page 642 CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual Configure the keep-alive interval with the WebSocket client: On the Transport Settings page (Setup menu > Signaling & Media tab > SIP Definitions folder > Transport Settings), and then in the 'WebSocket Keep-Alive Period' field (WebSocketProtocolKeepAlivePeriod), enter the keep-alive interval: Click Apply.
Page 643: Call Forking
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual Click Apply. Configure an IP Group for the WebRTC clients: Open the IP Groups table (see Configuring IP Groups). Do the following: From the 'Type' drop-down list, select User. ◆...
Page 644: Initiating Sip Call Forking
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual Initiating SIP Call Forking The SBC device supports call forking of an incoming call to multiple SBC users (destinations). Call forking is supported by the device's capability of registering multiple SIP client user phone contacts (mobile and fixed-line extensions) under the same Address of Record (AOR) in its registration database.
Page 645: Configuring Call Forking-Based Ip-To-Ip Routing Rules
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual The device also supports media synchronization for call forking. If the active UA is the first one to send the final response (e.g., 200 OK), the call is established and all other final responses are acknowledged and a BYE is sent if needed.
Page 646: Configuring Broadsoft's Shared Phone Line Call Appearance For Survivability
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual The device saves the users in its registration database with their phone numbers and extensions, enabling future routing to these destinations during survivability mode when communication with the BroadWorks server is lost. When in survivability mode, the device routes the call to the Contact associated with the dialed phone number or extension number in the registration database.
Page 647: Configuring Call Survivability For Call Centers
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual ● The device enables outgoing calls from all equipment that share the same line simultaneously (usually only one simultaneous call is allowed per a specific shared line). ● You can configure whether REGISTER messages from secondary lines are terminated on the device or forwarded transparently (as is), using the SBCSharedLineRegMode parameter.
Page 648 CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual ➢ To configure call survivability for a call center application: In the IP Groups table (see Configuring IP Groups), add IP Groups for the following entities: ● TDM Gateway (Server-type IP Group). This entity forwards the customer calls through the device to the Application server.
Page 649: Enabling Survivability Display On Aastra Ip Phones
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual The figure below displays a routing rule example, assuming IP Group "1" represents the TDM Gateway and IP Group "3" represents the call center agents: Enabling Survivability Display on Aastra IP Phones...
Page 650: Alternative Routing On Detection Of Failed Sip Response
CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual Alternative Routing on Detection of Failed SIP Response The device can detect failure of a sent SIP response (e.g., TCP timeout, and UDP ICMP). In such a scenario, the device re-sends the response to an alternative destination. This support is in addition to alternative routing if the device detects failed SIP requests.
Page 651 CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual ■ Managed Opus or Managed G.729: If the SBC detects WAN network impairments during a call using the Opus or G.729 coder between the Enterprise SBC and Access SBC, it can adjust the coder's attributes (e.g., bit rate) for that specific call to ensure high voice quality is...
Page 652 CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual ■ Smart Transcoding: If the SBC (Enterprise or Access SBC) detects WAN network impairments during a call between the Enterprise SBC and Access SBC, the SBC employs voice transcoding by switching the coder from G.711 to Opus for that specific call only.
Page 653 CHAPTER 28 Advanced SBC Features Mediant 4000 SBC | User's Manual ■ IP Profiles table - main IP Profile: ● 'Extension Coders Group': Select the Coders Group with G.711 and Opus ● 'Voice Quality Enhancement': Enable ● 'RTP Redundancy Mode': Enable ●...
Page 654: Cloud Resilience Package
Part VI Cloud Resilience Package...
Page 655: Crp Overview
CHAPTER 29 CRP Overview Mediant 4000 SBC | User's Manual CRP Overview The device's Cloud Resilience Package (CRP) application enhances cloud- based or hosted communications environments by ensuring survivability, high voice quality and security at enterprise branch offices and cloud service customer premises. CRP is designed to be deployed at customer sites and branches of: ■...
Page 656 CHAPTER 29 CRP Overview Mediant 4000 SBC | User's Manual One of the main advantages of CRP is that it enables quick-and-easy configuration. This is accomplished by its pre-configured routing entities, whereby only minimal configuration is required. For example, defining IP addresses to get the device up and running and deployed in the network.
Page 657: Crp Configuration
If you installed a License Key with the CRP feature and you later want to stop (disable) working with CRP, you need to purchase (from your AudioCodes sales representative) a new License Key without CRP and install it, and then delete all CRP-related configuration (described in this section) or reset the device to factory default settings.
Page 658: Pre-Configured Ip Groups
CHAPTER 30 CRP Configuration Mediant 4000 SBC | User's Manual ■ Auto Answer to Registrations: This mode is the same as the Normal mode, except that the CRP registers the branch users in its registration database instead of forwarding them to the IP PBX.
Page 659: Pre-Configured Ip-To-Ip Routing Rules
CHAPTER 30 CRP Configuration Mediant 4000 SBC | User's Manual Table 30-1: Pre-configured IP Groups in the IP Groups Table Index Name Type Description "CRP Users" User LAN users (e.g., IP phones) at the branch office "CRP Proxy" Server Server (e.g., hosted IP PBX at the Enterprise's headquarters) "CRP...
Page 660: Emergency Mode
CHAPTER 30 CRP Configuration Mediant 4000 SBC | User's Manual Source IP Alternative Request Destination Destination Destination Index Group / Route Type Type IP Group Address Emergency Options #1 [CRP IP Group #3 [CRP Alternative Users] Gateway] Route Ignore Inputs #2 [CRP...
Page 661: Auto Answer To Registrations
CHAPTER 30 CRP Configuration Mediant 4000 SBC | User's Manual The routing rule at Index 5 appears only if the CRPGatewayFallback parameter is enabled (1). Auto Answer to Registrations The pre- configured IP- to- IP routing rules for the Auto Answer to Registrations CRP call...
Page 662: Configuring Pstn Fallback
CHAPTER 30 CRP Configuration Mediant 4000 SBC | User's Manual ● The destination for the routing rule at Index 2 is the source IP Group (i.e., from where the REGISTER message is received). ● Routing rule at Index 7 appears only if the CRPGatewayFallback parameter is...
Page 663: High-Availability System
Part VII High-Availability System...
Page 664: Ha Overview
CHAPTER 31 HA Overview Mediant 4000 SBC | User's Manual HA Overview The device's High Availability (HA) feature provides 1+1 system redundancy using two devices. If failure occurs in the active device, a switchover occurs to the redundant device which takes over the call handling process.
Page 665: Device Switchover Upon Failure
CHAPTER 31 HA Overview Mediant 4000 SBC | User's Manual In the active device, all logical interfaces (i.e., Media, Control, OAMP, and Maintenance) are active. In the redundant device, only the Maintenance interface is active, which is used for connectivity to the active device. Therefore, management is done only through the active device.
Page 666: Viewing Ha Status On Monitor Web Page
CHAPTER 31 HA Overview Mediant 4000 SBC | User's Manual ■ Loss of physical (link) connectivity: If one or more physical network groups (i.e., Ethernet port pair) used for one or more network interfaces of the active device disconnects (i.e., no link) and these physical network groups are connected OK on the redundant device, a switchover occurs to the redundant device.
Page 667 CHAPTER 31 HA Overview Mediant 4000 SBC | User's Manual ➢ To define a name for the device: Open the HA Settings page (Setup menu > IP Network tab > Core Entities folder > HA Settings). In the 'HA Device Name' field, enter a name for the active device.
Page 668: Ha Configuration
CHAPTER 32 HA Configuration Mediant 4000 SBC | User's Manual HA Configuration This section describes HA configuration. Initial HA Configuration By default, HA is disabled on the device. When a device is loaded with valid HA configuration and is the first device to be loaded, it becomes the active device. The second device that is loaded with HA configuration becomes the redundant (standby) device.
Page 669: Configuring The Ha Devices
CHAPTER 32 HA Configuration Mediant 4000 SBC | User's Manual ■ For Geographical HA (both units are located far from each other), 2Rx/1Tx port mode connected to a port aggregation switch is the recommended option: ● When two LAN switches are used, the LAN switches must be in the same subnet (i.e., broadcast domain).
Page 670: Step 1: Configure The First Device
CHAPTER 32 HA Configuration Mediant 4000 SBC | User's Manual Step 1: Configure the First Device The first stage is to configure the first device for HA. During this stage, make sure that the second device is powered off or disconnected from the network.
Page 671: Step 2: Configure The Second Device
CHAPTER 32 HA Configuration Mediant 4000 SBC | User's Manual In the 'HA Remote Address' field, enter the Maintenance IP address of the second device. (Optional) Enable the HA Preempt feature by configuring the 'Preempt Mode' parameter to Enable, and then setting the priority level of the device in the 'Preempt Priority' field. Make sure that you configure different priority levels for the two devices.
Page 672: Step 3: Initialize Ha On The Devices
CHAPTER 32 HA Configuration Mediant 4000 SBC | User's Manual (Optional) Enable the HA Preempt feature by configuring the 'Preempt Mode' parameter to Enable, and then setting the priority level of the device in the 'Preempt Priority' field. Make sure that you configure different priority levels for the two devices. Typically, you would configure the active device with a higher priority level (number) than the redundant device.
Page 673 CHAPTER 32 HA Configuration Mediant 4000 SBC | User's Manual ➢ To quickly set up two devices for HA: Make sure that the License Key installed on both devices includes the HA license (see Viewing the License Key on page 672). Obtain the MAC address of each device. The MAC address is displayed on the Device...
Page 674: Configuration While Ha Is Operational
CHAPTER 32 HA Configuration Mediant 4000 SBC | User's Manual ● If the HA Preempt feature is enabled, the device with the highest priority becomes the active unit. If the HA Preempt feature is not enabled, the first device to load the file becomes the active unit, or if both load the file simultaneously, the device with the "highest"...
Page 675 Maintenance interfaces, you must open (allow) the same port ranges as configured in the table above, on that external firewall. ● If the device needs to communicate with AudioCodes OVOC, you must also add rules to allow incoming traffic from OVOC. For more information, see Configuring Firewall Rules to Allow Incoming OVOC Traffic on page 142.
Page 676: Configuring Diffserv For Ha Maintenance Traffic
CHAPTER 32 HA Configuration Mediant 4000 SBC | User's Manual Configuring DiffServ for HA Maintenance Traffic You can configure Differentiated Services (DiffServ) for HA Maintenance traffic which flows between the active and redundant devices on the HA Maintenance network interface. The default DiffServ value for this traffic is 46, which should be sufficient in most setups.
Page 677 CHAPTER 32 HA Configuration Mediant 4000 SBC | User's Manual ● The HA Network Monitor feature is a license-based feature (which is part of the general HA license) and is available only if it is included in the License Key that is installed on the device.
Page 678 CHAPTER 32 HA Configuration Mediant 4000 SBC | User's Manual Configure an HA network monitor entry according to the parameters described in the table below. Click Apply. Parameter Description 'Index' Defines an index number for the new table row. [HaNetworkMonitor_ Note: Each row must be configured with a unique index.
Page 679 CHAPTER 32 HA Configuration Mediant 4000 SBC | User's Manual Parameter Description If the device receives a reply from a destination within this timeout, it considers the destination as online (reachable). If no reply has been received from a user-defined number of consecutive pings (see the 'Ping Count' parameter, below), the device considers the destination as offline (unreachable).
Page 680 CHAPTER 32 HA Configuration Mediant 4000 SBC | User's Manual The reachability status is displayed in the 'Peer Reachability Status' read-only field: ● "Reachability unverified": The reachability status of the destination is currently undetermined. In other words, the destination has never replied to the device's pings.
Page 681: Ha Maintenance
CHAPTER 33 HA Maintenance Mediant 4000 SBC | User's Manual HA Maintenance This section describes HA maintenance. Maintenance of Redundant Device The only interface that is operational on the redundant device is the Maintenance interface. The following protocols can be used for maintenance purposes for this interface: ■...
Page 682: Software Upgrade
CHAPTER 33 HA Maintenance Mediant 4000 SBC | User's Manual ● Toolbar: Click the Actions button, and then from the drop-down menu, choose Switchover. ● Navigation tree: Setup menu > Administration tab > Maintenance folder > High Availability Maintenance. Click Reset; a confirmation box appears requesting you to confirm.
Page 683: Accessing Files On Redundant Device From Active Through Ssh
