Zones Zone [1..1000] TraversalServer SIP Media Encryption Mode: <Off/On/BestEffort/Auto>
The media encryption policy applied by the VCS for SIP calls (including interworked calls) to and from this zone. Default: Auto
On
: All media must be encrypted.
Off
: All media must be unencrypted.
BestEffort
: Use encryption if available otherwise fallback to unencrypted media.
Auto
: No media encryption policy is applied.
Example:
xConfiguration Zones Zone 5 TraversalServer SIP Media Encryption Mode: Auto
Zones Zone [1..1000] TraversalServer SIP Poison Mode: <On/Off>
Controls whether SIP requests sent out to this zone are "poisoned" such that if they are received by the local VCS again they will be
rejected. Default: Off .
On
: SIP requests sent out via this zone that are received again by this VCS will be rejected.
Off
: SIP requests sent out via this zone that are received by this VCS again will be processed as normal.
Example:
xConfiguration Zones Zone 5 TraversalServer SIP Poison Mode: Off
Zones Zone [1..1000] TraversalServer SIP Port: <1024..65534>
The port on the VCS being used for SIP firewall traversal from this traversal client. Default: 7001, incrementing by 1 for each new
zone.
Example:
xConfiguration Zones Zone 5 TraversalServer SIP Port: 5061
Zones Zone [1..1000] TraversalServer SIP Protocol: <Assent/TURN/ICE>
Determines which firewall traversal protocol will be used for SIP calls to and from the traversal client. Note: the same protocol must be
set on the client for calls to and from this traversal server. Default: Assent.
Example:
xConfiguration Zones Zone 5 TraversalServer SIP Protocol: Assent
Zones Zone [1..1000] TraversalServer SIP TLS Verify Mode: <On/Off>
Controls X.509 certificate checking and mutual authentication between this VCS and the traversal client. If enabled, a TLS verify
subject name must be specified. Default: Off.
Example:
xConfiguration Zones Zone 5 TraversalServer SIP TLS Verify Mode: On
Zones Zone [1..1000] TraversalServer SIP TLS Verify Subject Name: <S: 0,128>
The certificate holder's name to look for in the traversal client's X.509 certificate (must be in either the Subject Common Name or the
Subject Alternative Name attributes).
Example:
xConfiguration Zones Zone 5 TraversalServer SIP TLS Verify Subject Name: "myclientname"
Zones Zone [1..1000] TraversalServer SIP Transport: <TCP/TLS>
Determines which of the two transport types will be used for SIP calls between the traversal client and VCS. Default: TLS .
Example:
xConfiguration Zones Zone 5 TraversalServer SIP Transport: TLS
Zones Zone [1..1000] TraversalServer TCPProbe KeepAliveInterval: <1..65534>
Sets the interval (in seconds) with which the traversal client will send a TCP probe to the VCS once a call is established, in order to
keep the firewall’s NAT bindings open. Default: 20.
Example:
xConfiguration Zones Zone 5 TraversalServer TCPProbe KeepAliveInterval: 20
Zones Zone [1..1000] TraversalServer TCPProbe RetryCount: <1..65534>
Sets the number of times the traversal client will attempt to send a TCP probe to the VCS. Default: 5 .
Example:
xConfiguration Zones Zone 5 TraversalServer TCPProbe RetryCount: 5
Zones Zone [1..1000] TraversalServer TCPProbe RetryInterval: <1..65534>
Sets the frequency (in seconds ) with which the traversal client will send a TCP probe to the VCS. Default: 2 .
Example:
xConfiguration Zones Zone 5 TraversalServer TCPProbe RetryInterval: 2
Cisco VCS Administrator Guide (X8.1.1)
Page 467 of 507
Reference material
Command reference — xConfiguration