D 14049.01
07.2007
35
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Text goes here
Introduction
Getting
Started
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
H.323 & SIP
Configuration
SIP protocols and ports
The VCS supports SIP over UDP, TCP and TLS transport protocols. You can configure whether or
not incoming calls using each protocol are supported, and if so, the ports on which the VCS will
listen for such calls.
Using the VCS as a SIP Registrar
In order for a SIP endpoint to be contactable via its registered alias, it must register its location
with a SIP Registrar. The VCS can act as a SIP Registrar for up to 20 domains.
SIP aliases always take the form username@domain. To enable the VCS to act as a SIP Registrar,
you must configure it with the SIP Domain(s) for which it will be authoritative. It will then accept
registration requests for any endpoints attempting to register with an alias that includes that
domain.
If no Domains are configured, then the VCS will not act as a SIP Registrar.
Proxying Registration Requests
If the VCS has no domains configured, or it receives a registration request for a domain for which
it is not acting as a Registrar, then the VCS may proxy the registration request. This depends on
the SIP Registration Proxy Mode setting, as follows;
Off: the VCS will not proxy any registration requests. The request will be rejected with a “403
Forbidden” message.
Proxy to Known Only: the VCS will proxy the registration request but only to its neighbors.
Proxy to any: the VCS will proxy the registration requests in accordance with its call policy (e.g.
administrator policy and transforms). See Call Processing for more information.
•
•
•
About SIP on the VCS
The VCS supports the SIP protocol: it is both a SIP Proxy and SIP Registrar, and will provide
interworking between SIP and H.323 calls. In order to support SIP, SIP mode must be enabled
and at least one of the SIP transport protocols must be active.
Using the VCS as a SIP Proxy Server
When in SIP mode, the VCS may act as a SIP Proxy Server. The role of a Proxy Server is to forward
requests (such as REGISTER and INVITE) from endpoints or other Proxy Servers. These requests
are forwarded on to other Proxy Servers or to the destination endpoint.
Whether or not the VCS acts as a SIP Proxy Server, and its exact behavior when proxying requests,
is determined by the SIP Registration Proxy Mode setting. This in turn depends on the presence
of Route Set information in the request header and whether or not the Proxy Server from which the
request was received is a Neighbor of the VCS.
A Route Set can specify the path that must be taken when requests are being proxied between
an endpoint and its Registrar. For example, when a REGISTER request is proxied by a VCS, the
VCS adds a Path header component to the request which signals that the VCS must be included
on any call to that endpoint. The information is usually required in situations where firewalls exist
and the media must follow a specified path in order to successfully traverse the firewall. For more
information about the path header field, see RFC 3327 [10].
When the VCS proxies a request that contains existing Route Set information, it will forward it
directly to the URI specified in the path. Any call policy configured on the VCS will therefore be
bypassed. This may present a security risk if the information in the Route Set cannot be trusted.
For this reason, you can configure the VCS with three different behaviors when proxying requests,
as follows:
If the SIP Registration Proxy Mode setting is Off, the VCS will not proxy any requests that have
an existing Route Set. Requests that do not have an existing Route Set will still be proxied in
accordance with existing call policy (e.g. zone searches and transforms). This setting provides
the highest level of security.
If the setting is Proxy to Known Only, the VCS will proxy requests with an existing Route Set
only if the request was received from a Neighbor zone (including Traversal Client and Traversal
Server zones). Requests that do not have an existing Route Set will be proxied in accordance
with existing call policy.
If the setting is Proxy to any, the VCS will proxy all requests. Those with existing Route Sets
will be proxied to the specified URI; those without will be proxied in accordance with existing
call policy.
•
•
•
SIP Registration Expiry
SIP endpoints must periodically re-register with the SIP Registrar in order to prevent their
registration expiring. You can determine the interval with which SIP endpoints must register with
the VCS.
SIP Overview
Working with SIP
This setting also impacts the VCS’s behavior when acting as a SIP Proxy Server.
This setting applies only when the VCS is acting as a SIP Registrar, and to endpoints
registered with the VCS. It does not apply to endpoints whose registrations are being
proxied through the VCS.
At least one of these protocols must be set to a Mode of On in order for SIP functionality to
be supported.