Configuring Registration Accounts
The Accounts table lets you configure up to
The device initiates registration with a "serving" IP Group on behalf of the "served" IP Group. Therefore, Accounts are typically required when the "served" IP Group is unable to register or authenticate itself for whatever reason. Registration information includes username, password, host name (AOR), and contact user name (AOR). The device includes this information in the REGISTER message sent to the serving IP Group. Up to 10 Accounts can be configured per "served" IP Group. A IP Group can register to more than one IP Group (e.g., multiple ITSPs). This is done by configuring multiple entries in the Accounts table for the same served IP Group, but with different serving IP Groups, username/password, host name, and contact user values.
You cannot configure more than one Account with the same "served" IP Group and "serving" IP Group combination. For example, only one Account can be configured with the 'Served IP Group' parameter set to "Users-Boston" and the 'Serving IP Group' parameter set to "ITSP".
Authentication is typically required for INVITE messages sent to the "serving" IP Group. If the device receives a SIP 401 (Unauthorized) in response to a sent INVITE, the device checks for a matching "serving" and "served" entry in the Accounts table. If a matching row exists, the device authenticates the INVITE by providing the corresponding MD5 authentication username and password to the "serving" IP Group.
If the Account is not registered and the device receives a SIP dialog request (e.g., INVITE) from the Served IP Group, the device rejects the dialog and sends the Served IP Group a SIP 400 (Bad Request) response. An Account that is not registered can be due to any of the following reasons:
■ | You have unregistered the Served IP Group by clicking the Register button (discussed later in this section). |
■ | The Serving IP Group has rejected the registration. |
However, if the Account is not registered and you have enabled the Registrar Stickiness feature ('Registrar Stickiness' parameter is configured to Enable) or dynamic UDP port assignment feature ('UDP Port Assignment' parameter is configured to Enable) and the device receives a SIP dialog request (e.g., INVITE) from the Served IP Group, the device rejects the dialog and sends the Served IP Group a SIP 500 (Server Internal Error) response. In this scenario, the Account can be not registered due to any of the reasons listed previously or for the dynamic UDP port assignment feature, there is no available port for the Account (port used for interfacing with the Serving IP Group).
● | The device uses the username ('Username As Client' parameter) and password ('Password As Client' parameter) that are configured for the Serving IP Group in the IP Groups table, for user registration and authentication, in the scenarios listed below. For this mode of operation, configure the device to authenticate as a client (i.e., 'Authentication Mode' parameter in the IP Groups table for the Serving IP Group is SBC As Client or SBC as Both Client and Server). |
✔ | If there is no Account configured for the Served IP Group and Serving IP Group in the Accounts table. |
✔ | If there is an Account configured for the Served IP Group and Serving IP Group, but without a username and password. |
● | See also the following optional, related parameters: |
✔ | [UseRandomUser] - enables the device to assign a random string to the user part of the SIP Contact header of new Accounts. |
✔ | [UnregisterOnStartup] - enables the device to unregister and then re-register Accounts upon a device restart. |
✔ | [RegistrationSyncMode] - enables synchronization of all Accounts (and users in the SBC User Information table - Configuring SBC User Information Table through Web Interface) that register to the same proxy server (Serving IP Group). Upon registration failure (timeout or failure response), only the Account (or SBC User Info user) that first detected the failure, continues its attempt at registering (sending REGISTER requests) to the proxy. For more information, see the parameter's description. |
The following procedure describes how to configure Accounts through the Web interface. You can also configure it through ini file [Account] or CLI (configure voip > sip-definition account).
➢ | To configure an Account: |
1. | Open the Accounts table (Setup menu > Signaling & Media tab > SIP Definitions folder > Accounts). |
2. | Click New; the following dialog box appears: |
3. | Configure an account according to the parameters described in the table below. |
4. | Click Apply. |
Once you have configured Accounts, you can register or un-register them, as described below:
➢ | To register or un-register an Account: |
1. | In the table, select the required Account entry row. |
2. | From the Action drop-down list, choose one of the following commands: |
● | Register to register the Account. |
● | Un-Register to un-register the Account. |
Accounts Table Parameter Descriptions
Parameter |
Description |
|||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
General | ||||||||||||||||||||||||||||||||||||||||||||||
'Index' |
Defines an index for the new table row. Note: Each row must be configured with a unique index. |
|||||||||||||||||||||||||||||||||||||||||||||
'Name' account-name [Account_AccountName] |
Defines an arbitrary name to easily identify the row. The valid value is a string of up to 20 characters. Note: Configure each row with a unique name. |
|||||||||||||||||||||||||||||||||||||||||||||
'Application Type' application-type [Account_ApplicationType] |
Defines the application type:
|
|||||||||||||||||||||||||||||||||||||||||||||
'Served IP Group' served-ip-group-name [Account_ServedIPGroupName] |
Defines the IP Group (e.g., IP-PBX) that you want to register and/or authenticate upon its behalf. Note:
|
|||||||||||||||||||||||||||||||||||||||||||||
'Serving IP Group' serving-ip-group-name [Account_ServingIPGroupName] |
Defines the IP Group (Serving IP Group) to where the device sends the SIP REGISTER requests (if enabled) for registration and authentication (of the Served IP Group). Note:
|
|||||||||||||||||||||||||||||||||||||||||||||
'Host Name' host-name [Account_HostName] |
Defines the Address of Record (AOR) host name. The host name appears in SIP REGISTER From/To headers as ContactUser@HostName. For a successful registration, the host name is also included in the URI of the INVITE From header. The valid value is a string of up to 49 characters. Note: If the parameter is not configured or if registration fails, the 'SIP Group Name' parameter value configured in the IP Groups table is used instead. |
|||||||||||||||||||||||||||||||||||||||||||||
'Contact User' contact-user [Account_ContactUser] |
Defines the AOR username. This appears in SIP REGISTER From/To headers as ContactUser@HostName, and in INVITE/200 OK Contact headers as ContactUser@<device's IP address>. The valid value is a string of up to 60 characters. By default, no value is defined. Note:
|
|||||||||||||||||||||||||||||||||||||||||||||
'Register' register [Account_Register] |
Enables registration.
