config voip profile
Configure VoIP profiles.
config voip profile
Description: Configure VoIP profiles.
edit <name>
set comment {var-string}
config sip
Description: SIP.
set status [disable|enable]
set rtp [disable|enable]
set nat-port-range {user}
set open-register-pinhole [disable|enable]
set open-contact-pinhole [disable|enable]
set strict-register [disable|enable]
set register-rate {integer}
set invite-rate {integer}
set max-dialogs {integer}
set max-line-length {integer}
set block-long-lines [disable|enable]
set block-unknown [disable|enable]
set call-keepalive {integer}
set block-ack [disable|enable]
set block-bye [disable|enable]
set block-cancel [disable|enable]
set block-info [disable|enable]
set block-invite [disable|enable]
set block-message [disable|enable]
set block-notify [disable|enable]
set block-options [disable|enable]
set block-prack [disable|enable]
set block-publish [disable|enable]
set block-refer [disable|enable]
set block-register [disable|enable]
set block-subscribe [disable|enable]
set block-update [disable|enable]
set register-contact-trace [disable|enable]
set open-via-pinhole [disable|enable]
set open-record-route-pinhole [disable|enable]
set rfc2543-branch [disable|enable]
set log-violations [disable|enable]
set log-call-summary [disable|enable]
set nat-trace [disable|enable]
set subscribe-rate {integer}
set message-rate {integer}
set notify-rate {integer}
set refer-rate {integer}
set update-rate {integer}
set options-rate {integer}
set ack-rate {integer}
set prack-rate {integer}
set info-rate {integer}
set publish-rate {integer}
set bye-rate {integer}
set cancel-rate {integer}
set preserve-override [disable|enable]
set no-sdp-fixup [disable|enable]
set contact-fixup [disable|enable]
set max-idle-dialogs {integer}
set block-geo-red-options [disable|enable]
set hosted-nat-traversal [disable|enable]
set hnt-restrict-source-ip [disable|enable]
set max-body-length {integer}
set unknown-header [discard|pass|...]
set malformed-request-line [discard|pass|...]
set malformed-header-via [discard|pass|...]
set malformed-header-from [discard|pass|...]
set malformed-header-to [discard|pass|...]
set malformed-header-call-id [discard|pass|...]
set malformed-header-cseq [discard|pass|...]
set malformed-header-rack [discard|pass|...]
set malformed-header-rseq [discard|pass|...]
set malformed-header-contact [discard|pass|...]
set malformed-header-record-route [discard|pass|...]
set malformed-header-route [discard|pass|...]
set malformed-header-expires [discard|pass|...]
set malformed-header-content-type [discard|pass|...]
set malformed-header-content-length [discard|pass|...]
set malformed-header-max-forwards [discard|pass|...]
set malformed-header-allow [discard|pass|...]
set malformed-header-p-asserted-identity [discard|pass|...]
set malformed-header-sdp-v [discard|pass|...]
set malformed-header-sdp-o [discard|pass|...]
set malformed-header-sdp-s [discard|pass|...]
set malformed-header-sdp-i [discard|pass|...]
set malformed-header-sdp-c [discard|pass|...]
set malformed-header-sdp-b [discard|pass|...]
set malformed-header-sdp-z [discard|pass|...]
set malformed-header-sdp-k [discard|pass|...]
set malformed-header-sdp-a [discard|pass|...]
set malformed-header-sdp-t [discard|pass|...]
set malformed-header-sdp-r [discard|pass|...]
set malformed-header-sdp-m [discard|pass|...]
set provisional-invite-expiry-time {integer}
set ips-rtp [disable|enable]
set ssl-mode [off|full]
set ssl-send-empty-frags [enable|disable]
set ssl-client-renegotiation [allow|deny|...]
set ssl-algorithm [high|medium|...]
set ssl-pfs [require|deny|...]
set ssl-min-version [ssl-3.0|tls-1.0|...]
set ssl-max-version [ssl-3.0|tls-1.0|...]
