VSXi RADIUS specification document

Scope

This document defines the Sansay RADIUS interface and its’ format.  

Radius Configuration

When enabled, the system can support up to 4 Radius Server configurations. The user will need to configure the proper “Server Secret”, “Authorization Port” and “Accounting Port” in order to interact with a Radius Server properly. The user can also configure the record resend period and maximum resend count used by the system.

Each resource in the system can be configured to enable or disable either “Radius Authorization” or “Radius Accounting” independently.

Radius Authorization

 

When a resource has Radius Authorization enabled, inbound calls from that resource are first handed to a Radius Server for acceptance.  If the Server accepts the Access Request then the call is allowed to proceed through the Sansay switch.  If the Server denies the request then a (503 SIP response) or (34 H.323 release cause) is returned to the caller.

The User-Name Attribute defined below is filled in with the origination ANI.  This represents the callers billing number in the PSTN or can also be the SIP User Name contained in the From header URI.

The User-Password Attribute defined below is filled in with a “Server Secret” encrypted version of the destination digits (DNIS) or the SIP User Name contained in the Request URI.

Radius Accounting

When a resource has Radius Accounting enabled, Accounting Start and Stop records are sent to a Radius Server for every call being placed both in and out of that particular resource.  There is also a system wide parameter to disable the sending of Start records in order to conserve the processing bandwidth of the Radius Servers.

Radius Format

The Sansay Radius format follows the standard IETF Attribute Value Pair (AVP) definitions and also implements the Vendor Specific AVP for additional information.  The Vendor Specific AVP (VSA) follows the format defined by Cisco Systems, Inc.. The Vendor ID used in the VSA is 0009.  The body of the VSA contains a string in the form “attribute=value”.

Access Request

The Access Request message contains the following AVPs:

 

AVP #

VSA #

Attribute

Description

1

 

User-Name

Indicates the username or ANI being authenticated.

2

 

User-Password

Indicates the secret encrypted DNIS digits.

26

24

h323-conf-id

Indicates the conference ID used by the call.

26

1

remote-media-address

Indicates the IP address of the originator’s media.

26

1

session-protocol

Indicates the protocol used (“sip” for SIP and “cisco” for H.323).

26

23

h323-remote-address

Indicates the source IP address of the caller.

31

 

Calling-Station-Id  

Indicates the ANI for the call.

30

 

Called-Station-Id

Indicates the DNIS for the call.

6

 

Login (1)

Indicates the intent to gain access.

4

 

NAS IP Address

Indicates the IP address of the Sansay switch.

 

Accounting Request (Start)

The Accounting Request (Start) message contains the following AVPs:

 

AVP #

VSA #

Attribute

Description

44

 

Acct-Session-Id

Indicates the ID assigned to this call

31

 

Calling-Station-Id  

Indicates the ANI for the call.

30

 

Called-Station-Id

Indicates the DNIS for the call.

26

1

call-id

Indicates the Call ID used in the protocol of the call.

26

25

h323-setup-time

Indicates the time of the call setup.

26

33

h323-gw-id

Indicates the IP address of the Sansay switch.

26

24

h323-conf-id

Indicates the conference ID used by the call.

26

26

h323-call-origin

Indicates the direction of the call attempt. (“=answer”, “=originate”).

26

27

h323-call-type

Indicates the type “VoIP”.

26

1

h323-incomming-conf-id

Indicates the conference ID used by the origination leg.

26

1

subscriber 

Indicates type “=unknown”

26

1

session-protocol

Indicates the protocol used (“sip” for SIP and “cisco” for H.323).

26

1

gw-rxd-cdn

Indicates the origination DNIS for the call.

1

 

User-Name

Indicates the username. (inbound – Src IP, outbound – ANI).

26

1

connect-progress

Indicates the type (“=Call Up”)

40

 

Start (1)

Indicates that this is a Start Record.

6

 

Login (1)

Indicates the intent to gain access.

4

 

NAS IP Address

Indicates the IP address of the Sansay switch.

41

 

Acct-Delay-Time

Indicates the resend delay from original message.

 

Accounting Request (Stop)

The Accounting Request (Stop) message contains the following AVPs:

 

AVP #

VSA #

Attribute

Description

44

 

Acct-Session-Id

Indicates the ID assigned to this call

31

 

Calling-Station-Id  

Indicates the ANI for the call.

30

 

Called-Station-Id

Indicates the DNIS for the call.

26

1

call-id

Indicates the Call ID used in the protocol of the call.

26

25

h323-setup-time

Indicates the time of the call setup.

26

33

h323-gw-id

Indicates the IP address of the Sansay switch.

26

24

h323-conf-id

Indicates the conference ID used by the call.

26

26

h323-call-origin

Indicates the direction of the call attempt. (“=answer”, “=originate”).

26

27

h323-call-type

Indicates the type “VoIP”.

26

1

h323-incomming-conf-id

Indicates the conference ID used by the origination leg.

26

1

subscriber 

Indicates type “=unknown”

26

1

session-protocol

Indicates the protocol used (“sip” for SIP and “cisco” for H.323).

26

1

gw-rxd-cdn

Indicates the origination DNIS for the call.

26

28

h323-connect-time

Indicates the time of answer.

42

 

Input-Octets

Indicates the number of media octets received on this call leg.

43

 

Output-Octets

Indicates the number of media octets sent on this call leg.

47

 

Input-Packets

Indicates the number of media packets received on this call leg.

48

 

Output-Packets

Indicates the number of media packets sent on this call leg.

46

 

Session-Time

Indicates the duration of the call.

26

29

h323-disconnect-time

Indicates the time of release.

26

30

h323-disconnect-cause

Indicates the Q.931 cause of release.

26

23

h323-remote-address

Indicates the source IP address of the caller.

26

1

release-source

Indicates the source of the release (2 – origination, 4 – termination, 7 – internal).

26

1

release-source

Indicates the source of the release (2 – origination, 4 – termination, 7 – internal).

26

1

remote-media-address

Indicates the IP address of the remote media.

26

1

gw-rxd-cgn

Indicates the origination ANI for the call.

26

1

gw-final-xlated-cdn

Indicates the outbound DNIS for the call.

26

1

gw-final-xlated-cgn

Indicates the outbound ANI for the call.

1

 

User-Name

Indicates the origination ANI.

40

 

Stop (2)

Indicates that this is a Stop Record.

6

 

Login (1)

Indicates the intent to gain access.

4

 

NAS IP Address

Indicates the IP address of the Sansay switch.

41

 

Acct-Delay-Time

Indicates the resend delay from original message.

 

Access Response

The Access Response message may contain the following AVPs:

 

AVP #

VSA #

Attribute

Description

27

 

Session-Timeout

Indicates the maximum duration allowed for the call.

26

102

h323-credit-time

Indicates the maximum duration allowed for the call.

26

106

h323-redirect-number

Indicates the DNIS to use for the outbound leg of the call.

Reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
Like Follow
  • 2 yrs agoLast active
  • 51Views
  • 1 Following