Cisco Cisco Expressway Maintenance Manual
Zones Zone [1..1000] TraversalServer SIP Poison Mode: <On/Off>
Controls whether SIP requests sent out to this zone are "poisoned" such that if they are received by the local Expressway again
they will be rejected. Default: Off .
they will be rejected. Default: Off .
On: SIP requests sent out via this zone that are received again by this Expressway will be rejected.
Off: SIP requests sent out via this zone that are received by this Expressway again will be processed as normal.
Example: xConfiguration Zones Zone 5 TraversalServer SIP Poison Mode: Off
Zones Zone [1..1000] TraversalServer SIP Port: <1024..65534>
The port on the Expressway being used for SIP firewall traversal from this traversal client. Default: 7001, incrementing by 1 for each
new zone.
new zone.
Example: xConfiguration Zones Zone 5 TraversalServer SIP Port: 5061
Zones Zone [1..1000] TraversalServer SIP Protocol: <Assent/TURN/ICE>
Determines which firewall traversal protocol will be used for SIP calls to and from the traversal client. Note: the same protocol
must be set on the client for calls to and from this traversal server. Default: Assent.
must be set on the client for calls to and from this traversal server. Default: Assent.
Example: xConfiguration Zones Zone 5 TraversalServer SIP Protocol: Assent
Zones Zone [1..1000] TraversalServer SIP TLS Verify Mode: <On/Off>
Controls X.509 certificate checking and mutual authentication between this Expressway and the traversal client. If enabled, a TLS
verify subject name must be specified. Default: Off.
verify subject name must be specified. Default: Off.
Example: xConfiguration Zones Zone 5 TraversalServer SIP TLS Verify Mode: On
Zones Zone [1..1000] TraversalServer SIP TLS Verify Subject Name: <S: 0,128>
The certificate holder's name to look for in the traversal client's X.509 certificate (must be in either the Subject Common Name or
the Subject Alternative Name attributes).
the Subject Alternative Name attributes).
Example: xConfiguration Zones Zone 5 TraversalServer SIP TLS Verify Subject Name: "myclientname"
Zones Zone [1..1000] TraversalServer SIP Transport: <TCP/TLS>
Determines which of the two transport types will be used for SIP calls between the traversal client and Expressway. Default: TLS .
Example: xConfiguration Zones Zone 5 TraversalServer SIP Transport: TLS
Zones Zone [1..1000] TraversalServer TCPProbe KeepAliveInterval: <1..65534>
Sets the interval (in seconds) with which the traversal client will send a TCP probe to the Expressway once a call is established, in
order to keep the firewall’s NAT bindings open. Default: 20.
order to keep the firewall’s NAT bindings open. Default: 20.
Example: xConfiguration Zones Zone 5 TraversalServer TCPProbe KeepAliveInterval: 20
Zones Zone [1..1000] TraversalServer TCPProbe RetryCount: <1..65534>
Sets the number of times the traversal client will attempt to send a TCP probe to the Expressway. Default: 5 .
Example: xConfiguration Zones Zone 5 TraversalServer TCPProbe RetryCount: 5
Table 29 xConfiguration CLI reference (continued)
426
Cisco Expressway Administrator Guide
Reference Material