CHAPTER 33 HA Maintenance Mediant 4000 SBC | User's Manual Reset the redundant device. The procedure assumes that no network changes were made to both devices' HA Maintenance interface or Ethernet Devices (VLAN); otherwise, the devices may not be able to communicate with each other.
Page 684: Backing Up And Restoring Ha Configuration
CHAPTER 33 HA Maintenance Mediant 4000 SBC | User's Manual Backing Up and Restoring HA Configuration Once you have your HA system up and running, you can make a backup of your HA configuration, by saving an ini configuration file from the active device. If your HA system fails, for whatever reason, you can simply load this file to the devices to restore HA.
Page 685: Maintenance
Part VIII Maintenance...
Page 686: Basic Maintenance
CHAPTER 34 Basic Maintenance Mediant 4000 SBC | User's Manual Basic Maintenance This section describes basic maintenance. Resetting the Device You can reset the device through the device's management tools. Device reset may be required for maintenance purposes. Certain parameters require a device reset for their settings to take effect.
Page 687: Remotely Resetting Device Using Sip Notify
Remotely Resetting Device using SIP NOTIFY The device can be remotely reset upon the receipt of a SIP NOTIFY message that contains an Event header set to 'check- sync;reboot=true' (proprietary to AudioCodes ), as shown in the example below: NOTIFY sip:<user>@<dsthost> SIP/2.0 To: sip:<user>@<dsthost>...
Page 688 CHAPTER 34 Basic Maintenance Mediant 4000 SBC | User's Manual From the 'Graceful Option' drop-down list, select one of the following options: ● Yes: The device locks only after a user-defined duration, configured in the 'Lock Timeout' field (see next step). During this interval, no new traffic is accepted, allowing only existing calls to continue until the timeout expires.
Page 689: Saving Configuration
CHAPTER 34 Basic Maintenance Mediant 4000 SBC | User's Manual ➢ To unlock the device: ■ Click the UNLOCK button; the device unlocks immediately and accepts new incoming calls. The 'Gateway Operational State' read-only field displays "UNLOCKED". Saving Configuration When you configure parameters and tables in the Web interface and then click the Apply button on the pages in which the configurations are done, changes are saved to the device's volatile memory (RAM).
Page 690: Channel Maintenance
Remotely Disconnecting Calls using SIP NOTIFY The device can be triggered to disconnect all current calls upon the receipt of a SIP NOTIFY message containing an Event header with the value 'soft-sync' (proprietary to AudioCodes ), as shown in the example below: NOTIFY sip:<user>@<dsthost>...
Page 691: Upgrading The Device's Software
CHAPTER 36 Upgrading the Device's Software Mediant 4000 SBC | User's Manual Upgrading the Device's Software You can use the Web interface's Software Upgrade Wizard to easily upgrade the device's software version (.cmp file). You can also use the wizard to load an ini file and Auxiliary files (e.g., CPT file).
Page 692 If you upgraded your firmware (.cmp file) and the "SW version mismatch" message appears in the Syslog or Web interface, your License Key does not support the new .cmp file version. If this occurs, contact AudioCodes support team for assistance. ●...
Page 693 CHAPTER 36 Upgrading the Device's Software Mediant 4000 SBC | User's Manual ➢ To upgrade the device using the Software Upgrade wizard: Make sure that you have installed a License Key that is compatible with the software version to be installed (see License Key).
Page 694 CHAPTER 36 Upgrading the Device's Software Mediant 4000 SBC | User's Manual When the file is loaded, a message is displayed to inform you that the file was successfully loaded. If your device is in HA mode, select one of the following upgrade options: ●...
Page 695 CHAPTER 36 Upgrading the Device's Software Mediant 4000 SBC | User's Manual If you use the wizard to load an ini file, parameters excluded from the ini file are assigned default values (according to the .cmp file) and thereby, overwrite values previously configured for these parameters.
Page 696 CHAPTER 36 Upgrading the Device's Software Mediant 4000 SBC | User's Manual Click End Process ; the Web Login screen appears, prompting you to log into the device. Log in with your username and password; a message box appears informing you that the device's software has been upgraded (new .cmp file).
Page 697: Loading Auxiliary Files
CHAPTER 37 Loading Auxiliary Files Mediant 4000 SBC | User's Manual Loading Auxiliary Files You can load Auxiliary files to the device using any of the following methods: ■ Web interface - see Loading Auxiliary Files through Web Interface ■ CLI - see Loading Auxiliary Files through CLI ■...
Page 698 CHAPTER 37 Loading Auxiliary Files Mediant 4000 SBC | User's Manual ● When loading an ini file through the Auxiliary Files page (as described in this section), only parameter settings specified in the ini file are applied to the device; all other parameters remain at their current settings.
Page 699: Loading Auxiliary Files Through Cli
CHAPTER 37 Loading Auxiliary Files Mediant 4000 SBC | User's Manual Click the corresponding Load File button. Repeat steps 2 through 3 for each file you want to load. Reset the device with a save-to-flash for your settings to take effect (if you have loaded a Call Progress Tones file).
Page 700 (in any standard text editor) to suit your specific requirements and then convert the modified ini file into binary dat file format, using AudioCodes DConvert utility. For more information, refer to the DConvert Utility User's Guide.
Page 701 CHAPTER 37 Loading Auxiliary Files Mediant 4000 SBC | User's Manual [46] Beep Tone ◆ ● Tone Modulation Type: Amplitude Modulated (1) or regular (0) ● Tone Form: The tone's format can be one of the following: Continuous (1) ◆ Cadence (2) ◆...
Page 702: Prerecorded Tones File
Once recorded, you need to combine the recorded files into a single and loadable PRT file (.dat), using the latest version of AudioCodes DConvert utility. In DConvert, each recording must be added to the PRT file with the tone type "acUserDefineTone<Index>". When you want to specify the tone (ringback or held tone) to play for a specific IP Profile (IPProfile_LocalRingbackTone and IPProfile_LocalHeldTone parameters), you need to use this index number.
Page 703: Amd Sensitivity File
The AMD Sensitivity file is created in .xml format and then converted to a binary .dat file that can be installed on the device. The XML-to-binary format conversion can be done using AudioCodes DConvert utility. For more information on using this utility, refer to DConvert Utility User's Guide.
Page 704: User Info File
CHAPTER 37 Loading Auxiliary Files Mediant 4000 SBC | User's Manual User Info File For loading User Info (User Information) files, use the Auxiliary Files page for backward compatibility only. If backward compatibility is not needed, load the file or configure...
Page 705: License Key
The local License Key contains all your ordered feature licenses and capacity license. However, the SBC capacity licenses (signaling sessions, media sessions, transcoding sessions, and registered users) can also be provided remotely from AudioCodes OVOC management tool, using the following SBC capacity licensing methods: ■...
Page 706: Obtaining License Key For Initial Activation
AudioCodes (for example, for support and software upgrades). The Product Key is provided in the Order Confirmation e-mail sent to you by AudioCodes upon your purchase, as shown in the example below: - 673 -...
Page 707: Local License Key
Email: Provide one or more e-mail addresses to where you want the License Key ◆ sent. Click Send; after AudioCodes processes your license activation, you will receive an e- mail notification with the License Key file attached. Open the License Key file with any text-based program (such as Notepad) and make sure that the serial number ("S/N") in the License Key is correct and reflects the Serial Number of your...
Page 708: Installing A License Key String
CHAPTER 38 License Key Mediant 4000 SBC | User's Manual Icon Color Description Indicates features from the previous License Key that were not included in the new License Key and are no longer available. After you install the License Key (device reset with a save-to-flash), the icons no longer appear and the License Key page displays only features and capacity of the new License Key.
Page 709: Installing A License Key File
CHAPTER 38 License Key Mediant 4000 SBC | User's Manual Click Apply; the dialog box closes and the "String Uploaded!" message is briefly displayed at the bottom of the page when the License Key successfully loads to the device. The License...
Page 710 CHAPTER 38 License Key Mediant 4000 SBC | User's Manual The License Key installation process includes a device reset and is therefore, traffic- affecting. To minimize the disruption of current calls, it is recommended to perform this procedure during periods of low traffic.
Page 711 CHAPTER 38 License Key Mediant 4000 SBC | User's Manual Clock Close to close the message box; you are logged out of the Web interface and prompted to log in again. The features and capabilities displayed on the License Key page now reflect the newly installed License Key.
Page 712 CHAPTER 38 License Key Mediant 4000 SBC | User's Manual If want to cancel installation, reset the device without a save to flash. For more information, see Resetting the Device. Click Apply New License Key; the following appears: If the new License Key includes changes in licenses for features other than (or in addi- tion to) FEU, SBC, Coder Transcoding, and/or SBC Signaling, then Hitless Upgrade cannot be done.
Page 713: Installing License Key Through Cli
CHAPTER 38 License Key Mediant 4000 SBC | User's Manual When installation completes, the following message box appears: Clock Close to close the message box; you are logged out of the Web interface and prompted to log in again. The features and capabilities displayed on the License Key page now reflect the newly installed License Key.
Page 714: Sbc Capacity Licenses From Fixed License Pool
The device can receive SBC capacity (session) licenses from a centralized pool of SBC resources managed by AudioCodes One Voice Operations Center (OVOC) management tool. The license pool is purchased as one bulk license. The OVOC user can then manually allocate SBC licenses from the pool to devices in the network to meet capacity demands of each device whenever required.
Page 715: Sbc Capacity Licenses From Floating License
CHAPTER 38 License Key Mediant 4000 SBC | User's Manual The device periodically checks with the OVOC license pool for SBC capacity licenses. OVOC identifies the device by serial number. If it has an SBC license for the device, it sends it to the device.
Page 716 Floating License. For more information on how this is calculated and for ordering the Floating License, refer to the AudioCodes Fixed Pool and Floating Licenses document. To view the Floating License report (SBC resource consumption) that the device sends OVOC, see...
Page 717 To configure the Floating License: Make sure that the following OVOC-related prerequisites have been fulfilled: ● The Floating License has been purchased from AudioCodes with the required SBC license capacities and installed on OVOC. ● The devices for which you want to use the Floating License have been configured on OVOC.
Page 718 CHAPTER 38 License Key Mediant 4000 SBC | User's Manual ● 'OVOC Product Key': Displays the Product Key of the OVOC tool that is providing the Floating License. The device connects with OVOC over SNMP. An SNMP manager is automatically added to the SNMP Trap Destinations table for this connection.
Page 719: Viewing Floating License Reports
CHAPTER 38 License Key Mediant 4000 SBC | User's Manual Figure 38-5: Configuring Limits for Allocation Profile Viewing Floating License Reports You can view the SBC resource consumption (signaling sessions, media sessions, transcoding sessions, and far-end user registrations) reports of the Floating License that the device periodically sends to OVOC.
Page 720: Viewing The Device's Product Key
Viewing the Device's Product Key The Product Key identifies a specific purchase of your device installation for the purpose of subsequent communication with AudioCodes (e.g., for support and software upgrades). The Product Key is your chassis' serial number--"S/N (Product Key)"--which also appears on the product label affixed to the chassis.
Page 721: Configuration File
CHAPTER 39 Configuration File Mediant 4000 SBC | User's Manual Configuration File This section describes how to save the device's configuration to a file and how to load a configuration file to the device. Saving and Loading an ini Configuration File You can save and load the device's configuration as an ini file.
Page 722: Saving And Loading Cli Script Files
CHAPTER 39 Configuration File Mediant 4000 SBC | User's Manual Click Yes to continue (or No to cancel the file load). If you click Yes, the device loads the file and then resets with a save to flash for the settings to take effect.
Page 723: Saving And Loading A Configuration Package File
CHAPTER 39 Configuration File Mediant 4000 SBC | User's Manual Click the Browse button, and then browse to and select the file on your computer. Click the Load CLI Startup Script button; the following message box appears, informing you that the device will reset after the file is loaded.
Page 724 CHAPTER 39 Configuration File Mediant 4000 SBC | User's Manual You can save and load a Configuration Package file using the following methods: ■ CLI: # copy configuration-pkg from|to <URL> ■ Auto-Update Feature: To load the Configuration Package file through the Auto-Update mechanism, use the ConfPackageURL ini file parameter.
Page 725: Automatic Provisioning
CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual Automatic Provisioning This chapter describes automatic provisioning of the device. Automatic Configuration Methods The device supports the following automatic provisioning methods: ■ DHCP (Option 160) ■ HTTP/S ■ TFTP ■ ■...
Page 726: Provisioning From Http Server Using Dhcp Option 67
CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual subnet 10.31.0.0 netmask 255.255.0.0 { pool { allow members of "AudioCodes"; range 10.31.4.53 10.31.4.75; filename "SIP_F6.60A.217.003.cmp –fb;device.ini"; option routers 10.31.0.1; option subnet-mask 255.255.0.0; ● If the DHCP server denies the use of the device's current IP address and specifies a different IP address (according to RFC 1541), the device must change its networking parameters.
