How it Works
Dialogic
Loading...
1010
User Manual
27 pgs238.39 Kb0
Table of contents
Loading...

Dialogic 1010 User Manual

Download
Dialogic® IMG 1010/1004 Integrated Media Gateways
Radius Release 10.3.x / 10.5.x
September 2008 www.dialogic.com
Copyright and Legal Notice
Copyright © 2005-2008 Dialogic Corporation. All Rights Reserved. You may not reproduce this document in whole or in part without permission in writing from Dialogic Corporation at the address provided below.
All contents of this document are furnished for informational use only and are subject to change without notice and do not represent a commitment on the part of Dialogic Corporation or its subsidiaries (Dialogic). Reasonable effort is made to ensure the accuracy of the information contained in the document. However, Dialogic does not warrant the accuracy of this information and cannot accept responsibility for errors, inaccuracies or omissions that may be contained in this document.
INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH DIALOGIC® PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN A SIGNED AGREEMENT BETWEEN YOU AND DIALOGIC, DIALOGIC ASSUMES NO LIABILITY WHATSOEVER, AND DIALOGIC DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF DIALOGIC PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY INTELLECTUAL PROPERTY RIGHT OF A THIRD PARTY.
Dialogic products are not intended for use in medical, life saving, life sustaining, critical control or safety systems, or in nuclear facility applications.
Due to differing national regulations and approval requirements, certain Dialogic products may be suitable for use only in specific countries, and thus may not function properly in other countries. You are responsible for ensuring that your use of such products occurs only in the countries where such use is suitable. For information on specific products, contact Dialogic Corporation at the address indicated below or on the web at
http://www.dialogic.com/.
It is possible that the use or implementation of any one of the concepts, applications, or ideas described in this document, in marketing collateral produced by or on web pages maintained by Dialogic may infringe one or more patents or other intellectual property rights owned by third parties. Dialogic does not provide any intellectual property licenses with the sale of Dialogic products other than a license to use such product in accordance with intellectual property owned or validly licensed by Dialogic and no such licenses are provided except pursuant to a signed agreement with Dialogic. More detailed information about such intellectual property is available from Dialogics legal department at 9800 Cavendish Blvd., 5th Floor, Montreal, Quebec, Canada H4M 2V9.
Dialogic encourages all users of its products to procure all necessary intellectual property licenses required to implement any concepts or applications and does not condone or encourage any intellectual property infringement and disclaims any responsibility related thereto. These intellectual property licenses may differ from country to country and it is the responsibility of those who develop the concepts or applications to be aware of and comply with different national license requirements.
Any use case(s) shown and/or described herein represent one or more examples of the various ways, scenarios or
environments in which Dialogic® products can be used. Such use case(s) are non-limiting and do not represent recommendations of Dialogic as to whether or how to use Dialogic products.
Dialogic, Dialogic Pro, Brooktrout, Cantata, SnowShore, Eicon, Eicon Networks, Eiconcard, Diva, SIPcontrol, Diva ISDN, TruFax, Realblocs, Realcomm 100, NetAccess, Instant ISDN, TRXStream, Exnet, Exnet Connect, EXS, ExchangePlus VSE, Switchkit, N20, Powering The Service-Ready Network, Vantage, Making Innovation Thrive, Connecting People to Information, Connecting to Growth and Shiva, among others as well as related logos, are either registered trademarks or trademarks of Dialogic. Dialogic's trademarks may be used publicly only with permission from Dialogic. Such permission may only be granted by Dialogics legal department at 9800 Cavendish Blvd., 5th Floor, Montreal, Quebec, Canada H4M 2V9. Any authorized use of Dialogic's trademarks will be subject to full respect of the trademark guidelines published by Dialogic from time to time and any use of Dialogics trademarks requires proper acknowledgement.
Windows is a registered trademark of Microsoft Corporation in the United States and/or other countries. Other names of actual companies and products mentioned herein are the trademarks of their respective owners.
