RADIUS Auth Profiles

Yeti supports additional authorization of incoming call on external RADIUS (Remote Authentication Dial-In User Service) server. RADIUS Auth Profile describes communication with that server.

INFO

module radius_client should be loaded to use such feature

Id

Unique indetifier.

Name

Unique name of Auth profile. Uses for informational purposes and doesn't affect system behavior.

Server

IP address or hostname of external RADIUS server.

Port

UDP port on which RADIUS server wait for requests.

Secret

Password for Authorization procedure on external RADIUS server.

Reject on error

If enabled, in case of error in communication with external RADIUS server (timeout, bad format of response, etc) a call will be considered as authorized and YETI will do further routing procedure. If disabled, in case of error in communication with external RADIUS server (timeout, bad format of response, etc) a call will be discarded with appropriate code.

Timeout

Timeout of request after which a request will be repeated (millisecond).

Attempts

Maximum amount of of requests for every call.

Auth profile attributes

RADIUS Attributes for including specific authentication, authorization, information and configuration details to the requests and replies. General amount of attributes is regulated by total length of the RADIUS packet (see: RFC 2865: Remote Authentication Dial In User Service (RADIUS)).

Type

The Type of the RADIUS attribute (decimal value between 0 and 255). Regarding to the RFC 2865: Remote Authentication Dial In User Service (RADIUS) values 192-223 are reserved for experimental use, values 224-240 are reserved for implementation-specific use, and values 241-255 are reserved and should not be used. A RADIUS server and client MAY ignore Attributes with an unknown Type.

Name

Name of attribute. It uses for information only and doesn't transfer in the RADIUS packet.

Is VSA

If this checkbox is enabled it indicates that it is Vendor Specific Attribute and doesn't described by RFC 2865 - Remote Authentication Dial In User Service (RADIUS).

VSA Vendor

Decimal value (between 0 and (2^32 - 1)) of the Vendor's ID in the attribute. In the RFC 2865 - Remote Authentication Dial In User Service (RADIUS) - the high-order octet is 0 and the low-order 3 octets are the SMI Network Management Private Enterprise Code of the Vendor in network byte order.

VSA Vendor type

Decimal value (between 0 and 255) of the specific Vendor type of attribute.

Value

String that is used as template for filling value of RADIUS Attribute with using pre-defined placeholders (variables) that are described in note bellow. It is possible to combine several placeholders together with pre-defined text to one string. Resulting value will be converted to the data of necessary Format (see below). In case of impossibility to convert resulting value to necessary Format an error will be occurred.

INFO

Example of filling Value field: Destination ID: $

destination_id$

; DialPeer ID: $

dialpeer_id$ :
:::

Format

The resulting format of the Value field. It is one of six data types: string (1-253 octets containing binary data (values 0 through 255 decimal, inclusive) - often used for printable text strings), octets (1-253 octets containing binary data (values 0 through 255 decimal, inclusive) - often used for binary data), ipaddr (32 bit value, most significant octet first), integer (32 bit unsigned value, most significant octet first), date (32 bit unsigned value, most significant octet first -- seconds since 00:00:00 UTC, January 1, 1970), ip6addr (128 bit value, most significant octet first).

Remove

This control element can be used for removing existing Auth profile attribute. Auth profile attribute will be removed after saving changes (by clicking Update Auth profile) in case of enabling this checkbox.

Supported variables

Currently the following variables (placeholders) are supported in Yeti’s RADIUS authorization profiles:

$src_number_radius$

Source (A-number) of the current call (string).

$dst_number_radius$

Destination (B-number) of the current call (string).

$orig_gw_name$

Name of the gateway used as the origination gateway for the current call.

$customer_auth_name$

Name of the Customer Auth.

$customer_name$

Customer name.

$customer_account_name$

Customer account name.

$term_gw_name$

Name of the termination gateway.

$orig_gw_external_id$

Value of the External ID attribute (integer) of the origination gateway.

$term_gw_external_id$

Value of the External ID attribute (integer) of the termination gateway.

$fake_180_timer$

Value (in milliseconds) of the Fake 180 timer attribute (integer) of the termination gateway.

$customer_id$

ID (integer) of the customer for the current call.

$vendor_id$

ID (integer) of the vendor for the current call.

$customer_acc_id$

ID (integer) of the customer account.

$vendor_acc_id$

ID (integer) of the vendor account.

$customer_auth_id$

ID (integer) of the Customer Auth.

$dialpeer_id$

ID (integer) of the dialpeer.