Page 727: Provisioning From Tftp Server Using Dhcp Option 66
Provisioning the device from a third-party TFTP server is suitable when the network in which the device is deployed includes a provisioning TFTP server for all network equipment, without the capability of distinguishing between AudioCodes and non-AudioCodes devices. Upon startup, the device checks for DHCP Option 66 in the DHCP response received from the DHCP server.
Page 728: Provisioning The Device Using Dhcp Option 160
CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual Reset the device with a save-to-flash for your settings to take effect. ● Access to the core network through TFTP is not NAT-safe. ● The TFTP data block size (packets) when downloading a file from a TFTP server for the Automatic Update mechanism can be configured using the AUPDTftpBlockSize parameter.
Page 729: Http-Based Provisioning
URL is "ftp" (instead of "http"). Provisioning through OVOC AudioCodes One Voice Operations Center (OVOC) server functions as a core-network provisioning server. The device's SNMP Manager should be configured with the IP address of the OVOC server, using one of the methods detailed in the previous sections.
Page 730: Http/S-Based Provisioning Using The Automatic Update Feature
CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual HTTP/S-Based Provisioning using the Automatic Update Feature The Automatic Update feature can be used for automatic provisioning of the device through HTTP/S. Automatic provisioning is useful for large-scale deployment of devices. In some cases, the devices are shipped to the end customer directly from the manufacturer.
Page 731: File Location For Automatic Update
CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual ● Startup Script File: Contains only CLI commands and configures all the device's functionality (except commands such as show, debug or copy). The file updates the device's configuration according to the configuration settings in the file and sets all other parameters that are not included in the file to factory defaults.
Page 732: File Template For Automatic Provisioning
CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual IniFileURL = 'https://www.company.com/config_<MAC>.ini' (automatic-update)# cli-script https://company.com/files/cli_script_<MAC>.txt (automatic-update)# startup-script https://company.com/files/startup_<MAC>.txt The device automatically replaces the string with its hardware MAC address, resulting in a file name request that contains the device's MAC address, for example, config_00908F033512.ini or startup_00908F033512.txt.
Page 733 CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual Define the URL address of the provisioning server on which the files (specified in Step 1) are located for download, using the TemplateUrl parameter. When you configure the URL, you must include the file type placeholder, "<FILE>", which represents the file name. For each file type specified in Step 1, the device sends an HTTP request to the server, where the placeholder in the URL is replaced with the filename and extension, as listed in the below table.
Page 734: Triggers For Automatic Update
Upon receipt of an SNMP request from the provisioning server. ● Upon receipt of a special SIP NOTIFY message from the provisioning server. The NOTIFY message includes an Event header with the AudioCodes proprietary value, "check-sync;reboot=false", as shown in the example below: NOTIFY sip:<user>@<dsthost> SIP/2.0 To: sip:<user>@<dsthost>...
Page 735: Applying Downloaded Ini File After Graceful Timeout
CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual Applying Downloaded ini File after Graceful Timeout If you use the Automatic Update feature for updating the device's configuration from an ini file, you can configure the device to gracefully lock itself before applying the settings of the ini file. When the Automatic Update feature is triggered (for example, by a device reset) and the device downloads the ini file from the remote provisioning server, the graceful timeout begins.
Page 736 CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual If you have configured the device to authenticate itself to the HTTP/S server for secure access, the device sends the access authentication username and password to the HTTP/S server (for more information, see Access Authentication with HTTP Server).
Page 737 CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual If the file on the provisioning server was unchanged (not modified) since the date and time specified in the header, the server replies with an HTTP 304 response and the file is not downloaded.
Page 738: File Download Sequence
CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual (config-system)# automatic-update (automatic-update)# firmware https://www.company.com/device/7.20A.252.011.cmp ● For one-time file download, the HTTP Get request sent by the device does not include the If-Modified-Since header. Instead, the HTTP-User-Agent header can be used in the HTTP Get request to determine whether firmware update is required.
Page 739: Cyclic Redundancy Check On Downloaded Configuration Files
CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual ● For ini file downloads, by default, parameters not included in the file are set to defaults. To retain the current settings of these parameters, set the SetDefaultOnINIFileProcess parameter to 0.
Page 740: Automatic Update For Single Device
CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual Automatic Update for Single Device This simple example describes how to configure the Automatic Update feature for updating a single device. In this example, the device queries the provisioning server for software, configuration and Auxiliary files every 24 hours.
Page 741: Automatic Update From Remote Servers
CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual Automatic Update of Call Progress Tone file: ini File: ◆ CptFileURL = 'https://www.company.com/call_progress.dat' CLI: ◆ # configure system (config-system)# automatic update (automatic-update)# call-progress-tones 'http://www.company.com/call_ progress.dat' Automatic Update of ini configuration file: ini File: ◆...
Page 742 CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual FeatureKeyURL = 'ftps://root:wheel@ftpserver.corp.com/license_key.txt' CLI: ◆ # configure system (config-system)# automatic update (automatic-update)# feature-key 'ftps://root:wheel@ftpserver.corp.com/license_key.txt' Software (.cmp) and ini files: Set up an HTTP Web server and copy the .cmp and configuration files to the server.
Page 743: Automatic Update For Mass Deployment
CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual Automatic Update for Mass Deployment This example describes how to configure the Automatic Update feature for updating multiple devices (i.e., mass deployment) using an HTTP provisioning server. In this example, all the devices are configured to download the same "master"...
Page 744 CHAPTER 40 Automatic Provisioning Mediant 4000 SBC | User's Manual Copy the master configuration file that you created in Step 1 as well as the CPT and .cmp files to the HTTP-based provisioning server. Configure each device with the following: URL of the master configuration file: ini File: ◆...
Page 745: Sbc Configuration Wizard
CHAPTER 41 SBC Configuration Wizard Mediant 4000 SBC | User's Manual SBC Configuration Wizard The SBC Configuration Wizard provides you with a quick-and-easy method for initial configuration of your device. The SBC Configuration Wizard guides you through a sequence of pages, assisting you in defining your device.
Page 746: General Setup Page
Mediant 4000 SBC | User's Manual If desired, the SBC Configuration Wizard allows you to share usage statistics with AudioCodes to help us improve our software. To agree, select the 'Report usage statistics' check box, and then fill in the subsequent fields.
Page 747 CHAPTER 41 SBC Configuration Wizard Mediant 4000 SBC | User's Manual ● SIP Trunk (IP-PBX with SIP Trunk): The device connects the Enterprise IP PBX with the Internet Telephony Service Provider (ITSP) or SIP Trunk Provider. The IP PBX resides on the Enterprise LAN, while the ITSP resides on the WAN. Only calls between the IP PBX and ITSP traverse the device.
Page 748: System Page
CHAPTER 41 SBC Configuration Wizard Mediant 4000 SBC | User's Manual ● One port: LAN only: The device connects to the Enterprise LAN (typically, a switch) through a single physical network link (interface). All SIP entities (IP PBX and users) connect to the same LAN. Note that this option is applicable to all applications (see Step 1), except SIP Trunk.
Page 749: Interfaces Page
CHAPTER 41 SBC Configuration Wizard Mediant 4000 SBC | User's Manual ● 'First IP address': IP address of the domain name. ● 'Secondary IP address': Second IP address of the domain name (optional). For more information on configuring the device's DNS table, see Configuring the Internal DNS Table.
Page 750: Ip-Pbx Page
CHAPTER 41 SBC Configuration Wizard Mediant 4000 SBC | User's Manual ● LAN: Management traffic is carried over the regular LAN interface, as defined above. ● WAN: Management traffic is carried over the WAN interface, as defined above. ● Additional: Configure a different interface for management traffic.
Page 751: Sip Trunk Page
CHAPTER 41 SBC Configuration Wizard Mediant 4000 SBC | User's Manual ● 'Base Port' Configure the first media port in the port range. ● 'Number Of Sessions': Configure the number of required media sessions. For more information on media port ranges and number of sessions, see Configuring RTP Base Port.
Page 752: Number Manipulation Page
Number Manipulation Page). Number Manipulation Page The Number Manipulation wizard page configures caller (source) and callee (destination) number manipulation for outbound and inbound calls, and allows you to use AudioCodes Routing Manager (ARM) to determine the routing. - 719 -...
Page 753: Remote Users Page
CHAPTER 41 SBC Configuration Wizard Mediant 4000 SBC | User's Manual ➢ To configure number manipulation: Configure number manipulation: Under the Outbound Calls and/or Inbound Calls groups, select the required manipulation check box: Destination Number Manipulation: Manipulates the destination number. ◆...
Page 754: Summary Page
CHAPTER 41 SBC Configuration Wizard Mediant 4000 SBC | User's Manual This page is applicable only to IP PBXs that support such configuration. ➢ To configure remote users: Select the 'Enable remote users' check box. Under the SIP Interface group, configure the SIP interface for the remote users: ●...
Page 755: Congratulations Page
CHAPTER 41 SBC Configuration Wizard Mediant 4000 SBC | User's Manual ➢ To review your configuration: Review the configuration: ● To view the configuration in ini-file format, click the INI File tab. ● To view the configuration in normal format, click the Configuration Summary tab.
Page 756 CHAPTER 41 SBC Configuration Wizard Mediant 4000 SBC | User's Manual ➢ To complete the SBC Configuration Wizard: ■ Click Apply & Reset to apply configuration to the device or click Save INI File to save configuration as an ini file on your PC.
Page 757: Restoring Factory Defaults
CHAPTER 42 Restoring Factory Defaults Mediant 4000 SBC | User's Manual Restoring Factory Defaults This section describes how to restore the device's configuration to factory defaults. Restoring Factory Defaults through CLI You can restore the device to factory defaults through CLI. You can restore all configuration to factory defaults or you can restore all configuration to factory defaults except the current network settings.
Page 758: Restoring Factory Defaults Through Web Interface
CHAPTER 42 Restoring Factory Defaults Mediant 4000 SBC | User's Manual Restoring Factory Defaults through Web Interface You can restore the device to factory defaults through the Web interface. When restoring the device to factory defaults, you can preserve basic IP network...
Page 759: Status, Performance Monitoring And Reporting
Part IX Status, Performance Monitoring and Reporting...
Page 760: System Status
Product Key Product Key, which identifies the specific device purchase (and used for communication with AudioCodes, for example, for support and software upgrades). The Product Key also appears on the product label that is affixed to the chassis. For more information, see...
Page 761: Viewing Device Status On Monitor Page
CHAPTER 43 System Status Mediant 4000 SBC | User's Manual Parameter Description Device Up Time Duration that the device has been up and running since the last reset (uptime). The duration is displayed in the following format: dd:hh:mm:ss.ss. For example, "1d:21h:40m:21s:75.22" means that the device has been running for one day and 21 hours, 40 minutes and 21.22 seconds.
Page 762 MIB is PM_gwSBCRegisteredUsers. ■ Graphical Display of device: Shows color-coded status icons, as shown in the figure below and described in the subsequent table: Figure 43-1: Graphical Display of Device on Monitor Page - Mediant 4000 SBC - 729 -...
Page 763 CHAPTER 43 System Status Mediant 4000 SBC | User's Manual ● The figure above is used only as an example as the graphical display of your device in the Web interface reflects your specific ordered hardware configuration. ● For a description of the Monitor page when the device is in High Availability (HA)
Page 764 CHAPTER 43 System Status Mediant 4000 SBC | User's Manual Item #1 Description Optional, Media Processing Module (MPM). Note: This is a customer-ordered module. OK LED icon: ■ (red): Device undergoing startup. ■ (green): Device startup has completed successfully. Active LED icon: ■...
Page 765: Reporting Dsp Utilization Through Snmp Mib
CHAPTER 44 Reporting DSP Utilization through SNMP MIB Mediant 4000 SBC | User's Manual Reporting DSP Utilization through SNMP MIB You can obtain information on the percentage of DSP resources utilized by the device, through the SNMP MIB table, acPMDSPUsage. You can also configure low and high DSP utilization...
Page 766: Viewing Carrier-Grade Alarms
