Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Prior to using this page as a guide, our technical staff have to enable the feature in our back office systems.

This documentation provides the quickest, easiest setup for configuring your Vega100G/200G/400G device to SIP trunk directly to the SIPStation platform.      

Locating your SIPStation Username and Password

You will need to know the SIP Username and Password for the SIPStation account being configured to the Vega100G/200G/400G to complete this setup.  

...

Image Removed

...

Image Removed

Configuring your Vega100G/200G/400G with Quick Config

The following instructions will help you set up a SIP trunk to the SIPStation trunk1.freepbx.com peer and route the specified DID to an interface off the Vega100G/200G/400G device.  

When finished, you can manually create a second SIP Trunk Profile for trunk2.freepbx.com for redundancy.   

...

  • Navigate to the VoIP tab under the Quick Config wizard.  

Image Removed

    • Select ‘Gateway’ for Registration Mode
    • Insert the SIPStation domain under

-  use trunk1.freepbx.com

    • Insert the SIPStation Server IP/Name

-  use trunk1.freepbx.com

    • Insert the SIPstation credentials under:

-  Registration and Authentication ID: SIP Username

-  Authentication Password:  SIP Password       

    • Select codec priority

G711Ulaw, G711Alaw, G729 and t38udp 

...

    • Insert 'Telephone number list' ranges to route to the interface

 -  use '.*' wildcard unless specifying specific routing rules  

    • Under Port Settings enter Protocol, Framing, NT/TE type and Channel Allocation

 -  example, Protocol type of NI2, Framing ESF/B8ZS, NE port and default Channel Allocations  

  • Submit the Quick Config wizard changes to be applied to the system.  
      

Image Removed

...

Image Removed

  • Lastly, Apply Changes and Save configuration and Status Trunk  

Apply Changes and Save boxes will appear along the Control Panel.

-  Click on Apply Changes first, then Save until they are no longer in red color.

Image Removed

-  Click on Status and then Show SIP Registrations, you’ll want to see trunk1.freepbx.com registered.   

 Image Removed

Overview

This document will guide you through the process of configuring Vega series of Gateway’s to work with the Premium SIPStation SIP Trunking service.  Premium SIPStation provides SIP Trunks over TLS and SRTP.  This guide will focus on the setup of CA Certificates and SRTP configuration along with the typical SIP trunk requirements.

Introduction

For Trunking solutions, the Vega Gateway can connect to the Premium SIPStation SIP Trunking service, this guide provides detailed information about the configuration requirements in Vega series of Gateways, Vega 60G BRI, Vega 100G, Vega 200G and Vega 400G.  A typical deployment connects the Premium SIPStation SIP Trunking service to the Vega Gateway on one side using a secure TLS and SRTP SIP Trunk and then on the other side connects to a T1/E1/BRI Port on a Legacy PBX.

Image Added



Premium SIPStation Configuration

General Configuration

SIPStation is a SIP Trunking Service offered by Sangoma, A customer purchases the SIP Trunking Service and then can being to make calls from their Vega Gateway to the SIPStation Service.  SIPStation uses FQDNs as the SIP Server address.  In this configuration we are purchasing the SIPStation service, finding out where the SIPStation Trunk attributes are located for provisioning in the Vega Gateway.  Once the Vega Gateway is configured, the Vega Gateway will REGISTER with SIPStation and be allowed to make Outgoing Calls and Incoming Calls.

SIPStation Purchase

There are Wikis to step through purchasing SIPStation DIDs.  This document will simply overview the highlights.

https://wiki.sangoma.com/display/ST/SIPStation+and+FAXStation


NOTE:  Premium SIPStation is still in Beta.  Option to buy is not yet available on the SIPStation Portal.  Once available, this next instruction will indicate how to purchase Premium SIPStation trunks.


Login into www.sipstation.com, begin to purchase your Inbound Numbers.  Proceed to Checkout and complete the purchase.

Image Added



Once purchased, go to My Account | Trunk Groups and record the following information:

Image Added



Vega Gateway Configuration

General Configuration

DHCP

All Vega Gateways use DHCP to assign an IP Address.  Plug the Vega Gateway to the network, DHCP will assign an IP Address to the unit.  To know what the IP Address that was assigned to Vega do one of the following;

  • Attach Serial Cable to the Vega, 115200 8N1, login admin/admin - IP Address will be displayed on the Banner, or type Show Banner
  • Refer to the DHCP Server reservation
  • Use a network scan tool, look for the IP based on the MAC

Image Added



Use of Static IP

NOTE: Although the out-of-the-box Vega Gateway obtains an IP Address dynamically, it is recommended that Gateways use a Static IP Address.  Configuration of Static IP will be done in each section.


Licensing

By default, ALL Vega Gateways are sold without SRTP Licenses.  But FREE of charge, Sangoma will provide new License for the Vega Gateway to enable SRTP.


