Registrar and Users
The SIP registrar keeps track of where a user is right now. The registrar receives registrations from the SIP user clients and discards them when they become obsolete. A user can register from several computers.
Here, you set various parameters for the registrar, such as which SIP domains the firewall should manage, how many and which users can register, and the timeout before a registration becomes obsolete. If authentication should be used, you also need to do some settings on the Authentication and TLS page.
Locally handled domains
Here, you enter the domains that the SIP registrar should handle. Only users in these domains can register on the firewall.
Domain
Enter the name of the domain, such as ingate.com. Sometimes you have to use an IP address (of the firewall) as the domain as well, when the SIP client substitutes the domain for the IP address noted in DNS.
Delete row
If you select this box, the row is deleted when you click on Add new rows or Save.
Add new rows
Enter the number of new rows you want to add to the table, and then click on Add new rows.
SIP user database
You can either enter SIP users on this page to allow them to use SIP, or use an external RADIUS database to which the firewall connects to verify users. You can only use a RADIUS database if the SIP authentication is turned on.
Use SIP user database
Select if the firewall should use a local SIP user database (entered below) or an external RADIUS database.
RADIUS database settings
If RADIUS is used for SIP user authentication, all these users get the same privileges. Select the authentication group to use for the SIP users. You must also select the network from which they can register.
When RADIUS is used, you must also enter a RADIUS server on the RADIUS page under Basic Configuration.
More information about how to configure the RADIUS server to authenticate SIP users can be found in the RADIUS section.
RADIUS users SIP group
If a RADIUS database is used, all SIP users will have the same privileges. Select a SIP group to assign privileges for the users. SIP groups are created on the Authentication and TLS page.
RADIUS users register from
Select a network from which users can register. Select from the networks defined on the Networks and Computers page under Network.
Local SIP user database
You can restrict which users are allowed to use SIP. Here, you enter the users allowed, select a network from where the SIP traffic is allowed and give the password they should use for authentication.
If the authentication is Off, this list should consist of the users allowed to register on the firewall. SIP authentication is turned on and off on the Authentication and TLS page.
User name
Enter the name of a user allowed to use SIP. Note that only the user name should be entered. Enter "*" to state that all SIP users in this domain should have the same limitations. The user name is used when contacting the user.
If SIP authentication is On, every user must be entered on a separate line.
Authentication name
If the user should use a different name than its user name for authentication purposes, please enter the authentication name here. It is only used for authentication.
Domain
Enter the domain that the user belongs to. An example of a domain is ingate.com.
Password
If authentication is required for some methods, press the button to enter the password.
Group
If SIP Authentication is Off, this column is not used. If SIP Authentication is On, you must select a group. Select a SIP group from the ones defined on the Authentication and TLS page. The SIP group tells which methods users of this group are allowed to use.
Register from
Here, you can restrict from where this user's SIP traffic can come when he registers. Select a computer/group of computers. The available alternatives are the networks you defined on the Networks and Computers page under Network.
This restriction is only for the REGISTER method. Other SIP methods are not checked for originator according to this setting.
Delete row
If you select this box, the row is deleted when you click on Add new rows or Save.
Add new rows
Enter the number of new rows you want to add to the table, and then click on Add new rows.
Registrar limits
Allowed number of users
Enter the maximum number of users allowed to register in the SIP registrar.
Leave the field empty to allow as many registrations as there are SIP user licenses on the firewall (number displayed inside parantheses). You can purchase additional SIP user licenses from your retailer.
Maximum number of registrations per user
Enter the maximum number of concurrent registrations for a user. A registration looks like user@computer, which means that if you re-register from the same computer, this won't count as a new registration but just an update.
Timeout for registrations
Enter the timeout (in seconds) before a registration becomes obsolete. When the timeout is reached, the registrar discards the registration.
Save
Saves the Registrar and Users configuration to the preliminary configuration
Undo
Clears and resets all fields in new rows and resets changes in old rows.