Filter
Top Products
72
D14049.04
JULY 2008
Grey Headline (continued)
TANDBERG VIDEO COMMUNICATIONS SERVER
ADMINISTRATOR GUIDE
Introduction Getting Started
Overview and
Status
System
Conguration
VCS
Conguration
Zones and
Neighbors
Call
Processing
Bandwidth
Control
Firewall
Traversal
Appendices
Applications Maintenance
Registration Control
Endpoint Registration
In order for an endpoint to use the TANDBERG VCS as its H.323
gatekeeper or SIP Registrar, the endpoint must rst register with
the VCS. The VCS can be congured to control which devices
are allowed to register with it. Two separate mechanisms are
provided:
an
•
authentication process based on the username and
password supplied by the endpoint
a simple Registration Restriction Policy that uses
•
Allow Lists
or Deny Lists to specify which aliases can and cannot register
with the VCS.
It is possible to use both mechanisms together. For example,
you can use authentication to verify an endpoint’s identity from a
corporate directory, and registration restriction to control which
of those authenticated endpoints may register with a particular
VCS.
This section gives an overview of how endpoints and other
devices register with the VCS, and then describes the two
mechanisms by which registrations can be restricted.
Registration Overview
MCU, Gateway and Content Server Registration
H.323 systems such as gateways, MCUs and Content Servers
can also register with a VCS. They are known as locally
registered services. These systems are congured with their
own prex, which they provide to the VCS when registering. The
VCS will then know to route all calls that begin with that prex
to the gateway, MCU or Content Server as appropriate. These
prexes can also be used to control registrations.
SIP devices cannot register prexes. If your dial plan dictates
that a SIP device should be reached via a particular prex, then
you should add the device as a neighbor zone with a pattern
match equal to the prex to be used.
Registrations on a VCS Expressway
If a traversal-enabled endpoint registers directly with a VCS
Expressway, the VCS Expressway will provide the same services
to that endpoint as a VCS Control, with the addition of rewall
traversal. Traversal-enabled endpoints include all TANDBERG
Expressway™ endpoints and third party endpoints which support
the ITU H.460.18 and H.460.19 standards.
Endpoints that are not traversal-enabled can still register with
a VCS Expressway, but they may not be able to make or receive
calls through the rewall successfully. This will depend on a
number of factors:
whether the endpoint is using SIP or H.323
•
the endpoint’s position in relation to the rewall
•
whether there is a NAT in use
•
whether the endpoint is using a public IP address.
•
For example, if an endpoint is behind a NAT or rewall, it may not
be able to receive incoming calls and may not be able to receive
media for calls it has initiated. SIP endpoints can also work
behind a NAT but can only receive video if they send it as well.
To ensure rewall traversal will work successfully for H.323
endpoints behind a NAT, the endpoint must be traversal-enabled.
The TANDBERG MPS and TANDBERG Content Server
(TCS) both support Expressway. They can therefore
register directly with a VCS Expressway for rewall
traversal.
For specic information about how registrations are
managed across Peers in a cluster, refer to the section
Sharing Registrations Across Peers.