Authentication, H.235 authentication, Authentication using a local database – Tandberg Data N3 User Manual

TANDBERG Gatekeeper User Manual

20

match an entry on the DenyList. Allow lists and Deny lists are mutually exclusive: only one
may be in use at any given time.

Matching uses a simple form of wild card expansion:

12345678

Exact match only

1234567?

First 7 characters are an exact match, last may be anything

123*

123 followed by anything

*@example.com

Any string ending with @example.com

To set entries in the Allow and Deny lists use the following commands

AllowListAdd, AllowListDelete, DenyListAdd, DenyListDelete

To view the entries in the allow and deny lists, use the following commands:

xConfiguration Gatekeeper Registration AllowList

xConfiguration Gatekeeper Registration DenyList

Figure 13 Configuring a pattern for the Allow/Deny List within the Registration

Restrictions

3.7.2 Authentication

The TANDBERG Gatekeeper can use a user name and password based challenge-response
scheme to permit registrations. For details of how to configure the Gatekeeper for
authentication see section 3.8 H.235 Authentication. For details of how to configure your
endpoint with the appropriate information, please consult your endpoint manual.

3.8 H.235 Authentication

The Gatekeeper supports the ITU H.235

2

specification for authenticating the identity of

network devices with which the Gatekeeper communicates.

In order to verify the identity of a device, the Gatekeeper needs access to the password
information. This credential information may be stored in a local database on the Gatekeeper
or obtained from an LDAP Director Server.

3.8.1 Authentication using a local database

2

ITU Specification: H.235 Security and encryption for H-Series (H.323 and other H.245-based)

multimedia terminals