|
|
This feature is also known as "Settlement Plus Roaming and PKI Multiple Roots on Cisco Access Platforms."
The Cisco Settlement Plus Roaming and PKI Multiple Roots feature is introduced in Cisco IOS Release 12.1(1)T. These features are new additions to the Open Settlement Protocol (OSP) which was previously released in Cisco IOS Release 12.0(4)XH and 12.0(7)T. The feature overview describes both new features in the following sections:
This document includes the following sections:
This is the second release of Cisco's Open Settlement Protocol (OSP) features. Some settlement vendors have required roaming users to be authenticated and accounted for by the settlement clearinghouse. Therefore, this IOS Release 12.1.(1) introduces two new features, roaming and multiple roots.
Feature History
Release | Modification |
|---|---|
|
|
|
|
|
|
|
|
What is settlement? When you make a telephone call, the cost charged can be divided between different carriers involved in the completion of the call. Settlement is the method used to divide the cost between carriers. Traditionally, settlement agreements have been arranged between the carriers in a pairwise fashion. With the advance of voice and video conferencing over IP, pairwise settlement agreements have become cumbersome. A number of companies have entered the market offering settlement on a subscription basis. As a result, the settlement process becomes a more manageable, many-to-one system, with a set of public interfaces that service providers must implement.
The Cisco gateway-based settlement protocol (OSP) interacts between carriers to create a single authentication at initialization. The authentication is the basis for the establishment of a secure communication channel between the settlement system and the infrastructure component. This channel then allows the following three types of transactions to be handled.
Figure 1 shows a typical gateway based settlement network tolopolgy. A voice or fax call is originated and routed through the gateway (Cisco AS5300 access server, or Cisco 2600 or 3600 series routers) to a database server (RADIUS, TACACS+) for user authentication and intra-ISP call accounting. Using TCL IVR interactive voice response scripts to gather and manipulate the caller's data, the gateway forwards the call to the settlement server, which authorizes the call and adds settlement details in a token. The call, now carrying its unique settlement token, passes through the originating gateway to the terminating gateway. The terminating gateway uses TCL IVR to validate the settlement token and forwards the call to the receiving telephone or fax machine.
 |
Note For a complete description of the Cisco Interactive Voice Response (IVR) software feature, refer to the online documentation located in Cisco Connection Online (CCO). |
When the call is completed, both the terminating and originating gateways communicate the call details to the settlement server. The settlement server then reconciles the information it receives about the call from both gateways.
A caller is roaming when dialing into a gateway which is not the home gateway. A home gateway belongs to the user's service provider. Usually, the subscriber is billed with additional charges when making roaming calls The settlement server and the service provider need to know when acaller is or is not roaming in order to create accurate billing statements.
A roaming caller has to be authenticated before the call can go through the gateway. Both AAA and the settlement server can authenticate a roaming user. If AAA fails to authenticate a roaming caller, the roaming call has to be routed to a settlement server. If the settlement server can not authenticate the caller, the call is terminated.
The roaming feature is configured by the following:
The gateway can specify a list of patterns to be matched with a user's account number to see if that user is roaming or not. The user enters the account number and PIN as part of the interaction with the TCL IVR prompts.
The roaming patterns are configured using the Global configuration mode command settlement roam-pattern. See settlement roam-pattern.
For additional information about the IVR or AAA and the E.164 addressing scheme, refer to the following Cisco IOS documents:
Some settlement providers want to know if a user is roaming so the appropriate charge is applied to the user's account. Some settlement providers do not distinguish between local and roaming users.
The settlement provider interested in roaming users is configured with the roam command in the Settlement submode. See "Command Reference".
If a user is roaming and the settlement provider is also enabled for roaming, the gateway sends the user's account number and PIN to the settlement server so that the user could be properly authenticated.
A gateway can dictate if a particular outbound dial peer can terminate roaming calls or local calls only. This can be configured with the no roam command. See Command Reference.
The command settle-call forces the call to go through a settlement server regardless of the session target type. If the session target type is ipv4, dns or RAS, the gateway resolves the terminating gateway address using one of these methods and asks the settlement server to authorize that terminating gateway. (TGW).
|
Note In Cisco IOS Release 12.1(1)T the session target command configuration can not combine the target of RAS with the settle-call command option. When configuring the VoIP dial peers for a settlement server, if session target type is settlement, the provider-number parameter in session target and settle-call should be identical. |
The restrictions and behaviors associated with use of the settle-call command with outbound dial peers are described in another section of this document. See "Common Problems when Setting up Settlement" section for examples of the gateway behavior using different session target types and the settle-call flag.
Cisco devices have the capability to share public keys using digital certificates. Digital certificates are normally issued by trusted third parties, who are called certificate Authorities (CA). Every participating router should enroll its public key with the CA server. During enrollment the Certificate Administrator (human) will manually verify if the requesting router is authentic and grant the certificate (some CA servers have the capability to authenticate the routers automatically).
A certificate has many fields which include a serial number, fingerprint and expiry date. Certificate can get revoked before its expiry because of key compromise or an other security reasons. The CA server maintains a list of revoked certificates, which is called Certificate Revocation List (CRL). Routers can be configured not to accept a peer certificate that is revoked. Router downloads CRL from the CA server for this purpose.
Cisco routers use a proprietary protocol CEP (Certificate Enrollment Protocol) to communicate with the CA server. The CA server should understand CEP.
The Multiple Roots feature is based on the Cisco security and public key infrastructure (PKI) technology. For in depth information about Security, see the Cisco Security Configuration Guide.
The multiple roots feature allows a settlement server to use one certificate for a Secure Socket Layer (SSL) handshake and a different certificate for token signing.
|
Note For a description of these new commands, see the "Command Reference". |
The Settlement for Packet Voice feature is dependent upon the interoperability of the following features:
Cisco Customer Documentation:
Other Documentation:
Standards
European Telecommunication Standards Institute (ETSI) Technical Specification (TS) 101 321
MIBS
No new or modified MIBSs are supported by this feature.
RFCs
No new or modified RFCs are supported by this feature.
Before starting the settlement server configuration tasks, ensure that the Cisco Enrollment Protocol (CEP) router has obtained a security certificate. For detailed information, see the Certification Authority Interoperability documentation in the Cisco IOS Release 12.0 documentation set, or go to the online version.
Configuring Settlement for Packet Voice on Cisco access servers requires the following tasks:
|
Note Ensure that you have secure communication between the access platform or router and the settlement server. |
To configure the Public Key Infrastructure (PKI) use the following commands:
| Command | Purpose | |||||
|---|---|---|---|---|---|---|
Step 1 | Router#config terminal | Enters the global configuration mode. | ||||
Step 2 | Router(config)#no crypto ca id name | Clears the old CA identity if a previous one exists. | ||||
Router(config)#crypto key zeroize rsa | Clears the existing RSA key. | |||||
Step 4 | Router(config)#hostname router-name | Configures the router's host name if this has not been done already. | ||||
Step 5 | Router(config)#ip domain-name domain-name | Configures the router's IP domain name. | ||||
Step 6 | Router(config)#ip host CA-hostname CA-ipaddress | Enters the CA host name and IP address. | ||||
Step 7 | Router(config)#crypto ca identity name | Declares a Certification Authority (CA) name. For example, the tag-name could be fieldlabs.cisco.com This command puts you into the ca-identity mode. | ||||
Step 8 | Router(ca-identity)#enrollment url url | The /cgi-bin/pkiclient.exe file is the default cgi script that Cisco IOS software assumes. The script path should be given in the URL if it is different from the default.
| ||||
Step 9 | Router(ca-identity)#enrollment retry count number Optional | Specifies how many times the router will poll the CA server for the certificate status when the certificate requests are pending.
| ||||
Step 10 | Router(ca-identity)#enrollment retry period minutes Optional | Specifies the interval between subsequent polls. Default = 1 minute.
| ||||
Step 11 | Router(ca-identity)#exit | Exits CA-identify configuration mode. | ||||
Step 12 | Router(config)#crypto ca authenticate name | Obtains the CA's public key. Use the same name that you used when declaring the CA with the crypto ca identity command. | ||||
Step 13 | Router(config)#crypto key generate rsa | Generates the RSA key pair. | ||||
Step 14 | Router(config)#crypto ca enroll name | Obtains the router certificate for all your RSA key pairs.
|
Three tasks are actually involved in configuring the originating gateway:
To configure the service provider to authorize calls, use the following commands:
| Command | Purpose | |||
|---|---|---|---|---|
Step 1 | Router#configure terminal | Enters the global configuration mode. | ||
Step 2 | Router(config)#settlement number | Enters the Settlement configuration mode and configurse the settlement provider number. | ||
Step 3 | Router(config-settlement)#type osp | Configurse the settlement provider type. | ||
Step 4 | Router(config-settlement)#url url | Enters the settlement provider URL for the ISP hosting the settlement server.
| ||
Step 5 | Router(config-settlement)#no shutdown | Brings up the settlement provider. |
|
Note If you are configuring a TransNexus server, first enter the url <url>; then enter the customer-id and the device-id command. |
To configure the inbound POTS dial peer, enter the following commands:
|
Note In Step 3, do not use the default session application. The default "Session" application does not support settlement. Calls handled by the default session application are not routed to a settlement server. Settlement tokens are not validated in the default session application. |
| Command | Purpose | |||
|---|---|---|---|---|
Step 1 | Router#configure terminal | Enters the global configuration mode. | ||
Step 2 | | Enters the dial-peer configuration mode to configure a POTS dial peer.
| ||
Step 3 | Router(config-dial-peer)#application app name | Enters the application command; then enter the desired TCL script application name.
| ||
Step 4 | Router(config-dial-peer)#destination-pattern [+]string[T] | Configures the dial peer's destination pattern. Enter the number or pattern of the outbound called number. The string is a series of digits that specify the E.164 or private dialing plan telephone number. Valid entries are the digits 0-9 and the letters A-D. The following special characters can be entered in the string:
The timer (T) character can be used to configure variable length dial plans. | ||
Step 5 | Router(config-dial-peer)#port port-number | Associates this voice-telephony dial peer with a specific voice port. |
To configure the outbound VoIP dial peer, use the following commands:
| Command | Purpose | |||
|---|---|---|---|---|
Step 1 | Router(config)#dial-peer voice number voip | Enters the dial-peer configuration mode to configure the outbound VoIP dial peer. | ||
Step 2 | Router(config-dial-peer)# destination-pattern [+]string[T] | Configurse the dial peer's destination pattern. Enter the number or pattern of the outbound called number. The string is a series of digits that specify the E.164 or private dialing plan telephone number. Valid entries are the digits 0-9 and the letters A-D. The following special characters can be entered in the string:
The timer (T) character can be used to configure variable length dial plans | ||
Step 3 | Router(config-dial-peer)# session target settlement [provider-number] | Enters settlement as the session target to resolve the terminating gateway address.
|
|
Note The originating gateway's system clock must synchronize with the settlement server clock. Use the clock or ntp command to set the router clock. |
 |
Caution If the terminating gateway is not configured by using TCL IVR application scripts, the settlement tokens are bypassed, calls can get through, and settlement calls will not be audited; therefore, you will not be notified that the calls are not going through the billing service. |
To configure the terminating gateway, complete the following tasks:
To configure the settlement provider, enter the following commands:
| Command | Purpose | |||
|---|---|---|---|---|
Step 1 | Router#configure terminal | Enters the global configuration mode. | ||
Step 2 | Router(config)#settlement number | Enters the Settlement configuration mode and configures the settlement provider number. | ||
Step 3 | Router(config-settlement)#type osp | Configures the settlement provider type. | ||
Step 4 | Router(config-settlement)#url url | Enters the settlement provider URL for the ISP hosting the settlement server.
| ||
Step 5 | Router(config-settlement)#no shutdown | Brings up the settlement provider. |
|
Note If you are configuring a TransNexus server, enter the url <url> command; then enter the customer-id and device-id command. |
To configure the inbound VoIP dial peer, enter the following commands:
|
Note The default "Session" application does not support settlement. Calls handled by the default session application are not routed to a settlement server. Settlement tokens are not validated in the default session application. |
| Command | Purpose | |||
|---|---|---|---|---|
Step 1 | Router#configure terminal | Enters the global configuration mode. | ||
Step 2 | Router(config) | Enters the dial-peer configuration mode to configure a VoIP dial peer. | ||
Step 3 | Router(config-dial-peer)# application app-name | Enters the application command; then enter the desired TCL application name. | ||
Step 4 | Router(config-dial-peer)# incoming called-number string | Specifies the telephone number of the voice port associated with this dial peer. Characters include wildcards to create the number or pattern. | ||
Step 5 | Router(config-dial-peer)# | Enters settlement as the session target to resolve the terminating gateway address.
|
To configure the outbound POTS dial peer, enter the following commands:
| Command | Purpose | |
|---|---|---|
Step 1 | Router(config-settlement)# dial-peer voice number pots | Entes the dial-peer configuration mode to configure the outbound POTS dial peer. |
Step 2 | Router(config-dial-peer)# destination-pattern [+]string[T] | Configures the dial peer's destination pattern. Use the called number. The string is a series of digits that specify the E.164 or private dialing plan telephone number. Valid entries are the digits 0-9 and the letters A-D. The following special characters can be entered in the string:
The timer (T) character can be used to configure variable length dial plans. |
Step 3 | Router(config-dial-peer)#port port-number | Associates the voice-telephony dial peer with a specific voice port. Activate the voice port associated with this dial peer. |
|
Note The terminating gateway system clock must synchronize with the settlement server clock. Use the clock or ntp command to set the router clock. |
Use the show running configuration command to verify your configuration. See Example of Settlement Configurations for Originating and Terminating Gateways.