CHAPTER 45 Viewing Carrier-Grade Alarms Mediant 4000 SBC | User's Manual Viewing Carrier-Grade Alarms This section describes how to view SNMP alarms raised by the device. Viewing Active Alarms You can view current (active) alarms in the Web interface that have been raised by the device. If an...
Page 767: Viewing History Alarms
CHAPTER 45 Viewing Carrier-Grade Alarms Mediant 4000 SBC | User's Manual Field Description Severity Severity level of the alarm: ■ Critical (red) ■ Major (orange) ■ Minor (yellow) Source Component of the device from which the alarm was raised. Description Brief description of the alarm.
Page 768 CHAPTER 45 Viewing Carrier-Grade Alarms Mediant 4000 SBC | User's Manual Table 45-2: Alarms History Table Description Field Description Sequential # The number of the alarm. The alarms are numbered sequentially as they are raised by the device. The numbering resets to 1 immediately after a device reset (i.e., the first alarm raised after a reset is assigned the...
Page 769: Viewing Management User Activity Logs
CHAPTER 46 Viewing Management User Activity Logs Mediant 4000 SBC | User's Manual Viewing Management User Activity Logs If you have enabled the reporting of management user activities performed in the device's management interfaces (see Configuring Reporting of Management User Activities), you can view the logged activities in the Web interface, as described in the procedure below.
Page 770: Viewing Performance Monitoring
CHAPTER 47 Viewing Performance Monitoring Mediant 4000 SBC | User's Manual Viewing Performance Monitoring This section describes how to view performance monitoring in the device's Web interface. Viewing Call Success and Failure Ratio You can view success and failure ratio of SIP dialogs in the Web interface's Success/Failure Ratio page.
Page 771: Viewing Average Call Duration
CHAPTER 47 Viewing Performance Monitoring Mediant 4000 SBC | User's Manual ● SUBSCRIBE: SUBSCRIBE ● Other: all SIP messages If there is no data for the charts, the chart appears gray and "No Data" is displayed to the right of the chart.
Page 772: Configuring Performance Profiles
CHAPTER 47 Viewing Performance Monitoring Mediant 4000 SBC | User's Manual Use the Zoom In button to increase the displayed time resolution or the Zoom Out button to decrease it. Instead of using these buttons, you can use the slide ruler. As you increase the resolution, more data is displayed on the graph.
Page 773 CHAPTER 47 Viewing Performance Monitoring Mediant 4000 SBC | User's Manual When the threshold of a voice metric is crossed, the device changes the alarm severity and corresponding color-coded quality state of the call: ■ Minor Threshold (Yellow): Lower threshold that indicates changes from Green or Red to Yellow.
Page 774 CHAPTER 47 Viewing Performance Monitoring Mediant 4000 SBC | User's Manual ● Forwarded calls are not considered in the calculation for ASR and NER. ● If you don't configure thresholds for a specific metric, the device still provides current performance monitoring values of the metric, but does not raise any threshold alarms for it.
Page 775 CHAPTER 47 Viewing Performance Monitoring Mediant 4000 SBC | User's Manual Parameter Description Note: The parameter is applicable only if you configure the 'Entity' ip-group-name parameter to IP Group. [PerformanceProfile_ IPGroupName] 'SRD' Assigns an SRD to the rule. Note: The parameter is applicable only if you configure the 'Entity' srd-name parameter to SRD.
Page 776: Configuring User-Defined Performance Monitoring Mibs
CHAPTER 47 Viewing Performance Monitoring Mediant 4000 SBC | User's Manual Parameter Description 'Minimum Samples' Defines the minimum number of call sessions (sample) that is required for the device to calculate the performance monitoring minimum-samples metrics (per window size). If the number of call sessions is less than the configured value, no calculation is done.
Page 777 CHAPTER 47 Viewing Performance Monitoring Mediant 4000 SBC | User's Manual ● The PMs only count original responses and not responses that you may have manipulated using Message Manipulation rules. For example, if you have configured a user-defined PM to count SIP 408 responses and you have a Message Manipulation rule that changes SIP 403 responses into SIP 408, the PM will not include these manipulated responses in its' count.
Page 778 CHAPTER 47 Viewing Performance Monitoring Mediant 4000 SBC | User's Manual Parameter Description 'SIP Method' Defines the SIP method to which the rule is applied. [UserDefinedFailurePM_Method] ■ [1] INVITE = (Default) The PM MIB counts only responses that are associated with INVITE messages.
Page 779 CHAPTER 47 Viewing Performance Monitoring Mediant 4000 SBC | User's Manual Parameter Description Value Failure Reason Network Temporary Failure (GWAPP_ NETWORK_TEMPORARY_FAILURE) Service Not Available (GWAPP_ SERVICE_NOT_AVAILABLE) RTP Broken Connection (RELEASE_ BECAUSE_RTP_CONN_BROKEN) Device Locked (RELEASE_BECAUSE_ GW_LOCKED) Media Mismatch (RELEASE_BECAUSE_ MEDIA_MISMATCH) Preemption Due To High Priority...
Page 780 CHAPTER 47 Viewing Performance Monitoring Mediant 4000 SBC | User's Manual Parameter Description Value Failure Reason Media Limit In Crossed (RELEASE_ BECAUSE_IN_MEDIA_LIMITS_ EXCEEDED) User Blocked (RELEASE_BECAUSE_ USER_BLOCKED) ACD Threshold Crossed (RELEASE_ BECAUSE_ACD_THRESHOLD_ CROSSED) ASR Threshold Crossed (RELEASE_ BECAUSE_ASR_THRESHOLD_ CROSSED) NER Threshold Crossed (RELEASE_...
Page 781: Viewing Voip Status
CHAPTER 48 Viewing VoIP Status Mediant 4000 SBC | User's Manual Viewing VoIP Status This section describes how to view VoIP-related status. Viewing SBC Registered Users You can view SBC users that are registered with the device. For each user, the Address of Record (AOR) and the corresponding contacts are shown.
Page 782: Viewing Proxy Set Status
CHAPTER 48 Viewing VoIP Status Mediant 4000 SBC | User's Manual # show voip register db sbc user <Address Of Record> Viewing Proxy Set Status You can view the status of Proxy Sets that are used in your call routing topology. Proxy Sets that are not associated with any routing rule are not displayed.
Page 783: Viewing Registration Status
CHAPTER 48 Viewing VoIP Status Mediant 4000 SBC | User's Manual Parameter Description Note: The field is applicable only to Proxy Sets configured with FQDNs. Weight Displays the weight of IP addresses resolved from FQDNs. Note: The field is applicable only to Proxy Sets configured with FQDNs.
Page 784: Viewing Cdr History Of Sbc And Test Calls
CHAPTER 48 Viewing VoIP Status Mediant 4000 SBC | User's Manual Viewing CDR History of SBC and Test Calls You can view historical Call Detail Records (CDR) of SBC calls and Test calls in the SBC CDR History table. History CDRs are stored on the device’s memory. When a new CDR is generated, the device adds it to the top of the table and all existing entries are shifted one down in the table.
Page 785 CHAPTER 48 Viewing VoIP Status Mediant 4000 SBC | User's Manual Field Description ■ "Outgoing" Remote IP Displays the IP address of the call party. For an "Incoming" call, this is the source IP address; for an "Outgoing" call, this is the destination IP address.
Page 786: Viewing Network Status
CHAPTER 49 Viewing Network Status Mediant 4000 SBC | User's Manual Viewing Network Status This section describes how to view network-related status. Viewing Active IP Interfaces You can view the device's active IP interfaces that are configured in the IP Interfaces table (see Configuring IP Network Interfaces).
Page 787: Viewing Static Routes Status
CHAPTER 49 Viewing Network Status Mediant 4000 SBC | User's Manual Table 49-1: Ethernet Port Information Table Description Parameter Description Port Name Displays the name of the port. Active Displays whether the port is active ("Yes") or not ("No"). Speed Displays the speed of the Ethernet port.
Page 788: Viewing Data Network Performance Monitoring
CHAPTER 49 Viewing Network Status Mediant 4000 SBC | User's Manual The following procedure describes how to view the IDS Active Black List table through the Web interface. You can also view the table through CLI using the command, show voip ids blacklist act- ive.
Page 789 CHAPTER 49 Viewing Network Status Mediant 4000 SBC | User's Manual Table 49-3: Network Performance Monitors Page Description Field Description Name Network interface name. Rx Rate Receive rate in bits per second (bps) and packets per second (pps). Column labels with a single asterisk (*) show values that are calculated in a 5-minute sampling interval;...
Page 790: Viewing Hardware Status
CHAPTER 50 Viewing Hardware Status Mediant 4000 SBC | User's Manual Viewing Hardware Status This section describes how to view hardware-related status. Viewing Hardware Components Status You can view the status of the device's hardware components such as fans and power supply units on the Components Status page.
Page 791: Reporting Information To External Party
CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Reporting Information to External Party This section describes features for reporting various information to an external party. Configuring RTCP XR RTP Control Protocol Extended Reports (RTCP XR) is a VoIP management control that defines a set of metrics containing information for assessing VoIP call quality and for diagnosing problems.
Page 792 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Metric Parameter Description LocalID Local ID - identifies the reporting endpoint for the media session RemoteID Remote ID - identifies the remote endpoint of the media session OrigID...
Page 793 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Metric Parameter Description JitterBuffer Jitter Buffer Adaptive - indicates the jitter buffer in the endpoint ("0" - unknown; "1" - reserved; "2" - non- adaptive; "3" - adaptive)
Page 794 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Metric Parameter Description QualityEst Listening Quality R - listening quality expressed as an R factor (0-95 for narrowband calls and 0-120 for wideband calls) RLQEstAlg RLQ Est. Algorithm - name (string) of the algorithm...
Page 795 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual PUBLISH sip:172.17.116.201 SIP/2.0 Via: SIP/2.0/UDP 172.17.116.201:5060;branch=z9hG4bKac2055925925 Max-Forwards: 70 From: <sip:172.17.116.201>;tag=1c2055916574 To: <sip:172.17.116.201> Call-ID: 20559160721612201520952@172.17.116.201 CSeq: 1 PUBLISH Contact: <sip:172.17.116.201:5060> Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SU BSCRIBE,UPDATE Event: vq-rtcpxr Expires: 3600 User-Agent: device/7.20A.252.011...
Page 796 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual ➢ To configure RTCP XR: Open the RTP/RTCP Settings page (Setup menu > Signaling & Media tab > Media folder > RTP/RTCP Settings). Under the RTCP-XR group, configure the following: ●...
Page 797: Call Detail Records
CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Click Apply, and then reset the device with a save-to-flash for your settings to take effect. Call Detail Records Call Detail Records (CDR) contains vital statistic information on calls made from the device. The device can generate and report CDRs at various stages of the call - end of call, or only at the start and end of call.
Page 798: Configuring Cdr Reporting To Rest Server
Click Apply. Configuring CDR Reporting to REST Server You can configure the device to send signaling-related CDRs to a REST server using AudioCodes REST API. The CDRs are sent in JSON format. You can customize the CDRs that are sent to the REST server, by adding CDR fields or changing their names.
Page 799: Miscellaneous Cdr Configuration
CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Click Apply. Miscellaneous CDR Configuration Miscellaneous but important CDR configuration parameters are listed below: ■ To enable or disable the inclusion of the sequence number (S=) in CDR Syslog messages, use the 'CDR Syslog Sequence Number' [CDRSyslogSeqNum] parameter.
Page 800 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual # show storage-history ● View all stored, unused CDR files: # show storage-history unused ■ To delete stored CDR files: ● To delete all stored files: # clear storage-history cdr-storage-history all ●...
Page 801: Cdr Field Description
CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual ● 'File Size' [CDRLocalMaxFileSize]: Enter the maximum size (in kilobytes) of the CDR file. When the Current file reaches this size, the device creates a CDR file. However, if the 'Rotation Period' is reached before the file has reached this maximum size, the CDR file is created.
Page 802 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Figure 51-1: SBC CDR Report Types for Media ● Signaling CDRs: This CDR contains SIP signaling information. A typical SBC session consists of two SBC legs. Each leg generates its own signaling CDRs. Each leg...
Page 803 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual |DstURIBeforeMap |Durat |TrmSd |TrmReason |TrmReasonCategory |SetupTime |ConnectTime |ReleaseTime |RedirectReason |RedirectURINum |RedirectURINumBeforeMap |TxSigIPDiffServ|IPGroup (description) |SrdId (name) |SIPInterfaceId (name) |ProxySetId (name) |IpProfileId (name) |MediaRealmId (name) |DirectMedia |SIPTrmReason |SIPTermDesc |Caller |Callee [S=40] |CALL_END |SBC |20767593291410201017029@10.33.45.80...
Page 804 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The default field title is "%" for Syslog. ■ The maximum number of characters for Syslog tabular alignment is 3. Displays the detected answering type for the AMD feature: Decision ■...
Page 805 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The field is applicable only to SBC signaling and Gateway CDRs. ■ The maximum number of characters for Syslog tabular alignment is 10. Call ID Displays the unique ID of the call, which appears in the SIP Call-ID header.
Page 806 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description [431] Note: ■ The field is included in the default CDR. ■ The field is applicable to all CDR Report Types. ■ The field is applicable only to SBC signaling and Gateway CDRs.
Page 807 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The field is applicable only to SBC signaling and Gateway CDRs. ■ The default field title is "ConnectTime" for Syslog and Local Storage, and "h323-connect-time=" for RADIUS.
