Configuring SBC User Information

The SBC User Information table lets you configure up to 50,000 SBC users.

You can use the table for the following:

Registering each user to an external registrar server.
Authenticating (for any SIP request and as a client) each user if challenged by an external server.
Authenticating as a server incoming user requests (for SBC security).

If the device registers on behalf of users and the users don't perform registration, any SIP request destined to the user is routed to the Proxy Set associated with the user’s IP Group.

You can also enable the Registration Synchronization feature (see [RegistrationSyncMode] parameter). This feature synchronizes the registration process for users configured in the SBC User Information table and Accounts configured in the Accounts table (see Configuring Registration Accounts) that register to the same proxy server (Serving IP Group). If an Account or user receives a timeout (configured by [SipT1Rtx], [SipT2Rtx], or [SIPMaxRtx] parameters) or response failure (e.g., SIP 403) for a sent SIP REGISTER request, the device stops sending REGISTER messages for all Accounts and users associated with this same proxy server. The Account or user that first detected the no response (or failure) is considered the lead Account or user. Only this Account or user continues registering to the proxy server. When this Account or user receives a successful response from the proxy server, the device resumes the registration process for all the other Accounts and users associated with the same proxy server.

The SBC User Information table can be configured using any of the following methods:

Web interface (see Configuring SBC User Info Table through Web Interface)
CLI (see Configuring SBC User Info Table through CLI)
Loadable User Information file (see Configuring SBC User Info Table in Loadable Text File)
For the SBC User Information feature, the device's License Key must include the license "Far End Users (FEU)", which specifies the maximum number of supported far-end users. If no far-end users are licensed, then this feature cannot be used.
If you configure the device to authenticate as a server, for incoming SIP requests from users of a specific User-type IP Group, the device authenticates the users using the username and password configured in the IP Group's 'Username As Server' and 'Password As Server' parameters. However, if the user appears in the SBC User Information table and configured with a username and/or password, then the device authenticates the user with the credentials in the table. To enable the device to authenticate as a server, configure the IP Group's 'Authentication Mode' parameter to SBC as Server.