Note:
|
|||||||||||||||||||||||||||||||||||||||||||||
'Registrar Stickiness' registrar-stickiness [Account_RegistrarStickiness] |
Enables the Registrar Stickiness feature.
Note:
|
|||||||||||||||||||||||||||||||||||||||||||||
'Registrar Search Mode' registrar-search-mode [Account_RegistrarSearchMode] |
Defines the method for choosing an IP address (registrar) in the Proxy Set (associated with the Serving IP Group) to which the Account initially registers and performs registration refreshes, when the Register Stickiness feature is enabled. Once chosen, the Account is binded to the IP address for subsequent SIP requests.
If the device's physical Ethernet link to the proxy goes down, the device re-registers this Account with the proxy when the link comes up again. Re-registration occurs even if proxy keep-alive is disabled. Note: This option is applicable only if you have configured the following:
Note:
For example: Assume the Account is configured with 'Registrar Search Mode' set to Avoid Previous Registrar Until Expiry and the global parameter [AccountRegistrarAvoidanceTime] set to 180 seconds (3 minutes). In addition, the Account's 'Serving IP Group' uses a Proxy Set with three proxy server IPs (X, Y, Z; each proxy has a different priority) and uses the Homing mode. The following describes the timeline sequence of events:
|
|||||||||||||||||||||||||||||||||||||||||||||
'Re-REGISTER on INVITE Failure' re-register-on-invite-failure [Account_ReRegisterOnInviteFailure] |
Enables the device to re-register an Account upon the receipt of specific SIP response codes (e.g., 403, 408, and 480) for a failed INVITE message sent to the Serving IP Group.
|
|||||||||||||||||||||||||||||||||||||||||||||
'Reg Event Package Subscription' reg-event-package-subscription [Account_RegEventPackageSubscription] |
Enables the device to subscribe to the registration event package service (as defined in RFC 3680) with the registrar server (Serving IP Group) to which the Account is successfully registered and binded, when the Registrar Stickiness feature is enabled. The service allows the device to receive notifications of the Accounts registration state change with the registrar. The device subscribes to the service by sending a SUBSCRIBE message containing the Event header with the value "reg" (Event: reg). Whenever a change occurs in the registration binding state, the registrar notifies the device by sending a SIP NOTIFY message.
Note: The parameter is applicable only if you have enabled the Registrar Stickiness feature (in this table):
|
|||||||||||||||||||||||||||||||||||||||||||||
'Register by Served IP Group Status' reg-by-served-ipg-status [Account_RegByServedIPG] |
Defines the device's handling of Account registration based on the connectivity status of the Served IP Group.
The Served IP Group's connectivity status is determined by the keep-alive mechanism of its associated Proxy Set (i.e., the 'Proxy Keep-Alive' parameter is configured to Using OPTIONS, Using OPTIONS on Active Server or Using Fake REGISTER). |
|||||||||||||||||||||||||||||||||||||||||||||
'UDP Port Assignment' udp-port-assignment [Account_UDPPortAssignment] |
Enables the device to dynamically allocate local SIP UDP ports to Accounts using the same Serving IP Group, where each Account is assigned a unique port on the device's leg interfacing with the Accounts' Serving IP Group.
Note:
|
|||||||||||||||||||||||||||||||||||||||||||||
'Account Registration Status' |
(Read-only field) Displays the registration status of the Account ("Registered" or "Not Registered"). You can also view Account registration status on the Registration Status page (see Viewing Registration Status). |
|||||||||||||||||||||||||||||||||||||||||||||
Credentials |
||||||||||||||||||||||||||||||||||||||||||||||
'User Name' user-name [Account_Username] |
Defines the digest MD5 Authentication username. The valid value is a string of up to 60 characters. By default, no value is defined. |
|||||||||||||||||||||||||||||||||||||||||||||
'Password' password [Account_Password] |
Defines the digest MD5 Authentication password. The valid value is a string of up to 50 characters. Note:
|