To configure settlement with the roaming capability, three configuration tasks must be completed:
| Command | Purpose | |
|---|---|---|
Step 1 | Router#configure terminal | Enters the global configuration mode. |
Step 2 | Router(config)#settlement roam-pattern pattern-roam | Defines the pattern for roaming account numbers. Enter multiple instances of this command to specify multiple patterns. |
Step 3 | Router(config-settlement)#exit | Exits the settlement submode. |
| Command | Purpose | |
|---|---|---|
Step 1 | Router#configure terminal | Enters the global configuration mode. |
Step 2 | Router(config)#settlement number | Entesr the Settlement mode and configure the settlement provider number. |
Step 3 | Router(config-settlement)#roaming | Enables the roaming capability on this provider. |
Step 4 | Router(config-settlement)#exit | Exits the Settlement submode. |
| Command | Purpose | |
|---|---|---|
Step 1 | Router#configure terminal | Enters the global configuration mode. |
Step 2 | Router(config)#dial-peer voice number voip | Enters the dial-peer configuration mode to configure a VoIP dial peer. |
Step 3 | Router(config-dial-peer)#roaming | Enables roaming on this dial peer. |
Step 4 | Router(config-dial-peer)#exit | Exits the dial-peer submode. |
See "Example Configuration of Settlement with Roaming," page 26.
To configure the Multiple Roots capability, three configuration tasks must be completed:
| Command | Purpose | |
|---|---|---|
Step 1 | Router#configure terminal | Enters the global configuration mode. |
Step 2 | Router(config)#settlement provider-number | Enters settlement configuration mode for a specific provider. |
Step 3 | Router(config-settlement)#url URL | Enters the URL to the service point which uses two (2) different certificates for SSL and token. |
| Command | Purpose | |
|---|---|---|
Step 1 | Router#configure terminal | Enters the global configuration mode. |
Step 2 | Router(config)#crypto ca trusted-root root-name | Configures the root certificate the server uses to sign the settlement tokens. |
Step 3 | Router(ca-root)#root tftp tftp-ipadress root-ca-file | Specifies where to obtain the root certificate file. |
Step 4 | Router(ca-root)#crypto ca authenticate name | Starts downloading the root certificate file from the server. |
| Command | Purpose | |
|---|---|---|
Step 1 | Router# configure terminal | Enters the global configuration mode. |
Step 2 | Router(config)# settlement provider-number | Enters settlement configuration mode for a specific provider. |
Step 3 | Router(config-settlement)# token-root-name name | Specifies which root certificate the gateway uses to validate the token. The name must match the name of the certificate configured using either the crypto ca id name or the |
See "Example Configuration of Settlement with Multiple Roots" section.
The session target command in the dial peer dictates how the gateway resolves the terminating address to complete the call. Besides settlement, the gateway could use the ipv4 or dns options if it knows the exact address of the TGW, or it could use the ras option to consult a gatekeeper.
To force a call to be authorized by a settlement server, configure the following:
| Command | Purpose | |
|---|---|---|
Step 1 | Router#configure terminal | Enters the global configuration mode. |
Step 2 | Router(config)#dial-peer voice number voip | Enters the dial-peer configuration mode to configure a VoIP dial peer. |
Step 3 | Router(config-dial-peer)#settle-call [provider-number] | Authorizes this call with a settlement provider. |
Step 4 | Router(config-dial-peer)#exit | Exits the dial-peer configuration mode. |
Figure 2 shows example settlement configurations for both the originating and terminating gateways.
|
Note All IP addresses and patterns are examples only. |
See samples of screen output displays for running configurations:
See the following output by using the running configuration command. Figure 2 is a graphic representation of the configuration.
! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption service internal service udp-small-servers service tcp-small-servers ! hostname c3620-px15 ! ip subnet-zero ! settlement 0 type osp url http://1.14.115.100 ! voice-port 1/0/0 alerting audible ! voice-port 1/0/1 alerting audible ! dial-peer voice 1 pots application session destination-pattern 5551111 port 1/0/0 ! dial-peer voice 2 voip destination-pattern 5552222 session target settlement:0 ! interface Ethernet0/0 ip address 172.22.65.131 255.255.255.224 no ip directed-broadcast ip route-cache same-interface standby 1 priority 110 ! interface Serial0/0 no ip address no ip directed-broadcast shutdown ! interface Ethernet0/1 no ip address no ip directed-broadcast shutdown ! router eigrp 109 network 172.22.0.0 ! router rip network 172.22.0.0 ! ip default-gateway 172.22.65.129 no ip classless ip route 0.0.0.0 0.0.0.0 172.22.65.129 ! ! line con 0 transport input none line aux 0 line vty 0 4 password login ! end
See the following output by using the running configuration command. See Figure 2 for a graphic representation of the configuration.
! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption service internal service udp-small-servers service tcp-small-servers ! hostname 3620-px16 ! ip subnet-zero ip domain-name cisco.com ip name-server 198.92.30.32 ! settlement 0 type osp url http://1.14.115.100 ! voice-port 1/0/0 alerting audible ! voice-port 1/0/1 alerting audible ! dial-peer voice 1 pots destination-pattern 5552222 port 1/0/0 ! dial-peer voice 2 voip application session incoming called-number 5552222 session target settlement:0 ! interface Ethernet0/0 ip address 172.22.65.143 255.255.255.224 no ip directed-broadcast ip route-cache same-interface ! interface Serial0/0 no ip address no ip directed-broadcast shutdown ! interface Ethernet0/1 no ip address no ip directed-broadcast shutdown ! router eigrp 109 network 172.22.0.0 ! router rip network 172.22.0.0 ! ip default-gateway 172.22.65.129 no ip classless ip route 0.0.0.0 0.0.0.0 172.22.65.129 ! snmp-server community public RO ! line con 0 exec-timeout 0 0 transport input none line aux 0 line vty 0 4 password login ! end
The following output is displayed when you enter the show running config command with roaming configured in the settlement server.
! version 12.0 service timestamps debug datetime service timestamps log datetime no service password-encryption service internal ! hostname as5300-05 ! enable secret 5 $1$lFSH$khsm3jB1lldHfXNlxqmaN1 enable password lab1 ! ! ! resource-pool disable ! ! ! ip subnet-zero ip host pkiserver 1.14.115.100 ip domain-name fieldlabs.cisco.com ip name-server 172.16.1.4 ! isdn switch-type primary-5ess isdn voice-call-failure 0 cns event-service server mta receive maximum-recipients 1024 ! ! crypto cisco algorithm des crypto cisco algorithm 40-bit-des ! crypto ca identity transnexus enrollment retry count 100 enrollment retry period 2 enrollment url http://pkiserver:80 crypto ca certificate chain transnexus certificate ca 0171 3082024C 308201B5 02020171 300D0609 2A864886 F70D0101 04050030 6E310B30 09060355 04061302 55533110 300E0603 55040813 0747656F 72676961 31183016 06035504 0A130F54 72616E73 4E657875 732C204C 4C433114 30120603 55040B13 0B446576 656C6F70 6D656E74 311D301B 06035504 03131454 52414E53 4E455855 53204245 54412043 41203130 1E170D39 39303332 32313334 3630395A 170D3030 30333231 31333436 30395A30 6E310B30 09060355 04061302 55533110 300E0603 55040813 0747656F 72676961 31183016 06035504 0A130F54 72616E73 4E657875 732C204C 4C433114 30120603 55040B13 0B446576 656C6F70 6D656E74 311D301B 06035504 03131454 52414E53 4E455855 53204245 54412043 41203130 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 B1B8ACFC D78F0C95 0258D164 5B6BD8A4 6F5668BD 50E7524B 2339B670 DC306537 3E1E9381 DE2619B4 4698CD82 739CB251 91AF90A5 52736137 658DF200 FAFEFE6B 7FC7161D 89617E5E 4584D67F F018EDAB 2858DDF9 5272F108 AB791A70 580F994B 4CA54F08 38C32DF5 B44077E8 79830F95 96F1DA69 4CAE16F2 2879E07B 164F5F6D 02030100 01300D06 092A8648 86F70D01 01040500 03818100 2FDCB580 C29E557C 52201151 A8DB5F47 C06962D5 8FDA524E A69DE3EE C3FE166A D05C8B93 2844CD66 824A8859 974F22E0 46F69F7E 8027064F C19D28BC CA750E4E FF2DD68E 1AA9CA41 8BB89C68 7A61E9BF 49CBE41E E3A42B16 AAEDAEC7 D3B4F676 4F1A817B A5B89ED8 F03A15B0 39A6EBB9 0AFA6968 17A9D381 FD62BBB7 A7D379E5 quit certificate 8697B659C0E190E1A8D48961EBED0DB1 30820247 308201B0 A0030201 02021100 8697B659 C0E190E1 A8D48961 EBED0DB1 300D0609 2A864886 F70D0101 04050030 6E310B30 09060355 04061302 55533110 300E0603 55040813 0747656F 72676961 31183016 06035504 0A130F54 72616E73 4E657875 732C204C 4C433114 30120603 55040B13 0B446576 656C6F70 6D656E74 311D301B 06035504 03131454 52414E53 4E455855 53204245 54412043 41203130 1E170D39 39303430 36313833 3430315A 170D3030 30343036 31383334 30315A30 81873181 84300F06 03550405 13083131 38313833 37393018 06092A86 4886F70D 01090813 0B312E31 342E3131 352E3835 302A0609 2A864886 F70D0109 02161D61 73353330 302D3035 2E666965 6C646C61 62732E63 6973636F 2E636F6D 302B0603 55040314 245B7472 616E736E 65787573 2E636F6D 20475749 443D3230 30302043 5349443D 31303030 5D305C30 0D06092A 864886F7 0D010101 0500034B 00304802 4100AF40 5CC8E37D 7211E3C4 2D036E52 70B5DA88 96600C12 8654B85E 7CEFE204 27A9B9DD B0F6B85C 1EB561BB 0F3481A2 D4661087 2B0B403A 5A65B7E0 ED9A0165 EBC10203 010001A3 0F300D30 0B060355 1D0F0404 030205A0 300D0609 2A864886 F70D0101 04050003 8181005C 1E379447 C0FCBC3F 0ABC75FA ADF79A26 770419A4 02BEC849 ECB7BDB1 58EA815B 48844DB3 4E8934E8 397F4762 F04EB716 8413C418 4289AA64 6E2EAFE1 9C9F1F31 3A5BE996 AF749623 18FBFD36 569732BF 8335C522 4ACA0BCA CFCC27C6 294AD416 15472F07 C1609E93 E1FEDA66 B69DA603 1A99699E 86937EC5 609A3D52 72A45B quit ! ! xgcp snmp sgcp ! controller T1 0 framing esf clock source line primary linecode b8zs pri-group timeslots 1-24 ! controller T1 1 clock source line secondary 1 ! controller T1 2 ! controller T1 3 ! ! voice-port 0:D ! ! dial-peer voice 1 pots application session destination-pattern 5710877 port 0:D ! dial-peer voice 5 voip application session incoming called-number +1404....... session target settlement:0 ! dial-peer voice 2 pots destination-pattern +255.... port 0:D prefix 255 ! ! Enable roaming for this dialpeer ! dial-peer voice 6 voip roaming destination-pattern 1512....... session target settlement ! dial-peer voice 7 pots destination-pattern +1650....... port 0:D prefix 1650 ! dial-peer voice 8 voip application session incoming called-number +1650....... session target settlement:0 ! dial-peer voice 3 voip application session incoming called-number +1408....... session target settlement:0 ! dial-peer voice 12 pots destination-pattern 1404....... port 0:D prefix 1404 ! dial-peer voice 13 pots destination-pattern 1512....... port 0:D prefix 1512 ! ! User with account number matching 875.... is a roaming caller ! settlement roam-pattern 875.... roam ! ! Enable roaming for this settlement provider using the "roaming" attribute ! settlement 0 type osp url https://1.14.115.100:8443/ device-id 2000 customer-id 1000 roaming no shutdown ! ! interface Ethernet0 ip address 1.14.115.85 255.255.0.0 no ip directed-broadcast no ip mroute-cache no cdp enable ! interface Serial0:23 no ip address no ip directed-broadcast dialer-group 1 isdn switch-type primary-5ess isdn protocol-emulate user isdn incoming-voice modem fair-queue 64 256 0 no cdp enable ! interface FastEthernet0 no ip address no ip directed-broadcast no ip mroute-cache shutdown duplex auto speed auto no cdp enable ! router igrp 200 network 1.0.0.0 ! ip default-gateway 1.14.0.1 ip classless ip route 172.16.0.0 255.255.0.0 1.14.115.65 no ip http server ! no cdp run ! ! line con 0 logging synchronous transport input none line aux 0 line vty 0 4 password lab login ! scheduler interval 1000 end
The following is the configuration file from the alice.cisco.com settlement server. The console output is displayed after executing the CLI commands show crypto ca roots, show crypto ca certificate, and show crypto key pub rsa. The router alice.cisco.com has been enrolled under VeriSign TestDerive CA. It has confided Netscape CMS as a trusted root. The Netscape CMS is installed on the server Ciscoca-ultra.
