“SBC远端电话注册支持”的版本间的差异

2016年1月29日 (五) 11:51的版本

介绍

外网电话注册支持外网员工在家里，其他地方可以轻松注册到公司的IPPBX，用户可以在家办公，或者使用手机APP访问IPPBX网络，用户手机APP可以成为一个分机终端来实现呼叫。 SBC在这个环境中扮演的是 far-end NAT traversal 支持外网注册，而不需要VPN隧道支持。注意，SBC同时也可以作为SIP对接的功能来简化远端访问。

PBX IP: 192.168.1.10 SBC LAN IP: 192.168.1.20 SBC DMZ IP: 10.10.32.170 SBC Public IP: 104.145.12.182 SBC FQDN: remote.sangoma.com

1) Network Setup

访问 Configuration->IP Settings->Network，然后编辑 eth0 设置为 DMZ IP 地址。下一步点击 Add 按钮，给eth1 添加一个IP 地址，输入 IP 地址和 subnet:

完成配置后，会看到地址 eth0 和 eth1.

下一步，访问 Configuration -> IP Settings -> Media Interfaces 并且点击 Edit.

修改 Transcoding Mode 为 Hardware Hidden mode。然后点击保存。

下一步，点击 Detect Modules。完成模块检测后，点击 OK 继续。

2) SIP Profile Configuration

访问 Configuration -> Signaling -> SIP Profiles ，并且点击 Modify 来设置默认的 internal SIP profile.

确认SIP IP 地址为 LAN IP 地址。然后开启 SIP Trace option.

下一步，查看 Authentication section 并且关闭 Authenticate Calls。此选项仅支持当远端电话注册到本地SBC SIP 帐号。完成后保存此internal profile。

下一步，添加一个新的profile，我们称之为 external。

External SIP profile 设置的 External SIP IP Address 和 External RTP IP 地址到公网IP，同时也开启SIP Trace option。

下一步，因为我们配合的是internal SIP profile, 需要关闭authenticate calls 。因为远端终端在NAT 后，所以注册到 PBX 开启所有的 NAT options ，如图所示：

3) Adding SIP Trunk to PBX

访问 Configuration -> Signaling -> SIP Trunks ，点击添加Add，命名一个SIP trunk PBX.

Set the Domain to be the IP address of the PBX. Enable OPTIONS by setting the Frequency and Max/Min Pings as shown below. Once done click Save.

4) Configuring the SIP Domain

Go to Configuration -> Signaling -> Domains and click Add. Set the name of the domain to the FQDN or IP the remote phones will be registering to.

Next enable Forward Registration/Authentication as shown below. Set the Forward SIP profile to Internal. Then it is recommended to Force the Expires time to around 300-600 seconds; this will force the phones to register every 5-10 minutes. The short time period will ensure the registration information is current and correct.

Next go to Configuration -> Signaling -> SIP Profiles and click Modify on the External SIP Profile.

Then click Bind under the Domain section.

Select your domain from the list and click Bind.

Your domain will now be bound to the SIP profile. This will allow Remote phones to register to your External SIP Profile.

5) Configuring the Call Routing

Go to Configuration -> Routing -> Call Routing and then click the Add button in the Basic Call Routing section to add a new routing plan.

Name the new routing plan internal and then click Add.

Once in the new routing plan click Add to add a new rule.

In the new rule change the stop policy to Stop On Failure. Add the condition below to verify all internal calls orginate from the PBX's IP address. To do this use the network_addr variable as shown below. Ensure the actions to perform if the condition doesn't match is set to respond with a 403. Once done click Save to continue.

Next click Add to add a new rule. In the new rule set the condition based off the Destination Address. The condition will be (.*). The action will need to be a custom action and the application will be bridge. The data will be ${sofia_contact(external/$1@remote.sangoma.com) . The "external" part is the name of the external facing SIP profile. The "remote.sangoma.com" part is the domain the users are registering to. These are the two pieces that may change on a per installation basis.

Next go back to the call routing and add a new routing plan as we did in step 1-2 above. Name the new routing plan external. This will be used for the external SIP profile. In the new routing plan add only one rule. The condition will be (.*) and based on the Destination Address. Then the action will be bridge to trunk. The Trunk will be the SIP trunk named PBX with the destination $1 as shown below.

Now that both routing plans are made go to Configuration -> Signaling -> SIP Profiles and modify the internal SIP profile.

In the internal SIP profile under Session Routing change the Routing Plan to Internal. Then click Save to continue.

Next go back to Configuration -> Signaling -> SIP Profiles and this time click Modify next to the External SIP profile. Once in the External SIP profile, go to the Session Routing section and change the Routing Plan to External. Then click save

6) Finalizing the Installation

Go to Overview -> Dashboard -> Control Panel and start the following services. Vega Session Controller IP Firewall Intrusion Detection Intrusion Prevention

Enable all IDS rules by going to Configuration -> Security -> Intrusion Detection and ensuring all are checked. Once done click Update to apply the changes.

