Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Cisco IOS Software Releases 11.3

H.323 VoIP Gateway for Cisco Access Platforms

Downloads

Table Of Contents

Configuring H.323 VoIP Gateway for Cisco Access Platforms

H.323 VoIP Gateway Feature Summary

Benefits

List of Terms

Restrictions

Platforms

Perquisites

Supported MIBS and RFCs

Functional Description

Gateway RAS Implementation

Technology Prefixes

Additional Keyword for the Session Target Command

Configuration Task List

Configure Voice Port Parameters

Verify Voice Port Parameters

Configure the H.323 Gateway

Configure POTS and VoIP Dial Peers

Verify Dial Peer Configuration

Enable VoIP Gateway Functionality

Configure Gateway Interface Parameters

Verify the Gateway Interface Configuration

Configuration Examples

Configuring an H.323 Gateway

Configuring a RAS Gatekeeper

AAA Accounting

Authentication

Authorization

Accounting

RADIUS Accounting with Overloaded Session ID

Syslog Accounting

Example AAA Configuration

Interactive Voice Response (IVR)

IVR Application Field

ANI Authorization

Fax Hop On/Off

ISDN Redirect Number Support

Dial Peer Configuration Restrictions for ISDNRedirect

Incoming Dial Peer

Outgoing Dial Peer

ISDNRedirect Call Flow Example

Rotary Call Pattern

Rotary Call Functionality

Command Reference

aaa authentication login h323 radius

Syntax Description

Default

Command Mode

Usage Guidelines

aaa accounting connection h323

Syntax Description

Default

Example

Command Mode

Usage Guidelines

application

Syntax Description

Default

Command Mode

Usage Guidelines

audio-prompt load

Default

Command Mode

Usage Guidelines

gateway

Syntax Description

Default

Command Mode

Usage Guidelines

gw-accounting

Syntax Description

Default

Command Mode

Usage Guidelines

h323-gateway voip h323-id

Syntax Description

Default

Command Mode

Usage Guidelines

Example

Related Commands

h323-gateway voip id

Syntax Description

Default

Command Mode

Usage Guidelines

Example

Related Commands

h323-gateway voip interface

Syntax Description

Default

Command Mode

Usage Guidelines

Example

Related Commands

h323-gateway voip tech-prefix

Syntax Description

Default

Command Mode

Usage Guidelines

Example

Related Commands

preference

Default

Command Mode

Usage Guidelines

session target

Syntax Description

Default

Command Mode

Usage Guidelines

Examples

Related Commands

show call application voice

Default

Command Mode

Usage Guidelines

show gateway

tech-prefix

Syntax Description

Default

Command Mode

Usage Guidelines

Examples

Related Commands

Debug Commands

debug cch323 h225

Syntax Description

Default

Command Mode

Usage Guidelines

debug cch323 h245

Syntax Description

Default

Command Mode

Usage Guidelines

debug cch323 ras

Syntax Description

Default

Command Mode

Usage Guidelines

debug h225

Syntax Description

Default

Command Mode

Usage Guidelines

Sample Output

debug ras

Syntax Description

Default

Command Mode

Usage Guidelines

Sample Output

debug voip aaa

Syntax Description

Command Mode

Default

Command Mode

Usage Guidelines

debug voip ccapi

Syntax Description

Default

Command Mode

Usage Guidelines

Sample Output

debug voip ivr

Syntax Description

Default

Command Mode

Usage Guidelines


Configuring H.323 VoIP Gateway for Cisco Access Platforms

Feature History

Release
Modification

11.3(7)NA

This feature was introduced.

12.2(2)XB1

This feature was implemented on the Cisco AS5850 platform.

12.2(11)T

This feature was integrated into Cisco IOS Release 12.2(11)T.


H.323 VoIP Gateway Feature Summary

The Cisco AS5300 voice service provider features include enhancements made to the functionality and configuration of both the gateway and the Voice over IP (VoIP) gatekeeper. The architecture of these features provides the Quality of Service (QoS), stability, and functionality necessary for carrier class, real-time IP communications services.

This document contains a basic description of the H.323 VoIP gateway in addition to features required to implement the applications to run VoIP in a service provider environment. The features address the service provider needs to offer security, billing, scaling, and reliability.

The Cisco AS5300 VoIP gateway is a high performance H.323-compliant gateway optimized for VoIP applications. Supporting up to two T1/E1 digital channels, it connects with existing telephones and fax machines through the Public Switched Telephone Network (PSTN), key systems, and PBXs, making the process of placing calls over the IP network transparent to users.

The gateway capability allows the Cisco AS5300 to function as an H.323 endpoint. Therefore, the gateway provides admission control, address lookup and translation, and accounting services.

Benefits

Carrier-class voice quality

End-to-end solutions

Voice-enabled everywhere

High-density voice gateways

Quality, scalability, and services

List of Terms

AAA—Authentication, Authorization, and Accounting. AAA is a suite of network security services which provides the primary framework through which access control can be set up on your Cisco router or access server.

ANI—Automatic number identification.

ARQ—Admission request.

CAS—Channel associated signaling.

CCAPI—Call control applications programming interface.

CLI—Command line interface.

CO—Central office.

CPE—Customer premises equipment. Terminating equipment, such as terminals, telephones, and modems, supplied by the telephone company, installed at the customer sites, and connected to the telephone company network.

CSM—Call switching module.

dial peer—An addressable call endpoint. In Voice over IP (V0IP), there are two types of dial peers: POTS and VoIP.