version 12.0 service timestamps debug datetime service timestamps log datetime no service password-encryption service internal ! hostname as5300-04 ! enable secret 5 $1$Ld7z$CapnZCfz2kMSh8sMHh2hy0 enable password lab1 ! ! ! resource-pool disable ! ! ! ! ! ip subnet-zero ip domain-name fieldlabs.cisco.com ip name-server 171.69.2.132 ! isdn switch-type primary-5ess isdn voice-call-failure 0 cns event-service server mta receive maximum-recipients 1024 ! ! crypto cisco algorithm des crypto cisco algorithm des cfb-8 crypto cisco algorithm 40-bit-des ! ! Configure the second root to be downloaded from tftp server ! crypto ca trusted-root transnexus2 root tftp 1.14.115.100 onsite_ca.der ! crypto ca identity transnexus enrollment retry count 100 enrollment retry period 2 enrollment url http://hostname crypto ca certificate chain transnexus certificate ca 0171 3082024C 308201B5 02020171 300D0609 2A864886 F70D0101 04050030 6E310B30 09060355 04061302 55533110 300E0603 55040813 0747656F 72676961 31183016 06035504 0A130F54 72616E73 4E657875 732C204C 4C433114 30120603 55040B13 0B446576 656C6F70 6D656E74 311D301B 06035504 03131454 52414E53 4E455855 53204245 54412043 41203130 1E170D39 39303332 32313334 3630395A 170D3030 30333231 31333436 30395A30 6E310B30 09060355 04061302 55533110 300E0603 55040813 0747656F 72676961 31183016 06035504 0A130F54 72616E73 4E657875 732C204C 4C433114 30120603 55040B13 0B446576 656C6F70 6D656E74 311D301B 06035504 03131454 52414E53 4E455855 53204245 54412043 41203130 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 B1B8ACFC D78F0C95 0258D164 5B6BD8A4 6F5668BD 50E7524B 2339B670 DC306537 3E1E9381 DE2619B4 4698CD82 739CB251 91AF90A5 52736137 658DF200 FAFEFE6B 7FC7161D 89617E5E 4584D67F F018EDAB 2858DDF9 5272F108 AB791A70 580F994B 4CA54F08 38C32DF5 B44077E8 79830F95 96F1DA69 4CAE16F2 2879E07B 164F5F6D 02030100 01300D06 092A8648 86F70D01 01040500 03818100 2FDCB580 C29E557C 52201151 A8DB5F47 C06962D5 8FDA524E A69DE3EE C3FE166A D05C8B93 2844CD66 824A8859 974F22E0 46F69F7E 8027064F C19D28BC CA750E4E FF2DD68E 1AA9CA41 8BB89C68 7A61E9BF 49CBE41E E3A42B16 AAEDAEC7 D3B4F676 4F1A817B A5B89ED8 F03A15B0 39A6EBB9 0AFA6968 17A9D381 FD62BBB7 A7D379E5 quit certificate B7DD210B9BFE007E41EEB177AF39F78C 30820247 308201B0 A0030201 02021100 B7DD210B 9BFE007E 41EEB177 AF39F78C 300D0609 2A864886 F70D0101 04050030 6E310B30 09060355 04061302 55533110 300E0603 55040813 0747656F 72676961 31183016 06035504 0A130F54 72616E73 4E657875 732C204C 4C433114 30120603 55040B13 0B446576 656C6F70 6D656E74 311D301B 06035504 03131454 52414E53 4E455855 53204245 54412043 41203130 1E170D39 39303430 36313833 3635325A 170D3030 30343036 31383336 35325A30 81873181 84300F06 03550405 13083131 37363837 37353018 06092A86 4886F70D 01090813 0B312E31 342E3131 352E3834 302A0609 2A864886 F70D0109 02161D61 73353330 302D3034 2E666965 6C646C61 62732E63 6973636F 2E636F6D 302B0603 55040314 245B7472 616E736E 65787573 2E636F6D 20475749 443D3130 30302043 5349443D 31303030 5D305C30 0D06092A 864886F7 0D010101 0500034B 00304802 4100C82B 8E4CBD44 06C763FB 1DC1A78F 8D71F1DA 110EDAC3 C9AA6256 6E1BF15B 79E48BEF 741D26CF DEBEACCC FA09D420 F54B76A1 F6CDCE33 02C8D9F7 5873E012 AFC90203 010001A3 0F300D30 0B060355 1D0F0404 030205A0 300D0609 2A864886 F70D0101 04050003 81810056 C05E1151 BE2D5515 624010AE 22F03D58 8BD9F2D3 E037EBC8 376E321A 5C53D4C6 770CE32F CF1CB0F4 2FD44C0D CA8EE22C 2372EE64 349FF062 137A6780 DC554F6A 3BA9F17C 85A7F390 D5B99E35 D7FBF927 75910E9E 992C7052 54AE0887 ED1DEEA0 C6BCA9C4 49F3D98E 4835A5E2 0FD470B6 F6D727A8 8AA0F923 5D60985B F8DD19 quit crypto ca certificate root transnexus2 DB3882D37891B597970BF0F18B008F13 308201F4 3082015D A0030201 02021100 DB3882D3 7891B597 970BF0F1 8B008F13 300D0609 2A864886 F70D0101 04050030 15311330 11060355 040A130A 5472616E 734E6578 7573301E 170D3939 30333138 30303030 30305A17 0D303930 33313832 33353935 395A3015 31133011 06035504 0A130A54 72616E73 4E657875 7330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100AB91 E2123C3F E83DE86A 3B8A18DF 750FB756 3034D692 2A363692 721F9E59 6CDB046F AAF9A212 6B4B1033 9DDE94DB B132E768 085376EC 9EC7E2FD 0BB92B43 8FEC1243 35A33F89 41390517 AF2D6D46 2FAAC116 8AE55865 C326C77A 3381C944 5BE107B1 E66CA111 B3560313 A29A0081 201D84C5 FE24E452 6338C52C EFDE6B95 4A570203 010001A3 44304230 22060355 1D11041B 3019A417 30153113 30110603 55040313 0A4F6E73 69746532 2D363230 0F060355 1D130408 30060101 FF020100 300B0603 551D0F04 04030201 06300D06 092A8648 86F70D01 01040500 03818100 481E4F13 79EB3B5F D9BCEED9 9C756BF7 B42167B1 4DE11B8C 240D3446 5A14E2E1 A79D2454 1EA84109 17EF6E8E 8AFD06C7 8209753B F760761C EC13A2D6 95348D69 4F73F0D5 9211DD95 0FE00D23 4583002A 242C769E 695FAFD4 EE12D014 580C5DFC F377F3FF F20F25D6 831E4F2B 253DFA9C 8B3E00A8 002F03D7 BC0C19D8 7EA134A6 quit ! ! xgcp snmp sgcp ! controller T1 0 framing esf clock source line primary linecode b8zs pri-group timeslots 1-24 ! controller T1 1 clock source line secondary 1 ! controller T1 2 ! controller T1 3 ! ! voice-port 0:D ! ! dial-peer voice 1 pots application session destination-pattern 5710876 port 0:D ! dial-peer voice 7 voip destination-pattern +255.... session target settlement:0 ! dial-peer voice 13 pots destination-pattern 1770....... port 0:D prefix 1770 ! dial-peer voice 1770 voip incoming called-number 1770....... ip precedence 7 session target settlement:0 ! dial-peer voice 1650 voip destination-pattern +1650....... session target settlement:0 ! dial-peer voice 10 voip destination-pattern 1408....... session target settlement ! dial-peer voice 1404 voip destination-pattern 1404....... session target settlement ! dial-peer voice 1512 voip destination-pattern 1512....... session target settlement ! ! Specify which root to use to validate the settlement token ! via token-root-name attribute ! settlement 0 type osp url https://1.14.115.100:8443/ retry-delay 2 device-id 1000 customer-id 1000 token-root-ca transnexus2 no shutdown ! ! interface Ethernet0 ip address 1.14.115.84 255.255.0.0 no ip directed-broadcast no ip route-cache no ip mroute-cache no cdp enable ! interface Serial0:23 no ip address no ip directed-broadcast dialer-group 1 isdn switch-type primary-5ess isdn protocol-emulate user isdn incoming-voice modem fair-queue 64 256 0 no cdp enable ! interface FastEthernet0 no ip address no ip directed-broadcast shutdown duplex auto speed auto no cdp enable ! router igrp 200 network 1.0.0.0 ! ip default-gateway 1.14.0.1 ip classless no ip http server ! no cdp run ! ! line con 0 logging synchronous transport input none line aux 0 line vty 0 4 password lab login ! ntp clock-period 17180879 ntp update-calendar ntp server 1.14.42.23 scheduler interval 1000 end
This section contains a set of matrixes that describe exactly how settlement will proceed for various combinations of Cisco IOS command options, based on whether the caller is Roaming or not.
