User`s manual
Table Of Contents
- Mediant 2000 & TP-1610 & TP-260/UNI SIP User’s Manual Version 5.0
- Table of Contents
- List of Figures
- List of Tables
- Notices
- 1. Overview
- 2. Physical Description
- 3. Installation
- 4. Getting Started
- 5. Web Management
- Computer Requirements
- Protection and Security Mechanisms
- Accessing the Embedded Web Server
- Getting Acquainted with the Web Interface
- Protocol Management
- Advanced Configuration
- Status & Diagnostic
- Software Update Menu
- Maintenance
- Logging Off the Embedded Web Server
- 6. Gateway's ini File Configuration
- Secured ini File
- Modifying an ini File
- The ini File Content
- The ini File Structure
- The ini File Example
- Networking Parameters
- System Parameters
- Web and Telnet Parameters
- Security Parameters
- RADIUS Parameters
- SNMP Parameters
- SIP Configuration Parameters
- Voice Mail Parameters
- ISDN and CAS Interworking-Related Parameters
- Number Manipulation and Routing Parameters
- E1/T1 Configuration Parameters
- Channel Parameters
- Configuration Files Parameters
- 7. Using BootP / DHCP
- 8. Telephony Capabilities
- Working with Supplementary Services
- Configuring the DTMF Transport Types
- Fax & Modem Transport Modes
- Event Notification using X-Detect Header
- ThroughPacket™
- Dynamic Jitter Buffer Operation
- Configuring the Gateway’s Alternative Routing (based on Conn
- Call Detail Report
- Supported RADIUS Attributes
- Trunk to Trunk Routing Example
- Proxy or Registrar Registration Example
- SIP Call Flow Example
- SIP Authentication Example
- 9. Networking Capabilities
- 10. Advanced PSTN Configuration
- 11. Advanced System Capabilities
- 12. Special Applications
- 13. Security
- 14. Diagnostics
- 15. SNMP-Based Management
- SNMP Standards and Objects
- Carrier Grade Alarm System
- Cold Start Trap
- Third-Party Performance Monitoring Measurements
- TrunkPack-VoP Series Supported MIBs
- Traps
- SNMP Interface Details
- SNMP Manager Backward Compatibility
- Dual Module Interface
- SNMP NAT Traversal
- SNMP Administrative State Control
- AudioCodes’ Element Management System
- 16. Configuration Files
- Appendix A. Selected Technical Specifications
- Appendix B. Supplied SIP Software Kit
- Appendix C. SIP Compliance Tables
- Appendix D. The BootP/TFTP Configuration Utility
- Appendix E. RTP/RTCP Payload Types and Port Allocation
- Appendix F. RTP Control Protocol Extended Reports (RTCP-XR)
- Appendix G. Accessory Programs and Tools
- Appendix H. Release Reason Mapping
- Appendix I. SNMP Traps
- Appendix J. Installation and Configuration of Apache HTTP Server
- Appendix K. Regulatory Information
Mediant 2000 & TP-1610 & TP-260
SIP User's Manual 284 Document #: LTRT-68805
Table 13-1: IKE Table Configuration Parameters (continues on pages 283 to 284)
Parameter Name Description
Authentication Method
[IkePolicyAuthenticationMeth
od]
Determines the authentication method for IKE.
The valid authentication method values include:
0 = Pre-shared Key (default)
1 = RSA Signiture
Note 1: For pre-shared key based authentication, peers participating in an IKE
exchange must have a prior (out-of-band) knowledge of the common key (see
IKEPolicySharedKey parameter).
Note 2: For RSA signature based authentication, peers must be loaded with a
certificate signed by a common CA. For additional information on certificates,
refer to Section
13.2.4 on page 291.
IKE SA LifeTime (sec)
[IKEPolicyLifeInSec]
Determines the time (in seconds) the SA negotiated in the first IKE session
(main mode) is valid. After the time expires, the SA is re-negotiated.
The default value is 28800 (8 hours).
IKE SA LifeTime (KB)
[IKEPolicyLifeInKB]
Determines the lifetime (in kilobytes) the SA negotiated in the first IKE session
(main mode) is valid. After this size is reached, the SA is re-negotiated.
The default value is 0 (this parameter is ignored).
The lifetime parameters (IKEPolicyLifeInSec and IKEPolicyLifeInKB) determine the duration the SA created in
the main mode phase is valid. When the lifetime of the SA expires, it is automatically renewed by performing the
IKE first phase negotiations. To refrain from a situation where the SA expires, a new SA is being negotiated
while the old one is still valid. As soon as the new SA is created, it replaces the old one. This procedure occurs
whenever an SA is about to expire.
If no IKE methods are defined (Encryption / Authentication / DH Group), the default settings
(shown in Table
13-2 below) are applied.
Table 13-2: Default IKE First Phase Proposals
Encryption Authentication DH Group
Proposal 0 3DES SHA1 1024
Proposal 1 3DES MD5 1024
Proposal 2 3DES SHA1 786
Proposal 3 3DES MD5 786
¾ To configure the IKE table using the ini file:
The IKE parameters are configured using ini file tables (described in Section 11.5 on page
253). Each line in the table refers to a different IKE peer.
The Format line (IKE_DB_INDEX in the example below) specifies the order in which the
actual data lines are written. The order of the parameters is irrelevant. Parameters are not
mandatory unless stated otherwise. To support more than one Encryption / Authentication /
DH Group proposals, for each proposal specify the relevant parameters in the Format line.
Note that the proposal list must be contiguous.
Figure 13-2: Example of an IKE Table
[IPSec_IKEDB_Table]
Format IKE_DB_INDEX = IKEPolicySharedKey, IKEPolicyProposalEncryption_0,
IKEPolicypRoposalAuthentication_0, IKEPolicyProposalDHGroup_0,
IKEPolicyProposalEncryption_1, IKEPolicypRoposalAuthentication_1,
IKEPolicyProposalDHGroup_1, IKEPolicyLifeInSec;
IPSEC_IKEDB_TABLE 0 = 123456789, 1, 2, 0, 2, 2, 1, 28800;
[\IPSEC_IKEDB_TABLE]