DNS—Domain name system used to address translation to convert H.323 IDs, URLs, or e-mail IDs to IP addresses. DNS is also used to assist in the location of remote gatekeepers and to reverse-map raw IP addresses to host names of administrative domains.

DNIS—Dialed number identification service (the called number).

DSP—Digital signal processor.

DTMF—Dual tone multi-frequency.

E.164—The international public telecommunications numbering plan. A standard set by ITU-T which addresses telephone numbers.

E&M—Ear and mouth RBS signaling.

endpoint—A H.323 terminal or gateway. An endpoint can call and be called. It generates and/or terminates the information stream.

gatekeeper—A gatekeeper maintains a registry of devices in the multimedia network. The devices register with the gatekeeper at startup, and request admission to a call from the gatekeeper.

The gatekeeper is a H.323 entity on the LAN that provides address translation and control access to the LAN for H.323 terminals and gateways. The gatekeeper may provide other services to the H.323 terminals and gateways, such as bandwidth management and locating gateways.

gateway—A gateway allows H.323 terminals to communicate with non-H.323 terminals by converting protocols. A gateway is the point at which a circuit-switched call is encoded and repackaged into IP packets.

A H.323 gateway is an endpoint on the LAN that provides real-time, two-way communications between H.323 terminals on the LAN and other ITU-T terminals in the WAN, or to another H.323 gateway.

H.323—An International Telecommunication Union (ITU-T) standard that describes packet-based video, audio, and data conferencing. H.323 is an umbrella standard that describes the architecture of the conferencing system, and refers to a set of other standards (H.245, H.225.0, and Q.931) to describe its actual protocol.

H.323 RAS—Registration, admission, and status. The RAS signaling function performs registration, admissions, bandwidth changes, status and disengage procedures between the VoIP gateway and the gatekeeper.

HSRP—Hot Standby Routing Protocol. HSRP is a Cisco-proprietary protocol which provides a redundancy mechanism when more than one router is connected to the same segment/subnet of an Ethernet/FDDI/Token Ring network.

IVR—Integrated voice response. When someone dials in, it responds with a prompt to get a personal identification number (PIN), and so on.

LEC—Local exchange carrier.

LRQ—Location request.

MCU—Multipoint control unit

MF—Multi-frequency tones are made of six frequencies that provide 15 two frequency combinations for indication digits 0-9 and KP/ST signals.

multicast—A process of transmitting PDUs from one source to many destinations. The actual mechanism (that is, IP multicast, multi-unicast, and so forth) for this process might be different for LAN technologies.

multipoint-unicast—A process of transferring PDUs (Protocol Data Units) where an endpoint sends more than one copy of a media stream to different endpoints. This might be necessary in networks which do not support multicast.

node—A H.323 entity that uses RAS to communicate with the gatekeeper. For example, an endpoint such as a terminal, proxy, or gateway.

PDU—Protocol data units used by bridges to transfer connectivity information.

POTS—Plain old telephone service. Basic telephone service supplying standard single line telephones, telephone lines, and access to the PSTN.

PSTN—Public switched telephone network. PSTN refers to the local telephone company.

QoS—Quality of service, which refers to the measure of service quality provided to the user.

RAS—Registration, admission, and status protocol. This is the protocol that is used between endpoints and the gatekeeper to perform management functions.

RBS—Robbed bit signaling.

RRQ—Registration request.

SPI—Service provider interface.

TCL—Tool command language.

TDM—Time division multiplexing. Technique in which information from multiple channels can be allocated bandwidth on a single wire based on preassigned time slots. Bandwidth is allocated to each channel regardless of whether the station has data to transmit.

VoIP—Voice over IP. The ability to carry normal telephone-style voice over an IP-based internet with POTS-like functionality, reliability, and voice quality. VoIP is a blanket term which generally refers to Cisco's standards based (for example, H.323) approach to IP voice traffic.

VTSP—Voice telephony service provider.

zone—A collection of all terminals (tx), gateways (GW), and Multipoint Control Units (MCU) managed by a single gatekeeper (GK). A zone includes at least one terminal, and can include gateways or multipoint control units (MCUs). A zone has only one gatekeeper. A zone may be independent of LAN topology and can be comprised of multiple LAN segments which are connected using routes or other devices.

Note   For a list of other internetworking terms, see the Internetworking Terms and Acronyms document that accompanied your access server and is available on the Documentation CD-ROM and Cisco Connection Online (CCO) at the following URL: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ita/index.htm.

Restrictions

The H.323 gateway feature and supporting software applications in Cisco IOS Release:

11.3(6)NA2 requires VCWare version 2.4.

11.3(7)NA requires VCWare version 2.5.

Cisco Secure 2.1.8.4 or higher is required if H.323 accounting is being used.

Platforms

This feature is supported on the following platforms:

Cisco 2500 series

Cisco 3600 series

Cisco AS5300

Cisco AS5850

Determining Platform Support Through Cisco Feature Navigator

Cisco IOS software is packaged in feature sets that support specific platforms. To get updated information regarding platform support for this feature, access Cisco Feature Navigator. Cisco Feature Navigator dynamically updates the list of supported platforms as new platform support is added for the feature.

Cisco Feature Navigator is a web-based tool that enables you to determine which Cisco IOS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or release. Under the release section, you can compare releases side by side to display both the features unique to each software release and the features in common.

To access Cisco Feature Navigator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions at http://www.cisco.com/register.

Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page at the following URL:

http://www.cisco.com/go/fn

Availability of Cisco IOS Software Images

Platform support for particular Cisco IOS software releases is dependent on the availability of the software images for those platforms. Software images for some platforms may be deferred, delayed, or changed without prior notice. For updated information about platform support and availability of software images for each Cisco IOS software release, refer to the online release notes or, if supported, Cisco Feature Navigator.

Perquisites

Before you can configure your platform to serve as an H.323 VoIP gateway, you must first:

Establish a working IP network. For more information about configuring IP, refer to the "IP Overview," "Configuring IP Addressing," and "Configuring IP Services" chapters in the Cisco IOS Release 12.0 Network Protocols Configuration Guide, Part 1.

Install the one-slot or two-slot (NM-1V/NM-2V) voice network module into the appropriate bay of your Cisco router. For more information about the physical characteristics of the voice network module, or how to install it, refer to the installation documentation, Voice Network Module and Voice Interface Card Configuration Note, that came with your voice network module.

Configure Voice over IP. For more information about configuring Voice over IP, refer to the Voice over IP for the Cisco AS5300 Software Configuration Guide.

Supported MIBS and RFCs

The SNMP MIBS are available on CCO. The CISCO-VOICE-DIAL-CONTROL-MIB supports the QoV and QoS of VoIP calls. Refer to the online support reference listed at the following location:

http://www.cisco.com/public/mibs/supportlists/as5300/supportlist.html

Select the desired platform from support list to get them. VoIP MIBS are included in 11.3

Significant MIBS of interest related to the Service Provider VoIP features are:

DIAL-CONTROL-MIB.my

CISCO-DIAL-CONTROL-MIB.my

CISCO-VOICE-DIAL-CONTROL-MIB.my

CISCO-VOICE-IF-MIB.my

CISCO-DSP-MGMT-MIB.my

Functional Description

The functionality of the H.323 VoIP gateway is dependent on the interaction of the following features:

Gateway RAS Implementation

AAA Accounting

Interactive Voice Response (IVR)

ISDN Redirect Number Support

Rotary Call Pattern

Note   Refer to the Command Reference for a description of the commands related to these applications.

Gateway RAS Implementation

The Registration, Admission, and Status (RAS) signaling function performs registration, admissions, status, and disengage procedures between the H.323 VoIP gateway and the H.323 VoIP gatekeeper.

The following additions have been made to basic gateway functionality to implement RAS:

Technology Prefixes

Additional Keyword for the session target command.

Note   For additional information regarding the H.323 VoIP gatekeeper, see the "Configuring the Cisco AS5300 for Voice Service Provider Features" documentation. This documentation is located on the Cisco Connection Online website connection at the following site:
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/5300/5300swbk/index.htm

Two new fields have been added to the dial-peer entry. The gateway relies on Cisco IOS command line interface commands, outside of gateway configuration mode, to configure handling of the AAA servers.

The following additions have been made to basic gateway functionality to implement RAS:

Technology Prefixes

AAA Accounting

Technology Prefixes

Technology prefixes are used to distinguish between gateways having specific capabilities within a given zone. In the exchange between the gateway and the gatekeeper, the technology prefix is used to select a gateway after the zone has been selected. You use the tech-prefix dial-peer configuration command to define technology prefixes.

In most cases, there is a dynamic protocol exchange between the gateway and the gatekeeper that enables the gateway to inform the gatekeeper about technology prefixes and where to forward calls. If, for some reason, that dynamic registry feature is not in effect, you can statically configure the gatekeeper to query the gateway for this information by configuring the gw-type-prefix command on the gatekeeper. Use the show gatekeeper gw-type-prefix to display how the gatekeeper has mapped the technology prefixes to local gateways.

For more information about configuring H.323 gatekeepers, refer to Cisco IOS Release 11.3(6) 2 Configuring H.323 VoIP Gatekeeper for Cisco Access Platforms.

Additional Keyword for the Session Target Command

The session target dial-peer command indicates the address of the remote gateway where the call is terminated. A new keyword has been added to the session target command to indicate that the RAS protocol is being used—meaning that a gatekeeper will be consulted to translate the E164 address to an IP address.

You can now define the address of a remote gateway in the following ways:

Using an IP address: session target ipv4:A.B.C.D

Using DNS: session target dns: gateway@domain

Using RAS: session target ras

For more information about this revised command, refer to the AAA Accounting section.

Configuration Task List

To configure a Cisco 3600 or Cisco 2600 series router to perform as an H.323 VoIP gateway using RAS, perform the following tasks:

Configure Voice Port Parameters

Configure the H.323 Gateway

Configure Voice Port Parameters

To configure voice port parameters for an E&M voice port, use the following commands:

Step
Command
Purpose

1

configure terminal

Enter global configuration mode.

2

voice-port slot-number/subunit-number/port

Enter voice-port configuration mode to configure parameters for the specified voice port. The voice port is identified by its slot number, subunit number, and port number.

3

operation {2-wire | 4-wire}

Specify an E&M cabling scheme for this voice-port.

4

type {1 | 2 | 3 | 5}

Specify the E&M port type.


For more information about configuring voice ports, refer to the "Configuring Voice Ports" chapter in the Cisco IOS Release 12.0 Voice, Video, and Home Applications Configuration Guide.

Verify Voice Port Parameters

To verify voice port parameters, use the show voice port command.