$dialpeer_prefix$

Prefix (string) of the dialpeer for the current call.

$orig_gw_id$

ID (integer) of the origination gateway.

$term_gw_id$

ID (integer) of the termination gateway.

$routing_group_id$

ID (integer) of the routing group.

$rateplan_id$

ID (integer) of the rateplan.

$destination_id$

ID (integer) of the destination.

$destination_prefix$

Prefix (string) of the destination for the current call.

$destination_initial_rate$

Value of the Initial Rate attribute (floating-point number) of the destination.

$destination_next_rate$

Value of the Next Rate attribute (floating-point number) of the destination.

$destination_initial_interval$

Value of the Initial Interval attribute (integer) of the destination.

$destination_next_interval$

Value of the Next Interval attribute (integer) of the destination.

$destination_rate_policy_id$

Value of the Rate policy attribute (integer) of the destination for the current call (1 – Fixed, 2 – Based on used dialpeer, 3 – MIN(Fixed, Based on used dialpeer), 4 – MAX(Fixed, Based on used dialpeer)).

$dialpeer_initial_interval$

Value of the Initial Interval attribute (integer) of the dialpeer for the current call.

$dialpeer_next_interval$

Value of the Next Interval attribute (integer) of the dialpeer for the current call.

$dialpeer_next_rate$

Value of the Next Rate attribute (floating-point number) of the dialpeer for the current call.

$destination_fee$

Value of the Connect fee attribute (floating-point number) of the destination for the current call.

$dialpeer_initial_rate$

Value of the Initial Rate attribute (floating-point number) of the dialpeer for the current call.

$dialpeer_fee$

Value of the Connect fee attribute (floating-point number) of the dialpeer for the current call.

$dst_prefix_in$

Destination number (B-number) received from the origination gateway (string).

$dst_prefix_out$

Destination number (B-number) sent to the termination gateway (string).

$src_prefix_in$

Source number (A-number) received from the origination gateway (string).

$src_prefix_out$

Source number (A-number) sent to the termination gateway (string).

$src_name_in$

Caller name received in the SIP From header from the origination gateway (string).

$src_name_out$

Caller name sent in the SIP From header to the termination gateway (string).

$diversion_in$

Value of the SIP Diversion header received from the origination gateway (string).

$diversion_out$

Value of the SIP Diversion header sent to the termination gateway (string).

$auth_orig_protocol_id$

Protocol used for interconnection with the origination gateway(1 – UDP, 2 – TCP).

$auth_orig_ip$

IP address of the origination gateway received during the SIP AUTH stage (string).

$auth_orig_port$

TCP or UDP port used for sending signaling information from the origination gateway (integer).

$dst_country_id$

Value of the ID attribute (integer) of the country associated (via the Network Prefixes table) with the destination number (B-number) for the current call.

$dst_network_id$

Value of the ID attribute (integer) of the network associated (via the Network Prefixes table) with the destination number (B-number) for the current call.

$dst_prefix_routing$

Destination number prefix (B-number) used for routing for the current call.

$src_prefix_routing$

Source number prefix (A-number) used for routing for the current call.

$routing_plan_id$

Value of the ID attribute (integer) of the routing plan for the current call.

$lrn$

Routing number received from the LNP database (if requested) for the current call.

$lnp_database_id$

Value of the ID attribute (integer) of the LNP database used for the current call.

$from_domain$

Domain received in the SIP From header from the origination gateway (string).

$to_domain$

Domain received in the SIP To header from the origination gateway (string).

$ruri_domain$

Domain received in the SIP R-URI header from the origination gateway (string).

$src_area_id$

Value of the ID attribute (integer) of the area associated (via the Area Prefixes table) with the source number (A-number) for the current call.

$dst_area_id$

Value of the ID attribute (integer) of the area associated (via the Area Prefixes table) with the destination number (B-number) for the current call.

$routing_tag_id$

Value of the ID attribute (integer) of the routing tag associated (via the Routing Tag Detection table) with both source and destination areas for the current call.

$customer_acc_check_balance$

State of the Check account balance flag of the Customer Auth (0 – disabled, 1 – enabled).

$destination_reverse_billing$

Value of the Reverse billing attribute (boolean) of the destination for the current call.

$dialpeer_reverse_billing$

Value of the Reverse billing attribute (boolean) of the dialpeer for the current call.

INFO

To enable additional RADIUS authorization, assign a RADIUS Auth Profile to the Customer Auth object.

WARNING

Yeti does not support interaction with external routing engines via the RADIUS protocol.