Cisco Cisco Expressway Maintenance Manual
Configuring SIP
The
SIP
page (
Configuration > Protocols > SIP
) is used to configure the SIP settings on the Expressway,
including:
n
SIP functionality and SIP-specific transport modes and ports
n
certificate revocation checking modes for TLS connections
SIP functionality and SIP-specific transport modes and ports
This section contains the basic settings for enabling SIP functionality and for configuring the various SIP-
specific transport modes and ports. The configurable options are:
specific transport modes and ports. The configurable options are:
Field
Description
Usage tips
SIP mode
Enables and disables SIP functionality on the
Expressway. Default is On.
Expressway. Default is On.
SIP protocols
and ports
and ports
The Expressway supports SIP over UDP, TCP and TLS
transport protocols. Use the Mode and Port settings for
each protocol to configure whether or not incoming and
outgoing connections using that protocol are supported,
and if so, the ports on which the Expressway listens for
such connections.
transport protocols. Use the Mode and Port settings for
each protocol to configure whether or not incoming and
outgoing connections using that protocol are supported,
and if so, the ports on which the Expressway listens for
such connections.
By default UDP is Off, and TCP and TLS are On. The
default ports are:
default ports are:
n
UDP port: 5060
n
TCP port: 5060
n
TLS port: 5061
At least one of the transport
protocols must be set to a Mode of
On for SIP functionality to be
supported.
protocols must be set to a Mode of
On for SIP functionality to be
supported.
TCP outbound
port start / end
port start / end
The range of ports the Expressway uses when TCP and
TLS connections are established. The default range is
25000 to 29999.
TLS connections are established. The default range is
25000 to 29999.
The range must be sufficient to
support all required concurrent
connections.
support all required concurrent
connections.
TLS
handshake
timeout
handshake
timeout
The timeout period for TLS socket handshake. Default is 5
seconds.
seconds.
You may want to increase this value
if TLS server certificate validation is
slow (e.g. if OCSP servers do not
provide timely responses) and thus
cause connection attempts to
timeout.
if TLS server certificate validation is
slow (e.g. if OCSP servers do not
provide timely responses) and thus
cause connection attempts to
timeout.
Certificate revocation checking modes
This section controls the certificate revocation checking modes for SIP TLS connections. The configurable
options are:
options are:
Field
Description
Usage tips
Certificate
revocation
checking
mode
revocation
checking
mode
Controls whether revocation checking is performed for
certificates exchanged during SIP TLS connection
establishment.
certificates exchanged during SIP TLS connection
establishment.
We recommend that revocation
checking is enabled.
checking is enabled.
Cisco Expressway Administrator Guide (X8.2)
Page 95 of 378
Protocols
Configuring SIP