Profile
profile
| Name | Data | Possible Values | Description |
|---|---|---|---|
outbound-proxy |
Type
Default
|
Rules
|
Outbound Proxy Optional outbound proxy |
remove-contact-from-route |
Type
Default
|
Rules
Values
|
Do not Append Contact to UAS Route By default sip call with Record-Route headers is received, any outgoing new transaction from the SBC will include the received contact header value as last Route which can break interoperability with some proxies. Setting thsi option will prevent the SBC from doing that. |
enable-3pcc |
Type
Default
|
Rules
Values
|
3PCC Enable processing of 3PCC (third party call control) to allow processing INVITE messages without an SDP |
auth-calls-by-network-address |
Type
Default
|
Rules
Values
|
Network Validation ACL Network Validation ACL: object(stdClass)#700 (1) { ["IP address"]=> string(83) "Network IP address of registered endpoints will be used to validate incoming calls." } object(stdClass)#701 (1) { ["IP Address + Port"]=> string(84) "Network IP and PORT of registered endpoints will be used to validate incoming calls." } |
max-sip-request-length |
Type
Default
|
Rules
|
Maximum SIP Request URI Length Maximum length of Request URI. |
TLS/tls-version |
Type
Default
|
Rules
Values
|
TLS Version The version being used by SSL/TLS |
lync-interop |
Type
Default
|
Rules
Values
|
Lync Interoperability Enable or disable settings for Lync interoperability. |
always-add-mode-to-sdp |
Type
Default
|
Rules
Values
|
Always add media mode to outgoing SDP
By default when session level media mode is equal to media line level media mode, the a= from the outgoing SDP. Setting this parameter to true will alter that behavior and force to always print the
m= |
call-routing |
Type
Default
|
Rules
Values
|
Routing Plan XML routing plan for all incoming calls received in this SIP profile. |
srtp/crypto-optional-mki-length-string |
Type
Default
|
Rules
Values
|
Crypto MKI Length The MKI length is the size of the MKI field in the SRTP packet. |
TLS/tls-sip-port |
Type
Default
|
Rules
|
TLS Port TCP Port required for secure SIP signalling |
load-limit-reject-cause |
Type
Default
|
Rules
|
Reject Response Code Reject calls based on the SIP Response. |
auth-all-packets |
Type
Default
|
Rules
Values
|
Authenticate Requests Enable or Disable authentication on all incoming requests. |
srtp/support-sdp-secure-avp |
Type
Default
|
Rules
Values
|
Secure AVP This option breaks RFC 3711 and is only valid when Lync Interoperability is enabled.
When this option is enabled, SDP media lines will use RTP/AVP even when SRTP is enabled and an a=crypto line will be added as usual for SRTP sessions.
The standard RTP/SAVP profile will not be used for SDP secure media lines when this option is enabled.
|
ingress |
Type
Default
|
Rules
Values
|
Ingress |
egress |
Type
Default
|
Rules
Values
|
Egress |
ext-rtp-ip |
Type
Default
|
Rules
|
External RTP IP address An IP address string such as '200.1.2.4' The specified IP will be used as the advertised address in the SDP payload
Gateway will use uPNP or NAT-PMP to discover the public IP address it should use
Gateway will use the specified STUN server to discover the public IP address
Gateway will resolve the given host name to find out the IP address to use (useful for dynamic DNS) |
strict-security |
Type
Default
|
Rules
Values
|
Strict Security Enable or Disable strict security on the sip profile. When strict security is enabled on a sip profile, all traffic from non whitelisted and/or registered ip addresses, on that sip profile, will be blocked. This means that with this feature enabled you need to assign ACLs or register endpoints in order to be able to make calls through the profile. |
disable-rtp-auto-adjust |
Type
Default
|
Rules
Values
|
RTP Auto Adjust This option enables the RTP auto-adjust feature used to detect RTP streams coming from hosts behind NAT. |
inbound-media-profile |
Type
Default
|
Rules
Values
|
Inbound Media Profile Media profile that will be used on all incoming calls. |
allow-private-wire-info |
Type
Default
|
Rules
Values
|
Allow Privite Wire Info Enable or Disable allowing private wire info messages. |
fqdn-in-contact |
Type
Default
|
Rules
|
FQDN in Contact Header Use FQDN instead of IP address in Contact Header. |
sip-ip |
Type
Default
|
Rules
Values |
SIP IP Address IP Address being used for SIP signalling. |
rtp-ip |
Type
Default
|
Rules
Values
|
RTP IP address This is the RTP IP to be used for the RTP network connection.
