User`s manual
Table Of Contents
- Mediant 2000 & TP-1610 & TP-260/UNI SIP User’s Manual Version 5.0
- Table of Contents
- List of Figures
- List of Tables
- Notices
- 1. Overview
- 2. Physical Description
- 3. Installation
- 4. Getting Started
- 5. Web Management
- Computer Requirements
- Protection and Security Mechanisms
- Accessing the Embedded Web Server
- Getting Acquainted with the Web Interface
- Protocol Management
- Advanced Configuration
- Status & Diagnostic
- Software Update Menu
- Maintenance
- Logging Off the Embedded Web Server
- 6. Gateway's ini File Configuration
- Secured ini File
- Modifying an ini File
- The ini File Content
- The ini File Structure
- The ini File Example
- Networking Parameters
- System Parameters
- Web and Telnet Parameters
- Security Parameters
- RADIUS Parameters
- SNMP Parameters
- SIP Configuration Parameters
- Voice Mail Parameters
- ISDN and CAS Interworking-Related Parameters
- Number Manipulation and Routing Parameters
- E1/T1 Configuration Parameters
- Channel Parameters
- Configuration Files Parameters
- 7. Using BootP / DHCP
- 8. Telephony Capabilities
- Working with Supplementary Services
- Configuring the DTMF Transport Types
- Fax & Modem Transport Modes
- Event Notification using X-Detect Header
- ThroughPacket™
- Dynamic Jitter Buffer Operation
- Configuring the Gateway’s Alternative Routing (based on Conn
- Call Detail Report
- Supported RADIUS Attributes
- Trunk to Trunk Routing Example
- Proxy or Registrar Registration Example
- SIP Call Flow Example
- SIP Authentication Example
- 9. Networking Capabilities
- 10. Advanced PSTN Configuration
- 11. Advanced System Capabilities
- 12. Special Applications
- 13. Security
- 14. Diagnostics
- 15. SNMP-Based Management
- SNMP Standards and Objects
- Carrier Grade Alarm System
- Cold Start Trap
- Third-Party Performance Monitoring Measurements
- TrunkPack-VoP Series Supported MIBs
- Traps
- SNMP Interface Details
- SNMP Manager Backward Compatibility
- Dual Module Interface
- SNMP NAT Traversal
- SNMP Administrative State Control
- AudioCodes’ Element Management System
- 16. Configuration Files
- Appendix A. Selected Technical Specifications
- Appendix B. Supplied SIP Software Kit
- Appendix C. SIP Compliance Tables
- Appendix D. The BootP/TFTP Configuration Utility
- Appendix E. RTP/RTCP Payload Types and Port Allocation
- Appendix F. RTP Control Protocol Extended Reports (RTCP-XR)
- Appendix G. Accessory Programs and Tools
- Appendix H. Release Reason Mapping
- Appendix I. SNMP Traps
- Appendix J. Installation and Configuration of Apache HTTP Server
- Appendix K. Regulatory Information
Mediant 2000 & TP-1610 & TP-260
SIP User's Manual 296 Document #: LTRT-68805
Figure 13-13: Example of a Dictionary File for FreeRADIUS (FreeRADIUS Client Configuration)
#
# AudioCodes VSA dictionary
#
VENDOR AudioCodes 5003
ATTRIBUTE ACL-Auth-Level 35 integer AudioCodes
VALUE ACL-Auth-Level ACL-Auth-UserLevel 50
VALUE ACL-Auth-Level ACL-Auth-AdminLevel 100
VALUE ACL-Auth-Level ACL-Auth-SecurityAdminLevel 200
3. In the RADIUS server, define the list of users authorized to use the gateway, using
one of the password authentication methods supported by the server implementation.
The following example shows a user configuration file for FreeRADIUS using a plain-
text password.
Figure 13-14: Example of a User Configuration File for FreeRADIUS Using a Plain-Text
Password
# users - local user configuration database
john Auth-Type := Local, User-Password == "qwerty"
Service-Type = Login-User,
ACL-Auth-Level = ACL-Auth-SecurityAdminLevel
larry Auth-Type := Local, User-Password == "123456"
Service-Type = Login-User,
ACL-Auth-Level = ACL-Auth-UserLevel
4. Record and retain the IP address, port number, ’shared secret’, vendor ID and VSA
access level identifier (if access levels are used) used by the RADIUS server.
5. Configure the gateway’s relevant parameters according to Section 13.4.2 below.
13.4.2 Configuring RADIUS Support
For information on the RADIUS parameters, refer to Table 6-5 on page 147.
¾ To configure RADIUS support on the gateway via the Embedded
Web Server, take these 13 steps:
1. Access the Embedded Web Server (Section 5.3 on page 58).
2. Open the ‘General Security Settings’ screen (Advanced Configuration menu >
Security Settings > General Security Settings option); the ‘General Security
Settings’ screen is displayed.
3. Under section ‘General RADIUS Settings’, in the field ‘Enable RADIUS Access
Control’, select ‘Enable’; the RADIUS application is enabled.
4. In the field ‘Use RADIUS for Web / Telnet Login’, select ‘Enable’; RADIUS
authentication is enabled for Web and Telnet login.
5. Enter the RADIUS server IP address, port number and shared secret in the relevant
fields.
6. Under section ‘RADIUS Authentication Settings’, in the field ‘Device Behavior Upon
RADIUS Timeout’, select the gateway’s operation if a response isn’t received from the
RADIUS server after the 5 seconds timeout expires:
• Deny Access: gateway denies access to the Web and Telnet embedded servers.
• Verify Access Locally: gateway checks the local username and password.