There is a minor ambiguity between the session target settlement dial-peer command and the settle-call command. The following matrix describes whether settlement is enabled on a dial peer or not, based on various combinations of session targets and the settle-call command.
| Session Target IP/DNS | Session Target Settlement | Session Target RAS | |
Settle-call | Settlement processing will occur (this is the settle column on the matrixes below | Settlement processing will occur (this is the settle column on the matrixes below | Illegal (legal once cc_ResolveAddress function is implemented) |
No settle-call | Settlement processing will not occur (this is the no settle column on the matrixes below | Settlement processing will occur (this is the settle column on the matrixes below | Settlement processing will not occur (this is the "no settle" column on the matrixes below) |
|
Note If the session target settlement tag and settle-call tag options are used, the tags must be the same or an error is generated. If one IOS command specifies a tag and the other does not, the specified tag becomes the only clearinghouse used. If neither specifies a tag, all clearinghouses can be searched. |
| Settle | No Settle | |
User is Authenticated and Local |
| Authorize call Route call Generate settlement CDR |
User is Authenticated and Roaming |
| Authenticate roaming user Authorize call Route call Generate settlement CDR |
User is Roaming But Not Yet Authenticated |
| Authenticate roaming user Authorize call Route call Generate settlement CDR |
| Settle | No Settle | |||
User is Authenticated and Local |
| No settlement operations | ||
User is Authenticated and Roaming |
| No settlement operations (the assumption here is that the dial peer exists because the administration wants to use roaming-enabled AAA but not settlement) | ||
User is Roaming But Not Yet Authenticated |
| Fail the call (user is not authenticated and there is no facility to do so via settlement) |
|
Note Settlement and RAS session targets are illegal in the first release, which was Cisco IOS Release 12.0(4)XH. This matrix applies to a future release where RAS ARQ/ACF can be performed prior to calling settlement. |
The gateway needs a way to decide whether the GK has done settlement authorization or not. This is determined by checking to see whether the returned ACF contains a settlement token or not. This matrix applies to the case where no token is returned.
| Settle | No Settle | |
User is Authenticated and Local |
| No settlement operations performed |
User is Authenticated and Roaming |
| No settlement operations performed |
User is Roaming But Not Yet Authenticated |
| Fail the call (no way to authenticate the user) |
In these scenarios, the ACF returns a valid token, indicating that the call has already been authorized and routed by settlement.
|
Note The roaming scenarios require that the ARQ sourceAlternative field be formatted with the user credentials. |
| Settle | No Settle | |
User is Authenticated and Local |
| Fail the call (implication here is that the dial peer was not configured to work with a settlement-enabled GK) |
User is Authenticated and Roaming |
| Fail the call (see above) |
User is Roaming But Not Yet Authenticated |
| Fail the call (see above) |
This matrix describes what happens when a incoming voip call is detected, based on whether the setup message contains a token or not.
| Settle | No Settle | |
Settlement Token Received in Setup Message |
| Reject call (since the dial peer is not configured to do settlement, originated calls will not be settled) |
No Settlement Token Received |
| Accept the call |
This section offers helpful hints and reminders users may need while resolving problems with their feature configuration.
The following section is provided to assist in determining if your OSP network is set up correctly. The problems listed have been reported as the most common errors made when configuring settlement in a network.
Problem:
Calls are routed through a settlement server, but the OGW gets no response, or negative response.
Solution:
Problem::
TCL/IVR script is not used on the OGW or TGW.
Solution:
|
Note TCL/IVR scripts are required for settlement, and classic IVR 1.0 does not support settlement. |
as5300-04#sho call app voi sum name description session Basic app to do DID, or supply dialtone. fax_hop_on Script to talk to a fax redialer clid_authen Authenticate with (ani, dnis) clid_authen_collect Authenticate with (ani, dnis), collect if that fails clid_authen_npw Authenticate with (ani, NULL) clid_authen_col_npw Authenticate with (ani, NULL), collect if that fails clid_col_npw_3 Authenticate with (ani, NULL), and 3 tries collecting clid_col_npw_npw Authenticate with (ani, NULL) and 3 tries without pw SESSION Default system session application
Problem:
The OGW inbound POTS dial peer has no "destination-pattern" set.
Solution:
Since some PBX does not pass along the calling number in the setup message, the router uses the "destination-pattern" number or "answer-address" as an alternative. Calling number is a required field for settlement.
Problem:
The OGW outbound VoIP dial peer doesn't have "session target settlement".
The router could make successful calls, but not through a settlement server. Session target attribute dictates how the router resolves the TGW's address for a particular called number.
Solution:
Configure session target settlement [: provider-num].
Problem:
TGW has no VoIP inbound dial peer. The settlement token in the incoming setup message from the OGW can't be validated, the TGW rejects the call.
Solution:
Create an inbound dial peer with session target settlement [: provider-num].
Problem:
TGW has an inbound dial peer configured, but with no "application" attribute, so the default session application, SESSION processes the call but it does not support settlement.
Solution:
The default application, SESSION does not support the settlement feature. Therefore, you must configure the application application name attribute in the inbound dial peer.
Problem:
TGW clock is not in sync with the server. The TGW rejects the call because it's too soon or too late to use the settlement token in the incoming set-up message.
Solution:
Use ntp or clock set command to sync the clocks between the TGW and the settlement server.
Problem:
The settlement provider on the OGW or TGW is not up. No settlement transaction processing is allowed unless the provider is up.
Solution:
Bring up settlement using no shutdown command in Settlement submode. Use show settlement command to verify the provider status.
Problem:
Router can not use SSL to communicate with the server. Two possibilibies:
Problem:
OGW has multiple dialpeers for the same called number, and settlement is never used. The order for rotary dial peers is random, unless a preference is specified. The dialpeer with lower preference is chosen first.
Solution:
Define dialpeer preference using preference num command.
Problem:
The OGW can not successfully setup a call with the first TGW that is returned from the OSP server. This occurs when a gateway attempts to setup the call with thee terminating gateways in the order they are received. If for some reason, the H.323 call setup is not successful, there is a 15 second timeout (by default, before the next terminating gateway on the list is contacted.
Solution:
The H.323 call setup timeout can be tuned using the Cisco IOS command "h225 timeout"
For example:
voice class h323 1 h225 timeout tcp etablish <value 0 to 30 seconds> dial-peer voice 919 voip application session destination-pattern 919555.... voice-class codec 1 voice-class h323 1 session target settlement
This section documents only the following new commands. The asterisk (*) indicates the commands developed for the second phase of the settlement feature introduced in Cisco IOS Release 12.1(1)T. All other commands for this feature are documented in the Cisco IOS Release 12.0(4)XH, 12.0(7)T and the Cisco IOS Release 12.1 command references.
To configure the time in seconds that a connection is maintained after completing a communication exchange, enter the connection-timeout command in the settlement configuration mode. The router maintains the connection for this period in anticipation of future communication exchanges to the same server. Use the no form of this command to reset to the default value of this command.
connection timeout number
Syntax Description
number Time (in seconds) that a connection is maintained after the communication exchange is completed Values can range from zero (0) to 86400 seconds; zero (0) means that the connection does not timeout.
Defaults
The default connection timeout is 3600 seconds (1 hour).
Command Modes
Settlement configuration
Command History
12.0(4)XH1 This command was introduced. 12.0(7)T First released on the T train.
Release
Modification
Examples
settlement 0
connection timeout 3600
Related Commands
Sets the customer identification. Sets the device identification. Specifies the encryption method. Sets the maximum simultaneous connections. Sets the response timeout. Sets the retry delay. Sets the connection retry limit. Sets the session timeout. Enters the settlement configuration mode. Displays the configuration for all settlement server transactions. Brings up/shuts down the settlement provider. Specifies the provider type. Specifies the Internet service provider address.
Command
Description
To authenticate the CA (by getting the CA's certificate), enter the crypto ca authenticate Global configuration command. Use the no form of this command to clear the CA authentication.
crypto ca authenticate identify-name | trust-point-name
Syntax Description
identify-name Specify the name of the CA. This is the same name used when the CA was declared with the crypto ca identity command. trust-point-name Specify the name of the
Defaults
There are no defaults for this command.
Command Modes
Global configuration
Command History
11.3 T This command was introduced. 12.1(1)T The option to authenticate the CA Root is introduced in Cisco IOS Release 12.1(1)T.
Release
Modification
Usage Guidelines
This command is required when you initially configure CA support at your router.
This command authenticates the CA to your router by obtaining the CA's self-signed certificate contains the CA's public key. Because the CA signs its own certificate, you should manually authenticate the CA's public key by contacting the CA administrator when you perform this command.
If you are using RA mode (using the enrollment mode ra command) when you issue the crypto ca authenticate command, then RA signing and encryption certificates will be returned from the CAin addition to the CA certificate.
This command is not saved to the router configuration; however, the public keys embedded in the received CA (and RA) certificates are saved to the configuration as part of the RSA public key record (called the "RSA public key chain").
If the CA does not respond by a timeout period after this command is issued, the terminal control will be returned so it will not be tied up. If this happens, you must re-enter the command.
Examples
In this example, the router requests the CA's certificate. The CA sends its certificate and the router prompts the administrator to verify the CA's certificate by checking the CA certificate's fingerprint. The CA administrator can also view the CA certificate's fingerprint, so you should compare what the CA administrator sees to what the router displays on the screen. If the fingerprint on the router's screen matches the fingerprint viewed by the CA administrator, you should accept the certificate as valid.
Router# crypto ca authenticate myca Certificate has the following attributes: Fingerprint: 0123 4567 89AB CDEF 0123 Do you accept this certificate? [yes/no] y router#
This example displays the usage of the command with ca root identity.
!Root CA identity crypto ca trusted-root my_root_identity root CEP http://my_root .. exit
Related Commands
Configures the root certificate the server uses to sign the settlement tokens. crypto ca identify Declares the CA your router should use. show crypto ca certificates Displays information about your certificate, the certificate of the CA, and any RA certificates.
Command
Description
To configure a root with a selected name use the crypto ca trusted-root Global configuration command. Use the no form of this command to reset to the default value of this command.
crypto ca trusted-root identy
Syntax Description
identy Specifies the selected name of the root you are configuring.
Defaults
No default behavior or values.
Command Modes
Global configuration
Command History
12.1(1)T This command was introduced.
Release
Modification
Usage Guidelines
The root which signs the OSP settlement tokens can be set as a private root. Performing this command allows you to enter additional conditions:
Examples
!Root CA identity
crypto ca trusted-root my_root_identity
root CEP http://my_root
..
exit
Related Commands
Authenticates the CA (by getting the CA's certificate). crypto ca identity Declares the CA your router should use. Shows the roots confided in the router.
Command
Description
To identify a carrier or ISP with a settlement provider, enter the customer-id command in the settlement configuration mode. This is an optional attribute. Use the no form of this command to reset to the default value of this command.
customer-id number
Syntax Description
number Customer ID number as provided by the settlement server. Value range: 0 - 22147483647.
Defaults
The default customer ID is 0.
Command Modes
Settlement configuration
Command History
12.0(4)XH1 This command was introduced. 12.0(7)T Introduced in the T train.
Release
Modification
Examples
settlement 0custom id 1000
Related Commands
Sets the customer identification. Sets the device identification. Specifies the encryption method. Sets the maximum simultaneous connections. Sets the response timeout. Sets the retry delay. Sets the connection retry limit. Sets the session timeout. Enters the settlement configuration mode. Displays the configuration for all settlement server transactions. Brings up/shuts down the settlement provider. Specifies the provider type. Specifies the Internet service provider address.
Command
Description
To identify a gateway associated with a settlement provider, enter the device-id command in the settlement configuration mode. This is an optional attribute. Use the no form of this command to reset to the default value of this command.
device-id number
Syntax Description
number Device ID number as provided by the settlement server. Value range: 0 - 22147483647.
Defaults
The default device ID is 0.
Command Modes
Settlement configuration
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
settlement 0 device-id 1000
Related Commands
Sets the connection timeout. Sets the customer identification. Specifies the encryption method. Sets the maximum simultaneous connections. Sets the response timeout. Sets the retry delay. Sets the connection retry limit. Sets the session timeout. Enters the settlement configuration mode. Displays the configuration for all settlement server transactions. Brings up/shuts down the settlement provider. Specifies the provider type. Specifies the Internet service provider address.
Command
Description
To set the algorithm to be negotiated with the provider, enter the encryption command in the Settlement configuration mode. For Cisco IOS Release 12.0(4)XH, only one encryption method is allowed for each provider. Use the no form of this command to reset to the default value of this command.
encryption {des-cbc-sha | des40-cbc-sha | dh-des-cbc-sha | dh-des40-cbc-sha | null-md5 | null-sha}
Syntax Description
des-cbc-sha Encryption type SSL_RSA_WITH_DES_CBC_SHA cipher suite des40-cbc-sha Encryption type SSL_RSA_EXPORT_WITH_DES40_CBC_SHA cipher suite dh-des-cbc-sha Encryption type SSL_DH_RSA_WITH_DES_CBC_SHA cipher suite dh-des40-cbc-sha Encryption type SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA cipher suite null-md5 Encryption type SSL_RSA_WITH_NULL_MD5 cipher suite null-sha Encryption type SSL_RSA_WITH_NULL_SHA cipher suite
Defaults
The default encryption method is all. If none of the encryption methods are configured, then the system configures to use all of the encryption methods in the SSL session negotiation.
Command Modes
Settlement configuration
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
settlement 0 encryption des-cbc-sha
Related Commands
Sets the connection timeout. Sets the customer identification. Sets the device identification. Sets the maximum simultaneous connections. Sets the response timeout. Sets the retry delay. Sets the connection retry limit. Sets the session timeout. Enters the settlement configuration mode. Displays the configuration for all settlement server transactions. Brings up/shuts down the settlement provider. Specifies the provider type. Specifies the Internet service provider address.
