|
GnuGK Gatekeeper configuration sample for Arrow Telecom's ArrowBilling |
This document provides a sample about how to configure GnuGK Gatekeeper to work with Arrow Telecom's Arrow Billing. Table of ContentsConfiguring GnuGKGnuGK is able to provide Radius based AAA for the following types of endpoints: - Registered Endpoints, with H.323 RAS messages
- Unregistered Endpoints, with only Q.931 signalling messages
show top Registered EndpointsFirst example shows configuration sample for Registered Endpoints only, using H.235 CHAP-based password authentication scheme. Unregistered calls are not allowed. [Gatekeeper::Main]
Fourtytwo=42
Name=gnugk
TimeTolive=600
UnicastRasPort=1719
MulticastPort=1718
EndpointSignalPort=1720
ListenQueueLength=1024
SignalReadTimeout=2000
StatusReadTimeout=3000
[RoutedMode]
GKRouted=1
H245Routed=1
CallSignalPort=1720
CallSignalHandlerNumber=4
AcceptNeighborsCalls=0
AcceptUnregisteredCalls=0
RemoveH245AddressOnTunneling=1
RemoveCallOnDRQ=0
DropCallsByReleaseComplete=1
SendReleaseCompleteOnDRQ=1
SupportNATedEndpoints=1
ForwardOnFacility=1
[Proxy]
Enable=0
[GKStatus::Auth]
Rule=explicit | regex
127.0.0.1=allow
Default=forbid
[RasSrv::GWPrefixes]
all=*
[RasSrv::PermanentEndpoints]
10.1.1.1=all;
[CallTable]
GenerateUCCDR=TRUE
DefaultCallTimeout=7200 // 2hr
GenerateNBCDR=0
[Gatekeeper::Auth]
; registered endpoints should be authenticated by H.235 password using RadAuth
; unregistered calls cannot be accepted
RadAuth=required;ARQ,RRQ
[RadAuth]
Servers=<billing server ip>
DefaultAuthPort=1812
SharedSecret=<sharedsecret>
RequestTimeout=5000
IdCacheTimeout=9000
SocketDeleteTimeout=60000
RequestRetransmissions=2
AppendCiscoAttributes=1
IncludeEndpointIP=1
UseDialedNumber=1
[Gatekeeper::Acct]
RadAcct=required;stop
[RadAcct]
Servers=<billing server ip>
DefaultAcctPort=1813
SharedSecret=<sharedsecret>
RequestTimeout=5000
IdCacheTimeout=9000
SocketDeleteTimeout=60000
RequestRetransmissions=4
AppendCiscoAttributes=1
UseDialedNumber=1
show top Unregistered EndpointsSecond example shows how to authentice Unregistered Calls and Calls from Registered Endpoints which do not support CHAP-passwords. [Gatekeeper::Main]
Fourtytwo=42
Name=gnugk
TimeTolive=600
UnicastRasPort=1719
MulticastPort=1718
EndpointSignalPort=1720
ListenQueueLength=1024
SignalReadTimeout=2000
StatusReadTimeout=3000
[RoutedMode]
GKRouted=1
H245Routed=1
CallSignalPort=1720
CallSignalHandlerNumber=4
AcceptNeighborsCalls=1
AcceptUnregisteredCalls=1
RemoveH245AddressOnTunneling=1
RemoveCallOnDRQ=0
DropCallsByReleaseComplete=1
SendReleaseCompleteOnDRQ=1
SupportNATedEndpoints=1
ForwardOnFacility=1
[Proxy]
Enable=0
[GKStatus::Auth]
Rule=explicit | regex
127.0.0.1=allow
Default=forbid
[RasSrv::GWPrefixes]
all=*
[RasSrv::PermanentEndpoints]
10.1.1.1=all;
[CallTable]
GenerateUCCDR=TRUE
DefaultCallTimeout=7200 // 2hr
GenerateNBCDR=0
[Gatekeeper::Auth]
; registered endpoints authenticated using RadAliasAuth
; note that in this case gnugk sets password identical to its H.323ID
; unregistered calls are accepted
RadAliasAuth=required;ARQ,RRQ,SetupUnreg
[RadAliasAuth]
Servers=<billing server ip>
DefaultAuthPort=1812
SharedSecret=<sharedsecret>
RequestTimeout=3500
IdCacheTimeout=9000
SocketDeleteTimeout=60000
RequestRetransmissions=2
AppendCiscoAttributes=1
IncludeEndpointIP=1
UseDialedNumber=1
[Gatekeeper::Acct]
RadAcct=required;stop
[RadAcct]
Servers=<billing server ip>
DefaultAcctPort=1813
SharedSecret=<sharedsecret>
RequestTimeout=5000
IdCacheTimeout=9000
SocketDeleteTimeout=60000
RequestRetransmissions=4
AppendCiscoAttributes=1
UseDialedNumber=1
show top Setting up Arrow Billing for GnuGKAdding Data SourceTo enable receiving AAA requests from GnuGK, do following steps: - Click Tools > Data Sources.
- Click on the link Add Data Source.
- In Add Data Source screen provide following information:
- Source Name - any descriptive name for this device, example "Gnugk1"
- NAS IP Address - IP address of this device
- Radius Client IP Address - leave checkbox checked if Radius packets will be received from same IP, otherwise uncheck it and enter IP Address which will send Radius requests
- Shared Secret - secret used between device and Billing Mabager Radius server"
- Parent Source - select NAS from list which will receive traffic from this device if it is also Data Soucre for this Arrow Billing
- Source Type - choose GnuGK
- Enabled - check this box to make GnuGK enabled.
- Submit Entry by pressing the button Create.
show top Common Issues and FAQNoneshow top
|
|
|