1 installing ingate solutions in the enterprise © 2014 ingate systems ab prepared for:ingate’s...
TRANSCRIPT
1
Installing Ingate Solutions in the Enterprise
© 2014 Ingate Systems AB
Prepared for: Ingate’s SIP Trunking, UC and WebRTC Seminars ITEXPO January 2014 Miami
By: Karl Erik Ståhl CEO Ingate Systems AB
(and Intertex Data AB, now merged)[email protected]
INGATE RESELLER DAY: SIP Trunking and Beyond
2
IX78 E-SBC Enterprise Line of E-SBCs
*) Calls = Concurrent RTP Sessions = SIP Trunks
150/400/1000 Calls*500/700/900 Mbit/s
40 000/80 000/160 000 Packets/s
50 Calls*200 Mbit/s
30 000 Packets/s
1800/3000/8000 Calls*4 500/ 4 500/ 5 000 Mbit/s
300 000/500 000/900 000 Packets/s
Software Firewall/SIParator ®
25 - 10 000 Calls*
Can be installed on a virtual machine or
natively x86 Linux Servers (industry-standard PC architecture)
50 Calls*90 Mbit/s
10 000 Packets/s
Ingate Firewalls and SIParators® – E-SBC From 50 to 3 000 simultaneous calls (with media)
Used in a wide variety of SIP Trunking installations
NAT/Firewall traversal
Superior SIP Normalization
Multi level security, incl. SIP IDS/IPS
QoS (Quality of Service)
Failover configurations
Ingate IX78 for operator volume deployments
© 2012 Intertex Data and Ingate Systems
Confirmed Interoperability: Ingate & IntertexSIP Trunk Providers IP-PBXs
SIP Trunk
Compliant with
Aastra Aastra/Ericsson MX One
Adtran UC Server Digium/Asterisk
Avaya Aura Avaya IP Office Avaya SES/CM
Avaya QE Brekeke Broadsoft
Cisco Fonality
HP/3Com -VCX Innovaphone
Interactive Intelligence Iwatsu
LG Nortel Microsoft OCS
Mitel NEC / Sphere Nortel BCM Nortel SCS Objectworld Panasonic Samsung
SER Shoretel Siemens SIP-Gear
SwyxMore in pipeline....
360 Networks
Airespring AT&T
BandTel Bandwidth.com
Broadvox BT (British Telecom)
Cablevision Cbeyond
Cellip Comm Partners
Cordia Corporation Deltacom
Excel Switching Gamma Telecom
GEOS Global Crossing
IP-Only Nectar Level 3 Netlogic
Netsolutions
Nexvortex Nuvox O1
One Communications Paetec Primus RNK Telecom
Skype TDC
Telavox Tele2
Tele Pacific Teletek
TeliaSonera Toplink
Tritel VoEX
Voice Flex VoIP Unlimited
Voxbone Voxitas XeloQ
More in pipeline...
Carrier Equipment Acme Packet
Broadsoft Genband Sonus
Sylantro SER NSN
More in pipeline…
The IP-PBX Trunk Must Meet Service Provider Trunk
Data LAN only
PBX with PBX with system system phonesphones
PBX Type 1.5
VoIP & Data LAN
PBX Type 2
IPIP-- PBXPBX
Few PBXs are of this type. Asterisk with firewall (IPtables /NETfilter) can be compiled and configured this way, but requires a lot.
Why may an SBC be required to connect a PBX?
1) NAT/Firewall Traversal – Must NAT to same address space!
2) Basic SIP and Network Interoperability - E.g. Authentication, Registrations, UDP/TLS/TCP, Dynamic IP address, etc.
3) SIP Repair - E.g. Call Transfer, Fragmented packets, Bugs, etc. 4) Features - E.g. Remote Users, Administration (remote and local)
5) Security - E.g. Will LAN be opened? Is the PBX designed to be public?
VoIP & Data LAN
IPIP-- PBXPBX
PBX Type 1
Modern IP-PBXs are of this type. Media goes directly between phone and SIP Trunk.