Command
Description
To set the maximum number of simultaneous connections to be used for communication with a settlement provider, enter the max-connection command in the Settlement configuration mode. Use the no form of this command to reset to the default value of this command.
max-connection number
Syntax Description
number Maximum number of HTTP connections to a settlement provider
Defaults
The default is 10 maximum connections.
Command Modes
Settlement configuration
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
settlement 0 max-connections 10
Related Commands
Sets the connection timeout. Sets the customer identification. Sets the device identification. Specifies the encryption method. Sets the response timeout. Sets the retry delay. Sets the connection retry limit. Sets the session timeout. Enters the settlement configuration mode. Displays the configuration for all settlement server transactions. Brings up/shuts down the settlement provider. Specifies the provider type. Specifies the Internet service provider address.
Command
Description
To configure the maximum time, in milliseconds, to wait for a response from a server, enter the response-timeout command in the Settlement configuration mode. If no response is received within this time limit, the current connection ends and the router attempts to contact the next service point. Use the no form of this command to reset to the default value of this command.
response-timeout number
Syntax Description
number Response waiting time (seconds)
Defaults
The default response timeout is one (1) second.
Command Modes
Settlement configuration
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
settlement 0 response-timeout 1
Related Commands
Sets the connection timeout. Sets the customer identification. Sets the device identification. Specifies the encryption method. Sets the maximum simultaneous connections. Sets the retry delay. Sets the connection retry limit. Sets the session timeout. Enters the settlement configuration mode. Displays the configuration for all settlement server transactions. Brings up/shuts down the settlement provider. Specifies the provider type. Specifies the Internet service provider address.
Command
Description
To set the time in seconds between attempts to connect with the settlement provider, enter the retry-delay command in the Settlement configuration mode. After exhausting all service points for the provider, the router is delayed for this length of time before resuming connection attempts. Use the no form of this command to reset to the default value of this command.
retry-delay number
Syntax Description
number Length of time (in seconds) between attempts to connect with the settlement provider. The valid range for retry-delay is 1-600 seconds.
Defaults
The default retry delay is 2 seconds.
Command Modes
Settlement configuration
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
settlement 0 relay-delay 15
Related Commands
Sets the connection timeout. Sets the customer identification. Sets the device identification. Specifies the encryption method. Sets the maximum simultaneous connections. Sets the response timeout. Sets the connection retry limit. Sets the session timeout. Enters the Settlement configuration mode. Displays the configuration for all settlement server transactions. Brings up/shuts down the settlement provider. Specifies the provider type. Specifies the Internet service provider address.
Command
Description
To set the maximum number of connection attempts to the provider, enter the retry-limit command in the Settlement configuration mode. If no connection is established after the configured retries, the router ceases connection attempts. The retry limit number does not count the initial connection attempt. A retry limit of one (default) results in a total of two connection attempts to every service point. Use the no form of this command to reset to the default value of this command.
retry-limit number
Syntax Description
number Maximum number of connection attempts in addition to the first attempt
Defaults
The default retry limit is one (1) retry.
Command Modes
Settlement configuration
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
settlement 0 relay-limit 1
Related Commands
Sets the connection timeout. Sets the customer identification. Sets the device identification. Specifies the encryption method. Sets the maximum simultaneous connections. Sets the response timeout. Sets the retry delay. Sets the session timeout. Enters the Settlement configuration mode. Displays the configuration for all settlement server transactions. Brings up/shuts down the settlement provider. Specifies the provider type. Specifies the Internet service provider address.
Command
Description
To enable the roaming capability for the dial peer, enter the roaming command in the Dial-peer submode. Use the no form of this command to disable the roaming capability.
roamingDefaults
Roaming is off by default.
Command Modes
Dial-peer configuration
Command History
12.1(1)T This command was introduced.
Release
Modification
Usage Guidelines
Examples
dial-peer voice 10 voip roaming
Related Commands
Enables the roaming capability for a settlement provider. Limits the dial peer to only using the specific clearinghouse identified by the specified provider-number. Configures a pattern to match against when determining roaming.
Command
Description
To enable the roaming capability for a settlement provider, enter the roaming command in the Settlement submode. Use the no form of this command to disable the roaming capability.
roamingDefaults
No roaming
Command Modes
Settlement configuration
Command History
12.1(1)T This command was introduced.
Release
Modification
Usage Guidelines
Enable roaming capabiity of a settlement provider if that provider can authenticate a roaming user and route roaming calls.
A roaming call is successful only if both the settlement provider and the outbound dial peer for that call are both roaming-enabled.
Examples
settement 0 roaming
Related Commands
Enables the roaming capability for the dial peer. settle-call Limits the dial peer to only using the specific clearinghouse identified by the specified provider-number. settlement roam-pattern Configures a pattern to match against when determining roaming.
Command
Description
To specify a network-specific address for a specified dial peer, use the session target command in dial-peer configuration mode. To restore default values for this parameter, use the no form of this command.
|
Note This command applies to all dial peers except for POTS dial peers. |
Syntax Description
ipv4:destination-address | IP address of the dial peer. |
dns:[$s$...] host-name | Indicates that the domain name server will be used to resolve the name of the IP address. Valid entries for this parameter are characters representing the name of the host device. (Optional) Use one of the following three wildcards with this keyword when defining the session target for VoIP peers: · $s$.—Indicates that the source destination pattern will be used as part of the domain name. · $d$.—Indicates that the destination number will be used as part of the domain name. · $e$.—Indicates that the digits in the called number will be reversed, periods will be added between each digit of the called number, and that this string will be used as part of the domain name. · $u$.—Indicates that the unmatched portion of the destination pattern (such as a defined extension number) will be used as part of the domain name. |
loopback:rtp | Indicates that all voice data will be looped back to the originating source. This is applicable for VoIP peers. |
loopback:compressed | Indicates that all voice data will be looped back in compressed mode to the originating source. This is applicable for POTS peers. |
loopback:uncompressed | Indicates that all voice data will be looped-back in uncompressed mode to the originating source. This is applicable for POTS peers. |
ras | Indicates that the RAS signaling function protocol is being used—meaning that a gatekeeper will be consulted to translate the E.164 address to an IP address. |
settlement provider-number | Indicates that the settlement server is the target to resolve the terminating gateway address. Enter the provider IP address for provider number. |
Defaults
The default for this command is enabled with no IP address or domain name defined.
Command Modes
Dial-peer configuration
Command History
11.3(1)T This command was introduced. 11.3(1)MA Support was added for VoFR, VoATM, VoHDLC, and POTS dial peers on the Cisco MC3810. 12.0(3)T Support was added for VoIP and POTS dial peers on the Cisco AS5300. The parameter was added for RAS. 12.0(3)XG and 12.0(4)T Support was added for VoFR dial peers on the Cisco 2600 series and 3600 series routers. The cid option was added. 12.0(4)T Support was added for VoFR and POTS dial peers on the Cisco 7200 series routers. 12.0(4)XJ Support was added for Store and Forward Fax on the Cisco AS5300 platform. 12.1(1)T Support was added for session target type of settlement.
Release
Modification
Usage Guidelines
Examples
The following example configures a session target using DNS for a host, "voice_router," in the domain "cisco.com":
dial-peer voice 10 voip session target dns:voice_router.cisco.com
The following example configures a session target using DNS, with the optional $u$. wildcard. In this example, the destination pattern has been configured to allow for any four-digit extension, beginning with the numbers 1310222. The optional wildcard $u$. indicates that the router will use the unmatched portion of the dialed number—in this case, the four-digit extension, to identify the dial peer. As in the previous example, the domain is "cisco.com."
dial-peer voice 10 voip destination-pattern 1310222.... session target dns:$u$.cisco.com
The following example configures a session target using dns, with the optional $d$. wildcard. In this example, the destination pattern has been configured for 13102221111. The optional wildcard $d$. indicates that the router will use the destination pattern to identify the dial peer in the "cisco.com" domain.
dial-peer voice 10 voip destination-pattern 13102221111 session target dns:$d$.cisco.com
The following example configures a session target using DNS, with the optional $e$. wildcard. In this example, the destination pattern has been configured for 12345. The optional wildcard $e$. indicates that the router will reverse the digits in the destination pattern, add periods between the digits, and then use this reverse-exploded destination pattern to identify the dial peer in the "cisco.com" domain.
dial-peer voice 10 voip destination-pattern 12345 session target dns:$e$.cisco.com
The following example configures a session target using RAS:
dial-peer voice 11 voip destination-pattern 13102221111 session target ras
The following example configures a session target using settlement:
session target settlement:0
Related Commands
destination-pattern Specifies either the prefix or the full E.164 telephone number (depending on your dial plan) to be used for a dial peer. session protocol Establishes a session protocol for calls between the local and remote routers through the packet network in Voice over IP. settle-call Specifies that settlement is to be used for this dial peer, regardless of session target type.
Command
Description
To configure the lifetime, in seconds, of a single SSL session key, enter the session-timeout command in the Settlement configuration mode. When this time limit is exceeded, the router negotiates a new session key. Communication exchanges in progress are not interrupted when this time limit expires. Use the no form of this command to reset to the default value of this command.
session-timeout number
Syntax Description
number Lifetime (in seconds) of a single SSL session key
Defaults
The default session timeout is 86,400 seconds (one day).
Command Modes
Settlement configuration
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
settlement 0 session timeout 86400
Related Commands
Sets the connection timeout. Sets the customer identification. Sets the device identification. Specifies the encryption method. Sets the maximum simultaneous connections. Sets the response timeout. Sets the retry delay. Sets the connection retry limit. Enters the Settlement configuration mode. Displays the configuration for all settlement server transactions. Brings up/shuts down the settlement provider. Specifies the provider type. Specifies the Internet service provider address.
Command
Description
To force a call to be authorized with a settlement server that uses the address resolution method specified in the session target type command, enter the settle-call attribute in the dial peer configuration command. Use the no form of this command to have the terminating gateway address resolved by the method specified in the session target type command, no authorization will be performed by a settlement server.
settle-call [<provider-number>]
Syntax Description
provider-number Digit defining the ID of particular settlement server. The only valid entry is 0.
Note If session target type is settlement, the provider-number parameter in session target and settle-call should be identical.
Defaults
No default behavior or values.
Command Modes
Dial-peer sub-mode
Command History
12.1.(1)T This command was introduced.
Release
Modification
Usage Guidelines
Examples
dial-peer voice 10 voip
destination-pattern 1408.......
session target ipv4:172.22.95.14
settle-call 0
Related Commands
session target Specifies a network-specific address for a specified dial peer.
Command
Description
To enter the Settlement mode and specify the attributes specific to a settlement provider, enter the settlement global configuration command. For Cisco IOS Release 12.0(4)XH, only one clearinghouse per system is allowed, and the only valid value for provider-number is 0. Use the no form of this command to reset to the default value of this command.
settlement provider-number
Syntax Description
provider-number Digit defining the ID of particular settlement server. The only valid entry is 0.
Defaults
The default is 0.
Command Modes
Global configuration
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
settlement 0
Related Commands
Sets the connection timeout. Sets the customer identification. Sets the device identification. Specifies the encryption method. Sets the maximum simultaneous connections. Sets the response timeout. Sets the retry delay. Sets the connection retry limit. Sets the session timeout. Displays the configuration for all settlement server transactions. Brings up/shuts down the settlement provider. Specifies the provider type. Specifies the Internet service provider address.
Command
Description
To configure a pattern to match against when determining if a user is roaming or not, enter the settlement roam-pattern Global configuration command. Multiple "roam-patterns" could be entered on one gateway. Use the no form of this command to delete a particular pattern.
settlement [<provider-number>] roam-pattern pattern {roaming|noroaming}
Syntax Description
provider-number Digit defining the ID of particular settlement server. The only valid entry is 0. pattern Specify a user account pattern. roaming|noroaming Determines if user is roaming or not.
Defaults
No default pattern
Command Modes
Global configuration mode.
Command History
12.1(1)T This command was introduced.
Release
Modification
Examples
settlement 0 roam-pattern 1222 roam settlement 0 roam-pattern 1333 noroam settlement roam-pattern 1444 roam settlement roam-pattern 1555 noroam
Related Commands
Enables the roaming capability for a settlement provider. Enters the Settlement configuration mode.
