Cisco TelePresence Administrator's Manual page 466

Reference material
Command reference — xConfiguration
Zones Zone [1..1000] TraversalClient SIP Protocol: <Assent/TURN/ICE>
Determines which firewall traversal protocol will be used for SIP calls to and from the traversal server. Note: the same protocol must
be set on the server for calls to and from this traversal client. Default: Assent.
Example: xConfiguration Zones Zone 4 TraversalClient SIP Protocol: Assent
Zones Zone [1..1000] TraversalClient SIP TLS Verify Mode: <On/Off>
Controls X.509 certificate checking and mutual authentication between this VCS and the traversal server. When enabled, the
server's FQDN or IP address, as specified in the Peer address field, must be contained within the server's X.509 certificate (in either
the Subject Common Name or the Subject Alternative Name attributes). Default: Off .
Example: xConfiguration Zones Zone 4 TraversalClient SIP TLS Verify Mode: On
Zones Zone [1..1000] TraversalClient SIP Transport: <TCP/TLS>
Determines which transport type will be used for SIP calls to and from the traversal server. Default: TLS .
Example: xConfiguration Zones Zone 4 TraversalClient SIP Transport: TLS
Zones Zone [1..1000] TraversalServer Authentication Mode:
<DoNotCheckCredentials/TreatAsAuthenticated/CheckCredentials>
Controls how the VCS authenticates incoming messages from this zone and whether they are subsequently treated as
authenticated, unauthenticated, or are rejected. The behavior varies for H.323 messages, SIP messages that originate from a local
domain and SIP messages that originate from non-local domains. Default: DoNotCheckCredentials.
Example: xConfiguration Zones Zone 5 TraversalServer Authentication Mode: DoNotCheckCredentials
Zones Zone [1..1000] TraversalServer Authentication UserName: <S: 0,128>
The name used by the traversal client when authenticating with the traversal server. If the traversal client is a VCS, this must be the
VCS's authentication user name. If the traversal client is a gatekeeper, this must be the gatekeeper's System Name.
Example: xConfiguration Zones Zone 5 TraversalServer Authentication UserName: "User123"
Zones Zone [1..1000] TraversalServer H323 H46019 Demultiplexing Mode: <On/Off>
Determines whether the VCS will operate in demultiplexing mode for calls from the traversal client. Default: Off .
On: allows use of the same two ports for all calls.
Off: each call will use a separate pair of ports for media.
Example: xConfiguration Zones Zone 5 TraversalServer H323 H46019 Demultiplexing Mode: Off
Zones Zone [1..1000] TraversalServer H323 Port: <1024..65534>
Specifies the port on the VCS being used for H.323 firewall traversal from this traversal client. Default: 6001, incrementing by 1 for
each new zone.
Example: xConfiguration Zones Zone 5 TraversalServer H323 Port: 2777
Zones Zone [1..1000] TraversalServer H323 Protocol: <Assent/H46018>
Determines which of the two firewall traversal protocols will be used for calls to and from the traversal client. Note: the same protocol
must be set on the client for calls to and from this traversal server. Default: Assent .
Example: xConfiguration Zones Zone 5 TraversalServer H323 Protocol: Assent
Zones Zone [1..1000] TraversalServer Registrations: <Allow/Deny>
Controls whether proxied SIP registrations routed through this zone are accepted. Default: Allow .
Example: xConfiguration Zones Zone 5 TraversalServer Registrations: Allow
Cisco VCS Administrator Guide (X8.1.1) Page 466 of 507