Tracking 25665 - Max character count is limited with 20 for FQDN in NAT field - TB-793
The FQDN field in the NAT page now accepts up to 255 characters and no longer accepts FQDNs that are less than 4 characters, contain special characters, or start/end with a period as per the FQDN standards.
Intel X710 (i40e) network adapter issue - TB-1792
The Toolpack networking stack was updated to fix an issue where Intel x710 network adapters (i40e-based) would become unresponsive after trying to send packets of zero length.
One way RTP after Re-INVITE when using SRTP - TB-2023
The SRTP keys are now updated after every 200 OK or ACK message containing a crypto change during an INVITE or re-INVITE transaction.The encryption key index is maintained when forwarding a re-INVITE from the non-secure side in a secure to non-secure media call. Note that the SDP re-negotiation in UPDATE transactions will be implemented in an upcoming release.
The Toolpack was modified for both the ProSBC and the TMG to remove an unnecessary semi-colon during the formatting of the Diversion header of the SIP INVITE.
Reject UPDATE requests when SDP is modified - TB-2686
A new interoperability parameter has been added to the ProSBC SIP profile.The parameter Forward SIP UPDATE determines which behavior the profile should use to handle in-dialog UPDATE requests.Enabled (default): The SBC accepts all UPDATE requests, including those with an unmodified, modified, or empty SDP. Note that the actual forwarding of the request and SDP re-negotiation will be implemented in an upcoming release.Disabled: The SBC accepts UPDATE requests with an unmodified or empty SDP but does not forward them. All other requests are rejected with a 488 Not Acceptable Here status code.Note that this parameter does not affect the forwarding of re-INVITE requests.
Implement support of IMPLICIT encoding of IRI Records on ProSBC - TB-2724
Toolpack now supports the IMPLICIT encoding of the Lawful Interception IRI records when sending them to the configured FTP server.
The IMPLICIT encoding is defined in annex D.1 of the ETSI ES 201 671 specification.
Call filtering for authorized users allows for SIP trunk registrations - TB-2774
When the “Accept only authorized users” option is checked in a NAP, ProSBC now validates against both the SIP From username and the SIP Contact username.The call is allowed if either the From or Contact matches the registered user.This allows for the ProSBC to verify for authorized users where the PBX has registered through the ProSBC via a SIP trunk to the opposing SIP Registrar rather than a dedicated SIP Register for each of its users. In this scenario, we expect the original SIP Register to consistently use the same username through all of the SIP headers and will use this same username in the contact header for subsequent SIP Invites.
Error in the implicit mode encoding of the IRI record for Lawful Interception - TB-2872
A correction was made in the ASN.1 “implicit” mode encoding of the IRIRecord. The element partyInformation which is a “set of” PartyInformation (sequence) is now encoded in a way that the type/value of each child PartyInformation instance is excluded from the encoding.
Web Portal HTTPS security update - TB-3092
The cipher suites for connecting to ProSBC and Tmedia embedded web pages using HTTP have been updated to increase the security level.
Diffie-Hellman (DH) has been upgraded from 1024 bits to 2048 bits.
Elliptic-curve (EC) has been upgraded from 256 bits to 384 bits.