Page 808 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description Destination Displays the original destination URI (username@host) before manipulation, if URI Before any. The field is a string of up to 150 characters. Manipulation Note: [803] ■...
Page 809 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description [400] ■ "NONE" ■ "SBC" (SBC calls) ■ "TEST" (for Test Call calls) ■ "3WCONF" (three-way conferencing calls) ■ "SIPREC" (SIPRec calls) ■ "MOH" (Music-on-Hold calls) Note: ■...
Page 810 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The default field title is "IPG (name)" for Gateway Syslog and Local Storage, "IPGroup (name)" for SBC Syslog and Local Storage, and "IP Group" in the Web SBC CDR History table.
Page 811 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description Latched T38 Displays the latching of a new T.38 stream (new port). The field is an integer 0 Port to 0xFFFF. [634] Note: ■ The field is included in the default CDR.
Page 812 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The field is applicable only to "CALL_END" and "MEDIA_END" CDR Report Types. ■ The field is applicable only to SBC media and Gateway CDRs. ■...
Page 813 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The maximum number of characters for Syslog tabular alignment is 10. Local Displays the number of packets lost of the entire stream. The field is an integer Packet Loss from 0 to 0xFFFFFFFF (-1 if information is unavailable).
Page 814 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description [621] ■ The field is included in the default CDR. ■ The field is applicable only to "CALL_END", "CALL_CONNECT", "MEDIA_START", "MEDIA_UPDATE", and "MEDIA_END" CDR Report Types.
Page 815 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The field is applicable to all CDR Report Types. ■ The field is applicable only to SBC signaling and Gateway CDRs. ■ The default field title is "MediaRealmId (name)".
Page 816 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description [438] ■ The field is included in the default CDR. ■ The field is applicable to all CDR Report Types. ■ The field is applicable only to SBC signaling and Gateway CDRs.
Page 817 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description Redirect Displays the original call redirect URI (username@host) after manipulation, if any. The field value is a string of up to 150 characters. [804] Note: ■...
Page 818 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The field is applicable only to "CALL_START", "CALL_CONNECT", and "CALL_END" CDR Report Types. ■ The field is applicable only to SBC signaling and Gateway CDRs.
Page 819 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description Remote Displays the number of packets lost of the entire remote stream. The field is an Packet Loss integer from 0 to 0xFFFFFFFF (-1 if information is unavailable).
Page 820 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The field is applicable only to SBC media and Gateway CDRs. ■ The default field title is "RtpIp" for Syslog Signaling and Local Storage, "RemoteRtpIp" for Syslog Media, and "h323-remote-address=" for RADIUS.
Page 821 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ "DIALOG_CONNECT ": The CDR is sent upon establishment of a non- INVITE session (only when enabled, using the EnableNonCallCdr parameter). ■ "MEDIA_START": The CDR is sent upon 200 OK response or early media ■...
Page 822 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The maximum number of characters for Syslog tabular alignment is 35. Signaling IP Displays the signaling IP DiffServ. The field value is an integer of up to 15 DiffServ digits.
Page 823 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ "MESSAGE" ■ "BENOTIFY" ■ "SERVICE" Note: ■ The field is included in the default CDR. ■ The field is applicable to all CDR Report Types.
Page 824 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The field is applicable only to SBC signaling and Gateway CDRs. ■ The default field title is "SIPTrmReason". ■ The maximum number of characters for Syslog tabular alignment is 12.
Page 825 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description Source Tags Displays source tags. [440] Note: ■ The field is optional and can be included in the CDR using the SBC CDR Format and Gateway CDR Format tables.
Page 826 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The field is applicable to all CDR Report Types. ■ The field is applicable only to SBC signaling and Gateway CDRs. ■ The maximum number of characters for Syslog tabular alignment is 5.
Page 827 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description Note: ■ The field is included in the default CDR. ■ The field is applicable only to "CALL_END" CDR Report Types. ■ The field is applicable only to SBC signaling and Gateway CDRs.
Page 828 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ✔ "GWAPP_NORMAL_UNSPECIFIED" ✔ "GWAPP_CIRCUIT_CONGESTION" ✔ "GWAPP_USER_CONGESTION" ✔ "GWAPP_NO_CIRCUIT_AVAILABLE" ✔ "GWAPP_NETWORK_OUT_OF_ORDER" ✔ "GWAPP_NETWORK_TEMPORARY_FAILURE" ✔ "GWAPP_NETWORK_CONGESTION" ✔ "GWAPP_ACCESS_INFORMATION_DISCARDED" ✔ "GWAPP_REQUESTED_CIRCUIT_NOT_AVAILABLE" ✔ "GWAPP_RESOURCE_UNAVAILABLE_UNSPECIFIED" ✔ "GWAPP_PERM_FR_MODE_CONN_OUT_OF_S" ✔ "GWAPP_PERM_FR_MODE_CONN_OPERATIONAL" ✔ "GWAPP_PRECEDENCE_CALL_BLOCKED"...
Page 829 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ✔ "GWAPP_MESSAGE_NOT_COMPATIBLE" ✔ "GWAPP_RECOVERY_ON_TIMER_EXPIRY" ✔ "GWAPP_PARAMETER_NON_EXISTENT" ✔ "GWAPP_MESSAGE_WITH_UNRECOGNIZED_PARAM" ✔ "GWAPP_PROTOCOL_ERROR_UNSPECIFIED" ✔ "GWAPP_UKNOWN_ERROR" ✔ "GWAPP_INTERWORKING_UNSPECIFIED" ■ AudioCodes Proprietary: ✔ "RELEASE_BECAUSE_UNKNOWN_REASON" ✔ "RELEASE_BECAUSE_REMOTE_CANCEL_CALL" ✔ "RELEASE_BECAUSE_UNMATCHED_CAPABILITIES" ✔ "RELEASE_BECAUSE_UNMATCHED_CREDENTIALS" ✔...
Page 830 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ✔ "RELEASE_BECAUSE_SRC_IP_IS_NOT_DEDICATED_ REGISTRAR" ✔ "RELEASE_BECAUSE_ACCOUNT_NOT_REGISTERED" ✔ "MEDIA_DEST_UNREACHABLE" ✔ "START_ARM_ROUTING" ✔ "RELEASE_BECAUSE_FAX_REROUTING" ✔ "RELEASE_BECAUSE_LDAP_FAILURE" ✔ "RELEASE_BECAUSE_BAD_INFO_PACKAGE" ✔ "RELEASE_BECAUSE_CALLSETUPRULES_FAILURE" ✔ "RELEASE_BECAUSE_NO_USER_FOUND" ✔ "RELEASE_BECAUSE_IN_ADMISSION_FAILED" ✔ "RELEASE_BECAUSE_OUT_ADMISSION_FAILED" ✔ "RELEASE_BECAUSE_IN_MEDIA_LIMITS_EXCEEDED" ✔...
Page 831 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description ■ The field is included in the default CDR. ■ The field is mainly relevant to RADIUS CDRs, but can also be used in Syslog and Local Storage.
Page 832: Customizing Cdrs For Sbc Calls And Test Calls
CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Field Description Trunk Group Displays the Trunk Group ID (integer). Note: [503] ■ The field is included in the default CDR. ■ The field is applicable to all CDR Report Types.
Page 833 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual ■ CDRs related to RADIUS accounting and sent in RADIUS accounting request messages. For RADIUS accounting CDRs, you can customize the RADIUS Attribute's prefix name and RADIUS Attribute's ID, for standard RADIUS Attributes and vendor-specific RADIUS Attributes (VSA).
Page 834 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Configure the CDR according to the parameters described in the table below. Click Apply. Examples of configured CDR customization rules are shown below: Table 51-3: SBC CDR Format Table Parameter Descriptions...
Page 835 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Parameter Description ■ For all types: [300] CDR Type (default); [301] Call ID; [302] Session ID; [303] Report Type; [304] Media Type; [305] Accounting Status Type; [306] H323 ID; [307] RADIUS Call ID;...
Page 836 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Parameter Description 'Title' Defines a new name for the CDR field (for Syslog or local storage) or for the RADIUS Attribute prefix name (for RADIUS accounting) that you title selected in the 'Column Type' parameter.
Page 837: Configuring Radius Accounting
CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Parameter Description ✔ Local Output Packets: 48 If you configure the value to 0 and the RADIUS Attribute is not any of the ones listed above, the configuration is invalid.
Page 838 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual ■ Vendor-specific RADIUS attributes: RADIUS attributes that are specific to the device (company) are referred to as Vendor-specific attributes (VSA). The CDR of VSAs are sent with a general RADIUS ID of 26 to indicate that they are vendor-specific (non-standard). In addition, the company's registered vendor ID (as registered with the Internet Assigned Numbers Authority or IANA) is also included in the packet.
Page 839 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Click Apply, and then reset the device with a save-to-flash for your settings to take effect. The table below lists the RADIUS Accounting CDR attributes included in the communication packets transmitted between the device and a RADIUS server.
Page 840 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Vendor- Attrib- Attribute Specific Value Description Example ute ID Name Attribute Format (VSA) ID h323- Setup time in String h323-setup- Star setup-time NTP format 1 time=09:33:26.621 Mon Dec 2014...
Page 841 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Vendor- Attrib- Attribute Specific Value Description Example ute ID Name Attribute Format (VSA) ID sip-call-id SIP Call ID String sip-call- Star id=abcde@ac.com Stop call- Terminator of String call-terminator=yes...
Page 842 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Vendor- Attrib- Attribute Specific Value Description Example ute ID Name Attribute Format (VSA) ID acct- (Standar Account Numeri Star status- Request Type type - start (1) or stop (2) Stop Note: ‘start’...
Page 843 CHAPTER 51 Reporting Information to External Party Mediant 4000 SBC | User's Manual Vendor- Attrib- Attribute Specific Value Description Example ute ID Name Attribute Format (VSA) ID acct- (Standar Number of Numeri Stop oputput- packets sent packets during the call nas-port-...
Page 844: Diagnostics
Part X Diagnostics...
Page 845: Syslog And Debug Recording
CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Syslog and Debug Recording For debugging and troubleshooting, you can use the device's Syslog and/or Debug Recording capabilities: ■ Syslog: Syslog is an event notification protocol that enables a device to send event notification messages across IP networks to event message collectors, also known as Syslog servers.
Page 846 CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual ● If you want to configure a Log Filter rule that logs Syslog messages to a Syslog server (i.e., not to a Debug Recording server), you must enable Syslog...
Page 847 CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Parameter Description ■ [9] SRD = Filters log by SRD. To configure SRDs, see Configuring SRDs. ■ [10] Classification = Filters log by Classification rule. To configure Classification rules, see Configuring Classification Rules.
Page 848 CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Parameter Description [LoggingFilters_ ■ [0] Syslog Server = The device generates Syslog messages LogDestination] based on the configured log filter and sends them to a user- defined Syslog server. The Syslog messages can contain one...
Page 849 CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Parameter Description ■ [2] Signaling & Media = The option is applicable only to debug recording (i.e., 'Log Destination' parameter is configured to Debug Recording Server). The debug recording includes media (RTP/RTCP/T.38), and only signaling and Syslog...
Page 850: Filtering Ip Network Traces
CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Filtering IP Network Traces You can filter Syslog and debug recording messages for IP network traces, by configuring the 'Filter Type' parameter to IP Trace in the Logging Filters table. IP traces are used to record any IP stream , according to destination and/or source IP address, or port and Layer-4 protocol (UDP, TCP or any other IP type as defined by http://www.iana.com).
Page 851: Syslog Message Format
CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Syslog Message Format The Syslog message is sent from the device to a Syslog server as an ASCII (American Standard Code for Information Interchange) message. Syslog uses UDP as its underlying transport layer mechanism.
Page 852 CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Message Item Description 18:38:14. 52 : 10.33.45.72 : NOTICE: [S=235] [SID:2ed1c8:96:5] (lgr_psbrdex)(619) recv <-- DIGIT (0) Ch:0 OnTime:0 InterTime:100 Direction:0 System:1 [File: Line:-1] 18:38:14. 83 : 10.33.45.72 : NOTICE: [S=236]...
Page 853: Event Representation In Syslog Messages
CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Message Item Description The syntax of the BID is as follows: [BID=<last 6 characters in MAC>:<number of times device has reset>] For example: 14:32:52.062: 10.33.8.70: WARNING: [S=9399] [BID=2ed1c8:96] invalid Physical index Where: ■...
Page 854: Syslog Fields For Answering Machine Detection (Amd)
CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Error Abbreviation Error Name Description Invalid CID Error Invalid G723 Code Invalid payload length Invalid RTCP Packet Invalid SID Length Transmitter Received Illegal Command Lost Fax Frames In High Speed Mode...
Page 855: Snmp Alarms In Syslog Messages
CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual CallMachine:EVENT_DETECTED_EV - AMDSignal = <type – V/A/S/U>, AMDDecisionProbability = <percentage> % If there is no AMD detection, the AMDSignal field is shown empty (i.e. AMDSignal = ). For more information on the AMD feature, see Answering Machine Detection (AMD).
Page 856: Configuring Syslog Message Severity Level
CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual ➢ To configure the Syslog server address: Open the Logging Settings page (Troubleshoot menu > Troubleshoot tab > Logging folder > Logging Settings). In the 'Syslog Server IP' field [SyslogServerIP], enter the IP address of the Syslog server.
Page 857: Configuring Syslog Debug Level
CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Configuring Syslog Debug Level You can configure the amount of information (debug level) to include in Syslog messages. You can also enable the device to send multiple Syslog messages bundled into a single packet, and enable...
