Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
Field
Description
Usage tips
SIP protocols
and ports
and ports
The VCS supports SIP over UDP, TCP and TLS transport
protocols. Use the Mode and Port settings for each
protocol to configure whether or not incoming and
outgoing connections using that protocol are supported,
and if so, the ports on which the VCS listens for such
connections.
protocol to configure whether or not incoming and
outgoing connections using that protocol are supported,
and if so, the ports on which the VCS listens for such
connections.
The default modes and ports are:
■
UDP mode Off, port 5060
■
TCP mode On, port 5060
■
TLS mode On, port 5061
■
Mutual TLS mode Off, port 5062
At least one of the transport protocol
modes must be On to enable SIP
modes must be On to enable SIP
functionality.
TCP outbound
port start /
end
port start /
end
The range of ports the VCS uses when TCP and TLS
connections are established. The default range is 25000 to
29999.
connections are established. The default range is 25000 to
29999.
The range must be sufficient to
support all required concurrent
connections.
support all required concurrent
connections.
Session
refresh
interval
refresh
interval
The maximum time allowed between session refresh
requests for SIP calls. Default is 1800 seconds.
requests for SIP calls. Default is 1800 seconds.
Minimum
session
refresh
interval
session
refresh
interval
The minimum value the VCS will negotiate for the session
refresh interval for SIP calls. Default is 500 seconds.
refresh interval for SIP calls. Default is 500 seconds.
TLS
handshake
timeout
handshake
timeout
The timeout period for TLS socket handshake. Default is 5
seconds.
seconds.
You may want to increase this value
if TLS server certificate validation is
slow (e.g. if OCSP servers do not
provide timely responses) and thus
cause connection attempts to
timeout.
if TLS server certificate validation is
slow (e.g. if OCSP servers do not
provide timely responses) and thus
cause connection attempts to
timeout.
Certificate Revocation Checking Modes
This section controls the certificate revocation checking modes for SIP TLS connections. The configurable options
are:
are:
Field
Description
Usage tips
Certificate
revocation
checking
mode
revocation
checking
mode
Controls whether revocation checking is performed for
certificates exchanged during SIP TLS connection
establishment.
certificates exchanged during SIP TLS connection
establishment.
We recommend that revocation
checking is enabled.
checking is enabled.
Use OCSP
Controls whether the Online Certificate Status Protocol
(OCSP) may be used to perform certificate revocation
checking.
(OCSP) may be used to perform certificate revocation
checking.
To use OCSP, the X.509 certificate
to be checked must contain an
OCSP responder URI.
to be checked must contain an
OCSP responder URI.
105
Cisco TelePresence Video Communication Server Administrator Guide
Protocols