User`s manual
Table Of Contents
- Mediant 2000 & TP-1610 & TP-260/UNI SIP User’s Manual Version 5.0
- Table of Contents
- List of Figures
- List of Tables
- Notices
- 1. Overview
- 2. Physical Description
- 3. Installation
- 4. Getting Started
- 5. Web Management
- Computer Requirements
- Protection and Security Mechanisms
- Accessing the Embedded Web Server
- Getting Acquainted with the Web Interface
- Protocol Management
- Advanced Configuration
- Status & Diagnostic
- Software Update Menu
- Maintenance
- Logging Off the Embedded Web Server
- 6. Gateway's ini File Configuration
- Secured ini File
- Modifying an ini File
- The ini File Content
- The ini File Structure
- The ini File Example
- Networking Parameters
- System Parameters
- Web and Telnet Parameters
- Security Parameters
- RADIUS Parameters
- SNMP Parameters
- SIP Configuration Parameters
- Voice Mail Parameters
- ISDN and CAS Interworking-Related Parameters
- Number Manipulation and Routing Parameters
- E1/T1 Configuration Parameters
- Channel Parameters
- Configuration Files Parameters
- 7. Using BootP / DHCP
- 8. Telephony Capabilities
- Working with Supplementary Services
- Configuring the DTMF Transport Types
- Fax & Modem Transport Modes
- Event Notification using X-Detect Header
- ThroughPacket™
- Dynamic Jitter Buffer Operation
- Configuring the Gateway’s Alternative Routing (based on Conn
- Call Detail Report
- Supported RADIUS Attributes
- Trunk to Trunk Routing Example
- Proxy or Registrar Registration Example
- SIP Call Flow Example
- SIP Authentication Example
- 9. Networking Capabilities
- 10. Advanced PSTN Configuration
- 11. Advanced System Capabilities
- 12. Special Applications
- 13. Security
- 14. Diagnostics
- 15. SNMP-Based Management
- SNMP Standards and Objects
- Carrier Grade Alarm System
- Cold Start Trap
- Third-Party Performance Monitoring Measurements
- TrunkPack-VoP Series Supported MIBs
- Traps
- SNMP Interface Details
- SNMP Manager Backward Compatibility
- Dual Module Interface
- SNMP NAT Traversal
- SNMP Administrative State Control
- AudioCodes’ Element Management System
- 16. Configuration Files
- Appendix A. Selected Technical Specifications
- Appendix B. Supplied SIP Software Kit
- Appendix C. SIP Compliance Tables
- Appendix D. The BootP/TFTP Configuration Utility
- Appendix E. RTP/RTCP Payload Types and Port Allocation
- Appendix F. RTP Control Protocol Extended Reports (RTCP-XR)
- Appendix G. Accessory Programs and Tools
- Appendix H. Release Reason Mapping
- Appendix I. SNMP Traps
- Appendix J. Installation and Configuration of Apache HTTP Server
- Appendix K. Regulatory Information
SIP User's Manual 13. Security
Version 5.0 297 October 2006
7. In the field ‘Local RADIUS Password Cache Timeout’, enter a time (in seconds); when
this time expires, the username and password verified by the RADIUS server
becomes invalid and a username and password must be re-validated with the
RADIUS server.
8. In the field ‘Local RADIUS Password Cache Mode’, select the gateway’s mode of
operation regarding the above-mentioned ‘Local RADIUS Password Cache Timer’
option:
• Reset Timer Upon Access: upon each access to a Web screen, the timer resets
(reverts to the initial value configured in the previous step).
• Absolute Expiry Timer: when you access a Web screen, the timer doesn’t reset
but rather continues decreasing.
9. In the field ‘RADIUS VSA Vendor ID’, enter the vendor ID you configured in the
RADIUS server:
10. When using the Web access-level mechanism, perform one of the following options:
• When RADIUS responses include the access level attribute:
In the field ‘RADIUS VSA Access Level Attribute’, enter the code that indicates
the access level attribute in the Vendor Specific Attributes (VSA) section of the
received RADIUS packet.
• When RADIUS responses don’t include the access level attribute:
In the field ‘Default Access Level’, enter the default access level that is applied to
all users authenticated by the RADIUS server.
11. In the field ‘Require Secured Web Connection (HTTPS)’, select ‘HTTPS only’.
It is important you use HTTPS (secure Web server) when connecting to the gateway
over an open network, since the password is transmitted in clear text. Similarly, for
Telnet, use SSL ‘TelnetServerEnable = 2 (refer to Section 13.2.3 on page 291).
12. To save the changes, refer to Section 5.9.2 on page 124.
13. Reset the gateway (Section 5.9.3 on page 125).
After reset, when accessing the Web or Telnet servers, use the username and password
you configured in the RADIUS database. The local system password is still active and can
be used when the RADIUS server is down.
¾ To configure RADIUS support on the gateway using the ini file:
Add the following parameters to the ini file. For information on modifying the ini file,
refer to Section 6.2 on page 127.
• EnableRADIUS = 1
• WebRADIUSLogin = 1
• RADIUSAuthServerIP = IP address of RADIUS server
• RADIUSAuthPort = port number of RADIUS server, usually 1812
• SharedSecret = your shared secret'
• HTTPSOnly = 1
• BehaviorUponRadiusTimeout = 1
• RadiusLocalCacheMode = 1
• RadiusLocalCacheTimeout = 300
• RadiusVSAVendorID = your vendor’s ID
• RadiusVSAAccessAttribute = code that indicates the access level attribute
• DefaultAccessLevel = default access level (0 to 200)