The following is sample output from the show voice port command for an E&M voice port on the Cisco 3600 series: 

router# show voice port 1/0/0

E&M Slot is 1, Sub-unit is 0, Port is 0

 Type of VoicePort is E&M

 Operation State is UP

 Administrative State is UP

 <--snip--> 


 Voice card specific Info Follows:

 Signal Type is wink-start

 Operation Type is 4-wire

 Impedance is set to 600r Ohm

 E&M Type is 5

 Dial Type is dtmf

 <--snip-->

For more information about the show voice port command, refer to the Cisco IOS Release 12.0 Voice, Video, and Home Applications Command Reference.

Configure the H.323 Gateway

To configure the H.323 Gateway, you need to perform the tasks:

Configure POTS and VoIP Dial Peers

Enable VoIP Gateway Functionality

Configure Gateway Interface Parameters

Configure POTS and VoIP Dial Peers

The first step in configuring the H.323 gateway is to define the applicable POTS and VoIP dial peers. The POTS dial peer informs the system which voice port to direct incoming VoIP calls to and (optionally) defines that RAS-initiated calls will have a technology prefix prepended to the destination telephone number. The VoIP dial peer defines how to direct calls that originate from a local voice port into the VoIP cloud to the session target. The session target indicates the address of the remote gateway where the call is terminated. As mentioned, there are several different ways to define the destination gateway address: by statically configuring the IP address of the gateway, by defining the DNS of the gateway, or by using RAS. If you use RAS, that gateway determines the destination target by querying the RAS gatekeeper.

To configure POTS dial peer for the H.323 gateway, use the following commands:

Step
Command
Purpose

1

configure terminal

Enter global configuration mode.

2

dial-peer voice tag-number pots

Enter dial-peer configuration mode to configure parameters for the specified dial peer. The specific dial peer is identified by the tag number.

3

[tech-prefix#]destination-pattern [+]string[t]

Specify the telephone number (E.164 or otherwise) associated with this dial peer. Use the tech-prefix argument to define a technology prefix. By adding this technology prefix, you are enabling the system to identify an destination-patterns containing this prefix as RAS-initiated calls.

4

port slot-number/subunit-number/port

Specify the voice port through which incoming VoIP calls will be received.

5

exit

Exit the dial-peer configuration mode.


For more information about POTS dial peers, refer to the Cisco IOS Release 12.0 Voice, Video, and Home Applications Configuration Guide. For more information about any of the commands used to configure VoIP dial peers, refer to the Cisco IOS Release 12.0 Voice, Video, and Home Applications Command Reference.

To configure VoIP dial peer for the H.323 gateway, use the following commands:

Step
Command
Purpose

1

configure terminal

Enter global configuration mode.

2

dial-peer voice tag-number voip

Enter dial-peer configuration mode to configure parameters for the specified dial peer. The specific dial peer is identified by the tag number.

3

destination-pattern [+]string[t]

Specify the telephone number (E.164 or otherwise) associated with this dial peer.

4

tech-prefix tech-prefix

Specify the technology prefix to be prepended to the destination pattern.

5

session-target ras

Specify that the RAS protocol is being used to determine the IP address of the session target—meaning that a gatekeeper will be consulted to translate the E164 address to an IP address.

6

exit

Exit the dial-peer configuration mode.


For more information about POTS dial peers, refer to the Cisco IOS Release 12.0 Voice, Video, and Home Applications Configuration Guide. For more information about any of the commands used to configure POTS dial peers, refer to the Cisco IOS Release 12.0 Voice, Video, and Home Applications Command Reference.

Verify Dial Peer Configuration

Verify the POTS and VoIP dial peer configuration by using the show dial-peer voice command.

The following example shows output from the show dial-peer voice command for a VoIP dial peer using RAS: 

5300-1# show dial-peer voice 1234


VoiceOverIpPeer1234

  tag = 1234, destination-pattern = 1234',

  answer-address = ',

  group = 1234, Admin state is up, Operation state is up,

  incoming called-number = ', connections/maximum = 0/unlimited,

  application associated: 

  type = voip, session-target = ras',

  technology prefix: 8#

  ip precedence = 0, UDP checksum = disabled,

  session-protocol = cisco, req-qos = controlled-load, 

  acc-qos = best-effort, 

  fax-rate = voice, codec = g729r8, 

  Expect factor = 10, Icpif = 30,

  VAD = enabled, Poor QOV Trap = disabled,

<--snip-->

Enable VoIP Gateway Functionality

The next step in configuring an H.323 gateway is to enable VoIP gateway functionality. You do this by using the gateway command.

To enable gateway functionality, use the following commands:

Step
Command
Purpose

1

configure terminal

Enter global configuration mode.

2

gateway

Enable the VoIP Gateway.


Configure Gateway Interface Parameters

The next step in configuring an H.323 gateway is configure the gateway interface parameters. You do this by first defining which interface will be presented to the VoIP network as this gateway's H.323 interface. Only one interface is allowed to be the gateway interface. You can select either the interface that is connected to the gatekeeper or a loopback interface. The interface that is connected to the gatekeeper is usually a LAN interface (for example, Fast Ethernet, Ethernet, FDDI, or Token-Ring).

After you define the gateway interface, you configure the gateway to discover the gatekeeper either through multicasting or by directing it to a specific host. Finally, you configure the gateway's H.323 identification number and any technology prefixes that this gateway should register with the gatekeeper.