If left '(SIP Profile)', the same IP address used for the signaling will be used for RTP.
If RTP is handled via exposed hardware (ie 'exposed' media mode) this parameter is ignored. |
transport |
Type
Default
|
Rules
Values
|
Transport Transport type being used for SIP. |
load-limit-cause-string |
Type
Default
|
Rules
|
Reject Message Reject calls based on the string provided. |
TLS/certificate |
Type
Default
|
Rules
Values
|
TLS Certificate |
enable-load-limit |
Type
Default
|
Rules
Values
|
Enable Load Limiting Enable or Disable Load Limiting on this SIP Profile |
send-display-update |
Type
Default
|
Rules
Values
|
Send Display Update Send Display Update
When this option is disabled, Display Caller/Callee ID Updates will not be handled |
rtcp-audio-interval-msec |
Type
Default
|
Rules
|
RTCP Interval RTCP reports interval in msec. |
inbound-bypass-media |
Type
Default
|
Rules
Values
|
Inbound Bypass Media Disable SDP parsing and bypass the SDP offer/answer payloads for incoming calls (This disables transcoding) |
enable-100rel |
Type
Default
|
Rules
Values
|
100 Reliability SIP provisional message reliability. |
strict-sdp-parsing |
Type
Default
|
Rules
Values
|
Strict SDP Parsing Enable strict SDP parsing
When this option is enabled, the SDP contents will be strictly checked for compliance with RFC 4566 and any SDP contents in SIP messages that do not conform will be rejected. For interoperability with broken equipment it's sometimes desirable to relax the parser to tolerate minor deviations from the RFC. In such cases you can disable this option. |
rtp-timeout-sec |
Type
Default
|
Rules
|
RTP Timeout RTP Timeout in seconds. If 0 is specified, timeout is disabled. |
accept-blind-auth |
Type
Default
|
Rules
Values
|
Accept Blind Authentication Warning: If set to enable, all authentication requests will be granted without checking. |
srtp/force-outbound-secure-rtp |
Type
Default
|
Rules
Values
|
Force outbound Secure RTP
Force outbound leg INVITE to include secure rtp offer irrespective of inbound leg media. |
pass-callee-id |
Type
Default
|
Rules
Values
|
To pass Callee ID Enable Pass callee ID
Disable by setting it to false if you encounter something that your gateway for some reason hates X-headers that it is supposed to ignore. When this option is disabled, X-FS-Support header is removed from INVITE and sip messages X-FS-Support header for sip messages. |
outbound-media-profile |
Type
Default
|
Rules
Values
|
Outbound Media Profile Media profile that will be used on all outgoing calls. |
full-id-in-dialplan |
Type
Default
|
Rules
Values
|
Always Use Full Identification Always use user@domain format when routing the call. |
auth-calls |
Type
Default
|
Rules
Values
|
Authenticate Calls Enable or Disable authentication on all incoming calls. |
session-timeout |
Type
Default
|
Rules
|
Session Expires Value in seconds for the Session-Expires header to be used in session expiration requests. |
apply-nat-acl |
Type
Default
|
Rules
Values
|
NAT ACL Apply a given network ACL to the host IP of the Contact: header in SIP requests to determine if a host is behind NAT |
NDLB-force-rport |
Type
Default
|
Rules
Values
|
Symmetric Response Routing Controls RFC3581 (Symmetric Response Routing) behavior
If 'Enable' is selected, RFC3581 will be followed according to the specification Selecting any of the other options is only advisable when this SIP profile will be used to connect with user agents that are known to have issues with RFC3581 or lack support for it (ie: Polycom) and they are known to be behind some sort of firewall or NAT device (ie remote employees)
If 'Disable' is selected, RFC3581 support will be completely disabled Outbound requests will not contain the Via rport parameter and responses will be routed back to the port specified in the topmost Via header of the request even if the rport Via parameter was specified in the request by the client (this helps with devices that have problems processing or ignoring the Via rport parameter or when you want to disable the RFC3581 behavior even if a client requests it or a server supports it)
