12-4 H.323 Gateways

Previous page
Table of content
Next page

  • An H.323 gateway is a device that provides communication between H.323 devices and other non-H.323 devices.

  • An H.323 gatekeeper is a device that provides address translation (E.164 to IP address) and controls access to H.323 resources on the network. Gatekeepers provide Registration, Admission, and Status (RAS), registering and approving H.323 calls according to policies or available resources.

  • A gateway can use AAA to authenticate callers (see Section 12-6) and generate call activity accounting records.

  • A gateway can use H.235 security to provide MD5 encryption to the gatekeeper for caller authentication, RAS message exchange, call settlement (track and return accounting data for billing purposes), and call metering ( prepaid call admission and control).

Configuration

  1. Configure the H.323 gateway.

    1. Enable the gateway process: 

       (global)  gateway

    2. Enable the gateway on an interface: 

       (interface)  h323-gateway voip interface

      The H.323 gateway is configured once on a router, using a specific interface. Usually, a LAN interface (Ethernet, for example) or a loopback interface is used.

    3. (Optional) Bind a specific interface IP address to the gateway: 

       (interface)  h323-gateway voip bind srcaddr   ip-address

      By default, the gateway uses a source address obtained from the interface on which it is configured. If the interface has several secondary IP addresses, one of the addresses can be bound to the gateway. In other scenarios, the gateway might be configured on a loopback interface. The IP address of a physical LAN interface can be bound to the gateway instead so that all H.323 messages use it as a source address.

    4. (Optional) Name the gateway on an interface: 

       (interface)  h323-gateway voip h323-id   interface-id

      The gateway can be configured with a name that is used when communicating with the gatekeeper. The name, interface-id, can be set per interface. It is usually of the form name@domain-name, where name is the name of the gateway and domain-name is the domain used by the gatekeeper.

    5. (Optional) Use a technology prefix: 

       (interface)  h323-gateway voip tech-prefix   prefix

      The technology prefix (up to 11 characters , containing 0 to 9, pound [#], and star [*]) can be arbitrarily chosen to flag the gatekeeper that a call needs a certain technology. Technologies are defined on the gatekeeper.

    6. (Optional) Identify the gatekeeper: 

       (interface)  h323-gateway voip id   gatekeeper-id  {  ipaddr   ip-address  [  port-number  ]  multicast  } [  priority   number  ]

      The gateway uses the gatekeeper identified by name and address for H.323 functions. The gatekeeper's name is given as gatekeeper-id, the H.323 name that the gatekeeper is known by (usually name.domain-name ). To find the gatekeeper, the gateway can use its ip-address and an optional port-number. Otherwise, the gateway can use a multicast to 224.0.1.41 to find a gatekeeper. Multiple gatekeepers (currently up to two) can be identified, each given a priority of number (1 to 127; the default is 127).

  2. (Optional) Use RAS with a gatekeeper: 

     (interface)  session-target ras

    The gatekeeper associated with the interface will be used for all E.164-to-IP address translation and RAS functions.

  3. (Optional) Use AAA accounting to record call activity.

    1. Configure AAA accounting with a RADIUS server, according to Section 13-2.

    2. Enable gateway H.323 accounting: 

       (global)  gw-accounting  {  h323  [  vsa  ]  syslog   voip  }

      The gateway can generate call accounting information through h323 (standard H.323 accounting using IETF RADIUS attributes; vsa uses vendor-specific attributes), syslog (system logging facility), or voip (generic accounting).

    3. Specify an AAA method list for H.323 accounting: 

       (global)  aaa accounting connection h323 start-stop radius

      The gateway sends AAA accounting records for H.323 calls to the RADIUS server. Start and stop messages are sent to flag the beginning and end of a call connection.

  4. (Optional) Use H.235 gateway security.

    1. Configure Network Time Protocol (NTP) on all H.323 gateways and gatekeepers for consistent time-stamping. (See Section 1-4 for further information.)

    2. Enable H.235 security on the gateway: 

       (gateway)  security password   password   level  {  endpoint   per-call   all  }

      The password field specifies a key that is used for MD5 encryption on the gateway. The level keyword is used to define the level of security desired: endpoint (all RAS messages from the gateway will be validated ), per-call (validation on admission messages from H.323 devices to the gateway; the caller is prompted for an account number and PIN), or all (a combination of endpoint and per-call ).

    3. Configure Interactive Voice Response (IVR).

      See Section 12-6 for further information. In particular, you need to use one of these TCL IVR scripts for account number and PIN prompting:

      • voip_auth_acct_pin_dest.tcl

      • voip_auth_acct_pin_dest_2.tcl


Previous page
Table of content
Next page
Cisco Field Manual[c] Router Configuration
Cisco Field Manual[c] Router Configuration
ISBN: 1587050242
EAN: N/A
Year: 2005
Pages: 185
BUY ON AMAZON
MySQL Stored Procedure Programming
CompTIA Project+ Study Guide: Exam PK0-003
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
C++ How to Program (5th Edition)
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy