Linksys SPA2002-ER User Guide - Page 44

Authentication Methods - setup

Get Linksys SPA2002-ER - Earthlink Truevoice Phone Adpt PDF manuals and user guides
UPC - 745883568222
View all Linksys SPA2002-ER manuals
Add to My Manuals
Save this manual to your list of manuals

Page 44 highlights

4.4. Authentication Methods VoIP Callers can be authenticated by one of the following methods by setting the parameter: 1. No Authentication: All callers will be accepted for service. The dial plan to be used for all VoIP callers for this case is the one selected in . 2. PIN: Caller is prompted to enter a VoIP PIN right after the call is answered (i.e., after the SPA replies with a 200 response). Up to 8 PIN's, to , can be setup to access the PSTN gateway and each PIN can be assigned a different dial plan using the to parameters, respectively. The caller will hear a beepbeep-beep tone, known as the VoIP PIN Tone, as the prompt to enter the VoIP PIN. The tone will be played repeatedly until a PIN digit is received. After the first digit, the user by default will have 10s to enter each subsequent PIN digit. If no new PIN digit is entered for more than 10s, the SPA will terminate the call. This inter-PIN-digit timeout is set in the parameter. The PIN number entry must be ended by a pound (#) key. By default the caller will be given 3 chances to enter a valid PIN. If no valid PIN is received after 3 trials, the SPA will terminate the call. The number of VoIP PIN entry trials to allow can be changed by setting the parameter. If the last PIN entry is invalid, the VoIP PIN Tone will resume and the caller can re-enter the PIN again. The characteristics of the VoIP PIN Tone can be changed by setting ([Regional] tab). The VoIP PIN Tone should be set with a finite timeout (the default VoIP PIN tone has a timeout value of 10s). If no valid PIN is received after the maximum number of trials, the SPA will terminate the call. 3. HTTP Digest: SIP INVITE must contain a valid Authorization header that is computed based on an Auth ID and a password using MD5 digest algorithm. The Auth ID must be specified in the username parameter in the Authorization header. Up to 8 Auth ID/Passwords, / to /, can be setup to access the PSTN gateway. Each Auth ID/Password can be assigned a different dial plan using the to parameters, respectively. If the inbound INVITE to the PSTN Line does not have an Authorization header or the credentials it contains are invalid, the SPA will reply with a 401 response. If the username parameter in the Authorization header does not match any of the , n = 1 to 8, the SPA will reply with a 403 response. If the INVITE request a target PSTN number (as in one-stage dialing) that is not allowed by the corresponding dial plan for that caller, the SPA will also reply with a 403 response. VoIP callers can also be gated by a list of Caller-ID patterns before authentication rules are applied. These patterns are specified in which is a comma separate list of Caller-ID patterns. The VoIP Caller-ID is extracted from the inbound INVITE request FROM header User-ID field. If the FROM header has "Anonymous" (case-insensitive) in the display-name field, however, the SPA treats the VoIP Caller-ID as "Anonymous". Each Caller-ID pattern is a case insensitive alphanumeric string with special wildcard characters '?' and '*' , which stands for "any single digit" and "0 or more of any digits" respectively. For example: 1408*,15101234567,18??*,anonymous,jsmith. It is recommended not to insert white spaces before and after the comma, although they are allowed. If is blank, all VoIP callers will be processed by the SPA for authentication and subsequent gateway services upon successful authentication. If is not blank, then the VoIP Caller ID must match one of the given patterns or else will be rejected by the SPA with a 403 response without further processing. In addition, a VoIP Caller can be automatically accepted for PSTN gateway access without going through the authentication process if the source IP address of the inbound INVITE request matches one of the pattern specified in the . This is a comma separated list of IP address patterns, also with special wildcard characters '?' and '*'. For example:192.168.2.*,66.12?.12?.4. If the list is not blank and the source IP address of the inbound INVITE matches any of the patterns in the list, the VoIP caller will be granted access to the PSTN gateway as if the Authentication Method is © 2003 - 2004 Sipura Technology, Inc Proprietary (See Copyright Notice on Page 2) 44