If 'Force Always' is selected, RFC3581 support will be always forced even if client does not request it Outbound requests will contain the Via rport parameter and UDP responses will be routed back to the network source port of the client even when no Via rport parameter was specified in the request by the client. This effectively forces RFC3581 behavior even if not requested This is non-RFC compliant but helps with devices behind NAT that do not implement RFC3581 but still need the SBC to provide that functionality to route responses through NAT or firewall devices * This option may break communications if used when requests come through a SIP proxy or user agents that are not behind a firewall or NAT device
If 'Auto Force' is selected, RFC3581 support will be forced on particular user agents known to be problematic This option is equivalent to 'Force' except that it will force it only for inbound requests with a User-Agent header such as Polycom or other known problematic user agents without RFC3581 support * This option may break communications if used when requests come through a SIP proxy
If 'Client Only' is selected, RFC3581 behavior is followed only for outbound requests Outbound requests will contain the Via rport parameter and responses will still be routed back to the port specified in the topmost Via header of the request (non-RFC3581 behavior) even if the rport Via parameter was specified in the request by the client This is non-RFC complaint but helps with clients that have issues/bugs with their RFC3581 This effecitvely disabling RFC3581 for inbound requests only
If 'Server Only' is selected, RFC3581 behavior is followed only for inbound requests Outbound requests will not contain the Via rport parameter but responses will be routed back to the network source port when the client specifies the Via rport parameter in their request This is effectively disabling RFC3581 for outbound requests only |
max-sessions |
Type
Default
|
Rules
|
Max Concurrent SIP Sessions Maximum number of concurrent sessions that will be accepted in this profile. Unlimited if not specified. |
timer-T2 |
Type
Default
|
Rules
|
SIP T2 Timer SIP T2 Timer |
srtp/crypto-optional-lifetime |
Type
Default
|
Rules
Values
|
Crypto Life Time Number of packets the SRTP crypto master key is valid for (RFC4568 lifetime optional sdp parameter). |
allow-asymmetric-dynamic-payload-type |
Type
Default
|
Rules
Values
|
Allow Asymmetric Dynamic Payload Type Allow or Disallow Asymmetric Dynamic Payload Type. |
TLS/enable-secure-media |
Type
Default
|
Rules
Values
|
Secure RTP Enable or Disable Secure RTP. |
TLS/tls-verify-policy |
Type
Default
|
Rules
Values
|
Certificate Verification Policy Enable certificate verification policy on incoming, outgoing, or all connections. Can be disabled by selecting No Verification |
sip-trace |
Type
Default
|
Rules
Values
|
SIP Trace Enable or Disable SIP messages tracing. |
notify-refer-on-final-rsp |
Type
Default
|
Rules
Values
|
Notify REFER on Final Response Whether to determine REFER result base on final response. This applies only if a new call leg is created to the referee. |
TLS/tls-verify-date |
Type
Default
|
Rules
Values
|
Certificate Date Verification Enable or Disable certificate date verification. |
manual-redirect |
Type
Default
|
Rules
Values
|
Manual Redirect Routing If enabled, all SIP 30X responses (Redirect Responses) will cause a new routing request to your dialplan. If disabled, the SBC will try to follow the Redirect request as-is automatically
The routing plan used is determined by the contents of the channel variable "sip_redirect_context" |
timer-T1 |
Type
Default
|
Rules
|
SIP T1 Timer SIP T1 Timer |
timer-T1X64 |
Type
Default
|
Rules
|
SIP T1X64 Timer SIP T1X64 Timer |
minimum-session-expires |
Type
Default
|
Rules
|
Minimum Session Expires Value in seconds for the Min-SE header indicating the minimum acceptable value in seconds for the Session-Expires header. |
user-agent-string |
Type
Default
|
Rules
|
User Agent |
fail-auth-reject-cause |
Type
Default
|
Rules
|
Failed Authorization Reject Response Code Reject cause code for failed authorization |
sip-capture |
Type
Default
|
Rules
Values
|
SIP Capture Enable or Disable SIP meessage capture on HEP server. HEP server MUST be configured to be able to enable this feature |
talk-hold-events-allowed |
Type
Default
|
Rules
Values
|