Page 858 CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual The following example shows a Web-user activity log (indicating a login action) with the above- mentioned information: 14:07:46.300 : 10.15.7.95 : Local 0 :NOTICE : [S=3149] [BID=3aad56:32] Activity Log: WEB: Successful login at 10.15.7.95:80.
Page 859: Viewing Syslog Messages
Web interface (Troubleshoot tab > Troubleshoot menu > Message Log ). You can select the Syslog messages displayed on the page, and then copy-and-paste them into a text editor such as Notepad. This text file (txt) can then be sent to AudioCodes support team for diagnosis and troubleshooting.
Page 860 Wireshark: Third-party, network protocol analyzer (http://www.wireshark.org). When debug recording is enabled and Syslog messages are also included in the debug recording, to view Syslog messages using Wireshark, you must install AudioCodes' Wireshark plug-in (acsyslog.dll). Once the plug-in is installed, the Syslog messages are decoded as "AC SYSLOG"...
Page 861: Syslog Message Description For Cpu Overload
CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Syslog Message Description for CPU Overload Whenever the devicedetects a CPU overload, it sends a Syslog message that shows CPU utilization of the different processes (tasks) per core. This information can help in identifying the cause of the overload.
Page 862: Configuring Debug Recording
CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Field Description “Total [ms (%)]” Total time (in msec) and percentage that task utilized CPU during entire period. “peak [ms]” Maximum lasting time (msec) that the task utilized CPU during the period.
Page 863: Collecting Debug Recording Messages
Install Wireshark on your computer (which can be downloaded from https://www.wireshark.org). Download AudioCodes proprietary Wireshark plug-in files according to the type of installation (32-bit or 64-bit) from https://www.audiocodes.com/library/firmware. Copy the downloaded plug-in files to the "plugin" directory of the Wireshark installation.
Page 864: Debug Capturing On Physical Voip Interfaces
CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual Debug Capturing on Physical VoIP Interfaces You can capture traffic on the device's physical (Ethernet LAN) VoIP interfaces (Layer-2 VLAN tagged packets). The captured traffic can be saved in a PCAP-format file (suitable for Wireshark) to a TFTP (default) or an FTP server.
Page 865 CHAPTER 52 Syslog and Debug Recording Mediant 4000 SBC | User's Manual ■ Remote server (TFTP or FTP): The capture is saved as a PCAP file (suitable for Wireshark) and sent to a specified server (default is TFTP) . The generated PCAP file is in the Extensible Record Format (ERF) and is saved on the device during the capture.
Page 866: Creating Core Dump And Debug Files Upon Device Crash
The core dump can either be included in or excluded from the debug file, or alternatively, sent separately to a TFTP server. You can then provide the files to AudioCodes support team for troubleshooting. ■...
Page 867 CHAPTER 53 Creating Core Dump and Debug Files upon Device Crash Mediant 4000 SBC | User's Manual (Optional) If you want the device to send the core dump file to a remote TFTP server, then in the 'Core Dump Destination IP' field, enter the IP address of the remote server.
Page 868: Debugging Web Services
CHAPTER 54 Debugging Web Services Mediant 4000 SBC | User's Manual Debugging Web Services If you have configured remote Web services (see Remote Web Services ), you can enable debugging of the remote HTTP clients. You can configure the debug level from 1 to 3, where 3 is the most detailed.
Page 869: Enabling Sip Call Flow Diagrams In Ovoc
You can configure the device to send SIP messages (in XML format) of SIP call dialogs to AudioCodes One Voice Operations Centers (OVOC) so that OVOC management users can view the call dialog as a call flow diagram. OVOC displays the call flow using vertical and horizontal lines where the vertical lines represent the SIP entities (including the device itself) involved in the dialog and where the horizontal lines represent the SIP requests and responses.
Page 870 CHAPTER 55 Enabling SIP Call Flow Diagrams in OVOC Mediant 4000 SBC | User's Manual Click Apply. ● If you have not configured any filtering rule for SIP call flow in the Logging Filters table, the device sends call flow messages to OVOC for all calls.
Page 871: Enabling Same Call Session Id Over Multiple Devices
The Global Session ID appears in SIP messages using the AudioCodes proprietary SIP header, AC-Session-ID, as shown in the example below: INVITE sip:2000@172.17.113.123;user=phone SIP/2.0...
Page 872: Testing Sip Signaling Calls
CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual Testing SIP Signaling Calls A simulated endpoint can be configured on the device to test SIP signaling of calls between it and a remote destination. This feature is useful in that it can remotely verify SIP message flow without involving the remote end side in the debug process.
Page 873 CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual Configure a test call according to the parameters described in the table below. Click Apply, and then save your settings to flash memory. Table 57-1: Test Call Rules Table Parameter Descriptions...
Page 874 CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual Parameter Description ✔ You must assign a SIP Interface (see the 'SIP Interface' below). ✔ The IP Profile of the default IP Group (ID 0) is used. You can use a different IP Profile, by specifying an IP Group in the 'IP Group' parameter (below).
Page 875 CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual Parameter Description ■ [3] SCTP Note: The parameter is applicable only if you configure the 'Route By' parameter to Dest Address. 'QoE Profile' Assigns a QoE Profile to the test call.
Page 876 CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual Parameter Description ■ [-1] Not Configured = (Default) The mode is according to the 'Allowed Coders Mode' parameter of the IP Profile associated with the rule's IP Group (see the 'IP Group' parameter above).
Page 877 CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual Parameter Description ■ [-1] Not Configured = The mode is according to the 'Alternative DTMF Method' and 'RFC 2833 Mode' parameters of the IP Profile associated with the rule's IP Group (see the 'IP Group' parameter above).
Page 878 CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Called 'Maximum Channels for Session' Defines the maximum number of concurrent channels for the test session. For example, if you have configured an max-channels endpoint "101" and you configure the parameter to "3", the...
Page 879 CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual Parameter Description 'Play' Enables the playing of a tone to the answered side of the call. play ■ [0] Disable = No tone is played. [Test_Call_Play] ■ [1] DTMF = (Default) Plays (loop) a user-defined...
Page 880: Starting And Stopping Test Calls
CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual Parameter Description ✔ Configure a Message Manipulation rule that adds the NetAnn parameters, based on the tone that you want played, to the INVITE message's Request-URI. ✔ Configure a Number Manipulation rule that changes the destination number to the Test Call ✔...
Page 881: Viewing Test Call Status
CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual ● Dial: Starts the test call (applicable only if the test call party is the caller). ● Drop Call: Stops the test call. ● Restart: Ends all established calls and then starts the test call session again.
Page 882 CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual The statistics fields are described in the following table: Table 57-3: Test Call Statistics Description Statistics Field Description Active Calls Number of currently established test calls. Call Attempts Number of calls that were attempted.
Page 883: Configuring Dtmf Tones For Test Calls
CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual Statistics Field Description ■ "Running (Calls: <number of active calls>, ASR: <ASR>%)": Test call has been started (i.e., the Dial command was clicked) and shows the following: ✔ Number of currently active test calls.
Page 884: Configuring Basic Test Calls
CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual ➢ To configure played DTMF signal to answered test call: Open the Test Call Settings page (Troubleshoot menu > Troubleshoot tab > Test Call folder > Test Call Settings).
Page 885 The test call is done between two AudioCodes devices - Device A and Device B - with simulated test endpoints. This eliminates the need for phone users, who would otherwise need to answer and end calls many times for batch testing.
Page 886 CHAPTER 57 Testing SIP Signaling Calls Mediant 4000 SBC | User's Manual ● Test Call Rules table configuration at Device B: Endpoint URI: "201" ◆ Maximum Channels for Session: "3" (configures three endpoints - "201", "202" and ◆ "203) ■ Registration Test Call Scenario: This example describes the configuration for testing the registration and authentication (i.e., username and pas,sword) process of a simulated test...
Page 887: Pinging A Remote Host Or Ip Address
CHAPTER 58 Pinging a Remote Host or IP Address Mediant 4000 SBC | User's Manual Pinging a Remote Host or IP Address You can verify the network connectivity with a remote host or IP address by pinging the network entity. ■...
Page 888: Appendix
Part XI Appendix...
Page 889: Patterns For Denoting Phone Numbers And Sip Uris
CHAPTER 59 Patterns for Denoting Phone Numbers and SIP URIs Mediant 4000 SBC | User's Manual Patterns for Denoting Phone Numbers and SIP URIs The table below lists the supported patterns (notations) that you can use in various configuration tables for matching rules, based on source and/or destination phone numbers and SIP URIs (user@host parts).
Page 890 CHAPTER 59 Patterns for Denoting Phone Numbers and SIP URIs Mediant 4000 SBC | User's Manual Pattern Description [n-m] or (n-m) Denotes a range of numbers. Examples: ■ To denote prefix numbers from 5551200 to 5551300: ✔ [5551200-5551300]# ■ To denote prefix numbers from 123100 to 123200: ✔...
Page 891 CHAPTER 59 Patterns for Denoting Phone Numbers and SIP URIs Mediant 4000 SBC | User's Manual Pattern Description For example, you can configure a manipulation rule that changes the received number +49 (7303) 165-xxxxx to +49 \287303\29 165-xxxxx, where \28 is the ASCII HEX value for “(“ and \29 is the ASCII HEX value for “)”.
Page 892: Configuration Parameters Reference
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Configuration Parameters Reference The device's VoIP functionality configuration parameters, default values, and their descriptions are documented in this section. Parameters and values enclosed in square brackets [...] represent ini file parameters and their enumeration values.
Page 893 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [2] Unlock (default) For more information, see Locking and Unlocking the Device on page 654. 'Graceful Option' Defines a graceful period (in seconds) before the device locks. During this period, the device does not accept any...
Page 894 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ The parameter is applicable only when the 'Allocation Profile' is configured to Custom. 'Allocation – SBC Media Defines SBC media session capacity for a customized Sessions' Allocation Profile for the Floating License feature.
Page 895: Web Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Web Parameters The Web parameters are described in the table below. Table 60-2: Web Parameters Parameter Description 'Enable web access from all interfaces' Enables Web access from any of the device's IP network interfaces.
Page 896 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description The valid value is 0, or 2 to 100000, where 0 means no timeout. The default is 15. Note: You can also configure the feature per user in...
Page 897 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description For more information, see Configuring CSRF Protection on page 53. Defines the LAN HTTP port for Web management. http-port To enable Web management from the LAN, [HTTPport] configure the desired port.
Page 898 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ✔ SNMP (restores default users and retains other configured users): 1) Set acSysGenericINILine to WEBPasswordControlViaSNMP = 1, and reset the device with a flash burn (set acSysActionSetResetControl to 1 and acSysActionSetReset to 1).
Page 899: Telnet And Cli Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description [UserProductName] Defines a name for the device instead of the default name. The value can be a string of up to 29 characters. For more information, see Customizing the Product Name.
Page 900 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [0] Disable configure system > cli- settings > telnet ■ [1] Enable Unsecured (default) [TelnetServerEnable] ■ [2] Enable Secured Note: Only management users with Security Administrator or Master user levels can access the CLI's Privileged command mode.
Page 901: Ini File Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Note: You can override this parameter for a specific CLI session and configure a different number of output lines, by using the window-height CLI command in the currently active CLI session.
Page 902 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Note: For the parameter to take effect, a device reset is required. Defines the device's local (LAN) UDP port configure system > snmp settings used for SNMP Get/Set commands.
Page 903 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description [KeepAliveTrapPort] Defines the port of the SNMP network management station to which the device sends keep-alive traps. The valid range is 0 - 65534. The default is port 162.
Page 904 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description [SNMPTrapEnterpriseOid] Defines the SNMP MIB OID for the Trap Enterprise. The default is 1.3.6.1.4.1.5003.9.10.1.21. Note: ■ For the parameter to take effect, a device reset is required. ■...