To define the interface to be used as the H.323 gateway interface and configure the H.323 gateway interface parameters, use the following commands, beginning in global configuration mode:

Step
Command
Purpose

3

interface type slot/port

Enter interface configuration mode to configure parameters for the specified interface.

4

ip address ip-address subnet-mask

Specify the IP address for this interface.

5

h323-gateway voip interface

Designate this interface as being the H.323 gateway interface.

6

h323-gateway voip h323-id interface-id

Specify an H.323 name (ID) for the gateway associated with this interface. This ID is used by this gateway when this gateway communicates with the gatekeeper. Usually, this H.323 ID is the name given to the gateway with the gatekeeper domain name appended to the end.

7

h323-gateway voip id gatekeeper {ipaddr ip-address [port]| multicast}

Specify the name (ID) of the gatekeeper associated with this gateway and how the gateway finds the it. The gatekeeper ID configured here must exactly match the gatekeeper ID in the gatekeeper configuration. The gateway determines the location of the gateway in one of two ways: either by a defined IP address or through multicast.

8

h323-gateway voip tech-prefix prefix

Specify a technology prefix. A technology prefix is used to identify a type of service that this gateway is capable of providing.

Note   If a gateway is capable of handling multiple services, specify each service with a tech-prefix command.

9

exit

Exit interface configuration mode.

10

exit

Exit global configuration mode.


Verify the Gateway Interface Configuration

Use the show gateway privileged EXEC command to check that the gateway has found and registered itself with the gatekeeper.

In the following example, gateway GW13.cisco.com has successfully registered itself with gatekeeper GK15.cisco.com: 


3640GW.13#show gateway 

 Gateway GW13.cisco.com is registered to Gatekeeper GK15.cisco.com

Use the show gatekeeper gw-type-prefix command to verify that the gateway has successfully registered its tech prefixes with the gatekeeper. This command displays all registers and status tech-prefixes on a Cisco gatekeeper.

In the following example gatekeeper 'GK15.cisco.com' has four tech-prefixes. Prefix 31# is statically defined on the gatekeeper, while 23#, 22#, and 13# have been dynamically registered by gateways. 


3640GK.15#show gatekeeper gw-type-prefix 

GATEWAY TYPE PREFIX TABLE

=========================

Prefix:31#*

 Statically-configured gateways (not necessarily currently registered):

    1.9.53.13:1720

  Zone:GK15.cisco.com Registered gateways for this prefix:

    1.9.53.13:1720 GW13

Prefix:23#*

  Zone:GK15.cisco.com Registered gateways for this prefix:

    1.9.74.23:1720 GW23-c2611

Prefix:22#*

  Zone:GK15.cisco.com Registered gateways for this prefix:

    1.9.74.22:1720 GW22-c2611

Prefix:13#*

  Zone:GK15.cisco.com Registered gateways for this prefix:

    1.9.53.13:1720 GW13

Tips

Use the debug ras command to display the types and addressing of RAS messages sent and received. The debug output lists the message type using mnemonics defined in ITU-T specification H.225.

In the following example, gateway GW13.cisco.com sends a RAS registration request message (RRQ) to gatekeeper GK15.cisco.com at IP address 1.9.53.15. GW13.cisco.com then receives a registration confirmation (RCF) message from the gatekeeper. If there is no response, it could mean that the gatekeeper is offline or improperly addressed. If you receive a reject message (RRJ), it could mean that the gatekeeper is unable to handle another gateway or that the registration information is incorrect. 

3640GW.13#debug ras 

*Mar 13 19:53:34.231:      RASlib::ras_sendto:msg length 105 from

                            1.9.53.13:8658 to 1.9.53.15:1719

*Mar 13 19:53:34.231:      RASLib::RASSendRRQ:RRQ (seq# 36939) sent

                            to 1.9.53.15

*Mar 13 19:53:34.247:      RASLib::RASRecvData:successfully rcvd

                            message of length 105 from 1.9.53.15:1719

*Mar 13 19:53:34.251:      RASLib::RASRecvData:RCF (seq# 36939) rcvd

                            from [1.9.53.15:1719] on sock [0x6168356C

Use the debug h225 asn1 commands to display additional information about the actual contents of the H.225 RAS messages.

In the following example, the debug h225 asn1 command displays the actual contents of the RAS registration message exchange between gateway GW13.cisco.com and gatekeeper GK15.cisco.com. The debug h225 asn1 command also displays the tech-prefixes that gateway GW13.cisco.com is registering: 

3640GW.13#debug h225 asn1 

H.225 ASN1 Messages debugging is on

3640GW.13#value RasMessage ::= registrationRequest :

*Mar 13 20:16:45.295:  {

*Mar 13 20:16:45.295:    requestSeqNum 037001,

*Mar 13 20:16:45.295:    protocolIdentifier { 0 0 8 2250 0 1 },

*Mar 13 20:16:45.295:    discoveryComplete TRUE,

*Mar 13 20:16:45.295:    callSignalAddress 

*Mar 13 20:16:45.295:    {

*Mar 13 20:16:45.295:      ipAddress :

*Mar 13 20:16:45.295:        {

*Mar 13 20:16:45.295:          ip '0109350D'H,

*Mar 13 20:16:45.295:          port 01720

*Mar 13 20:16:45.295:        }

*Mar 13 20:16:45.295:    },

*Mar 13 20:16:45.295:    rasAddress 

*Mar 13 20:16:45.295:    {

*Mar 13 20:16:45.295:      ipAddress :