set ssl-client-certificate {string}
set ssl-server-certificate {string}
set ssl-auth-client {string}
set ssl-auth-server {string}
end
config sccp
Description: SCCP.
set status [disable|enable]
set block-mcast [disable|enable]
set verify-header [disable|enable]
set log-call-summary [disable|enable]
set log-violations [disable|enable]
set max-calls {integer}
end
next
end
config voip profile
Parameter |
Description |
Type |
Size |
---|---|---|---|
comment |
Comment. |
var-string |
Not Specified |
config sip
Parameter |
Description |
Type |
Size |
|||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
status |
Enable/disable SIP. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
rtp |
Enable/disable create pinholes for RTP traffic to traverse firewall. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
nat-port-range |
RTP NAT port range. |
user |
Not Specified |
|||||||||||||
open-register-pinhole |
Enable/disable open pinhole for REGISTER Contact port. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
open-contact-pinhole |
Enable/disable open pinhole for non-REGISTER Contact port. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
strict-register |
Enable/disable only allow the registrar to connect. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
register-rate |
REGISTER request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
invite-rate |
INVITE request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
max-dialogs |
Maximum number of concurrent calls/dialogs (per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
max-line-length |
Maximum SIP header line length . |
integer |
Minimum value: 78 Maximum value: 4096 |
|||||||||||||
block-long-lines |
Enable/disable block requests with headers exceeding max-line-length. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-unknown |
Block unrecognized SIP requests . |
option |
- |
|||||||||||||
|
|
|||||||||||||||
call-keepalive |
Continue tracking calls with no RTP for this many minutes. |
integer |
Minimum value: 0 Maximum value: 10080 |
|||||||||||||
block-ack |
Enable/disable block ACK requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-bye |
Enable/disable block BYE requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-cancel |
Enable/disable block CANCEL requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-info |
Enable/disable block INFO requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-invite |
Enable/disable block INVITE requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-message |
Enable/disable block MESSAGE requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-notify |
Enable/disable block NOTIFY requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-options |
Enable/disable block OPTIONS requests and no OPTIONS as notifying message for redundancy either. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-prack |
Enable/disable block prack requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-publish |
Enable/disable block PUBLISH requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-refer |
Enable/disable block REFER requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-register |
Enable/disable block REGISTER requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-subscribe |
Enable/disable block SUBSCRIBE requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-update |
Enable/disable block UPDATE requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
register-contact-trace |
Enable/disable trace original IP/port within the contact header of REGISTER requests. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
open-via-pinhole |
Enable/disable open pinhole for Via port. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
open-record-route-pinhole |
Enable/disable open pinhole for Record-Route port. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
rfc2543-branch |
Enable/disable support via branch compliant with RFC 2543. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
log-violations |
Enable/disable logging of SIP violations. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
log-call-summary |
Enable/disable logging of SIP call summary. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
nat-trace |
Enable/disable preservation of original IP in SDP i line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
subscribe-rate |
SUBSCRIBE request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
message-rate |
MESSAGE request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
notify-rate |
NOTIFY request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
refer-rate |
REFER request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
update-rate |
UPDATE request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
options-rate |
OPTIONS request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
ack-rate |
ACK request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
prack-rate |
PRACK request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
info-rate |
INFO request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
publish-rate |
PUBLISH request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
bye-rate |
BYE request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
cancel-rate |
CANCEL request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
preserve-override |
Override i line to preserve original IPS . |
option |
- |
|||||||||||||
|
|
|||||||||||||||
no-sdp-fixup |
Enable/disable no SDP fix-up. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
contact-fixup |
Fixup contact anyway even if contact's IP:port doesn't match session's IP:port. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
max-idle-dialogs |
Maximum number established but idle dialogs to retain (per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
