mopdf.com

Misgav Industrial Park, POB 60, D.N. Misgav 20174, IsraelTel: 972-4-9951999; Fax: 972-4-9990287CompleteSBC: Getting Started GuideDefault CompleteSBC ConfigurationCompleteSBC (SBC) is pre-configured to perform the following actions: registration caching limiting the number of concurrent calls via the CompleteSBC 'public' realm rejecting SIP requests from endpoints with user agent names that are not configured inCompleteSBC routing all accepted SIP requests on the 'public' CompleteSBC realm to the Asterisk ('internal'CompleteSBC realm, the 'PBX' call agent) routing all accepted SIP requests on the 'internal' CompleteSBC realm to the CompleteSBC'public' realm according to the information in the SIP Request-URI (R-URI)Important!CompletePBX/CompleteSBC is shipped configured with maximum protection. As a result, incomingcommunication via the CompleteSBC public signaling interface is blocked. In order to be able tomake calls through CompleteSBC the administrator must first un-block it (refer to “Enablecommunication through CompleteSBC”.)CompleteSBC includes a demo license that permits generation of several simultaneous calls. Themaximum call duration is 90 seconds.Before calls can be made via CompleteSBC the following tasks must be performed:oconfigure and enable the CompleteSBC Web interfaceoconfigure the IP address for the CompleteSBC signaling and media interfacesoallow SIP requests on the CompleteSBC public realmoensure that the SIP device agent names you use appear in the list of permitted devicesEnable the CompleteSBC Web InterfaceThe SBC Web interface must be bound explicitly to one of the PBX IP addresses. It must be done viacommand line interface as follows:PM0628.01 - CompleteSBC Getting Started GuidePage 1 of 10VoIPon www.voipon.co.uk [email protected] Tel: 44 (0)1245 808195 Fax: 44 (0)1245 808299

Misgav Industrial Park, POB 60, D.N. Misgav 20174, IsraelTel: 972-4-9951999; Fax: 972-4-9990287 connect to the PBX via SSH and login as user 'root' (the default password is!x0rc0m!voip5472# Run sbc-init-gui utility and configure an IP address:#sbc-init-guiAccess the SBC Web interface by clicking the “CompleteSBC” icon on the CompletePBX landingpage:The login dialog will appear:Use the following credentials to login:Username: rootPassword: !x0rc0m!voip5472#PM0628.01 - CompleteSBC Getting Started GuidePage 2 of 10VoIPon www.voipon.co.uk [email protected] Tel: 44 (0)1245 808195 Fax: 44 (0)1245 808299

Misgav Industrial Park, POB 60, D.N. Misgav 20174, IsraelTel: 972-4-9951999; Fax: 972-4-9990287Configure IP Addresses for the CompleteSBC Signaling andMedia InterfacesGo to the System Interfaces and choose the CompleteSBC Interfaces dialog:It is necessary to define correct IP addresses for the medpub and sigpub interfaces. Click the editlink for each in turn and define the correct IP address.The IP port ranges for medint and medpub interfaces can be modified. The default range is 2000220402, which is sufficient for 200 simultaneous calls. For a higher number of simultaneous calls therange can be re-calculated on the basis of 2 ports per call.Important Notes!1. If you want CompleteSBC to substitute your public Internet IP address in the outbound SIPmessages then you have to define the address in the “Public IP address” field for both medpub andsigpub interfaces and disable this feature in the Asterisk SIP settings.2. A PBX reboot is required to apply the new interfaces settings.Enable Communication through CompleteSBCBoth CompletePBX and CompleteSBC are shipped pre-configured with maximum protection. This isthe reason why the inbound traffic is blocked for the SBC sigpub interface by default.PM0628.01 - CompleteSBC Getting Started GuidePage 3 of 10VoIPon www.voipon.co.uk [email protected] Tel: 44 (0)1245 808195 Fax: 44 (0)1245 808299

Misgav Industrial Park, POB 60, D.N. Misgav 20174, IsraelTel: 972-4-9951999; Fax: 972-4-9990287Almost all of traffic restriction-related parameters are found in the 'settings' table.Select the “Tables” “Table: settings” menu item. The following dialog appears:The table has three key/value pairs:key valueDescriptionallowed-useragentsA regular expression for detection of permitted SIP user agent names. Bydefault the expression includes SIP user agent names for all supported SIPphones listed in the CompletePBX Endpoint Manager, Zoiper, standardAsterisk, FreePBX and CompletePBX.block-public1 – reject the incoming SIP requests received on the CompleteSBC publicrealm0 – accept the incoming SIP requests received on the CompleteSBC publicrealmcall-limitMaximum number of concurrent calls through the CompleteSBC publicrealmYou can change the values in the table according to your requirements and then click “Activatechanges” to apply the new settings.NAT Router ConfigurationIf you have remote SIP extensions then it is necessary to configure port forwarding in the NAT routerconfiguration, as follows:1.2.the CompleteSBC sigpup interface port (by default 6075/udp) must be forwarded to the PBX.the CompleteSBC mediapub interface ports range (by default 20002-20402/udp) must beforwarded to the PBX.PM0628.01 - CompleteSBC Getting Started GuidePage 4 of 10VoIPon www.voipon.co.uk [email protected] Tel: 44 (0)1245 808195 Fax: 44 (0)1245 808299