*Mar 13 20:16:45.295:        {

*Mar 13 20:16:45.295:          ip '0109350D'H,

*Mar 13 20:16:45.299:          port 04635

*Mar 13 20:16:45.299:        }

*Mar 13 20:16:45.299:    },

*Mar 13 20:16:45.299:    terminalType 

*Mar 13 20:16:45.299:    {

*Mar 13 20:16:45.299:      gateway 

*Mar 13 20:16:45.299:      {

*Mar 13 20:16:45.299:        protocol 

*Mar 13 20:16:45.299:        {

*Mar 13 20:16:45.299:          voice :

*Mar 13 20:16:45.299:            {

*Mar 13 20:16:45.299:              supportedPrefixes 

*Mar 13 20:16:45.299:              {

*Mar 13 20:16:45.299:                {

*Mar 13 20:16:45.299:                  prefix e164 :"13#"

*Mar 13 20:16:45.299:                }

*Mar 13 20:16:45.299:              }

*Mar 13 20:16:45.299:            }

*Mar 13 20:16:45.299:        }

*Mar 13 20:16:45.299:      },

*Mar 13 20:16:45.299:      mc FALSE,

*Mar 13 20:16:45.299:      undefinedNode FALSE

*Mar 13 20:16:45.299:    },

*Mar 13 20:16:45.299:    terminalAlias 

*Mar 13 20:16:45.303:    {

*Mar 13 20:16:45.303:      h323-ID :"GW13.cisco.com"

*Mar 13 20:16:45.303:    },

*Mar 13 20:16:45.303:    gatekeeperIdentifier "GK15.cisco.com",

*Mar 13 20:16:45.303:    endpointVendor 

*Mar 13 20:16:45.303:    {

*Mar 13 20:16:45.303:      vendor 

*Mar 13 20:16:45.303:      {

*Mar 13 20:16:45.303:        t35CountryCode 0181,

*Mar 13 20:16:45.303:        t35Extension 00,

*Mar 13 20:16:45.303:        manufacturerCode 018

*Mar 13 20:16:45.303:      }

*Mar 13 20:16:45.303:    }

*Mar 13 20:16:45.303:  }

*Mar 13 20:16:45.303:0CC09088 06000891 4A000180 01000109 350D06B8 01000109 350D121B 
0880013C

05050100 40460000 01400D00 47005700 31003300 40006300 69007300 63006F00

2E006300 6F006D1A 0047004B 00310035 002E0063 00690073 0063006F 002E0063

006F006D 00B50000 12

10C09088 06000891 4A000100 01400D00 47005700 31003300 40006300 69007300

63006F00 2E006300 6F006D1A 0047004B 00310035 002E0063 00690073 0063006F

002E0063 006F006D 1E003600 30004400 37004500 37003300 43003000 30003000

30003000 30003000 46

value RasMessage ::= registrationConfirm :

*Mar 13 20:16:45.335:  {

*Mar 13 20:16:45.335:    requestSeqNum 037001,

*Mar 13 20:16:45.335:    protocolIdentifier { 0 0 8 2250 0 1 },

*Mar 13 20:16:45.335:    callSignalAddress 

*Mar 13 20:16:45.335:    {

*Mar 13 20:16:45.335:    },

*Mar 13 20:16:45.335:    terminalAlias 

*Mar 13 20:16:45.335:    {

*Mar 13 20:16:45.335:      h323-ID :"GW13.cisco.com"

*Mar 13 20:16:45.339:    },

*Mar 13 20:16:45.339:    gatekeeperIdentifier "GK15.cisco.com",

*Mar 13 20:16:45.339:    endpointIdentifier "60D7E73C0000000F"

*Mar 13 20:16:45.339:  }

*Mar 13 20:16:45.339:

3640GW.13#

Configuration Examples

This section contains the following configuration examples:

Configuring an H.323 Gateway

Configuring a RAS Gatekeeper

Configuring an H.323 Gateway

The following example shows how to configure a Cisco 3600 series router as an H.323 gateway: 

! Configure the voice-port parameters.

! This voice-port is an analog E&M-wink port using 4-wire, type 5 interface

!

voice-port 2/0/0

 operation 4-wire

 type 5

!

! Setup a pots dial peer to direct calls incoming VoIP calls to the voice-port.

! This dial peer defines that the RAS initiated call will be received with a tech

! prefix of 13#

!

dial-peer voice 13200 pots

 destination-pattern 13#13200

 port 2/0/0

!

! Setup a VoIP dial-peer to direct calls originated from a local voice-port

! into the VoIP cloud. In this example, the session target indicates

! that the destination target is determined by querying the RAS gatekeeper.

! The tech-prefix command means that the H.323 gateway will ask the RAS gatekeeper to

! direct calls using the technology prefix of 14#.

!

dial-peer voice 14 voip

 destination-pattern 14...

 tech-prefix 14#

 session target ras

!

! Enable Gateway functionality with global config command.

!

gateway

!

! Choose an interface to be this gateway's H.323 interface. In this example, the

! gateway is directed toward a specific host. Then define this gateway's H.323 ID, and

! configure any tech prefixes that this gateway should register with the gatekeeper.

! In this example, gateway GW13 tells gatekeeper GK15 to route any calls with a pattern

! than begins with 13# to GW13. Dial-peer 14 expects that some other gateway has

! register tech-prefix 14#.

