Cisco Cisco Expressway 维护手册
Field
Description
Usage tips
TLS verify mode
and subject
name
and subject
name
Controls X.509 certificate checking and mutual
authentication between this Expressway and the
traversal client.
authentication between this Expressway and the
traversal client.
If TLS verify mode is enabled, a TLS verify subject
name must be specified. This is the certificate
holder's name to look for in the traversal client's
X.509 certificate.
name must be specified. This is the certificate
holder's name to look for in the traversal client's
X.509 certificate.
If the traversal client is clustered, the
TLS verify subject name must be the
FQDN of the cluster.
TLS verify subject name must be the
FQDN of the cluster.
See
information.
Media
encryption mode
encryption mode
Controls the media encryption policy applied by the
Expressway for SIP calls (including interworked
calls) to and from this zone.
Expressway for SIP calls (including interworked
calls) to and from this zone.
See
for more information.
ICE support
Controls whether ICE messages are supported by
the devices in this zone.
the devices in this zone.
See
for more information.
Poison mode
Determines if SIP requests sent to systems located
via this zone are "poisoned" such that if they are
received by this Expressway again they will be
rejected.
via this zone are "poisoned" such that if they are
received by this Expressway again they will be
rejected.
Authentication
section:
Authentication
policy
policy
Controls how the Expressway authenticates
incoming messages from this zone and whether they
are subsequently treated as authenticated,
unauthenticated, or are rejected. The behavior
varies for H.323 messages, SIP messages that
originate from a local domain and SIP messages that
originate from non-local domains.
incoming messages from this zone and whether they
are subsequently treated as authenticated,
unauthenticated, or are rejected. The behavior
varies for H.323 messages, SIP messages that
originate from a local domain and SIP messages that
originate from non-local domains.
See
for more
information.
UDP / TCP probes
section:
UDP retry
interval
interval
The frequency (in seconds) with which the client
sends a UDP probe to the Expressway-E if a keep
alive confirmation has not been received.
sends a UDP probe to the Expressway-E if a keep
alive confirmation has not been received.
The default UDP and TCP probe retry
intervals are suitable for most
situations. However, if you experience
problems with NAT bindings timing
out, they may need to be changed.
intervals are suitable for most
situations. However, if you experience
problems with NAT bindings timing
out, they may need to be changed.
UDP retry count
The number of times the client attempts to send a
UDP probe to the Expressway-E during call setup.
UDP probe to the Expressway-E during call setup.
UDP keep alive
interval
interval
The interval (in seconds) with which the client sends
a UDP probe to the Expressway-E after a call is
established, in order to keep the firewall’s NAT
bindings open.
a UDP probe to the Expressway-E after a call is
established, in order to keep the firewall’s NAT
bindings open.
TCP retry
interval
interval
The interval (in seconds) with which the traversal
client sends a TCP probe to the Expressway-E if a
keep alive confirmation has not been received.
client sends a TCP probe to the Expressway-E if a
keep alive confirmation has not been received.
TCP retry count
The number of times the client attempts to send a
TCP probe to the Expressway-E during call setup.
TCP probe to the Expressway-E during call setup.
TCP keep alive
interval
interval
The interval (in seconds) with which the traversal
client sends a TCP probe to the Expressway-E when
a call is in place, in order to maintain the firewall’s
NAT bindings.
client sends a TCP probe to the Expressway-E when
a call is in place, in order to maintain the firewall’s
NAT bindings.
Table 5: Traversal server zone configuration reference (continued)
Cisco Expressway Administrator Guide (X8.5.2)
Page 126 of 403
Zones and neighbors
Configuring zones