SIP Trunk Interface
Signaling:Media:
SIP Trunk
PSTNSIP Trunking
Provider NetworkGW
SIP System
2) 3) 4) 5)2) 3) 4) 5)IX78
1)1) 2) 3) 4) 5)2) 3) 4) 5) 2) 3) 4) 5)2) 3) 4) 5)
© 2012 Intertex Data and Ingate Systems 5
PSTNPublic
Internet
SIP Trunking Provider
GWSIP System
Data & VoIP LAN
IP-PBX
Demarcation point of service and bringing SIP communication to the LAN
Soft Clients and Multimedia Terminals
Intertex IX78
Intertex IX78 Simply Presents the SIP Trunking Service on the Customer’s Protected Combined VoIP & Data LAN, Ready for any PBX to Use
Firewall
Remote Users
© 2012 Intertex Data and Ingate Systems 6
PSTNPublic
Internet
SIP Trunking Provider
GWSIP System
Data & VoIP LAN
IP-PBX
Demarcation point of service and bringing SIP communication to the LAN
Soft Clients and Multimedia Terminals
Intertex IX78
… or from an Extra IP Connection, still in Parallel with an Existing, non SIP Aware Firewall
Firewall
Remote Users
© 2012 Intertex Data and Ingate Systems 7
PSTNPublic
Internet
SIP Trunking Provider
GWSIP System
Data & VoIP LAN
IP-PBX
Demarcation point of service and bringing SIP communication to the LAN
Soft Clients and Multimedia Terminals
Intertex IX78
Remote Users
… or the Intertex IX78 can be the Company Firewall, presenting the Customer with a Protected Combined VoIP & Data LAN, Ready to use!
Proposed Setup for the DOCSIS Network
PSTN
Public Internet
SIP Trunk Provider GW
SIP System
IP- PBX
NAT/ Firewall
CMTS
Bridge for Existing NAT/ Firewall (non SIP aware)
Cable Modem
IX78 E-SBC
Plug in existing firewall to Ethernet port 4 on the IX78 (bridged connection to the WAN)
IX78 WAN SIParator will handle QoS (backing off firewall’s data traffic if required)
WAN SIParator 2 – requires two IP addresses, one for the firewall, another for the IX78
WAN SIParator 1 – requires only one IP address, shared between the IX78 and the firewall
DHCP or fixed WAN IP address(es)
Data & VoIP LAN
Easy and advantageous installation using advanced WAN SIParator mode
© 2012 Intertex Data and Ingate Systems 9
Installation Wizard
SIP Trunking Made Easy
The SIP Trunking Installation Wizard
jkjjk
Ingate Firewall & SIParatorExtracts From Product Training
SIP Trunking Focused
Ingate Startup Tool
Startup Tool
“Out of the Box” setup and commissioning of the Firewall and SIParator products
Update current configuration Product Registration and unit Upgrades,
including Software and Licenses. Automatic selection of ITSP and IP-PBX Backup of Startup Tool database Located at www.ingate.com FREE!
Ingate Startup Tool
Startup Tool - Network Topology
Firewall or SIParator deployment type
Inside (Eth0) - Private
Outside (Eth1) - Public
Default Gateway DNS Server
Ingate Startup Tool
Startup Tool – IP-PBX
Select IP-PBX Provide IP
Address
Ingate Startup Tool
Startup Tool – ITSP_1
Select Trunking Provider Account
Information
Ingate Startup Tool
Startup Tool – Upload Config
Login to web GUI and apply settings
Upload
Ingate Startup Tool
Startup Tool – Apply the Config
The Startup Tool will launch a browser to have the installer Apply the Configuration.
Configuration: Network & Basics
Programming: Network
Networks & Computers
Provides a view of the Network connected on each interface as a Routing Table.
Programming: Basic Configuration
Access Control
Provides configuration for HTTP and HTTPS access.
Programming: SIP Services
Programming: SIP Services
Interoperability
Common deviations from the standard
Programming: SIP Traffic
Dial Plan “Dial Plan”
Combine the From Header, Request-URI and Forward To tables in the Dial Plan table.
Programming: SIP Traffic
Routing “DNS Override for SIP Requests”
Enter SIP domains to which traffic should be sent, but which for some reason cannot be looked up using DNS.
Programming: SIP Traffic
User Routing
SIP Accounts (Clients) that need to be routed to a IP-PBX.
To Header Routing can be used here with a $(to.user)@IP
Programming: SIP Traffic
SIP Status
Shows current SIP activity
SIP Trunk Group
Programming: SIP TrunkSIP Trunk Configuration – SIP Trunk Parameters
ITSP Address/Domain Interop Parameters Ingate Behaviours TGP Media Behaviour
Programming: SIP TrunkSIP Trunk Configuration – Main & PBX & SIP Lines Main Trunk Line
Default Attributes PBX Line
Individual matching to individual characteristics
Programming: SIP TrunkSIP Trunk Configuration – PBX Trunk
Define IP-PBX location
Define other attributes for Ingate behaviour to IP-PBX
SECURITY
Troubleshooting
Troubleshooting
Logging Configuration
SIP Events will ensure SIP calls are logged.
Troubleshooting
Logging & Tools
Display # Rows/Page Show Newest on Top Select SIP Log
Attributes Select “Show internal
SIP Signaling”
Troubleshooting
Packet Capture
Creates a Wireshark PCAP network trace.
Network Interface Selection – All Interfaces
Start – Stop - Download