Page 905 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description The ID can be a string of up to 36 characters. The default is 00:00:00:00:00:00:00:00:00:00:00:00 (12 Hex octets characters). The provided key must be set with 12 Hex values delimited by a colon (":") in the format xx:xx:...:xx.
Page 906 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Trap Port' Defines the port number of the remote SNMP Manager. The device sends SNMP port traps to this port. [SNMPManagerTrapPort_x] The valid SNMP trap port range is 100 to 4000.
Page 907: Serial Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Trap Community String' Defines the community string for SNMP traps. For more information, see Configuring configure system > snmp trap > SNMP Community Strings on page 62. community-string [SNMPTrapCommunityStringPassword] Serial Parameters The serial interface parameters are described in the table below.
Page 908: Auxiliary And Configuration File Name Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Auxiliary and Configuration File Name Parameters The table below lists the parameters associated with the Auxiliary files. For more information on Auxiliary files, see Loading Auxiliary Files. Table 60-7: Auxiliary and Configuration File Parameters...
Page 909: Automatic Update Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description For the ini file, the name must be enclosed by single apostrophes, for example, 'userinfo_us.dat'. Note: The parameter is only used for backward compatibility. Automatic Update Parameters The automatic update of software and configuration files parameters are described in the table below.
Page 910 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Enables the device to gracefully lock for the Automatic aupd-graceful- Update feature when updating the ini configuration file. When shutdown the file is downloaded from the provisioning server, the device [AupdGracefulShutdown] gracefully locks.
Page 911 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Defines the filename and path (URL) to the provisioning server auto-firmware from where the software file (.cmp) can be downloaded, based [AutoCmpFileUrl] on timestamp for the Automatic Updated mechanism.
Page 912 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [1] = Enable CRC for the entire file, including line order (i.e., same text must be on the same lines). If there are differences between the files, the device installs the downloaded file.
Page 913 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ For the parameter to take effect, a device reset is required. ■ When the parameter is configured, the device always loads the cmp file after it is reset.
Page 914 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ The case-sensitive string, "<MAC>" can be used in the file name for instructing the device to replace it with the device's MAC address. For more information, see Address Placeholder in Configuration File Name.
Page 915 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Defines the name of the TLS trusted root certificate file and tls-root-cert the URL address of the server where the file is located. [TLSRootFileUrl] Optionally, the username and password ('https://username:password@10.1.1.1/<file name>') for...
Page 916 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Defines the URL address in the File Template for automatic template-url updates, of the provisioning server where the files to download [TemplateUrl] are located. Optionally, the username and password ('https://username:password@10.1.1.1/<file name>') for...
Page 917: Networking Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Networking Parameters This subsection describes the device's networking parameters. Multiple VoIP Network Interfaces and VLAN Parameters The IP network interfaces and VLAN parameters are described in the table below. Table 60-9: IP Network Interfaces and VLAN Parameters...
Page 918: Nat And Stun Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Table 60-11:QoS Parameters Parameter Description Layer-2 Class Of Service (CoS) Parameters (VLAN Tag Priority Field) Layer-3 Class of Service (TOS/DiffServ) Parameters CLI path: configure network > qos application-mapping 'Media Premium QoS' Global parameter defining the DiffServ value for Premium Media CoS content.
Page 919 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [1] = Enable. The device forwards received STUN packets. Note: The parameter is applicable only to the SBC application. NAT Parameters 'NAT Traversal' Enables the NAT traversal feature for media when the device communicates with UAs located behind NAT.
Page 920: Dns Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ● UA behind NAT: The device sends media only when the source of the media packets is the signaling IP address (source of the INVITE). If the 'Media Latch...
Page 921: Dhcp Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description For more information, see Configuring Default DNS Servers on page 119. 'Default Secondary DNS Server IP' Defines the address of the default secondary DNS configure network > dns settings > dns- server.
Page 922: Ntp And Daylight Saving Time Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [0] = Disable ■ [1] = (Default) Normal ■ [2] to [10] = Fast When set to 0, the DHCP lease renewal is disabled. Otherwise, the renewal time is divided by this factor. Some DHCP-enabled routers perform better when set to 4.
Page 923 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'NTP Authentication Secret Defines the secret authentication key shared between the Key' device (client) and the NTP server for authenticating NTP messages. auth-key-md5 The valid value is a string of up to 32 characters. By default, [ntpAuthMd5KeyPassword] no key is defined.
Page 924: Debugging And Diagnostics Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Offset' Defines the DST offset (in minutes). The valid range is 0 to 120. The default is 60. configure system > clock > summer-time > Note: The offset setting is applied only on the hour. For...
Page 925: Syslog, Cdr And Debug Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Table 60-17:SIP Test Call Parameters Parameter Description 'Test Call DTMF String' Defines the DTMF tone that is played for answered test calls (incoming and outgoing). configure troubleshoot > The DTMF string can be up to 15 strings. The default is test-call settings >...
Page 926 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Log Severity Level' Defines the minimum severity level of messages included in the Syslog message that is generated by the device. log-level The specified severity level and all higher severity levels [SyslogLogLevel] are included in the Syslog message.
Page 927 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [3] Connect & End Call = CDR report is sent to Syslog at connection and at the end of each call. ■ [4] Start & End & Connect Call = CDR report is sent to Syslog at the start, at connection, and at the end of each call.
Page 928 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [4] Start & End & Connect Call = CDRs are sent at the start, connection, and end of each call. ■ [5] Connect Only = CDRs are sent at call connection.
Page 929 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ CDR file creation works together with the 'File Size' parameter, whereby the file is created as soon as one of the parameter's ('File Size' or 'Rotation Period') settings are fulfilled (whichever is met earlier).
Page 930 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Syslog CPU Protection' Enables the protection of the device's CPU resources during debug reporting, ensuring voice traffic is unaffected. configure troubleshoot If CPU resources drop (i.e., high CPU usage) to a critical >...
Page 931 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Defines the unit of measurement for call duration configure troubleshoot ("Duration" field) in CDRs generated by the device. > cdr > call-duration- units ■ [0] Seconds (default) [CallDurationUnits] ■...
Page 932 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [swu] Device Software Update = Software updates (i.e., loading of cmp file) through the Software Upgrade Wizard. ■ [naa] Non-Authorized Access = Attempts to log in to the Web interface with a false or empty username or password.
Page 933: Resource Allocation Indication Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Enable Note: For the parameter to take effect, a device reset is required. 'Core Dump Destination IP' Defines the IP address of the remote server where you want the device to send the Core Dump file.
Page 934: Ha Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual HA Parameters The High Availability (HA) parameters are described in the table below. When configuration is applied to the device whose MAC is the value of the HARemoteMAC parameter, all HA configuration is swapped between local and remote parameters, including the IP address of the Maintenance interface, which is swapped with the address configured for the HARemoteAddress parameter.
Page 935 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'HA Device Name' Defines a name for the active device, which is displayed on the Home page to indicate the active configure network > high- device. availability settings >...
Page 936: Security Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ The parameter is applicable only if you configure the 'Preempt Mode' parameter to Enable. ■ You must configure each device in the HA system with different parameter values (priorities).
Page 937 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Dynamic = (Default) Device latches on to the first stream. If it receives at least a minimum number of consecutive packets (configured by New<media type>StreamPackets) from a different source(s) and...
Page 938: Https Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description The valid range is 0 to 20. The default is 3. If set to 0, the device is left exposed to attacks against multiple packet streams. 'New SRTP Stream Packets'...
Page 939: Srtp Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Table 60-22:HTTPS Parameters Parameter Description 'Secured Web Connection Defines the protocol for accessing the Web interface. (HTTPS)' ■ [0] HTTP and HTTPS (default) configure system > web > ■ [1] HTTPs Only = Unencrypted HTTP packets are secured-connection blocked.
Page 940 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Master Key Identifier (MKI) Size' Global parameter that defines the size (in bytes) of the Master Key Identifier (MKI) configure voip > media security > in SRTP Tx packets. You can also...
Page 941 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ The parameter also affects the selection of the crypto in the device's answer. For example, if the device receives an offer with two crypto lines ('a=crypto:') containing HMAC_...
Page 942: Tls Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ The parameter is applicable only to SRTP-to-SRTP calls and when both endpoints use the same authentication keys. 'SRTP Tunneling Authentication for RTCP' Enables validation of RTP tunneling authentication for RTCP.
Page 943 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'TLS Mutual Authentication' Defines the device's mode of operation regarding mutual authentication and certificate verification for configure network > TLS connections. security-settings > ■ [0] Disable = (Default) SIPSREQUIRECLIENTCERTIFICATE ✔...
Page 944 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ If the SubjectAltName is not marked as "critical", the device checks if the FQDN in the certificate's Common Name (CN) of the SubjectName is the same as that configured for the TLSRemoteSubjectName parameter or for the Proxy Set.
Page 945: Ssh Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'TLS Expiry Check Period' Defines the periodical interval (in days) for checking the TLS server certificate expiry date. expiry-check-period The valid value is 1 to 3650. The default is 7.
Page 946: Ids Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Max Binary Packet Size' Defines the maximum packet size (in bytes) for SSH packets. configure system > cli- The valid value is 582 to 35000. The default is 35000.
Page 947: Ocsp Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Excluded Response Codes' Defines the SIP response codes that are excluded form the IDS count for SIP dialog establishment failures. excluded-responses The valid value is 400 through to 699. The maximum length [IDSExcludedResponseCode is 100 characters.
Page 948: Proxy, Registration And Authentication Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description [OCSPDefaultResponse] ■ [0] Reject (default) ■ [1] Allow Proxy, Registration and Authentication Parameters The proxy server, registration and authentication SIP parameters are described in the table below. Table 60-28:Proxy, Registration and Authentication SIP Parameters...
Page 949 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Note: To use this Proxy Redundancy mechanism, you need to enable the keep-alive with Proxy option, by setting the parameter EnableProxyKeepAlive to 1 or 2. 'Proxy IP List Refresh Time'...
Page 950 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ If a specific Transport Type is configured, a NAPTR query is not performed. ■ To enable NAPTR/SRV queries for Proxy servers only, use the global parameter ProxyDNSQueryType, or use the Proxy Sets table.
Page 951 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [2] Server = Device's IP address is used in the From and To headers in keep-alive OPTIONS messages. 'Password' Defines the password for Basic/Digest authentication with a Proxy/Registrar server. A single password is configure voip >...
Page 952 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Registration Time' Defines the time interval (in seconds) for registering to a Proxy server. The value is used in the SIP Expires configure voip > sip- header. The parameter also defines the time interval...
Page 953 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description The device uses the following algorithm to calculate the incremental augmented wait-time between each registration attempt: Wait Time = min (max-time, (base-time * (2 ^ consecutive-failures))) Where: ■...