Next go to System -> Server -> Web and change the Network Interface from All interfaces to only the internal network interface.

In this example eth1 is the internal network interface. Once done click Save.

Next go to System -> Server -> Web and change the Network Interface from All interfaces to only the internal network interface. Now both the web server and SSH will only be available on your internal network.

Since the configuration is now completed get a backup. Go to System -> Management -> Backup-Restore and click Backup.

Name the file accordingly and click backup to download a copy. Ensure you keep this safe somewhere and always take a new backup after each change made to the SBC.

@@ 第1行： / 第1行： @@
-Overview
+介绍
-The Remote Phone Support use case allows remote phones - employees working from home, or using a SIP client on their mobile phone -  to register through the SBC to the PBX so the users can use their normal office extensions as if they were sitting in the office. The SBC in this scenaro is providing far-end NAT traversal for the remote phones as well as enhanced security for the corporate network without the need to set up VPN tunnels. Note that the SBC can be used at the same time to perform SIP trunking interconnection but for simplicity the example below concentrates on remote access.
+外网电话注册支持外网员工在家里，其他地方可以轻松注册到公司的IPPBX，用户可以在家办公，或者使用手机APP访问IPPBX网络，用户手机APP可以成为一个分机终端来实现呼叫。 SBC在这个环境中扮演的是 far-end NAT traversal 支持外网注册，而不需要VPN隧道支持。注意，SBC同时也可以作为SIP对接的功能来简化远端访问。
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/1.png
@@ 第15行： / 第15行： @@
 ;;;1) Network Setup
-Go to Configuration->IP Settings->Network and then edit eth0 and assign the DMZ IP address. Next click the Add button to add an IP address to eth1. Enter in the IP address along with the subnet mask as shown below.
+访问 Configuration->IP Settings->Network，然后编辑 eth0 设置为 DMZ IP 地址。下一步点击 Add 按钮，给eth1 添加一个IP 地址， 输入 IP 地址和 subnet:
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/2a.png
-Once completed you will now have an IP address on eth0 and eth1.
+完成配置后，会看到地址 eth0 和 eth1.
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/2.png
-Next go to Configuration -> IP Settings -> Media Interfaces and click Edit.
+下一步，访问 Configuration -> IP Settings -> Media Interfaces 并且点击 Edit.
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/3.png
-Change the Transcoding Mode to Hardware Hidden mode. Then click Save.
+修改 Transcoding Mode 为 Hardware Hidden mode。然后点击保存。
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/4.png
-Next click Detect Modules. Once you modules are detected click OK to continue.
+下一步，点击 Detect Modules。完成模块检测后，点击 OK 继续。
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/5.png
@@ 第37行： / 第37行： @@
 ;;;2) SIP Profile Configuration
-Go to Configuration -> Signaling -> SIP Profiles and click Modify next to the default internal SIP profile.
+访问 Configuration -> Signaling -> SIP Profiles ，并且点击 Modify 来设置默认的 internal SIP profile.
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/11.png
-Ensure the SIP IP Address is configured set to the LAN IP address. Then enable the SIP Trace option.
+确认SIP IP 地址为 LAN IP 地址。然后开启 SIP Trace option.
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/12.png
-Next scroll down to the Authentication section and disable Authenticate Calls. This option is only required when remote phones are registering to a local SIP account on the SBC. Once done save the internal profile.
+下一步，查看 Authentication section 并且关闭 Authenticate Calls。 此选项仅支持当远端电话注册到本地SBC SIP 帐号。完成后保存此internal profile。
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/13.png
-Next add a new profile called external.
+下一步，添加一个新的profile，我们称之为 external。
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/14.png
-In the External SIP profile set the External SIP IP Address and External RTP IP Address to the public IP. As well enable the SIP Trace option.
+External SIP profile 设置的 External SIP IP Address 和 External RTP IP 地址到公网IP，同时也开启SIP Trace option。
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/15.png
-Next disable authenticate calls as we did with the internal SIP profile. Then since remote phones behind NAT will be registering through the PBX enable all the NAT options as shown below.
+下一步，因为我们配合的是internal SIP profile, 需要关闭authenticate calls 。 因为远端终端在NAT 后，所以注册到 PBX 开启所有的 NAT options ，如图所示：
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/16.png
@@ 第63行： / 第63行： @@
 ;;;3) Adding SIP Trunk to PBX
-Go to Configuration -> Signaling -> SIP Trunks and click Add. Name the SIP trunk PBX.
+访问 Configuration -> Signaling -> SIP Trunks ，点击添加Add，命名一个SIP trunk PBX.
 http://wiki.sangoma.com/files/SBC-Remote-Phone-Support/17.png

“SBC远端电话注册支持”的版本间的差异

2016年1月29日 (五) 11:51的版本

导航菜单

个人工具

命名空间

变种

视图

更多

搜索

导航

合作伙伴

工具