Command
Description
To show the roots confided in the router, enter the show crypto ca roots command.
show crypto ca rootsDefaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
12.1(1)T This command was introduced.
Release
Modification
Examples
The example that follows is the configuration file from alice.cisco.com, and the console output after executing the CLI command show crypto ca roots, show crypto ca cert, and show crypto key pub rsa. The router alice.cisco.com has been enrolled under VeriSign TestDerive CA. It has confided Netscape CMS as a trusted root. The Netscape CMS is installed on the server Ciscoca-ultra.
version 12.0
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname alice
!
hostname#
hostname#show crypto ca roots
Root netscape:
Subject Name:
CN = Certificate Manager
OU = On 07/01
O = cisco
C = US
Serial Number: 01
Certificate configured.
Root identity: netscape
CEP URL: http://cisco-ultra
CRL query url: ldap://cisco-ultra
hostname#
Related Commands
Authenticates the CA (by getting the CA's certificate). Configures the root certificate the server uses to sign the settlement tokens.
Command
Description
To display the configuration for all settlement servers see the specific provider and transactions, enter the show settlement privileged EXEC command. Use the no form of this command to reset to the default value of this command.
show settlement [<provider-number> [transactions]]
Syntax Description
provider number Displays the attributes of a specific provider. transactions Displays the transaction status of a specific provider.
Defaults
None
Command Modes
Privileged EXEC
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Usage Guidelines
See Table 7 "Show Settlement Output" for a description of the fields that appear with the show settlement command.
The provider attributes not configured are not shown.
| Field | Description |
|---|---|
Type | Settlement provider type |
Address url | URL address of the provider |
Encryption | SSL encryption method |
Max Connections | Maximum number of concurrent connections to provider |
Connection Timeout | Connection timeout with provider (in seconds) |
Response Timeout | Response timeout with provider (in seconds) |
Retry Delay | Delay time between retries (in seconds) |
Retry Limit | Number of retries |
Session Timeout | SSL session timeout (in seconds) |
Customer Id | Customer ID, assigned by provider |
Device Id | Device ID, assigned by provider |
Roaming | Roaming enabled |
Signed Token | Indicates if the settlement token is signed by the server. |
Examples
Router# show settlement Settlement Provider 0 Type = osp Address url = https://1.14.115.100:6556/ Encryption = all (default) Max Concurrent Connections = 20 (default) Connection Timeout = 3600 (s) (default) Response Timeout = 1 (s) (default) Retry Delay = 2 (s) (default) Retry Limit = 1 (default) Session Timeout = 86400 (s) (default) Customer Id = 1000 Device Id = 1000 Roaming = Disabled (default) Signed Token = on Number of Connections = 0 Number of Transactions = 7
Router# show settlement 0 transactions
Transaction ID=8796304133625270342
state=OSPC_GET_DEST_SUCCESS, index=0
callingNumber=5710868, calledNumber=15125551212
Router# show settlement
Settlement Provider 0
Operation Status = UP
Type = osp
Address url = https://1.14.115.100:xxxx/
Encryption = all (default)
Token Root Name = transnexus2
Max Concurrent Connections = 20 (default)
Connection Timeout = 3600 (s) (default)
Response Timeout = 1 (s) (default)
Retry Delay = 2 (s)
Retry Limit = 1 (default)
Session Timeout = 86400 (s) (default)
Customer Id = 1000
Device Id = 1000
Roaming = Disabled (default)
Signed Token = On
Number of Connections = 0
Number of Transactions = 0
Related Commands
Sets the connection timeout. Sets the customer identification. Sets the device identification. Specifies the encryption method. Sets the maximum simultaneous connections. Sets the response timeout. Sets the retry delay. Sets the connection retry limit. Sets the session timeout. Enters the Settlement configuration mode. Brings up/shuts down the settlement provider. Specifies the provider type. Specifies the Internet service provider address.
Command
Description
To activate a settlement provider, enter the no shutdown command in the Settlement configuration mode. To deactivate the settlement provider, enter the shutdown command. Otherwise, transactions will not go through the provider to be audited and charged.
shutdownDefaults
The default status of a settlement provider is deactivated.
Command Modes
Settlement configuration
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
settlement 0 shutdown
Related Commands
Sets the connection timeout. Sets the customer identification. Sets the device identification. Specifies the encryption method. Sets the maximum simultaneous connections. Sets the response timeout. Sets the retry delay. Sets the connection retry limit. Sets the session timeout. Enters the Settlement configuration mode. Displays the configuration for all settlement server transactions. Specifies the provider type. Specifies the Internet service provider address.
Command
Description
To specify which root or CA certificate the router should use to validate the settlement token in the incoming setup message, enter the token-root-name command. Use the no form of this command to reset to the default value of this command.
token-root-name name
Syntax Description
name Specify the name that is the certificate identification as configured through the crypto ca identity <name> command or crypto ca trusted-root <name> command.
Defaults
None. The terminating gateway uses the CA certificate to validate the settlement token.
Command Modes
Settlement configuration
Command History
12.1(1)T This command was introduced.
Release
Modification
Examples
token-root-name foo
There is new output for the show settlement command to display the value of the token-root-name attribute:
Settlement Provider 0
Operation Status = UP
Type = osp
Address url = https://1.14.115.100:8444/
Encryption = all (default)
Token Root Name = foo
Max Concurrent Connections = 20 (default)
Connection Timeout = 3600 (s) (default)
Response Timeout = 1 (s) (default)
Retry Delay = 2 (s) (default)
Retry Limit = 1 (default)
Session Timeout = 86400 (s) (default)
Customer Id = 1000
Device Id = 2000
Roaming = Disabled (default)
Signed Token = On
Number of Connections = 1
Number of Transactions = 0
Related Commands
crypto ca identity Declares the CA your router should use. Configures the root certificate the server uses to sign the settlement tokens. Displays the configuration for all settlement server transactions.
Command
Description
To point to the provider type and the specific settlement server, enter the type command in the Settlement configuration mode. This command line defines the settlement server that is doing the accounting, and enables the server to do the accounting. In Cisco IOS Release 12.0(4)XH, osp is the only settlement server type supported. Use the no form of this command to disable this command.
type {osp}
Syntax Description
osp The (only) settlement server type supported
Defaults
The default is osp.
Command Modes
Settlement configuration
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
settlement 0 type osp
Related Commands
Sets the connection timeout. Sets the customer identification. Sets the device identification. Specifies the encryption method. Sets the maximum simultaneous connections. Sets the response timeout. Sets the retry delay. Sets the connection retry limit. Sets the session timeout. Enters the Settlement configuration mode. Displays the configuration for all settlement server transactions. Brings up/shuts down the settlement provider. Specifies the Internet service provider address.
Command
Description
To configure the Internet service provider (ISP) address, enter the url command in the Settlement configuration mode. You can configure the address type multiple times. If you configure multiple URLs for the settlement server, the gateway attempts to send the request to each URL in the order that you configured these addresses. Use the no form of this command to disable this command.
url url-address
Syntax Description
url-address Valid URL address is in the format:
http://fully qualified domain name[:port]/[URL]
Defaults
None
Command Modes
Settlement configuration
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
settlement 0 url http://1.2.3.4/ url http://1.2.3.4:80/ url https://1.2.3.4:4444/ url https://yourcompany.com:443/
Related Commands
Sets the connection timeout. Sets the customer identification. Sets the device identification. Specifies the encryption method. Sets the maximum simultaneous connections. Sets the response timeout. Sets the retry delay. Sets the connection retry limit. Sets the session timeout. Enters the Settlement configuration mode. Displays the configuration for all settlement server transactions. Brings up/shuts down the settlement provider. Specifies the provider type.
Command
Description
This section documents new and modified debug commands associated with the settlement feature. All other commands used with this feature are documented in the Cisco Release 12.0 command references. All debug commands are EXEC commands.
The debug voip ivr command is used to debug the IVR application. IVR debug messages appear when a call is being actively handled by the IVR scripts. Error outputs only occurs if something is not working or an error condition has been raised. The output when the keyword states is used, supplies information about the current status of the IVR script and the different events, that occur in that state. This document, for Cisco IOS Release 12.0(4)XH shows the debug voip ivr settlement command using the output for the keyword settlement only. Use the no form of this command to disable this command.
|
Note To see the complete description of the debug voip ivr command, refer to "Configuring Interactive Voice Response for Cisco Access Platforms" in "Related Documents" section. |
Syntax Description
all Displays both states and error messages. dynamic IVR dynamic prompt play debug. error Displays information only if an error occurs. settlement IVR settlement activities. states Displays extensive information about how IVR is handling each call.
Defaults
Not enabled
Usage Guidelines
IVR debug messages appear when a call is handled by the IVR scripts. Error output should only occur if something is not working or an error condition is indicated. States output supplies information about the current status of the IVR script and the different events that occur in that state.
Settlement output logs activities related to settlement when a call is processed.
Command History
11.3(6)NA2 This command was introduced. 12.0(4)XH Settlement was added.
Release
Modification
Examples
Router # debug voip ivr settlement ivr settlement activities debugging is on as5300-04# 00:00:52:settlement_validate_token:cid(1), target=, tokenp=0x0 00:00:54:pcSettlementAuthorize:cid(1) authorizing using calling=408, called=15125551212 00:00:54:pcSettlementAuthorize:cid(1) sending authorize request type=1 00:00:57:pcSettlementSetup:cid(1) settlement_curr_dest=0, num_dest=3 00:00:57:pcSettlementGetDestination:trans=0 gets error=0, credit_time=14400 00:00:57:pcSettlementSetup:cid(1) placing call through ip(1.14.115.85), calling(408),called(15125551212), digits(15125551212) 00:00:57:pcSettlementSetup:set settlement acct for cid(2) on ip=1.14.115.85 as5300-04#
Router # debug voip ivr settlement ivr settlement activities debugging is on as5300-05# 00:10:02:settlement_validate_token:cid(1), target=settlement, tokenp=0x618386B 4 00:10:02:settlement_validate_token:cid(1) return 1, credit_time=14400 00:10:02:Set settlement acct on cid(1) for trans=0, prov=0 as5300-05#
To enable debugging in all settlement areas, enter the debug voip settlement all EXEC command. Use the no form of this command to disable debugging output.
[no] debug voip settlement all
Syntax Description
enter Displays all entrances. error Displays information only if an error occurs. exit Displays all exits. misc Displays the details on the code flow of each transaction. network Displays network connectivity data. security Displays security and encryption errors. transaction Displays transaction information.
Defaults
Not enabled
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Usage Guidelines
The debug voip settlement all EXEC command enables the following debug settlement commands:
To show all the settlement function entrances, enter the debug voip settlement enter command. Use the no form of this command to disable debugging output.
[no] debug voip settlement enterDefaults
Not enabled.
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
00:43:40:OSP:ENTER:OSPPMimeMessageCreate() 00:43:40:OSP:ENTER:OSPPMimeMessageInit() 00:43:40:OSP:ENTER:OSPPMimeMessageSetContentAndLength() 00:43:40:OSP:ENTER:OSPPMimeMessageBuild() 00:43:40:OSP:ENTER:OSPPMimeDataFree() 00:43:40:OSP:ENTER:OSPPMimePartFree() 00:43:40:OSP:ENTER:OSPPMimePartFree() 00:43:40:OSP:ENTER:OSPPMsgInfoAssignRequestMsg() 00:43:40:OSP:ENTER:osppHttpSelectConnection 00:43:40:OSP:ENTER:OSPPSockCheckServicePoint() ospvConnected = <1> 00:43:40:OSP:ENTER:OSPPSockWaitTillReady() 00:43:40:OSP:ENTER:osppHttpBuildMsg() 00:43:40:OSP:ENTER:OSPPSSLSessionWrite() 00:43:40:OSP:ENTER:OSPPSockWrite() 00:43:40:OSP:ENTER:OSPPSockWaitTillReady()
To show all the settlement errors, enter the debug voip settlement error command. Use the no form of this command to disable debugging output.
[no] debug voip settlement errorDefaults
Not enabled
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
00:45:50:OSP:OSPPSockProcessRequest:http recv init header failed 00:45:50:OSP:osppHttpSetupAndMonitor:attempt#0 on http=0x6141A514, limit=1 error=14310
Usage Guidelines
See "Error Code Definitions" section.
