R0106-HP MSR Router Series Voice Configuration Guide(V7)
99
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter voice view.
voice-setup N/A
3. Enter SIP view.
sip N/A
4. Set the aging time for TCP
connections.
timers connection aging tcp
tcp-age-time
By default, the aging time for TCP
connections is 5 minutes.
Configuring SIP security
This section describes how to configure TLS for outgoing SIP calls and media flow protocols for SIP calls.
Configuring TLS as the transport protocol
When you configure TLS, follows these restrictions and guidelines:
• Configure the same transport protocol on the called and calling devices. For example, if you
configure the session transport tcp tls command on the calling device, you must configure the
transport tcp tls command on the called device.
• To use TLS for calls, registrations, or subscriptions, do the following:
{ Configure SSL policies on the device.
{ Make sure the certificate can be used.
{ Enable the TLS listening port.
For information about configuring SSL policies, see Security Configuration Guide.
Specifying SSL policies to be used by TLS
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter voice view.
voice-setup N/A
3. Enter SIP view.
sip N/A
4. Specify an SSL client policy.
crypto ssl-client-policy
client-policy-name
By default, no SSL client policy is
specified.
5. Specify an SSL server policy.
crypto ssl-server-policy
server-policy-name
By default, no SSL server policy is
specified.
Specifying TLS as the global transport protocol for outgoing SIP calls
You can configure the session transport command both globally (in SIP view) and for a specific VoIP
entity (in VoIP entity view). The configuration in VoIP entity view takes precedence over the global
configuration. A VoIP entity uses the global configuration only when the session transport command is
not configured in VoIP entity view.
To specify TLS as the global transport protocol for outgoing SIP calls:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A