!

interface Ethernet0/0

 ip address 172.9.53.13 255.255.255.0

 h323-gateway voip interface

 h323-gateway voip id GK15.cisco.com ipaddr 172.9.53.15 1719

 h323-gateway voip h323-id GW13@cisco.com

 h323-gateway voip tech-prefix 13#

!

Configuring a RAS Gatekeeper

For RAS to work on an H.323 gateway, you need to configure a corresponding RAS gatekeeper. The following example configures a Cisco 3600 series router as a RAS gatekeeper. For more information about configuring gatekeepers, refer to the Cisco IOS Release 11.3(6)NA2 document, Configuring the Cisco AS5300 for Voice Service Provider Features. 

! Define this Ethernet port as the RAS gatekeeper.

interface Ethernet0/0

 ip address 172.9.53.15 255.255.255.0

!

gatekeeper

!

! Specify the name of the local zone that this gatekeeper managers. Specify the IP

! address that the gatekeeper advertises.

zone local GK15.cisco.com cisco.com 172.9.53.15

!

! Statically define a remote zone and the associated gatekeeper's IP address.

zone remote GK21.cisco.com cisco.com 172.9.74.21 1719

!

! Statically define the E.164 prefixes that a remote zone handles. This causes GK15 to

! direct any call with a called number that matches 22* (22 and any number of trailing

! digits) to GK21. This is not the same as a tech prefix. If a call comes in with an

! E.164 pattern of (220) 555-1234, it will be routed to GK21 because the pattern

! matches 22*.

zone prefix GK21.cisco.com 22*

zone prefix GK21.cisco.com 23*

!

! Statically define a tech prefix routing. Any call that comes in to the gatekeeper

! with a technology prefix of 88# (the * catches any following E.164 address), is

! directed to the gateway at IP address 172.9.53.13. This is a static technology prefix

! definition. The gateway can also dynamically register its tech-prefixes with the

! gatekeeper.

gw-type-prefix 88#* gw ipaddr 172.9.53.13 1720

!

! ACtivate the gatekeeper function by activating the port.

no shutdown

!

AAA Accounting

Authentication, Authorization, and Accounting (AAA) features are required in the VoIP gateway. The standard Cisco AAA accounting functionality is enhanced to collect digits during the call processing process. Processes such as:

Create a call detail record.

Authenticate based on information collected from the Interactive Voice Response (IVR) feature, or from caller identification data.

The AAA authentication feature permits RADIUS to be used to authenticate users (typically incoming calls) on the gateway. It is normally used with IVR to check the legitimacy of a prospective gateway user based on an account number (collected by IVR) or based on answer number identification (ANI).

Note   For additional documentation regarding AAA, see the Named Method Lists for AAA Authorization and Accounting feature module on the Documentation CD-ROM or CCO at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113t/113t_3/aaalists.htm.
Note: URLs are subject to change without notice.

New AAA commands are described in the Command Reference.

Authentication

Authentication is based on RADIUS and is performed on the gateway (as opposed to the gatekeeper).

User account and PIN information is collected by the IVR application and passed to the AAA interface. The AAA interface then makes a RADIUS authentication request with the given information and returns to the IVR application with a status of success or failure.

RADIUS is an IETF protocol based on UDP. It functions by exchanging a set of attribute/value pairs between the client (for example, a VoIP gateway and a RADIUS server). Standard RADIUS server implementations include CiscoSecure, Cisco UCP, Livingston, and Merit.

Authorization

An authenticated user is authorized. There is no authorization of specific user capabilities for the service provider voice applications.

Accounting

Accounting uses a basic start-stop method and standard RADIUS attributes where possible. Attributes that cannot be mapped to standard RADIUS are packed into the Acct-Session-Id attribute field as '/' separated ASCII string.

Data items are collected for each call leg created on the gateway. A call leg is the internal representation of a connection to the gateway. Each call that is made through the gateway consists of two call legs: one incoming and one outgoing. The call leg information that is emitted by the gateway(s) can be correlated by their connection ID, which is the same for all call legs of a connection.

Standard RADIUS attributes supported are as follows:

Calling station ID

Called station ID

Call duration

Received bytes

Transmitted bytes

Received packets

Transmitted packets

Nonstandard RADIUS attributes packed into the Acct-Session-Id are as follows:

Call leg setup time

Gateway identifier

Connection ID

Call leg direction (incoming to, or outgoing from the gateway)

Call leg type (Telephony or IP)

Call leg connect time

Call leg disconnect time

Call leg disconnect cause (Q.931 code)

RADIUS Accounting with Overloaded Session ID

To take advantage of standard RADIUS implementations that do not support vendor-specific attributes, a new method is defined which embeds the unsupported information elements in the RADIUS Acct-Session-id. The Acct-Session-id field has a maximum length of 256 characters. It is defined to contain the RADIUS account session ID which is a unique identifier that links accounting records associated with the same login session for a user. The internal representation of this field is long; therefore, the value of this session ID can become very large as the number of sessions on a router increases. To support additional fields, we have defined the following string format for this field:

<session id >/<call leg setup time>/<gateway id>/<connection id>/<call origin>/
<call type>/<connect time>/<disconnect time>/<disconnect cause>/<remote ip address>

Field
Description

session id

The standard RADIUS account session ID.

call leg setup time

The Q.931setup time for this connection in NTP format.

gateway id

The name of the underlying gateway. Name string is in the form "gateway.domain_name."

connection id

A unique global identifier used to correlate call legs that belong to the same end to end call. The field consists of 4 long words (128 bits). Each long word is displayed as a hexadecimal value and separated by a space character.

call origin

Indicates origin of the call relative to the gateway. Possible values are originate and answer.

call type

Indicates call leg type. Possible values are Telephony and VoIP.

connect time

The Q.931 connect time for this call leg in NTP format.

disconnect time

The Q.931 disconnect time for this call leg in NTP format.

disconnect cause

Documented in Q.931 specification. Possible values are from 1 to 160.

remote IP address

Address of the remote gateway port where the call is connected.