Page 954 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Enable = The device sends an asterisk ("*") value in the SIP Contact header, instructing the Registrar server to remove all previous registration bindings. The device removes SIP User Agent (UA) registration bindings in a Registrar, according to RFC 3261.
Page 955 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Enable configure voip > sip- definition proxy-and- When the device sends a REGISTER message, the registration > add-init- Route header includes either the Proxy's FQDN, or IP...
Page 956 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description The device uses the range of 80-100% of this user- defined value as the actual interval. For example, if the parameter value is set to 200 sec, the interval used is any random time between 160 to 200 seconds.
Page 957: Network Application Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Note: SIP response code 408 also refers to an INVITE timeout (i.e., no reply from server). Therefore, if re- registration is needed for such a scenario, make sure that you configure the parameter with "408"...
Page 958 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description [UseRandomUser] Enables the device to assign a random string value for the user part of the SIP Contact header in the REGISTER message (generated by the device) for new user Account registrations with the device.
Page 959 "Event: check-sync;reboot=true": Triggers a device reset. ■ "Event: soft-sync": Triggers the device to disconnect all current calls. Note: The Event header value is proprietary to AudioCodes. 'Max SIP Message Defines the maximum size (in Kbytes) for each SIP message that Length' can be sent over the network.
Page 960 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [1] Enable = Rejects a CANCEL request received during the INVITE transaction by sending a SIP 481 (Call/Transaction Does Not Exist) response and maintains the call session.
Page 961 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ Handling In-dialog Requests: If the VerifyRecievedRequestUri parameter is configured to [1] or [3], for all incoming in-dialog requests (including ACK and CANCEL), the device checks if the Request-URI user part matches the remote Contact user part (i.e., the Contact user configured for...
Page 962 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Via: SIP/2.0/UDP 10.33.4.126;branch=z9hG4bKac2127550866 Max-Forwards: 70 From: <sip:401@10.33.4.126;user=phone>;tag=1c211355332 To: <sip:302@company.com>;tag=1c991751121 Call-ID: 991750671245200001912@10.33.4.125 CSeq: 1 BYE X-RTP-Stat: PS=207;OS=49680;;PR=314;OR=50240;PL=0;JI=600;LA= Supported: em,timer,replaces,path,resource- priority Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PR ACK,REFER,INFO,SUBSCRIBE,UPDATE User-Agent: Sip-Gateway-/7.20A.252.011 Reason: Q.850 ;cause=16 ;text="local"...
Page 963 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Fax Signaling Method' Global parameter defining the SIP signaling method for establishing and transmitting a fax session when the device detects a fax. fax-sig-method You can also configure this feature per specific calls, using IP [IsFaxUsed] Profiles (IpProfile_IsFaxUsed).
Page 964 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Display Default SIP Enables the device to add the default SIP port 5060 (UDP/TCP) or Port' 5061 (TLS) to outgoing messages that are received without a port. This condition also applies to manipulated messages where the configure voip >...
Page 965 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Note: To enable TCP/TLS connection re-use, set the EnableTCPConnectionReuse parameter to 1. 'Reliable Connection Enables setting of all TCP/TLS connections as persistent and Persistent Mode' therefore, not released.
Page 966 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description configure voip > sip-definition settings > phone-in-from- [IsUserPhoneInFrom] 'Use Tel URI for Defines the format of the URI in the P-Asserted-Identity and P- Asserted Identity' Preferred-Identity headers. ■...
Page 967 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ If more than two P-Preferred-Identity headers are received in the incoming message, the device keeps the first two headers (if configured to 0) or the first header (if configured to 1), and removes the others in the outgoing message.
Page 968 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description If the remote server doesn’t support GRUU, it ignores the parameters of the GRUU. Otherwise, if the remote side also supports GRUU, the REGISTER responses contain the “gruu”...
Page 969 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Even though some SIP devices don’t follow this behavior and don’t increment the origin value even in scenarios where they want to re- negotiate, the device can assume that the remote party operates according to RFC 3264, and in cases where the origin field is not incremented, the device does not re-negotiate SDP capabilities.
Page 970 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description In certain scenarios (depending on the value of this parameter), the device considers the proxy as offline (down) for the number of seconds specified in the Retry-After header. During this timeout, the device does not send any SIP messages to the proxy.
Page 971 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description If the device receives a SIP 503 response to an INVITE, it also marks that the proxy is out of service for the defined "Retry-After" period. 'P-Associated-URI Determines the device usage of the P-Associated-URI header. This...
Page 972 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description [EnableReasonHeade 'Gateway Name' Defines a name for the device (e.g., device123.com). This name is used as the host part of the SIP URI in the From header. If not configure voip >...
Page 973 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Enables the device to send "a=crypto" lines without the lifetime configure voip > parameter in the SDP. For example, if the SDP contains sip-definition "a=crypto:12 AES_CM_128_HMAC_SHA1_80 settings >...
Page 974 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Enables the usage of the 'rport' parameter in the Via header. configure voip > sip-definition ■ [0] = Disabled (default) settings > ■ [1] = Enabled rport-support The device adds an 'rport' parameter to the Via header of each [EnableRport] outgoing SIP message.
Page 975 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [0] Disable (default) configure voip > sip-definition ■ [1] Enable settings > For example, if a calling party makes a call to telephone number microsoft-ext 622125519100 Ext. 104, the device receives the SIP INVITE (from...
Page 976 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'First Call Ringback Defines the index of the first ringback tone in the CPT file. This Tone ID' option enables an Application server to request the device to play a distinctive ringback tone to the calling party according to the configure voip >...
Page 977 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description [GWOutboundManipul The Manipulation Set is defined using the MessageManipulations ationSet] parameter. By default, no manipulation is done (i.e. Manipulation Set ID is set to -1). For more information, see Configuring SIP Message Manipulation page 478.
Page 978: Channel Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description [SipT1Rtx] Note: The time interval between subsequent retransmissions of the same SIP message starts with SipT1Rtx. For INVITE requests, it is multiplied by two for each new retransmitted message. For all other SIP messages, it is multiplied by two until SipT2Rtx.
Page 979: Voice Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Voice Parameters The voice parameters are described in the table below. Table 60-31:Voice Parameters Parameter Description 'Input Gain' Global parameter defining the pulse-code modulation (PCM) input (received) gain control configure voip > media voice >...
Page 980 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Network Echo Suppressor Enable' Enables the network Acoustic Echo Suppressor feature on SBC calls. This feature removes configure voip/media echoes and sends only the near-end’s desired voice/acoustic-echo- speech signal to the network (i.e., to the far-end suppressor-enable party).
Page 981: Coder Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [3] = 3 dB Global parameter enabling Non-Linear Processing configure voip > media voice > (NLP) mode for echo cancellation. echo-canceller-NLP-mode [ECNLPMode] ■ [0] = (Default) NLP adapts according to echo changes ■...
Page 982 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Table 60-32:Coder Parameters Parameter Description 'SILK Tx Inband FEC' Enables forward error correction (FEC) for the SILK coder. configure voip > media ■ [0] Disable (default) settings > silk-tx- inband-fec ■...
Page 983: Dtmf Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Fax/Modem Bypass Packing Defines the number (20 msec) of coder payloads used to Factor' generate a fax/modem bypass packet. The valid range is 1, 2, or 3 coder payloads. The default is configure voip >...
Page 984: Rtp, Rtcp And T.38 Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description [DTMFDigitLength] Defines the time (in msec) for generating DTMF tones if FirstTxDTMFOption = 1, 2 or 3. It also configures the duration that is sent in INFO (Cisco) messages.
Page 985 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'RTP Redundancy Depth' Global parameter that enables the device to generate RFC 2198 redundant packets. You can also configure configure voip > media this feature per specific calls, using IP Profiles rtp-rtcp >...
Page 986 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [2] = (Default) The device uses the received GARP packets to change the MAC address of the transmitted RTP packets. ■ [3] = Options 1 and 2 are used.
Page 987 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Defines the port spacing ("jumps") of local UDP ports configure voip > media allocated by the device to media channels (legs) within rtp-rtcp > udp-port- the configured port range.
Page 988 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'T38 Fax Max Buffer' Defines the maximum size (in bytes) of the device's T.38 buffer. This value is included in the outgoing SDP configure voip > sip- when T.38 is used for fax relay over IP.
Page 989: Fax And Modem Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description 'Burst Threshold' Defines the voice quality monitoring - excessive burst alert threshold. [VQMonBurstHR] The default is -1 (i.e., no alerts are issued). 'Delay Threshold' Defines the voice quality monitoring - excessive delay alert threshold.
Page 990 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [2] Bypass ■ [3] Events Only Note: The parameter is overridden by the parameter [IsFaxUsed]. If the parameter [IsFaxUsed] is set to 1 (T.38 Relay) or 3 (Fax Fallback), then [FaxTransportMode] is always set to 1 (T.38 relay).
Page 991 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Note: You can also configure this feature per specific calls, using IP Profiles (IpProfile_VxxTransportType). For more information, see Configuring IP Profiles. 'V.32 Modem Transport Type' Determines the V.32 modem transport type.
Page 992 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Note: ■ This feature is applicable only if the IsFaxUsed parameter is set to [1] or [3]. ■ The device also sends T.38 re- INVITE if the CNGDetectorMode...
Page 993 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Note: The parameter is applicable only to non-V.21 packets. 'Fax Relay Max Rate' (bps) Defines the maximum rate (in bps) at which fax relay messages are configure voip > media fax-modem >...
Page 994 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description The valid range is 0 to 127. The default is configure voip > media rtp-rtcp > 102. fax-bypass-payload-type [FaxBypassPayloadType] Defines the modem bypass dynamic configure voip > media rtp-rtcp >...
Page 995 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [1] = Enable. When the parameter is enabled on Bypass and transparent with events mode (VxxTransportType is set to 2 or 3), a detection of an Answer Tone from the...
Page 996 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ■ [0] Initiate T.38 on Preamble = (Default) The device to which the called fax is connected initiates a T.38 session on receiving . Preamble signal from the fax.
Page 997: Answer And Disconnect Supervision Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description Note: For the parameter to take effect, a device reset is required. 'SSE Payload Type Rx' Defines the V.150.1 (modem relay protocol) State Signaling Event (SSE) configure voip > media fax-modem >...
Page 998 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Table 60-36:Answer and Disconnect Parameters Parameter Description 'Broken Connection Mode' Global parameter that defines the device's handling of calls if RTP packets are not received within a user- configure voip > sip- defined timeout, configured by the definition settings >...
Page 999: Sbc Parameters
CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual SBC Parameters The SBC and CRP parameters are described in the table below. Table 60-37:SBC and CRP Parameters Parameter Description CRP-specific Parameters Enables the CRP application. configure voip > application >...
Page 1000 CHAPTER 60 Configuration Parameters Reference Mediant 4000 SBC | User's Manual Parameter Description ✔ The source SRD is determined according to the SIP Interface to where the SIP-initiating dialog request is sent. The source IP Group is set to the default IP Group associated with this SRD.

AudioCodes Mediant 4000 SBC User Manual

1 Introduction

2 Introduction

3 Default IP Address

4 Configuring Voip LAN Interface for OAMP

5 Introduction

6 Web-Based Management

7 CLI-Based Management

8 SNMP-Based Management

9 INI File-Based Management

10 REST-Based Management

11 Date and Time

12 Configuring a Hostname for the Device

13 Network

14 Security

15 Media

16 Services

17 Quality of Experience

18 Core Entities

19 Coders and Profiles

20 SIP Definitions

Quick Links

Troubleshooting

Related Manuals for AudioCodes Mediant 4000 SBC

Summary of Contents for AudioCodes Mediant 4000 SBC