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
© 2003 - 2004 Sipura Technology, Inc
Proprietary (See Copyright Notice on Page 2)
44
4.4. Authentication Methods
VoIP Callers can be authenticated by one of the following methods by setting the <VoIP Caller Auth
Method> parameter:
1.
No Authentication: All callers will be accepted for service. The dial plan to be used for all VoIP
callers for this case is the one selected in <VoIP Caller Default DP>.
2.
PIN: Caller is prompted to enter a VoIP PIN right after the call is answered (i.e., after the SPA
replies with a 200 response). Up to 8 PIN’s, <VoIP Caller 1 PIN> to <VoIP Caller 8 PIN>, can be
setup to access the PSTN gateway and each PIN can be assigned a different dial plan using the
<VoIP Caller 1 DP> to <VoIP Caller 8 DP> parameters, respectively. The caller will hear a beep-
beep-beep tone, known as the VoIP PIN Tone, as the prompt to enter the VoIP PIN. The tone will
be played repeatedly until a PIN digit is received. After the first digit, the user by default will have
10s to enter each subsequent PIN digit. If no new PIN digit is entered for more than 10s, the SPA
will terminate the call. This inter-PIN-digit timeout is set in the <VoIP PIN Digit Timeout>
parameter.
The PIN number entry must be ended by a pound (#) key. By default the caller will be
given 3 chances to enter a valid PIN. If no valid PIN is received after 3 trials, the SPA will
terminate the call. The number of VoIP PIN entry trials to allow can be changed by setting the
<VoIP PIN Max Retry> parameter. If the last PIN entry is invalid, the VoIP PIN Tone will resume
and the caller can re-enter the PIN again. The characteristics of the VoIP PIN Tone can be
changed by setting <VoIP PIN Tone> ([Regional] tab). The VoIP PIN Tone should be set with a
finite timeout (the default VoIP PIN tone has a timeout value of 10s). If no valid PIN is received
after the maximum number of trials, the SPA will terminate the call.
3.
HTTP Digest: SIP INVITE must contain a valid Authorization header that is computed based on
an Auth ID and a password using MD5 digest algorithm. The Auth ID must be specified in the
username parameter in the Authorization header. Up to 8 Auth ID/Passwords, <VoIP User 1 Auth
ID>/<VoIP User 1 Password> to <VoIP User 8 Auth ID>/<VoIP User 8 Password>, can be setup
to access the PSTN gateway. Each Auth ID/Password can be assigned a different dial plan using
the <VoIP User 1 DP> to <VoIP User 8 DP> parameters, respectively. If the inbound INVITE to
the PSTN Line does not have an Authorization header or the credentials it contains are invalid,
the SPA will reply with a 401 response. If the username parameter in the Authorization header
does not match any of the <VoIP User
n
Auth ID>,
n
= 1 to 8, the SPA will reply with a 403
response. If the INVITE request a target PSTN number (as in one-stage dialing) that is not
allowed by the corresponding dial plan for that caller, the SPA will also reply with a 403 response.
VoIP callers can also be gated by a list of Caller-ID patterns before authentication rules are applied.
These patterns are specified in <VoIP Caller ID Pattern> which is a comma separate list of Caller-ID
patterns. The VoIP Caller-ID is extracted from the inbound INVITE request FROM header User-ID
field. If the FROM header has “Anonymous” (case-insensitive) in the display-name field, however, the
SPA treats the VoIP Caller-ID as “Anonymous”. Each Caller-ID pattern is a case insensitive alpha-
numeric string with special wildcard characters ‘?’ and ‘*’ , which stands for “any single digit” and “0 or
more of any digits” respectively. For example: 1408*,15101234567,18??*,anonymous,jsmith. It is
recommended not to insert white spaces before and after the comma, although they are allowed. If
<VoIP Caller ID Pattern> is blank, all VoIP callers will be processed by the SPA for authentication and
subsequent gateway services upon successful authentication. If <VoIP Caller ID Pattern> is not
blank, then the VoIP Caller ID must match one of the given patterns or else will be rejected by the
SPA with a 403 response without further processing.
In addition, a VoIP Caller can be automatically accepted for PSTN gateway access without going
through the authentication process if the source IP address of the inbound INVITE request
matches
one of the pattern specified in the <VoIP Access List>. This is a comma separated list of IP address
patterns, also with special wildcard characters ‘?’ and ‘*’. For example:192.168.2.*,66.12?.12?.4. If
the list is not blank and the source IP address of the inbound INVITE matches any of the patterns in
the list, the VoIP caller will be granted access to the PSTN gateway as if the Authentication Method is