block-geo-red-options |
Enable/disable block OPTIONS requests, but OPTIONS requests still notify for redundancy. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
hosted-nat-traversal |
Hosted NAT Traversal (HNT). |
option |
- |
|||||||||||||
|
|
|||||||||||||||
hnt-restrict-source-ip |
Enable/disable restrict RTP source IP to be the same as SIP source IP when HNT is enabled. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
max-body-length |
Maximum SIP message body length (0 meaning no limit). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
unknown-header |
Action for unknown SIP header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-request-line |
Action for malformed request line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-via |
Action for malformed VIA header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-from |
Action for malformed From header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-to |
Action for malformed To header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-call-id |
Action for malformed Call-ID header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-cseq |
Action for malformed CSeq header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-rack |
Action for malformed RAck header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-rseq |
Action for malformed RSeq header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-contact |
Action for malformed Contact header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-record-route |
Action for malformed Record-Route header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-route |
Action for malformed Route header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-expires |
Action for malformed Expires header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-content-type |
Action for malformed Content-Type header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-content-length |
Action for malformed Content-Length header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-max-forwards |
Action for malformed Max-Forwards header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-allow |
Action for malformed Allow header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-p-asserted-identity |
Action for malformed P-Asserted-Identity header. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-sdp-v |
Action for malformed SDP v line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-sdp-o |
Action for malformed SDP o line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-sdp-s |
Action for malformed SDP s line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-sdp-i |
Action for malformed SDP i line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-sdp-c |
Action for malformed SDP c line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-sdp-b |
Action for malformed SDP b line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-sdp-z |
Action for malformed SDP z line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-sdp-k |
Action for malformed SDP k line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-sdp-a |
Action for malformed SDP a line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-sdp-t |
Action for malformed SDP t line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-sdp-r |
Action for malformed SDP r line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
malformed-header-sdp-m |
Action for malformed SDP m line. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
provisional-invite-expiry-time |
Expiry time for provisional INVITE . |
integer |
Minimum value: 10 Maximum value: 3600 |
|||||||||||||
ips-rtp |
Enable/disable allow IPS on RTP. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
ssl-mode |
SSL/TLS mode for encryption & decryption of traffic. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
ssl-send-empty-frags |
Send empty fragments to avoid attack on CBC IV (SSL 3.0 & TLS 1.0 only). |
option |
- |
|||||||||||||
|
|
|||||||||||||||
ssl-client-renegotiation |
Allow/block client renegotiation by server. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
ssl-algorithm |
Relative strength of encryption algorithms accepted in negotiation. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
ssl-pfs |
SSL Perfect Forward Secrecy. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
ssl-min-version |
Lowest SSL/TLS version to negotiate. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
ssl-max-version |
Highest SSL/TLS version to negotiate. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
ssl-client-certificate |
Name of Certificate to offer to server if requested. |
string |
Not Specified |
|||||||||||||
ssl-server-certificate |
Name of Certificate return to the client in every SSL connection. |
string |
Not Specified |
|||||||||||||
ssl-auth-client |
Require a client certificate and authenticate it with the peer/peergrp. |
string |
Not Specified |
|||||||||||||
ssl-auth-server |
Authenticate the server's certificate with the peer/peergrp. |
string |
Not Specified |
config sccp
Parameter |
Description |
Type |
Size |
|||||||
---|---|---|---|---|---|---|---|---|---|---|
status |
Enable/disable SCCP. |
option |
- |
|||||||
|
|
|||||||||
block-mcast |
Enable/disable block multicast RTP connections. |
option |
- |
|||||||
|
|
|||||||||
verify-header |
Enable/disable verify SCCP header content. |
option |
- |
|||||||
|
|
|||||||||
log-call-summary |
Enable/disable log summary of SCCP calls. |
option |
- |
|||||||
|
|
|||||||||
log-violations |
Enable/disable logging of SCCP violations. |
option |
- |
|||||||
|
|
|||||||||
max-calls |
Maximum calls per minute per SCCP client (max 65535). |
integer |
Minimum value: 0 Maximum value: 65535 |