Note   The overloaded session ID field of remote IP address was introduced with Cisco IOS Release 11.3(7)NA.

Usage Guidelines

NTP time formats are displayed as: %H:%M:%S.%k %Z %tw %tn %td %Y where:

%H is hour (00 to 23)

%M is minutes (00 to 59)

%S is seconds (00 to 59)

%k is milliseconds (000 to 999)

%Z is timezone string

%tw is day of week (Saturday through Sunday)

%tn is month name (January through December)

%td is day of month (01 to 31)

%Y is year including century (for example,1998)

Note that because of the limited size of the session id string it is not possible to embed very many information elements in it. Therefore, this feature supports only a limited set of accounting information elements. For implementations that would like to take advantage of more information elements, Cisco's VSA implementation is recommended.

Example 1—Start Record 

Client-Id = 172.29.248.123

NAS-Port-Type = 0

User-Name = "4004"

Called-Station-Id = "+111"

Calling-Station-Id = "+222"

Acct-Status-Type = Start

User-Service-Type = Login-User

Acct-Session-Id = "4/23:21:14.078 UTC Sat Jul 18 1998/ak3620-1.cisco.com/859BF275 
D7C80001 0 3AFF4/originate/VoIP///"

Acct-Delay-Time = 0

Example 2—Stop Record 

Client-Id = 172.29.248.123

NAS-Port-Type = 0

User-Name = "4004"

Called-Station-Id = "+111"

Calling-Station-Id = "+222"

Acct-Status-Type = Stop

User-Service-Type = Login-User

Acct-Session-Id = "4/23:21:14.078 UTC Sat Jul 18 1998/ak3620-1.cisco.com/859BF275 
D7C80001 0 3AFF4/originate/VoIP/23:21:14.093 UTC Sat Jul 18 1998/23:21:23.084 UTC Sat 
Jul 18 1998/4" Acct-Input-Octets = 8340

Acct-Output-Octets = 8900

Acct-Input-Packets = 417

Acct-Output-Packets = 445

Acct-Session-Time = 9

Acct-Delay-Time = 0

Example 3—Update Record 

Client-Id = 172.29.248.123

NAS-Port-Type = 0

User-Name = "4004"

Called-Station-Id = "+111"

Calling-Station-Id = "+222"

Acct-Status-Type = 3

User-Service-Type = Login-User

Acct-Session-Id = "4/21:54:17.052 UTC Mon Jul 20

1998/ak3620-1.cisco.com/BF1AC9CA 8DE60006 0 5ED24/originate/VoIP///"

Acct-Delay-Time = 0

Syslog Accounting

The syslog accounting option exports the information elements associated with each call leg through a system log message. The system log message can be captured by a syslog daemon that is present on the network. The syslog output consists of the following:

server_timestamp gateway_id message_number : message_label : list_of_AV_pairs

Field
Description

server timestamp

The timestamp created by the server when it receives the message to log.

gateway id

The name of the gateway emitting the message.

message number

The number assigned to the message by the gateway.

message label

String used to identify the message category.

list of AV pairs

String consisting of <attribute_name attribute_value> pairs separated by commas.


Example 


%VOIPAAA-5-VOIP_CALL_HISTORY:CallLegType 2,ConnectionId 300094C0 60E0F3A0 60C894C0 
60C90000,

SetupTime 22:35:22.023UTC Tue Aug 11 1998, PeerAddress 999, PeerSubAddress , 
DisconnectCause 10  ,DisconnectText normal call clearing., ConnectTime 22:35:24.027 UTC 
Tue Aug 11 1998,

DisconnectTime 22:35:29.028 UTC Tue Aug 11 1998, CallOrigin 1, ChargedUnits 0, InfoType 
2,TransmitPackets 0, TransmitBytes 0, ReceivePackets 0, ReceiveBytes 0

Example AAA Configuration

The authentication command line creates a method list named H.323 with RADIUS being its only member.

Note   If you are using Cisco Secure NT with H.323 accounting, you must use Cisco Secure 2.1.8.4 or higher.

Also note that the accounting command line looks like a regular RADIUS accounting command line for connection accounting. Connection accounting has to be globally enabled using this command line. Start-stop or stop only methods may be used.

The Cisco IOS software AAA user interface can be configured to use the H.323 accounting method as follows.

Step
Command
Purpose
1 
5300> enable


Password: <password>


5300# 

Enter enable mode.

Enter the password.

You have entered enable mode when the prompt changes to 5300#.

2 
5300# config term

Enter configuration commands, one per line. End

with CNTL/Z.

5300(config)#

Enter global configuration mode. You have entered global configuration mode when the prompt changes to 5300(config)#.

3 
5300(config)# aaa new-model

Initiates the AAA script.

4 
5300(config)# aaa authentication login h323 radius

Configures the router to use the H.323 method list for authentication purposes.

5 
5300(config)# aaa accounting connection h323 
start-stop radius

Tells the system to use connect