This document discusses one or more open source products, systems and/or releases. Dialogic is not responsible for your decision to use open source in connection with Dialogic products (including without limitation those referred to herein), nor is Dialogic responsible for any present or future effects such usage might have, including without limitation effects on your products, your business, or your intellectual property rights.
Please be aware that the following terminology and abbreviations are used throughout this
document
. Please also be
When used herein, the term GCEMS refers to the Dialogic
Gate Control Element Management S
ystem
Hardware Limited Warranty
Warranty for Hardware Products: Dialogic Corporation or its subsidiary that originally sold the hardware product
("Dialogic") warrants to the original purchaser of this hardware product, that at the time of delivery the hardware product supplied hereunder will be free from defects in material and workmanship. This warranty is for the standard period set out on Dialogic's website at http://www.dialogic.com/warranties and is subject to all of the terms and limitations set out
on the Dialogic website at http://www.dialogic.com/warranties.
Additional Exclusions: Dialogic will have no obligation to make repairs or replacements necessitated by your fault or
negligence, improper or unauthorized use of the product, repairs or modifications made without Dialogic's prior written approval or by causes beyond the control of Dialogic, including, but not limited to, power or air conditioning failure, acts of God, improper interface with other units, or malfunction of any equipment or software used with the Dialogic product(s). If Dialogic is requested and agrees to make repairs or replacements necessitated by any such causes, you will pay for such service or replacement at Dialogic's then prevailing rates.
No Other Warranties: DIALOGIC DISCLAIMS AND YOU WAIVE ALL OTHER WARRANTIES, EITHER EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY AGAINST LATENT DEFECTS, WITH RESPECT TO ANY DIALOGIC PRODUCT.
No Liability for Damages: IN NO EVENT SHALL DIALOGIC OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES
WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, INTERRUPTION OF ACTIVITIES, LOSS OF INFORMATION OR OTHER PECUNIARY LOSS AND DIRECT OR INDIRECT, CONSEQUENTIAL, INCIDENTAL, ECONOMIC OR PUNITIVE DAMAGES) ARISING OUT OF THE USE OF OR INABILITY TO USE ANY DIALOGIC PRODUCT.
Limitation of Liability: DIALOGIC'S MAXIMUM CUMULATIVE LIABILITY SHALL BE LIMITED TO THE AMOUNTS ACTUALLY
PAID BY YOU TO DIALOGIC FOR THE SPECIFIC PRODUCT BEING THE OBJECT OF THE CLAIM. YOU RELEASE DIALOGIC FROM ALL AMOUNTS IN EXCESS OF THE LIMITATION. YOU ACKNOWLEDGE THAT THIS CONDITION IS ESSENTIAL AND THAT DIALOGIC WOULD NOT SUPPLY TO YOU IF IT WERE NOT INCLUDED.
IMPORTANT NOTE:
sure to consult the legal notice for other important details.
When used herein, the term IMG 1010 refers to the Dialogic® IMG 1010 Integrated Media Gateway product.
When used herein, the term IMG 1004 refers to the Dialogic® IMG 1004 Integrated Media Gateway product.
When used herein, the general term IMG refers collectively or alternatively to the Dialogic® IMG 1010 and the
Dialogic® IMG 1004 Integrated Media Gateway products
®
Technical Support
Technical Support Number: 781-433-9600 Technical Support Fax: 781-449-9520
http://www.dialogic.com/
Table Of Contents
An Overview of RADIUS on the IMG....................................................................1
RADIUS Scenarios ............................................................................................5
Generic RADIUS Attributes ................................................................................7
RADIUS Call Flow: SS7 to SIP..........................................................................11
RADIUS Call Flow: SS7 to H.323 - Release from SS7 ..........................................13
Incomplete Call Behavior ................................................................................15
Configuring RADIUS .......................................................................................17
Configuring Free RADIUS using GCEMS as a RADIUS Server ................................ 21
Radius Client .................................................................................................25
Radius Server ................................................................................................29
Radius Servers...............................................................................................31
v

