Filter
Top Products
Device Authentication Call Server Configuration
Polycom, Inc. 245
When you add an external SIP peer, you can specify whether the Call Server
handles challenges (401 and 407) on behalf of the source of the call or passes
them on to the source of the call. You can also define authentication credentials
specifically for that SIP peer. See “Add External SIP Peer Dialog Box” on
page 97.
The following table describes the fields on the Device Authentication page.
Note
For H.323, when you add a neighbor gatekeeper, you can configure the system to
send its H.235 credentials when it sends address resolution requests to that
gatekeeper. See “Add External Gatekeeper Dialog Box” on page 92.
Table 10-14 Fields on the Device Authentication page
Field Description
Inbound Authentication
Enable H.323 device
authentication
Check the box and click Update to turn on H.323 device
authentication.
Enable SIP device
authentication
Check the box, configure the fields below, and click
Update to turn on SIP device authentication.
Use default realm This option, the default, sets the realm for the Call
Server to the cluster’s domain as specified on the
Network Settings page (allowing each cluster of a
supercluster to have its own realm). If no domain is
specified on the Network Settings page, the default
realm value is
sip.dma
.
Clear the check box to change the string in the Realm
field.
Realm The realm string in an authentication challenge tells the
challenged device the protection domain for which it
must provide credentials.
Generally, it includes the domain label of the Call
Server. See RFC 2617 and RFC 3261.
If you specify a realm instead of using the default, the
realm you specify is used for all clusters in the
supercluster.
Enable proxy
authentication
Configures the Call Server to respond to
unauthenticated requests with 407 (Proxy
Authentication Required).
If turned off, the Call Server responds to
unauthenticated requests with 401 (Unauthorized).
Authentication valid
time (seconds)
Specifies the time period within which the Call Server
doesn’t re-challenge a device that previously
authenticated itself.