Important: The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).3gpp Rel8 Cx { alias-indication | dynamic-password-change | ims-restoration | num-auth-vectors value }
If both the HSS and the S-CSCF support this feature, Alias Group IDs will be displayed in the output of the show subscribers cscf-only full command.
num-auth-vectors value
value must be an integer from 1 to 3. Default is 1.
authentication { aka-v1 value | allow-auth-rsp-failure re-register | allow-hss-failure re-register | allow-noauth [ invite | re-register| register ] | allow-noipauth [ invite | re-register| register ] | allow-skip-sar re-register | allow-unsecure | aor-auth | custom-md5 value | md5 value }
aka-v1 value
Specifies that AKA-v1 algorithm is used as the authentication type when accessing the CSCF service. value specifies a preference - the lower the value, the higher the preference. value must be an integer from 1 to 1000.
Important: In order to change a priority level, you must remove the original value and configure a new one.When S-CSCF receives register, it sends MAR/SAR to HSS to authenticate the user when authentication is enabled and to get the subscriber profile. When S-CSCF fails to receive response MAA/SAA from HSS, it sends 500 error response to UE. When allow-hss-failure is enabled, S-CSCF sends 200 OK for register instead of 500 response.
invite: Specifies that access to the S-CSCF service is allowed if authentication fails on INVITE requests only.
re-register: Specifies that access to the S-CSCF service is allowed if authentication fails on RE-REGISTER requests when the request is integrity-protected only.
registration: Specifies that access to the S-CSCF service is allowed if authentication fails on REGISTER requests only.
invite: Specifies that access to the S-CSCF service is allowed if early IMS-based IP authentication fails on INVITE requests only.
re-register: Specifies that access to the S-CSCF service is allowed if authentication fails on RE-REGISTER requests when the request is integrity-protected only.
registration: Specifies that access to the S-CSCF service is allowed if early IMS-based IP authentication fails on REGISTER requests only.
When S-CSCF receives re-register/challenge for re-register, it sends SAR to HSS to get subscriber profile. To avoid overloading HSS, enabling allow-skip-sar allows S-CSCF to skip SAR for re-register.
custom-md5 value
Specifies that custom algorithm HTTP-Digest-MD5 is used as the authentication type for accessing the S-CSCF service. value specifies a preference - the lower the value, the higher the preference. value must be an integer from 1 to 1000.
Important: In order to change a priority level, you must remove the original value and configure a new one.md5 value
Specifies that the MD5 algorithm is used as the authentication type for accessing the S-CSCF service. value specifies a preference - the lower the value, the higher the preference. value must be an integer from 1 to 1000.
Important: In order to change a priority level, you must remove the original value and configure a new one.
Important: The S-CSCF supports multiple authorization schemes, but this requires disabling all authorization configured in the S-CSCF service so that it will send “Unknown” in the Sip-Authorization-Scheme AVP. This allows the HSS to dictate authorization. The following commands disable all authorization configured in the S-CSCF service to allow HSS to control authorization:port value
value must be an integer from 1 to 65534.
|
•
|
tcp: Enables TCP transport protocol for BGCF proxy.
|
|
•
|
udp: Enables UDP transport protocol for BGCF proxy.
|
The following command enables a SIP BGCF proxy on port 561 for this service:
bgcf-proxy port 561
network-id id
id must be from 1 to 79 alpha and/or numeric characters in length.
Sets the Network Identifier to pcscf01.company.com:
network-id pcscf01.company.com
default sec: Specifies the default amount of time that a registration can exist on the system. sec must be an integer from 60 to max sec -1. Default is 3600. default sec must be < or = to max sec and > or = to min sec.
max sec: Specifies the maximum amount of time that a registration can exist on the system. sec must be an integer from 60 to 1209600. Default is 86400. max sec must be > or = to min sec.
min sec: Specifies the minimum amount of time that a registration can exist on the system. sec must be an integer from 60 to max sec -1. Default is 60. min sec must be < or = to max sec.
The following command configures the maximum registration lifetime to 43200 (12 hours):
mandatory: Both inbound and outbound will request reliability.
optional (default): Reliability is imposed by inbound side. Only if inbound call requests reliability will outbound also request reliability.
Important: When using this feature option, the network operator is responsible for keeping the local databases in the S-CSCFs and HSSs consistent.max-attempts attempts
attempts must be an integer from 1 to 10.
response-code code
code must be a three-digit integer from 400 to 699.
Important: You may configure a maximum of five response code values per S-CSCF service.tas-service name
Specifies the name of the service configured on the system performing TAS functions. name must be from 1 to 63 alpha and/or numeric characters and be an existing service.
tas-service scscf3