-1:OSP internal software error. 16:A bad service was chosen. 17:An invalid parameter was passed to OSP. 9010:Attempted to access an invalid pointer. 9020:A time related error occurred. 10010:OSP provider module failed initialization. 10020:OSP provider tried to access a NULL pointer. 10030:OSP provider could not fine transaction collection. 10040:OSP provider failed to obtain provider space. 10050:OSP provider tried to access an invalid handle. 10060:OSP provider has reached the maximum number of providers. 11010:OSP transaction tried to delete a transaction which was not allowed. 11020:OSP transaction tried a transaction which does not exist. 11030:OSP transaction tried to start a transaction, but data had already been delivered. 11040:OSP transaction could not identify the response given. 11050:OSP transaction failed to obtain transaction space. 11060:OSP transaction failed (possibly ran out) to allocate memory. 11070:OSP transaction tried to perform a transaction which is not allowed. 11080:OSP transaction found no more responses. 11090:OSP transaction could not find a specified value. 11100:OSP transaction did not have enough space to copy. 11110:OSP transaction - call id did not match destination. 11120:OSP transaction encountered an invalid entry. 11130:OSP transaction tried to use a token too soon. 11140:OSP transaction tried to use a token too late. 11150:OSP transaction - source is invalid. 11160:OSP transaction - destination is invalid. 11170:OSP transaction - calling number is invalid. 11180:OSP transaction - called number is invalid. 11190:OSP transaction - call id is invalid. 11200:OSP transaction - authentication id is invalid. 11210:OSP transaction - call id was not found 11220:OSP transaction - The IDS of the called number was invalid. 11230:OSP transaction - function not implemented. 11240:OSP transaction tried to access an invalid handle. 11250:OSP transaction returned an invalid return code. 11260:OSP transaction reported an invalid status code. 11270:OSP transaction encountered an invalid token. 11280:OSP transaction reported a status which could not be identified. 11290:OSP transaction in now valid after it was not found. 11300:OSP transaction could not find the specified destination. 11310:OSP transaction is valid until not found. 11320:OSP transaction - invalid signaling address. 11330:OSP transaction could not find the ID of the transmitter. 11340:OSP transaction could not find the source number. 11350:OSP transaction could not find the destination number. 11360:OSP transaction could not find the token. 11370:OSP transaction could not find the list. 11380:OSP transaction was not allowed to accumulate. 11390:OSP transaction - transaction usage was already reported. 11400:OSP transaction could not find statistics. 11410:OSP transaction failed to create new statistics. 11420:OSP transaction made an invalid calculation. 11430:OSP transaction was not allowed to get the destination. 11440:OSP transaction could not fine the authorization request. 11450:OSP transaction - invalid transmitter ID. 11460:OSP transaction could not find any data. 11470:OSP transaction found no new authorization requests. 12010:OSP security did not have enough space to copy. 12020:OSP security received and invalid argument. 12030:OSP security could not find the private key. 12040:OSP security encountered an un-implemented function. 12050:OSP security ran out of memory. 12060:OSP security received an invalid signal. 12065:OSP security could not initialize the SSL database. 12070:OSP security could not find space for the certificate. 12080:OSP security has no local certificate info defined. 12090:OSP security encountered a zero length certificate. 12100:OSP security encountered a certificate that is too big. 12110:OSP security encountered an invalid certificate. 12120:OSP security encountered a NULL certificate. 12130:OSP security has too many certificates. 12140:OSP security has no storage provided. 12150:OSP security has no private key. 12160:OSP security encountered an invalid context. 12170:OSP security was unable to allocate space. 12180:OSP security - CA certificates do not match. 12190:OSP security found no authority certificates 12200:OSP security - CA certificate index overflow. 13010:OSP error message - failed to allocate memory. 13110:OSP MIME error - buffer is too small. 13115:OSP MIME error - failed to allocate memory. 13120:OSP MIME error - could not find variable. 13125:OSP MIME error - no input was found. 13130:OSP MIME error - invalid argument. 13135:OSP MIME error - no more space. 13140:OSP MIME error - received an invalid type. 13145:OSP MIME error - received an invalid subtype. 13150:OSP MIME error - could not find the specified protocol. 13155:OSP MIME error - could not find MICALG. 13160:OSP MIME error - boundary was not found. 13165:OSP MIME error - content type was not found. 13170:OSP MIME error - message parts were not found. 13301:OSP XML error - received incomplete XML data. 13302:OSP XML error - bad encoding of XML data. 13303:OSP XML error - bad entity in XML data. 13304:OSP XML error - bad name in XML data. 13305:OSP XML error - bad tag in XML data. 13306:OSP XML error - bad attribute in XML data. 13307:OSP XML error - bad CID encoding in XML data. 13308:OSP XML error - bad element found in XML data. 13309:OSP XML error - no element found in XML data. 13310:OSP XML error - no attribute found in XML data. 13311:OSP XML error - OSP received invalid arguments. 13312:OSP XML error - failed to create a new buffer. 13313:OSP XML error - failed to get the size of a buffer. 13314:OSP XML error - failed to send the buffer. 13315:OSP XML error - failed to read a block from the buffer. 13316:OSP XML error - failed to allocate memory. 13317:OSP XML error - could not find the parent. 13318:OSP XML error - could not find the child. 13319:OSP XML error - data type not found in XML data. 13320:OSP XML error - failed to write a clock to the buffer. 13410:OSP data error - no call id preset. 13415:OSP data error - no token present. 13420:OSP data error - bad number presented. 13425:OSP data error - no destination found. 13430:OSP data error - no usage indicator present. 13435:OSP data error - no status present. 13440:OSP data error - no usage configured. 13445:OSP data error - no authentication indicator. 13450:OSP data error - no authentication request. 13455:OSP data error - no authentication response. 13460:OSP data error - no authentication configuration. 13465:OSP data error - no re-authentication request. 13470:OSP data error - no re-authentication response. 13475:OSP data error - invalid data type present. 13480:OSP data error - no usage information available. 13485:OSP data error - no token info present. 13490:OSP data error - invalid data present. 13500:OSP data error - no alternative info present. 13510:OSP data error - no statistics available. 13520:OSP data error - no delay present. 13610:OSP certificate error - memory allocation failed. 14010:OSP communications error - invalid communication size. 14020:OSP communications error - bad communication value. 14030:OSP communications error - parser error. 14040:OSP communications error - no more memory available. 14050:OSP communications error - communication channel currently in use. 14060:OSP communications error - invalid argument passed. 14070:OSP communications error - no service points present. 14080:OSP communications error - no service points available. 14085:OSP communications error - thread initialization failed. 14086:OSP communications error - communications is shutdown. 14110:OSP message queue error - no more memory available. 14120:OSP message queue error - failed to add a request. 14130:OSP message queue error - no event queue present. 14140:OSP message queue error - invalid arguments passed. 14210:OSP HTTP error - 100 - bad header. 14220:OSP HTTP error - 200 - bad header. 14221:OSP HTTP error - 400 - bad request. 14222:OSP HTTP error - bas service port present. 14223:OSP HTTP error - failed to add a request. 14230:OSP HTTP error - invalid queue present. 14240:OSP HTTP error - bad message received. 14250:OSP HTTP error - invalid argument passed. 14260:OSP HTTP error - memory allocation failed. 14270:OSP HTTP error - failed to create a new connection. 14280:OSP HTTP error - server error. 14290:OSP HTTP error - HTTP server is shutdown. 14292:OSP HTTP error - failed to create a new SSL connection. 14295:OSP HTTP error - failed to create a new SSL context. 14297:OSP HTTP error - service unavailable. 14300:OSP socket error - socket select failed. 14310:OSP socket error - socket receive failed. 14315:OSP socket error - socket send failed. 14320:OSP socket error - failed to allocate memory for the receive buffer. 14320:OSP socket error - socket reset. 14330:OSP socket error - failed to create the socket. 14340:OSP socket error - failed to close the socket. 14350:OSP socket error - failed to connect the socket. 14360:OSP socket error - failed to block I/O on the socket. 14370:OSP socket error - failed to disable nagle on the socket. 14400:OSP SSL error - failed to allocate memory. 14410:OSP SSL error - failed to initialize the context. 14420:OSP SSL error - failed to retrieve the version. 14430:OSP SSL error - failed to initialize the session. 14440:OSP SSL error - failed to attach the socket. 14450:OSP SSL error - handshake failed. 14460:OSP SSL error - failed to close SSL. 14470:OSP SSL error - failed to read from SSL. 14480:OSP SSL error - failed to write to SSL. 14490:OSP SSL error - could not get certificate. 14495:OSP SSL error - no root certificate found. 14496:OSP SSL error - failed to set the private key. 14497:OSP SSL error - failed to parse the private key. 14498:OSP SSL error - failed to add certificates. 14499:OSP SSL error - failed to add DN. 15410:OSP utility error - not enough space for copy. 15420:OSP utility error - no time stamp has been created. 15430:OSP utility error - value not found. 15440:OSP utility error - failed to allocate memory. 15450:OSP utility error - invalid argument passed. 15500:OSP buffer error - buffer is empty. 15510:OSP buffer error - buffer is incomplete. 15980:OSP POW error. 15990:OSP Operating system conditional variable timeout. 16010:OSP X509 error - serial number undefined. 16020:OSP X509 error - certificate undefined. 16030:OSP X509 error - invalid context. 16040:OSP X509 error - decoding error. 16050:OSP X509 error - unable to allocate space. 16060:OSP X509 error - invalid data present. 16070:OSP X509 error - certificate has expired. 16080:OSP X509 error - certificate not found. 17010:OSP PKCS1 error - tried to access invalid private key pointer 17020:OSP PKCS1 error - unable to allocate space. 17030:OSP PKCS1 error - invalid context found. 17040:OSP PKCS1 error - tried to access NULL pointer. 17050:OSP PKCS1 error - private key overflow. 18010:OSP PKCS7 error - signer missing. 18020:OSP PKCS7 error - invalid signature found. 18020:OSP PKCS7 error - unable to allocate space. 18030:OSP PKCS7 error - encoding error. 18040:OSP PKCS7 error - tried to access invalid pointer. 18050:OSP PKCS7 error - buffer overflow. 19010:OSP ASN1 error - tried to access NULL pointer. 19020:OSP ASN1 error - invalid element tag found. 19030:OSP ASN1 error - unexpected high tag found. 19040:OSP ASN1 error - invalid primitive tag found. 19050:OSP ASN1 error - unable to allocate space. 19060:OSP ASN1 error - invalid context found. 19070:OSP ASN1 error - invalid time found. 19080:OSP ASN1 error - parser error occurred. 19090:OSP ASN1 error - parsing complete. 19100:OSP ASN1 error - parsing defaulted. 19110:OSP ASN1 error - length overflow. 19120:OSP ASN1 error - unsupported tag found. 19130:OSP ASN1 error - object ID not found. 19140:OSP ASN1 error - object ID mismatch. 19150:OSP ASN1 error - unexpected int base. 19160:OSP ASN1 error - buffer overflow. 19170:OSP ASN1 error - invalid data reference ID found. 19180:OSP ASN1 error - no content value for element found. 19190:OSP ASN1 error - integer overflow. 20010:OSP Crypto error - invalid parameters found. 20020:OSP Crypto error - unable to allocate space. 20030:OSP Crypto error - could not verify signature. 20040:OSP Crypto error - implementation specific error. 20050:OSP Crypto error - tried to access invalid pointer. 20060:OSP Crypto error - not enough space to perform operation. 21010:OSP PKCS8 error - invalid private key pointer found. 21020:OSP PKCS8 error - unable to allocate space for operation. 21030:OSP PKCS8 error - invalid context found. 21040:OSP PKCS8 error - tried to access NULL pointer. 21050:OSP PKCS8 error - private key overflow. 22010:OSP Base 64 error - encode failed. 22020:OSP Base 64 error - decode failed. 22510:OSP audit error - failed to allocate memory. 156010:OSP RSN failure error - no data present. 156020:OSP RSN failure error - data is invalid.
To show all the settlement function exits, enter the debug voip settlement exit command. Use the no form of this command to disable debugging output.
