User`s manual
Table Of Contents
- Mediant 2000 & TP-1610 & TP-260/UNI SIP User’s Manual Version 5.0
- Table of Contents
- List of Figures
- List of Tables
- Notices
- 1. Overview
- 2. Physical Description
- 3. Installation
- 4. Getting Started
- 5. Web Management
- Computer Requirements
- Protection and Security Mechanisms
- Accessing the Embedded Web Server
- Getting Acquainted with the Web Interface
- Protocol Management
- Advanced Configuration
- Status & Diagnostic
- Software Update Menu
- Maintenance
- Logging Off the Embedded Web Server
- 6. Gateway's ini File Configuration
- Secured ini File
- Modifying an ini File
- The ini File Content
- The ini File Structure
- The ini File Example
- Networking Parameters
- System Parameters
- Web and Telnet Parameters
- Security Parameters
- RADIUS Parameters
- SNMP Parameters
- SIP Configuration Parameters
- Voice Mail Parameters
- ISDN and CAS Interworking-Related Parameters
- Number Manipulation and Routing Parameters
- E1/T1 Configuration Parameters
- Channel Parameters
- Configuration Files Parameters
- 7. Using BootP / DHCP
- 8. Telephony Capabilities
- Working with Supplementary Services
- Configuring the DTMF Transport Types
- Fax & Modem Transport Modes
- Event Notification using X-Detect Header
- ThroughPacket™
- Dynamic Jitter Buffer Operation
- Configuring the Gateway’s Alternative Routing (based on Conn
- Call Detail Report
- Supported RADIUS Attributes
- Trunk to Trunk Routing Example
- Proxy or Registrar Registration Example
- SIP Call Flow Example
- SIP Authentication Example
- 9. Networking Capabilities
- 10. Advanced PSTN Configuration
- 11. Advanced System Capabilities
- 12. Special Applications
- 13. Security
- 14. Diagnostics
- 15. SNMP-Based Management
- SNMP Standards and Objects
- Carrier Grade Alarm System
- Cold Start Trap
- Third-Party Performance Monitoring Measurements
- TrunkPack-VoP Series Supported MIBs
- Traps
- SNMP Interface Details
- SNMP Manager Backward Compatibility
- Dual Module Interface
- SNMP NAT Traversal
- SNMP Administrative State Control
- AudioCodes’ Element Management System
- 16. Configuration Files
- Appendix A. Selected Technical Specifications
- Appendix B. Supplied SIP Software Kit
- Appendix C. SIP Compliance Tables
- Appendix D. The BootP/TFTP Configuration Utility
- Appendix E. RTP/RTCP Payload Types and Port Allocation
- Appendix F. RTP Control Protocol Extended Reports (RTCP-XR)
- Appendix G. Accessory Programs and Tools
- Appendix H. Release Reason Mapping
- Appendix I. SNMP Traps
- Appendix J. Installation and Configuration of Apache HTTP Server
- Appendix K. Regulatory Information
Mediant 2000 & TP-1610 & TP-260
SIP User's Manual 286 Document #: LTRT-68805
13.1.3.2 IPSec Configuration
The parameters described in Table 13-3 below are used to configure the SPD table. A
different set of parameters can be configured for each of the 20 available IP destinations.
Table 13-3: SPD Table Configuration Parameters (continues on pages 286 to 286)
Parameter Name Description
Remote IP Address
[IPSecPolicyRemoteIPAddres
s]
Defines the destination IP address (or a FQDN) the
IPSec mechanism is applied to.
This parameter is mandatory.
Note: When a FQDN is used, a DNS server must be
configured (DNSPriServerIP).
Local IP Address Type
[IPSecPolicyLocalIPAddressT
ype]
Determines the local interface to which the encryption is
applied (applicable to multiple IPs and VLANs).
0 = OAM interface (default).
1 = Control interface.
Source Port
[IPSecPolicySrcPort]
Defines the source port the IPSec mechanism is applied
to.
The default value is 0 (any port).
Destination Port
[IPSecPolicyDstPort]
Defines the destination port the IPSec mechanism is
applied to.
The default value is 0 (any port).
Protocol
[IPSecPolicyProtocol]
Defines the protocol type the IPSec mechanism is
applied to.
0 = Any protocol (default).
17 = UDP.
6 = TCP.
Or any other protocol type defined by IANA (Internet
Assigned Numbers Authority).
IPSec is applied to
outgoing packets
whose IP address,
destination port,
source port and
protocol type match
the values defined for
these four
parameters.
Related Key Exchange Method
Index
[IPsecPolicyKeyExchangeMet
hodIndex]
Determines the index for the corresponding IKE entry. Note that several
policies can be associated with a single IKE entry.
The valid range is 0 to 19. The default value is 0.
IKE Second Phase Parameters (Quick Mode)
SA Lifetime (sec)
[IPsecPolicyLifeInSec]
Determines the time (in seconds) the SA negotiated in the second IKE session
(quick mode) is valid. After the time expires, the SA is re-negotiated.
The default value is 28800 (8 hours).
SA Lifetime (KB)
[IPSecPolicyLifeInKB]
Determines the lifetime (in kilobytes) the SA negotiated in the second IKE
session (quick mode) is valid. After this size is reached, the SA is re-negotiated.
The default value is 0 (this parameter is ignored).
The lifetime parameters (IPsecPolicyLifeInSec and IPSecPolicyLifeInKB) determine the duration of which an SA
is valid. When the lifetime of the SA expires, it is automatically renewed by performing the IKE second phase
negotiations. To refrain from a situation where the SA expires, a new SA is being negotiated while the old one is
still valid. As soon as the new SA is created, it replaces the old one. This procedure occurs whenever an SA is
about to expire.
First to Fourth Proposal
Encryption Type
[IPSecPolicyProposalEncrypt
ion_X]
Determines the encryption type used in the quick mode negotiation for up to
four proposals.
X stands for the proposal number (0 to 3).
The valid encryption values are:
Not Defined (default)
None [0] = No encryption
DES-CBC [1]
Triple DES-CBC [2]
AES [3]
First to Fourth Proposal
Authentication Type
[IPSecPolicyProposalAuthent
ication_X]
Determines the authentication protocol used in the quick mode negotiation for
up to four proposals.
X stands for the proposal number (0 to 3).
The valid authentication values are:
Not Defined (default)
HMAC-SHA-1-96 [2]
HMAC-MD5-96 [4]