Check your Vega Gateway licenses to determine the state of the SRTP License.

SSH into the Vega Gateway.  Type SHOW LICENSE  (or SHOW SUPPORT) - this is also seen on the Vega WebGUI

Here is an example showing no SRTP License.

Image Added

 

To acquire a SRTP license from Sangoma.  Contact your local Sangoma Sales Representative, or Sangoma Support (support.sangoma.com) and request a SRTP License for your Vega Gateway.  You will need to provide the MAC address (or Serial Number) of the Vega Gateway.  For Vega 60Gs, it is helpful to also provide the variant type of Vega, like 4FXS + 4FXO.

From Sangoma Sales or Support you will receive new license key, looks like the following;

001306505ff05DB2006000003010180000000f0603d2799b0426303c99f3eb0c551a2d687dR1XXXXXX


Configuration  |  Expert Config  |  System Maintenance

Click "Show License Information"

Image Added


Copy and Paste the License Key into the "Enter New License Key" field and press Submit

Image Added


You will have to Reboot the Vega Gateway to make the changes effective.


After the reboot, when the Vega Gateway is up, you can return to Configuration  |  Expert Config  |  System Maintenance to see that the license is now on.


Quick Config

Quick Config is the Vega Gateway's configuration Wizard.  The Wizard asks some specific questions related to the nature of your installation and upon Saving Configuration, the Wizard will complete the programming of the Vega Gateway, through the entire Expert Config.  This document will focus on the Quick Config wizard and any supplemental Expert Config requirements.  All Quick Config are the same across all Vega Gateways, although specific to Analog or Digital options for corresponding Gateway interfaces.

Quick Config

When you login into the Vega Gateway, the System Status page is seen,


Image Added


Click on Configuration

Image Added


Click on Quick Config, a Warning will pop up, reminding you that any Edits here will overwrite the config. Click Continue



Quick Config - Step 1 - Basic Configuration

First step in the Quick Config wizard, items such as Country, Time Zone, Emergency Numbers and LAN Interface details,

Image Added


Select the appropriate Country, this is important to define the correct CallerID, Tones, Line Impedance, Digital framing and more for your region.

Image Added

Change the Gateway from Dynamic IP to Static IP, this is not necessary, but recommended.

  • Deselect "Obtain IP Settings automatically Using DHCP"
  • Enter in the IP Address, Subnet Mask, Default Gateway, DNS Servers and NTP Server

Image Added


Quick Config - Step 2 - VoIP

This section is where the Premium SIPStation is defined, SIPStation Domain, Transport and Port.


Image Added


General VoIP Configuration - Registration Mode

Here there are potentially three options, only one is applicable to Premium SIPStation:  GATEWAY 

  • Select GATEWAY, there is requirement to REGISTER and Authenticate with the SIPStation.

Image Added



Remote Server Configuration

Here is where the Premium SIPStation location is configured, along with the SIP Port, Transport, SIP Accessibility Check (OPTIONS Ping) and the Registration Username and Password

  • SIP Server IP/FQDN: Enter the FQDN of the Premium SIPStation - premiumtrunk1.freepbx.com
  • SIP Server Port: Enter 5061 - This is common for TLS
  • SIP Server Transport Mode: Select TLS
  • SIP Accessibility Check: Select Options
  • Registration/Authentication ID:  Enter the SIP Username from the SIPStation Portal - My Account - Trunk Groups
  • Authentication Password:  Enter SIP Password from the SIPStation Portal - My Account - Trunk Groups
  • Add Transport parameter in Contact Header of Register Request:  Check to Enable

Image Added



Codecs

Premium SIPStation offers a greater variety of Codecs. Premium SIPStation Codecs include;

  • G711 Codec
  • G729 Codec
  • G722 Codec
  • AMR-WB Codec
  • GSM Codec

In the following section, select the Codec you wish to use in the priority you wish to use.

Image Added



Quick Config - Step 3 - T1/E1/BRI

This section is where the Vega Gateway T1/E1/BRI interfaces are defined, this section will map the SIPStation DID to the specific FXS Analog port.  Every call from SIPStation, calling a specific DID into the Vega will ring a specific FXS Analog Port.  This FXS Port is typically connected to a FXO port on a Legacy PBX or a POTS phone or FAX Machine.


