Enabling Session Initiation Protocol (SIP) flow token security
The Session Initiation Protocol (SIP) container supports client-initiated connection reuse. SIP flow token security enables you to establish communication between a server and SIP clients in situations where the SIP clients can create a connection to the server, but are not prepared to accept connections from the server.
About this task
Managing client-initiated connections in the SIP container involves generating flow tokens, as described in the SIP standard RFC 5626. When the SIP container delivers a flow token to the network, it encodes the token in a way that prevents anyone from modifying this token. When the container receives a flow token that it previously generated, it decodes the flow token and verifies its integrity.
- Only TCP and TLS stream transports are supported.
- UDP flows are not reused.
- TCP keepalives are supported, but STUN keepalives are not.
- Support of this protocol extension is provided for SIP applications that act as a proxy/registrar, as described in RFC 5626, but not as a user agent, as described in this RFC.
Encoding and decoding the flow token requires a pre-defined key. The SIP container obtains this security key from your SIP container settings. Complete the following steps to configure the SIP container to support flow token security.
Procedure
Results
SIP flow token security is enabled for the SIP container.