Misgav Industrial Park, POB 60, D.N. Misgav 20174, IsraelTel: 972-4-9951999; Fax: 972-4-9990287CompletePBX Firewall Configuration1. The CompletePBX Firewall allows access to the Asterisk SIP ports (5060/udp/tcp and 5061/tcp) forthe requests which originate from hosts with private IP addresses only:10.0.0.0/8172.16.0.0/12192.168.0.0/16As a result, Asterisk will not receive SIP calls from remote SIP endpoints. If you don't want to useCompleteSBC then you have to change the firewall settings in such a way that the SIP ports will beaccessible from any source IP address.2. If you change the default IP ports range defined for the medpup interface (20002-20402/udp) thenyou have to make the corresponding change in the CompletePBX firewall configuration.Asterisk Configuration1.Disable external IP address substitution by Asterisk in the SIP messages.Go to “Settings” “SIP Settings” and define the “IP Configuration” parameter as “Public IP”:2.Define a list of domains that can be used in the SIP requests.For example:PM0628.01 - CompleteSBC Getting Started GuidePage 5 of 10VoIPon www.voipon.co.uk [email protected] Tel: 44 (0)1245 808195 Fax: 44 (0)1245 808299

Misgav Industrial Park, POB 60, D.N. Misgav 20174, IsraelTel: 972-4-9951999; Fax: 972-4-9990287- the local SIP phones send SIP requests to the PBX to 192.168.6.98:5060- the remote SIP phones/servers send SIP requests to the PBX either to 212.1.2.3:6075 or tomypbx.mycompany.com:6075Then on the “Settings” “SIP Settings” dialog it is necessary to define three domains in the “Other SIPSettings” parameters, as follows:3.Configure the remote extension to communicate with the PBX's external IP address and ports thatare forwarded by the NAT router to the CompleteSBC sigpub interface.Remote SIP Server ConfigurationAsterisk and CompleteSBC must be configured in a special way in order to allow communicationbetween Asterisk and the remote SIP server:a. The CompleteSBC sigint interface (127.0.0.1:6075) must be defined as an outbound proxyin the SIP trunk settings.b. All SIP messages from the remote SIP server will be sent by CompleteSBC from its sigintinterface. Therefore, Asterisk will not be able to recognize the SIP server messages by theirsource IP/port. Therefore, it is necessary to configure the CompleteSBC in such a way that itwill substitute the Asterisk SIP trunk name in the user name field of the header “From”. In orderto preserve the Caller ID that usually appears in that field the CompleteSBC should create theRemote-Party-ID header and place the Caller ID value there.c. If a remote SIP server communication must be routed to the service provider's outbound proxythen this must be configured in the CompleteSBC.PM0628.01 - CompleteSBC Getting Started GuidePage 6 of 10VoIPon www.voipon.co.uk [email protected] Tel: 44 (0)1245 808195 Fax: 44 (0)1245 808299

Misgav Industrial Park, POB 60, D.N. Misgav 20174, IsraelTel: 972-4-9951999; Fax: 972-4-9990287Example:As you can see there is the 'outboundproxy' parameter that points on the internal SBC interface(sigint).In the registration string there is the 'MyITSP?' prefix that is a reference to the MyITSP peer settings.This causes Asterisk to send the REGISTER requests to the 'outboundproxy' (the SBC internalinterface!) defined in MyITSP PEER Details field.In many cases the service providers have their own SBC and require that the PBX send the SIPmessages there, rather than directly to their SIP server (e.g., myitsp.cc). This messages redirection mustbe implemented in the CompleteSBC configuration (“Routing” menu item in the CompleteSBC Webinterface.)Below is an example of this type of configuration:PM0628.01 - CompleteSBC Getting Started GuidePage 7 of 10VoIPon www.voipon.co.uk [email protected] Tel: 44 (0)1245 808195 Fax: 44 (0)1245 808299

Misgav Industrial Park, POB 60, D.N. Misgav 20174, IsraelTel: 972-4-9951999; Fax: 972-4-9990287As you can see, CompleteSBC will route to the 'MyITSP-proxy' call agent all SIP requestsreceived from 'internal' realm (where the PBX is located) and destined to myitsp.cc (the hostconfigured in the 'MyITSP' trunk.) The 'MyITSP-proxy' call agent is defined in the 'public' realmCompleteSBC configuration ('Realms', 'call-agents' for the 'public' realm):Now let's review a solution for handling SIP requests that the remote SIP server (myitsp.cc) sends tothe PBX (ref. the problem description in (c) above.) Let's assume that the server provider has its ownSBC (e.g., 1.2.3.4:5060 in our example) that is actually sends the messages to the PBX.The provider's SBC is configured as the 'MyITSP-proxy' call agent for the CompleteSBC 'public'domain. Now we can define a set of inbound rules for the 'MyITSP-proxy' call agent that will do thefollowing: Create the Remote-Party-ID header if it doesn't exist. Use the user name defined in the 'From'header for it. Don't change the existing Remote-Party-ID header.PM0628.01 - CompleteSBC Getting Started GuidePage 8 of 10VoIPon www.voipon.co.uk [email protected] Tel: 44 (0)1245 808195 Fax: 44 (0)1245 808299