This section is where the Vega Gateway Digital interfaces are defined, this section changes depending on the Vega Gateway variant and Country selected.  But all versions are very similar,


Telephone Connections

Interface:  0401  0402  0403  0404   Examples: 04xx - Digital T1/E1  03xx - BRI   ... 0401 - 1st T1 Interface

Telephone number list:  This is configured as " .* " which is routing terminology for any telephone number character with any length of characters.  The field defines which telephone numbers will route out to the E1/T1 trunk interfaces. The Telephone number list will need to be configured for EACH E1/T1 port that is being used


Port Configurations

NT?:  Defines whether each interface should be configured as NT or TE.  Typically in this scenario the Vega will be emulating a telco and so should be set to NT mode.  This field should be configured for EACH E1/T1 port that is being used (by default E1/T1 2 and 4 are NT mode)
Protocol:  Defines which Protocol is to be used for the E1 or T1 links. this will depend completely on the country and Telco that gateway is to operate against

  • For T1: NI(NI2), QSIG, dms, dms_m1 att, CAS-RBS, CASPW, arin and Auto will attempt identify the correct protocol being used
  • For E1/BRI:  ETSI (EURO ISDN), QSIG, VN, CAS-R2, CAS-PW, arinc, 1tr6 and Auto will attempt identify the correct protocol being used


Image Added



Save Configuration

You are done.  Press Save Configuration.

Image Added

You will have to reboot as well when changing IP Addresses.

Image Added



Creating a Server Cert for TLS

There are two methods for creating a CA and Server Cert for the Vega Gateway

  1. Using a Certificate Authority (Verisign, GoDaddy, and others)
    Similar to the process of the Sangoma SBC, found here;
    https://wiki.sangoma.com/display/SBC/How+to+create+SSL+Certificates+for+your+TLS+support+on+Sangoma+SBC
    BUT, the Vega Gateway does not have the ability to generate a CSR locally on the Gateway.  The CSR must be created externally, then sent to the CA Authority.  From there the Server Cert is then imported onto the Vega.

  2. Using Simple Authority
    Similar to the process of the Sangoma SBC, found here;
    https://wiki.sangoma.com/display/SBC/SBC+TLS+Certificates+using+Simple+Authority
    This process of using Simple Authority to generate a Server Cert works very well.

Pick one of the two methods, and the end result of either method will be a CA Root Cert and a Server Cert in a PEM format

For Example: 

  1. CA Root Cert - Sangoma 20181029_cert.pem
  2. Server Cert - vega1.domain.net 20181029_key.pem



Preparing the Server Certs

Open Server Cert - "vega1.domain.net 20181029_key.pem" in Notepad++ (https://notepad-plus-plus.org/)

Notice that the Server Cert has two components. 

  1. RSA Private Key
  2. Server Cert


Image Added


Copy everything from  -----BEGIN RSA PRIVATE KEY-----  to   -----END RSA PRIVATE KEY----- 


Image Added


Paste into a new Text File.  Save this "RSA Key Only" file with any name.  For Example "vega1.domain.net 20181030_just_key.pem"

Image Added


You have three files now.  Server Cert, Key, and Root.

  1. CA Root Cert - Sangoma 20181029_cert.pem
  2. Server Cert - vega1.domain.net 20181029_key.pem
  3. Server Key - vega1.domain.net 20181029_just_key.pem


Configuration  |  Expert Config  |  System Maintenance

The Vega Gateway needs a Server Cert and the RSA Private Key installed separately. 

Go to Upload/Download File within System Maintenance

Image Added


Note: Do the next few steps one at a time, as multiple Uploads of multiple files will not work.


Under TLS Files

For Certificate File - Click Browse.  Find and select the Server Cert, for example - "vega1.domain.net 20181029_key.pem"

Press Upload.

For Key File - Click Browse.  Find and select the Server Key, for example - "vega1.domain.net 20181029_just_key.pem"

Press Upload.

Note: The Server CA Root Cert does not need to be installed.


Download and install the SIPStation GoDaddy CA Root Cert

We need to install the SIPStation CA Root Cert.

Go the following Website.

https://certs.godaddy.com/repository


Download the GoDaddy Secure Server Certificate (Intermediate Certificate) - G2  - gdig2.crt.pem (pem) file.

Image Added


Go to Upload/Download File within System Maintenance

Image Added


Under TLS Files

For Root Certificate File - Click Browse.  Find and select the GoDaddy Secure Server Certificate (Intermediate Certificate) - G2  - gdig2.crt.pem (pem) file.

Press Upload.


After loading the two Certs and the Key.  The Vega Gateway will need to be rebooted.

Image Added



Enabling SRTP

Premium SIPStation also requires the use of SRTP for encryption of the Audio Media stream.

You can follow the directions for enabling SRTP on the Vega Gateway here;

https://wiki.sangoma.com/display/VG/SRTP


For Premium SIPStation, these are the settings;

  • SRTP Mode:  Select "require_rfc4568"
  • SRTP Default Auth Bits:  Leave at 80
  • SRTP Minimum Auth Bits:  Leave at 32
  • Crypto Life Time:  Leave at default Medium
  • Crypto MKI Length:  Leave at default 1:1


Image Added


Be sure to Apply Configuration and Save Configuration

Image Added


Note:  If these settings are not shown in the SIP Profile.  They can be entered via CLI.

Type on the Vega CLI via SSH (or CLI on the WebGUI)

  • set sip.profile.1.srtp_mode=require_rfc4568
  • apply
  • save