An Overview of RADIUS on the IMG

Topic Location: Product Description > RADIUS
Overview The IMG uses Remote Authentication Dial In User Service (RADIUS) for streaming the Call Detail Records (CDR). The implementation is compliant with RFC 2865 and RFC 2866. The RADIUS messages are sent to external RADIUS servers. The IMG RADIUS interface generates an ACCESS, a START & a STOP Request for the inbound leg and a START & STOP Request for the outbound leg of the call, as well as data associated with the INVITE, the 200 OK, the BYE and the CANCEL methods for those legs utilizing a SIP protocol.
Specifications The IMG implementation of RADIUS is based on the following RADIUS RFCs:
RFC 2865 - Remote Authentication Dial-In User Service (RADIUS) RFC 2866 - RADIUS Accounting
Formats The IMG supports the Dialogic RADIUS formats, which Includes some attributes defined by RFC 2865 and RFC 2866, as well as Dialogic Vendor Specific Attributes (VSA).
Scenarios The IMG supports RADIUS Authentication and Accounting. Users have the option of using one of the following scenarios:
Authentication and Accounting In this case an Authentication Server and an Accounting Server are both assigned to the RADIUS client on the IMG. Accounting only In this case only an Accounting Server is assigned to the RADIUS client on the IMG. Authentication only In this case only an Authentication Server is assigned to the RADIUS client on the IMG.
See RADIUS Scenarios for more details.
As per RFC 2865 and RFC 2866, the IMG by default uses port 1812 for Authentication and port 1813 for Accounting. However, these ports are also configurable through the ClientView GUI. When implementing Authentication and Accounting, both processes can be either on the same or separate servers.
The RADIUS attributes and VSAs included in the messages will vary based on the following:
Protocol Used What leg of the call the protocol is used Whether it is a TDM protocol (SS7 or ISDN) or IP protocol (SIP or H.323).
The User name and Password values configured for the Authentication Server used will be included in the user name and password attributes in the Access Request message sent from the IMG.
1
RADIUS
RADIUS Server Redundancy
The IMG supports an Active/Standby redundancy scheme. Redundancy logic is independent for Authentication and Accounting Servers. When configuring RADIUS servers they may get created with an initial priority preference. The IMG will begin using the Active Server(s) and switchover to a Standby server after detecting a communication failure to the currently Active server. Once the switchover occurs all future Radius messages will flow to the new Active server until a failure occurs on this server. If an error is detected in trying to send a Radius message to this new Active server, the IMG will attempt to switch back to the initial Active server. This behaviour is repeated, until a working server is detected. If the IMG fails to connect to a RADIUS Server an alarm will be sent. You can monitor alarms using EventView.
Typically when a RADIUS message needs to be sent to a server it is assembled and passed to the OS for transport to the active server. These servers are configured to send the message wait 2 seconds and then retry sending the message an additional 3 times. Therefor a RADIUS message will be sent a total of 4 times at 2 second intervals. Once the message has been sent 4 times with no success a switchover to the next server will occur. The switchover behaviour is coupled to the message type. Therefore an Accounting Server switchover is independent of an Authentication Server switchover.
Under typical call load it will take a while for the switchover to complete since the IMG may have many RADIUS messages queued up to the failed server. Each of these messages must fail and be retried on the newly active server following notification of the send failure.
NOTE: A negative response does not constitute a server failure.
Supported Packet Types
Access-Request
Sent to a RADIUS server - conveys information used to determine whether a user is allowed access to a specific NAS, and any special services requested for that user.
Access-Accept
Sent by the RADIUS server - provides specific configuration information necessary to begin delivery of service to the user.
Access-Reject
Sent by the RADIUS Server if any value of the received Attributes is not acceptable
Accounting-start
Describes the type of service being delivered and the user to whom it is being delivered at the start of service delivery
Accounting-stop
Describes the type of service that was delivered and some optional statistics, such as elapsed time, input and output octets, and input and output packets.
RADIUS Server Debug Mode
You can configure your RADIUS Client in Debug Mode so that calls will be completed whether the RADIUS server is active or not. The IMG will not require authentication for the RADIUS server to complete a call and no billing information will be logged. You enable RADIUS Debug Mode using the RADIUS Client screen.
2
Overview of RADIUS
RADIUS Server Failure Alarm
The IMG provides automatic alarming notification to IMG users when a Radius Server has changed states and can no longer be accessed. The alarm, reported in EventView, will include the RADIUS Server Type (Access, Accounting), the Server ID, the mode of the Radius Server (normal, debug), the state of the Radius Server and the IP address.
Related Topics
Basic RADIUS Call Flow Generic RADIUS Attributes Cantata RADIUS VSAs RADIUS Call Flow: SS7 to H.323 RADIUS CDR Example: SIP-to-ISDN Configuring Billing and Authentication
3

RADIUS Scenarios

Topic Location: Product Description > RADIUS
The IMG supports RADIUS Authentication and Accounting. IMG customer has the option of using one of the following scenarios:
Authentication and Accounting
In this case an Authentication Server and an Accounting Server are both assigned to the RADIUS client on the IMG.
Accounting only
In this case only an Accounting Server is assigned to the RADIUS client on the IMG.
5
RADIUS
Authentication only
In this case only an Authentication Server is assigned to the RADIUS client on the IMG.
6
Loading...
+ 18 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use