Support talk and hold events Enable talk and hold events
When this option is enabled, talk and hold events will be advertised in Allowed-Events header for sip messages. |
domains |
Type
Default
|
domains |
|
siprelay |
Type
Default
|
Rules
Values
|
SIP Message Routing |
timer-T4 |
Type
Default
|
Rules
|
SIP T4 Timer SIP T4 Timer |
rtp-tos-value |
Type
Default
|
Rules
|
RTP TOS Value DiffServ integer value (0-255) for the RTP packets (this is the old TOS IP header value). You can use this to set TOS values as well. |
sip-port |
Type
Default
|
Rules
|
Port Port being used for SIP Signalling |
display-name |
Type
Default
|
Rules
|
Display Name |
apply-register-acl |
Type
Default
|
Rules
Values |
ACL for Registration |
allow-malformed-headers |
Type
Default
|
Rules
Values
|
Allow Malformed Headers Allow receiving malformed non-critical SIP headers available in dialplan via sip_mh_[header_name] channel variable. |
enable-timer |
Type
Default
|
Rules
Values
|
SIP Session Timer Enable or Disable the SIP session timer. |
rtp-auto-local-port-renew-on-reinvite |
Type
Default
|
Rules
Values
|
Renew RTP Port On ReInvite Enable/Disable Automatic Local RTP Port Renewal On ReInvite. If enabled, when a new SDP offer is received in connected state and if media line remote IP or Port has been changed, a new local port is assigned for the RTP stream. |
ext-sip-ip |
Type
Default
|
Rules
|
External SIP IP Address An IP address string such as '200.1.2.3' SIP messages in this profile will use the specified IP address in all headers such as Contact, From, etc
Gateway will use uPNP or NAT-PMP to discover the public IP address it should use
Gateway will use the specified STUN server to discover the public IP address
Gateway will resolve the given host name to find out the IP address to use (useful for dynamic DNS) |
fail-auth-cause-string |
Type
Default
|
Failed Authorization Reject Message Reject unauthorized calls using the provided SIP response message. If left empty the default message for the given reject response code will be used. |
|
aggressive-nat-detection |
Type
Default
|
Rules
Values
|
Aggressive NAT Detection This option enables aggressive NAT detection by examining the Via headers of requests
It will determine if a given device is behind NAT if the network IP/Port from which the request was received differs from the IP/Port combination in the SIP Via: header.
It also will determine if a given device is behind NAT if the Via: header contains the 'received' parameter, regardless of what it contains. |
load-limit-low-threshold |
Type
Default
|
Rules
|
CPU Low Threshold CPU usage percentage amount that NSC will resume accepting calls. It is recommended this be 90% of the high threshold |
load-limit-high-threshold |
Type
Default
|
Rules
|
CPU High Threshold CPU usage percentage amount that NSC will start rejecting calls. |
apply-inbound-acl |
Type
Default
|
Rules
Values |
ACL for Inbound Calls |
nat-options-ping |
Type
Default
|
Rules
Values
|
Ping NAT Registrations Send OPTIONS ping requests to NATed registrations. This helps to keep firewall pinholes open even when the registration refresh timer is long |
siprelay-context |
Type
Default
|
Rules
Values
|
Unsolicited SIP Message Routing Plan Select a Unsolicited SIP Message Routing Plan. |
ignore-183nosdp |
Type
Default
|
Rules
Values
|
Ignore 183 without SDP Enable or Disable ignoring 183 messages without a specific SDP. |
srtp/require-secure-rtp |
Type
Default
|
Rules
Values
|
Require Only Secure RTP Require inbound leg INVITE to include secure rtp offer. |
TLS/tls-passphrase |
Type
Default
|
Rules
|
TLS Passphrase If this SIP Profile is using a private key with a passphrase, you can enter the passphrase here. |
siprelay-allow-methods |
Type
Default
|
Rules
Values
|
Siprelay Allow Methods Select Siprelay Allow Methods. |
enable-3pcc-relay-alerting |
Type
Default
|
Rules
Values
|
3pcc Relay Alerting |
sip-tos-value |
Type
Default
|
Rules
|
SIP TOS Value DiffServ integer value (0-255) for the signaling packets (this is the old TOS IP header value). You can use this to set TOS values as well. |
enable-request-dns-caching |
Type
Default
|
Rules
Values
|
Request SIP DNS Caching Enable SIP DNS caching. Cached value will be used on subsequent outgoing SIP Request with the same URL |