User`s manual
Table Of Contents
- Mediant 2000 & TP-1610 & TP-260/UNI SIP User’s Manual Version 5.0
- Table of Contents
- List of Figures
- List of Tables
- Notices
- 1. Overview
- 2. Physical Description
- 3. Installation
- 4. Getting Started
- 5. Web Management
- Computer Requirements
- Protection and Security Mechanisms
- Accessing the Embedded Web Server
- Getting Acquainted with the Web Interface
- Protocol Management
- Advanced Configuration
- Status & Diagnostic
- Software Update Menu
- Maintenance
- Logging Off the Embedded Web Server
- 6. Gateway's ini File Configuration
- Secured ini File
- Modifying an ini File
- The ini File Content
- The ini File Structure
- The ini File Example
- Networking Parameters
- System Parameters
- Web and Telnet Parameters
- Security Parameters
- RADIUS Parameters
- SNMP Parameters
- SIP Configuration Parameters
- Voice Mail Parameters
- ISDN and CAS Interworking-Related Parameters
- Number Manipulation and Routing Parameters
- E1/T1 Configuration Parameters
- Channel Parameters
- Configuration Files Parameters
- 7. Using BootP / DHCP
- 8. Telephony Capabilities
- Working with Supplementary Services
- Configuring the DTMF Transport Types
- Fax & Modem Transport Modes
- Event Notification using X-Detect Header
- ThroughPacket™
- Dynamic Jitter Buffer Operation
- Configuring the Gateway’s Alternative Routing (based on Conn
- Call Detail Report
- Supported RADIUS Attributes
- Trunk to Trunk Routing Example
- Proxy or Registrar Registration Example
- SIP Call Flow Example
- SIP Authentication Example
- 9. Networking Capabilities
- 10. Advanced PSTN Configuration
- 11. Advanced System Capabilities
- 12. Special Applications
- 13. Security
- 14. Diagnostics
- 15. SNMP-Based Management
- SNMP Standards and Objects
- Carrier Grade Alarm System
- Cold Start Trap
- Third-Party Performance Monitoring Measurements
- TrunkPack-VoP Series Supported MIBs
- Traps
- SNMP Interface Details
- SNMP Manager Backward Compatibility
- Dual Module Interface
- SNMP NAT Traversal
- SNMP Administrative State Control
- AudioCodes’ Element Management System
- 16. Configuration Files
- Appendix A. Selected Technical Specifications
- Appendix B. Supplied SIP Software Kit
- Appendix C. SIP Compliance Tables
- Appendix D. The BootP/TFTP Configuration Utility
- Appendix E. RTP/RTCP Payload Types and Port Allocation
- Appendix F. RTP Control Protocol Extended Reports (RTCP-XR)
- Appendix G. Accessory Programs and Tools
- Appendix H. Release Reason Mapping
- Appendix I. SNMP Traps
- Appendix J. Installation and Configuration of Apache HTTP Server
- Appendix K. Regulatory Information
SIP User's Manual 13. Security
Version 5.0 289 October 2006
13.1.3.3 IPSec and IKE Configuration Table’s Confidentiality
Since the pre-shared key parameter of the IKE table must remain undisclosed, measures
are taken by the ini file, Embedded Web Server and SNMP agent to maintain this
parameter’s confidentiality. On the Embedded Web Server a list of asterisks is displayed
instead of the pre-shared key. On SNMP, the pre-shared key parameter is a write-only
parameter and cannot be read. In the ini file, the following measures to assure the secrecy
of the IPSec and IKE tables are taken:
Hidden IPSec and IKE tables - When uploading the ini file from the gateway the IPSec
and IKE tables are not available. Instead, the notifications (shown in Figure 13-6) are
displayed.
Figure 13-6: Example of an ini File Notification of Missing Tables
;
; *** TABLE IPSEC_IKEDB_TABLE ***
; This table contains hidden elements and will not be exposed.
; This table exists on board and will be saved during restarts
;
;
; *** TABLE IPSEC_SPD_TABLE ***
; This table contains hidden elements and will not be exposed.
; This table exists on board and will be saved during restarts
;
Preserving the values of the parameters in the IPSec and IKE tables from one ini file
loading to the next – The values configured for the parameters in the IPSec tables in
the ini file are preserved from one loading to another. If a newly loaded ini file doesn’t
define IPSec tables, the previously loaded tables remain valid. To invalidate a
previously loaded ini file's IPSec tables, load a new ini file with an empty IPSec table
(shown below).
Figure 13-7: Empty IPSec / IKE Tables
[IPSec_IKEDB_Table]
[\IPSec_IKEDB_Table]
[IPSEC_SPD_TABLE]
[\IPSEC_SPD_TABLE]