“SBC 快速浏览配置”的版本间的差异

2016年1月21日 (四) 22:04的版本

SBC设备和具体场景配合的非常紧密，用户需要了解每个环节的配置才能确保SBC正常工作。以下图例是几个主要的SBC配置步骤。在配置SBC之前，用户需要准备以下几个方面的内容：

Sangoma SBC 配置步骤：

General

修改默认用户密码，这一点非常重要，因为SBC就是SIP的防火墙，需要保证SIP的绝对安全，SBC的安全涉及到SIP安全，所以请用户首先修改用户密码，确保SBC安全。

确认SBC许可证正确，设备类型的用户不需要验证许可证，出厂时已经绑定了相应的许可证。软件类型用户需要确认许可证。

Network Planning

• 画网络拓扑图，了解部署方式。
• 确定SBC在场景中的位置
• SBC是否部署在两个不同的网络环境中
• 确认 SBC是否在路由器背后
• 确认SIP signaling IP地址
• SBC 是否具有私网地址还是公网地址
• 确认RTP media 地址
• 有多少 媒体地址
• RTP地址是否和SIP 信令地址是同一网段
• 确认SBC 场景类型
  • 运营商网络部署
  • SIP中继部署或者PBX托管部署
  • 企业部署
    • 企业IPPBX 支持用户远端访问
    • 企业IPPBX支持SIP中继
    • 企业IPPBX要求同时支持远端访问和SIP中继
• SIP Signaling 配置
  • 需要多少个SIP profiles?
• RTP Media 配置
  • 需要支持的编码类型
  • 媒体profiles 支持的相应的SIP Profiles

• 安全考虑
  • 如何安全因素?
  • 需要PBX开启安全认证吗?

网络配置

未来SBC如何部署，现在是没有的场景，用户必须首先配置 signaling interfaces 和media interface 网络信息。

• SBC Signaling Interface Configuration
• SBC Media Interfaces

SBC Configuration Options

SBC Configuration depends on the above Network Planning Scenario. SIP Trunking Access (Remote User or Upper Registration) Combined

All Sangoma SBC’s support both SIP Trunking and Access simultaneously.

SBC General Configuration

Configure SIP Domain

In order to handle SIP registrations from the remote users, the SBC requires domain (SIP realm) configuration. In a typical scenario with registrations involved you will have at least one domain. A SIP Domain is bound to a SIP profile. SIP Domain can be bound to one or many SIP Profiles

Configure SIP Profile

SBC has a minimum of two SIP Profiles. External and Internal. SIP profile listens on a specific port (eg: 5060) and accepts incoming SIP traffic. Depending on the SBC scenario: External SIP Profile interfaces to the ITSP or SIP trunk provider Internal SIP Profile interfaces to the local PBX or IP end points

Sangoma SBC does not have a limit on how many SIP Profiles can be created

Configure Media Profile

Media profiles are used to define RTP parameters and are bound to one or more SIPProfiles Depending on the use case: User can create one Media profile per SIP profile User can create one Media profile for many SIP Profiles. SIP profile uses the Media profile information to negotiate SDP information Codecs & P-times Local RTP ports

Sangoma SBC runs Media RTP in custom Sangoma HW DSP. This allows Sangoma SBC to scale to thousands of RTP sessions without quality or capacity degradation.

Configure Call Routing Profile

A call routing profile is used to route SIP signaling from one SIP Profile to another. A call routing profile is bound to a SIP profile. The call routing profile can be bound to one or many SIP Profiles Once a SIP call receives a SIP INVITE it evokes the “call routing profile” to determine how to route a call.

Sangoma SBC support GUI call routing configuration as well as AdvancedXML call routing configuration.

Configure Header Manipulation Profile

Used to resolve SIP protocol variances between different vendors Or to hide the SIP topology by removing VIA headers

 SBC Security Configuration

Set SIP Signaling threshold limits to prevent DDOS attacks Invite and Registration storms Set Intrusion Detection and Prevention To prevent known attach patterns

Set IP Firewall To allow certain IP address range, depending on network scenarios

Apply Configuration

The changes made in the Configuration section of the WebUI are only stored one the scratch disk. User MUST proceed to Apply page in the Management Section to save new configuration There are two ways to apply the configuration.

Most of the pages across the system will notify you as soon as you make changes that require to be applied. \ You can click there on “Apply Configuration”. Alternatively one can navigate to “Configuration -> Management -> Apply”