[no] debug voip settlement exitDefaults
Not enabled
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
01:21:10:OSP:EXIT :OSPPMimeMessageInit() 01:21:10:OSP:EXIT :OSPPMimeMessageSetContentAndLength() 01:21:10:OSP:EXIT :OSPPMimeMessageBuild() 01:21:10:OSP:EXIT :OSPPMimePartFree() 01:21:10:OSP:EXIT :OSPPMimePartFree() 01:21:10:OSP:EXIT :OSPPMimeDataFree() 01:21:10:OSP:EXIT :OSPPMimeMessageCreate() 01:21:10:OSP:EXIT :OSPPMsgInfoAssignRequestMsg() 01:21:10:OSP:EXIT :osppHttpSelectConnection 01:21:10:OSP:EXIT :OSPPSockCheckServicePoint() isconnected(1) 01:21:10:OSP:EXIT :osppHttpBuildMsg() 01:21:10:OSP:EXIT :OSPPSockWrite() (0) 01:21:10:OSP:EXIT :OSPPSSLSessionWrite() (0) 01:21:10:OSP:EXIT :OSPPSSLSessionRead() (0) 01:21:10:OSP:EXIT :OSPPSSLSessionRead() (0) 01:21:10:OSP:EXIT :OSPPHttpParseHeader 01:21:10:OSP:EXIT :OSPPHttpParseHeader 01:21:10:OSP:EXIT :OSPPSSLSessionRead() (0) 01:21:10:OSP:EXIT :OSPPUtilMemCaseCmp()
To show the details on the code flow of each settlement transaction, enter the debug voip settlement misc command. Use the no form of this command to disable debugging output.
[no] debug voip settlement miscDefaults
Not enabled
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
00:52:03:OSP:osp_authorize:callp=0x6142770C 00:52:03:OSP:OSPPTransactionRequestNew:ospvTrans=0x614278A8 00:52:03:OSP:osppCommMonitor:major:minor=(0x2:0x1) 00:52:03:OSP:HTTP connection:reused 00:52:03:OSP:osppHttpSetupAndMonitor:HTTP=0x6141A514, QUEUE_EVENT from eventQ=0x6141A87C, comm=0x613F16C4, msginfo=0x6142792C 00:52:03:OSP:osppHttpSetupAndMonitor:connected = <TRUE> 00:52:03:OSP:osppHttpSetupAndMonitor:HTTP=0x6141A514, build msginfo=0x6142792C, trans=0x2 00:52:04:OSP:osppHttpSetupAndMonitor:HTTP=0x6141A514, msg built and sent:error=0, msginfo=0x6142792C 00:52:04:OSP:osppHttpSetupAndMonitor:monitor exit. errorcode=0 00:52:04:OSP:osppHttpSetupAndMonitor:msginfo=0x6142792C, error=0, shutdown=0 00:52:04:OSP:OSPPMsgInfoProcessResponse:msginfo=0x6142792C, err=0, trans=0x614278A8, handle=2 00:52:04:OSP:OSPPMsgInfoChangeState:transp=0x614278A8, msgtype=12 current state=2 00:52:04:OSP:OSPPMsgInfoChangeState:transp=0x614278A8, new state=4 00:52:04:OSP:OSPPMsgInfoProcessResponse:msginfo=0x6142792C, context=0x6142770C, error=0 00:52:04:OSP:osp_get_destination:trans_handle=2, get_first=1, callinfop=0x614275E0 00:52:04:OSP:osp_get_destination:callinfop=0x614275E0 get dest=1.14.115.51, validafter=1999-01-20T02:04:32Z, validuntil=1999-01-20T02:14:32Z 00:52:04:OSP:osp_parse_destination:dest=1.14.115.51 00:52:04:OSP:osp_get_destination:callinfop=0x614275E0, error=0, ip_addr=1.14.115.51, credit=60 00:52:06:OSP:stop_settlement_ccapi_accounting:send report for callid=0x11, transhandle=2 00:52:06:OSP:osp_report_usage:transaction=2, duration=0, lostpkts=0, lostfrs=0, lostpktr=0, lostfrr=0
To show all the messages exchanged between a router and a settlement provider, enter the debug voip settlement network command. Use the no form of this command to disable debugging output.
[no] debug voip settlement networkDefaults
Not enabled
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Usage Guidelines
Using the debug voip settlement network command shows the messages, in detail, in HTTP and XML formats.
Examples
00:47:25:OSP:HTTP connection:reused 00:47:25:OSP:OSPPSockWaitTillReady:HTTPCONN=0x6141A514, fd=0 00:47:25:OSP:OSPPSockWaitTillReady:read=0, timeout=0, select=1 00:47:25:OSP:osppHttpBuildAndSend():http=0x6141A514 sending: POST /scripts/simulator.dll?handler HTTP/1.1 Host:1.14.115.12 content-type:text/plain Content-Length:439 Connection:Keep-Alive Content-Type:text/plain Content-Length:370 <?xml version="1.0"?><Message messageId="1" random="8896"> <AuthorisationRequest componentId="1"> <Timestamp> 1993-03-01T00:47:25Z</Timestamp> <CallId> <![CDATA[12]]></CallId> <SourceInfo type="e164"> 5551111</SourceInfo> <DestinationInfo type="e164"> 5552222</DestinationInfo> <Service/> <MaximumDestinations> 3</MaximumDestinations> </AuthorisationRequest> </Message> 00:47:25:OSP:OSPPSockWaitTillReady:HTTPCONN=0x6141A514, fd=0 00:47:25:OSP:OSPPSockWaitTillReady:read=0, timeout=1, select=1 00:47:25:OSP:OSPM_SEND:bytes_sent = 577 00:47:25:OSP:OSPPSockProcessRequest:SOCKFD=0, Expecting 100, got 00:47:25:OSP:OSPPSockWaitTillReady:HTTPCONN=0x6141A514, fd=0 00:47:25:OSP:OSPPSockWaitTillReady:read=1, timeout=1, select=1 00:47:25:OSP:OSPPSSLSessionRead() recving 1 bytes: HTTP/1.1 100 Continue Server:Microsoft-IIS/4.0 Date:Wed, 20 Jan 1999 02:01:54 GMT 00:47:25:OSP:OSPPSockProcessRequest:SOCKFD=0, Expecting 200, got 00:47:25:OSP:OSPPSockWaitTillReady:HTTPCONN=0x6141A514, fd=0 00:47:25:OSP:OSPPSockWaitTillReady:read=1, timeout=1, select=1 00:47:25:OSP:OSPPSSLSessionRead() recving 1 bytes: HTTP/1.1 200 OK Server:Microsoft-IIS/4.0 Date:Wed, 20 Jan 1999 02:01:54 GMT Connection:Keep-Alive Content-Type:multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary=bar Content-Length:1689 00:47:25:OSP:OSPPSockProcessRequest:SOCKFD=0, error=0, HTTP response 00:47:25:OSP:OSPPSockWaitTillReady:HTTPCONN=0x6141A514, fd=0 00:47:25:OSP:OSPPSockWaitTillReady:read=1, timeout=1, select=1 00:47:25:OSP:OSPPSSLSessionRead() recving 1689 bytes: --bar Content-Type:text/plain Content-Length:1510 <?xml version="1.0"?><Message messageId="1" random="27285"> <AuthorisationResponse componentId="1"> <Timestamp> 1999-01-20T02:01:54Z</Timestamp> <Status> <Description> success</Description> <Code> 200</Code> </Status> <TransactionId> 101</TransactionId> <Destination> <AuthorityURL> http://www.myauthority.com</AuthorityURL> <CallId> <![CDATA[12]]></CallId> <DestinationInfo type="e164"> 5552222</DestinationInfo> <DestinationSignalAddress> 1.14.115.51</DestinationSignalAddress> <Token encoding="base64"> PD94bWwgdmVyc2lvbj0xLjA/PjxNZXNzYWdlIG1lc3NhZ2VJZD0iMSIgcmFuZG9tPSIxODM0OSI+PFRva2VuSW5mbz48U291cmNlSW5mbyB0eXBlPSJlMTY0Ij41NTUxMTExPC9Tb3VyY2VJbmZvPjxEZXN0aW5hdGlvbkluZm8gdHlwZT0iZTE2NCI+NTU1MjIyMjwvRGVzdGluYXRpb25JbmZvPjxDYWxsSWQ+PCFbQ0RBVEFbMV1dPjwvQ2FsbElkPjxWYWxpZEFmdGVyPjE5OTgtMTItMDhUMjA6MDQ6MFo8L1ZhbGlkQWZ0ZXI+PFZhbGlkVW50aWw+MTk5OS0xMi0zMVQyMzo1OTo1OVo8L1ZhbGlkVW50aWw+PFRyYW5zYWN0aW9uSWQ+MTAxPC9UcmFuc2FjdGlvbklkPjxVc2FnZURldGFpbD48QW1vdW50PjE0NDAwPC9BbW91bnQ+PEluY3JlbWVudD4xPC9JbmNyZW1lbnQ+PFNlcnZpY2UvPjxVbml0PnM8L1VuaXQ+PC9Vc2FnZURldGFpbD48L1Rva2VuSW5mbz48L01lc3NhZ2U+</Token> <UsageDetail> <Amount> 60</Amount> <Increment> 1</Increment> <Service/> <Unit> s</Unit> </UsageDetail> <ValidAfter> 1999-01-20T01:59:54Z</ValidAfter> <ValidUntil> 1999-01-20T02:09:54Z</ValidUntil> </Destination> <transnexus.com:DelayLimit critical="False"> 1000</transnexus.com:DelayLimit> <transnexus.com:DelayPreference critical="False"> 1</transnexus.com:DelayPreference> </AuthorisationResponse> </Message> --bar Content-Type:application/pkcs7-signature Content-Length:31 This is your response signature --bar--
To show all the tracing related to security, such as SSL or S/MIME, enter the debug voip settlement security command. Use the no form of this command to disable debugging output.
[no] debug voip settlement securityDefaults
Not enabled
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
Not available due to security issues.
To see all the attributes of the transactions on the settlement gateway, enter the debug voip settlement transaction command. Use the no form of this command to disable debugging output.
[no] debug voip settlement transactionDefaults
Not enabled
Command History
12.0(4)XH1 This command was introduced.
Release
Modification
Examples
Sample output from the originating gateway:
00:44:54:OSP:OSPPTransactionNew:trans=0, err=0 00:44:54:OSP:osp_authorize:authorizing trans=0, err=0 as5300-04> 00:45:05:OSP:stop_settlement_ccapi_accounting:send report for callid=7, trans =0, calling=5710868, called=15125551212, curr_Dest=1 00:45:05:OSP:OSPPTransactionDelete:deleting trans=0
Sample output from the terminating gateway:
00:44:40:OSP:OSPPTransactionNew:trans=0, err=0 00:44:40:OSP:osp_validate:validated trans=0, error=0, authorised=1
AAA—Authentication Authorization and Accounting. A Cisco IOS Security feature.
ACF—Admission Confirmation.
ARQ—Admission Request
CA—Certificate Authority.
CDR—Call detail record.
CEP—Cisco Enrollment Protocol.
ETSI— European Telecommunication Standards Institute.
ISP—Internet service provider.
IVR—Interactive Voice Response. A Cisco IOS software voice feature for internet telephony service providers.
MD 5—Message Digest 5. The algorithm used for message authentication in SNMP v.2; MDS verifies the integrity of the communication, authenticates the origin, and checks for timeliness.
OGW—originating gateway.
OSP—Open Settlement Protocol.
PKCS7—Public Key Cryptography Standard No.7.
PKI—Public key infrastructure.
RADIUS—Database for authenticating modem and ISDN connections and for tracking connections.
RAS—Registration, admission, and status. RAS is the protocol that is used between endpoints and the gatekeeper to perform management functions.
ROOT—The ultimate CA which signs the certificates of the sub CA.
RSA—Rivest, Shamir, and Aldeman. Inventors of the public-key cryptographic system used for encryption and authentication.
SSL—Secure Socket Layer. Encryption technology for the Web used to provide secure transactions, such as the transmission of credit card numbers for e-commerce.
TACACS—Terminal access controller access control system.
TCL—Tool command language. TCL is an interpreted script language developed by Dr. John Ousterhout of the University of California, Berkeley, and is now developed and maintained by Sun Microsystems Laboratories.
TCP—Transmission Control Protocol.
TGW—terminating gateway.
VoIP—Voice over IP. The ability to carry normal telephone-style voice over an IP-based Internet with POTs-like functionality, reliability, and voice quality. VoIP is a blanket term, which generally refers to Cisco's standards based (for example H.323) approach to IP voice traffic.
Posted: Wed Sep 6 09:45:24 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.