Topology Hiding for IWF with an Internal Home-Realm

You can configure the Oracle® Enterprise Session Border Controller to mask the IP address of the originating caller in the SIP From and/or P-Asserted-Identity headers when calls are placed from H.323 to SIP endpoints.

The option NoPAssertedID checks for incoming SETUP messages have the presentation indicator set to restricted and instructs the Oracle® Enterprise Session Border Controller to send a Privacy header without the P-Asserted-Identity and not to make the From header anonymous.

The option replace-call-origin-ip removes the calling party’s IP address in the SIP From header. The IP address from the internal home realm is used instead.

The topology hiding feature uses the presentation indicator field from an inbound H.323 setup message to determine if/how the headers will be masked. The following table summarizes the configurable Oracle® Enterprise Session Border Controller parameters and the values for the From and P-asserted-identity headers.

H.255 Presentation Indicator Setting P-Asserted-Identity Header Value From Header Value SD Session Agent Option
Allow IP address from home realm of SD SIP Config H.255 Calling Party IP/Port No Option Set
Allow IP address from home realm of SD SIP Config IP address of Home Realm SIP-Interface NoPAssertedID
Allow IP address from home realm of SD SIP Config IP address of Home Realm SIP-Interface replace-call-origin-ip
Allow IP address from home realm of SD SIP Config IP address of Home Realm SIP-Interface replace-call-origin-ip, NoPAssertedID
Restricted PAI Header not present Anonymous No Option Set
Restricted PAI Header not present Anonymous NoPAssertedID
Restricted PAI Header not present Anonymous replace-call-origin-ip
Restricted PAI Header not present Anonymous NoPAssertedID, replace-call-origin-ip

IWF Topology Hiding Configuration

To enable IWF topology hiding on your Oracle® Enterprise Session Border Controller :

  1. In Superuser mode, type configure terminal and press Enter. 
    ORACLE# configure terminal
  2. Type session-router and press Enter to access the signaling-level configuration elements. 
    ORACLE(configure)# session-router
ORACLE(session-router)#
  3. Type sip-config and press Enter. The system prompt changes. 
    ORACLE(session-router)# session-agent	
ORACLE(session-agent)#
  4. Use the ACLI select command so that you can work with the session agent configuration to which you want to add these options. 
    ORACLE(session-agent)# select
  5. options—Set the options parameter by typing options, a Space, the option name preceded by a plus sign (+) (replace-call-origin-ip), and then press Enter. Follow the same steps to add the NoPAssertedID option. 
    ORACLE(session-agent)# options +replace-call-origin-ip
ORACLE(session-agent)# options +NoPAssertedID

    If you type either of these options without the plus (+) sign, you will remove any previously configured options. In order to append the new option to the options list, you must prepend the new option with a plus sign as shown in the example above.

Previous
Previous 		Next
Next
Go To Table Of Contents
Contents