SARK V4.0.0 siptrunks

From sailpbx
Revision as of 10:42, 15 June 2014 by Adminwiki (talk | contribs)
Jump to: navigation, search

Up a level

Introduction

You will often find it necessary to talk to downstream PBX systems or gateways; either inside your company or if you are running a boutique ITSP service using SARK. Here is a set-up guide for such trunks.

N.B. This information does NOT apply to regular SIP trunks to upstream carriers.

On your Upstream SARK box

Registered Trunks (recommended)

Unless you have a good reason not to, you should require the downstream trunk to register with you. If you wish to support multiple trunks to the downstream PBX; usually for accounting purposes or to avoid port forwarding on the downstream router, then you MUST use this method. Create each trunk on the upstream PBX as follows

type=peer
context=internal
host=dynamic
username=someuser
secret=somesecret
qualify=yes
canreinvite=no
insecure=port,invite
disallow=all
allow=alaw
allow=ulaw

N.B. In SARK you must also set the peername to the SAME value as the trunkname


Direct Connect

If you will only ever need to support a single trunk to the downstream PBX then you can simply set up a "direct connect" trunk with no registration or login credentials. You will need to ensure that you restrict access in the SARK firewall or your perimeter firewall if you wish to run this kind of trunk otherwise you will, in effect, have an open proxy and anyone will be able to send calls through your PBX. This kind of trunk is often used for SIP gateway communication or with known, friendly, endpoints.

All that is needed in each SARK is a general sip trunk with the asterisk peer set as follows

type=peer
context=internal
host={ip addr}
qualify=yes
canreinvite=no
insecure=port,invite
disallow=all
allow=alaw
allow=ulaw


On the Downstream SARK or Asterisk box

Direct Connect

If you will only ever need to support a single trunk to the upstream PBX then you can simply set up a "direct connect" trunk with no registration or login credentials. You will need to ensure that you restrict access in the SARK firewall or your perimeter firewall if you wish to run this kind of a setup otherwise you will, in effect have an open proxy and anyone will be able to send calls through your PBX.

All that is needed in each SARK is a general sip trunk with the asterisk peer set as follows. This is slightly different to the upstream example above.

type=peer
host={ip addr}
qualify=yes
canreinvite=no
insecure=port,invite
disallow=all
allow=alaw
allow=ulaw

N.B. You will also need to set up a port forward in your firewall for 5060 and 10000-20000 UDP. For this reason it is recommended that you use registration and qualify wherever possible because it does not normally need any port forwarding.

Registered trunks (recommended)

If you wish to support multiple trunks to the upstream PBX or you simply wish to use registration (recommended), then each downstream trunk will need to register with the upstream box. Create each trunk on the downstream PBX as follows

type=peer
host={ip address}
qualify=yes
username=someuser
secret=somesecret
canreinvite=no
insecure=port,invite
disallow=all
allow=alaw
allow=ulaw
nat=yes

If this a SARK box then check registration=YES when creating the trunk. Otherwise, create a registration entry as follows

register => someuser:somesecret@{ip address}/someuser