In this section:

Not applicable to SBC 1000/2000.

Create a SIP Signaling Group

Create a SIP Signaling Group:


  1. In the WebUI, click the Settings tab.
  2. In the left navigation pane, go to Signaling Groups.
  3. From the Create Signaling Group drop down box, select SIP Signaling Group.

Modify a SIP Signaling Group

  1. Click the expand () Icon next to the entry you wish to modify.
  2. Edit the entry properties as required, see details below.

Configuring a SIP Signaling Group


Click '' on the WebUI screen to configure additional items

Configuring an Object within an Object


  1. Access a WebUI page that includes a field for a configuration resource with support for object within an object configuration. For example, the SIP Signaling Group Table includes a number of such fields.

  2. Click the field-specific () icon next to a specific object. In the example below, the Call Routing Table field supports object within object configurability:

     

  3. At the Create window, enter a description for the newly created object.

  4. Click OK.

     

  5. The Call Route Table is created. The field is auto-populated with the newly-created table, and the "changed field" is highlighted (i.e., the Call Routing Table field).


     




Prerequisites

Create the following configuration resources used for the SIP Signaling Group directly from the SIP Signaling Group screen, by clicking the ' ' icon for the field in the WebUI :  

Note

Field definitions for the Create SIP Signaling Group window are listed by feature.

Quick Links - Configuration Options by Feature

Configure a SIP Signaling Group

  1. For SBC 1000/2000 only:  from the Create Signaling Group drop-down box, select SIP Signaling Group.

  2. For the SBC SWe Edge only: click Add SIP SG:

  3. Configure the field options. Field definitions below are listed in SIP Signaling Group feature groups. See Quick Links - Configuration Options by Feature.

Field Definitions Overview

FieldDescription
DescriptionDescriptive name for the signaling group.
Admin State

Specifies the admin state of the Signaling group.

    • Disable: Disables the signaling group.
    • Drain: When Drain is selected, calls that are currently up remain connected. However, new calls and forking are not allowed for the Signaling Group. This allows all the calls to be drained from the SG.
    • Enable: Enables the signaling group.

SIP Channels and Routing - Field Definitions


FieldDescription
Action Set TableSpecifies a defined Action Set Table for this Signaling Group.
Call Routing TableSpecifies the Call Routing Table this Signaling Group uses.
No. of Channels

Specifies the number of SIP channels available for calls in this Signaling Group.

Valid entry: 1 - 960.

SIP ProfileSpecifies the SIP Profile to use for this Signaling Group.

SIP Mode

Specifies the SIP Registration Mode to use in this Signaling Group.

    • Basic Call: Sends INVITEs to the selected server table.
    • Forward Reg. After Local Processing: Forward the REGISTER request after inserting it to the local registrar.
    • Local Registrar: Maintains local registrar only. Uses registrar bindings to terminate a call.

If Fwd. Reg. After Local Processing is configured as the SIP Mode , the selected SIP Server Table for that same Signaling Group should not be configured with a Contact Registrant Table. The SBC does not support Fwd Reg. After Local Processing and a Contact Registrant Table in the same Signaling Group.

See also: Configuring the SBC Edge Portfolio for Site Survivability.

SIP Mode (SBC SWe Edge only)

Specifies the SIP Registration Mode to use in this Signaling Group.

    • Basic Call: Sends INVITEs to the selected server table.
    • Local Registrar: Maintains local registrar only. Uses registrar bindings to terminate a call. This option enables you to Select the Registrar Table.
Agent Type

Specifies the way in which SIP-SIP signaling will be handled by the SBC. Valid entries:

Access Mode: When Access Mode is enabled, the SBC allows certain SIP functions to be sent in passthrough mode:

    • Authentication handling
    • Non-call related methods (Register, Subscribe and Notify)
    • Refer and Update

When Agent Mode is set to Access Mode, the Signaling Group service status will always show as "green" or "up" to allow for pass-through messaging. Also, when Agent Type is set to Access Mode, the options Office 365 and Office 365 with AD PBX are disabled.

Back-to-Back User Agent. The SBC will maintain state and participate in all SIP signaling between both endpoints. 

Default selection: Back-to-Back User Agent.

Access Mode SG Requirement

 If Access Mode is specified, a source and destination signaling group must exist (e.g., Broadsoft Local Register SG to Broadworks Server SG).

OPTIONS Mode

The SIP SG configuration Agent Type configuration on the ingress SG decides whether the OPTIONS message is forwarded. 

  • The OPTIONS Mode configuration is applicable/visible only when the Agent Type is selected as B2B UA.
  • Configuration under Signaling Group Table OPTIONS Mode controls the decision of passthrough message or not. 
Interop Mode

Indicates if the SBC should interoperate in a proprietary manner for certain functionality. Multiple SIP Signaling Groups can enable this mode, but this mode can only be enabled once for each SIP Signaling Group/SIP Server combination.

Valid entries:

BroadSoft Extension. SBC will support BroadSoft related extensions. Specifically, the SBC will use BroadSoft’s subscriber data (BroadWorksSubscriberData) while in remote survivability mode. This feature allows the SBC to retrieve and store alternative user information for use when the BroadSoft server is unreachable.

Office365. Indicates the Signaling Group is communicating directly with the Skype for Business Front End Pool. Applicable to SBC 1000/2000 only.

Office 365 w/AD PBX. Indicates the Signaling Group is communicating directly with the Skype for Business Front End Pool. The SBC retrieves AD records (based on the entry in the AD Attribute field) and uses that to register on-premises PBX endpoints to Skype for Business Front End Pool. Applicable to SBC 1000/2000 only.

Standard. SBC will interoperate according to RFC standards.

Header Transparency. Header transparency mode works in conjunction with Agent Type - Access mode. When set in Header transparency mode, the SBC passes through non-dialog related headers such as AlertInfo, CallInfo, ProxyAuthorization, Authorization, and Warning headers without locally processing them. To allow subsequent requests and responses to go through the SBC modifies the contact, from, and to headers appropriately.

Default entry: Standard.

When the Agent Type is set to Back-to-Back User Agent, the BroadSoft Extension option is not available.

Office 365 User Domain Suffix


Note

This field is applicable to SBC 1000/2000 only.

The FQDN is used in the Signaling Group to communicate directly with the Skype for Business Front End Pool.

This field is visible when the Interop Mode is set to Office 365 or Office 365 w/AD PBX.

This field can be NULL; if so, the address of the SIP Server will be used.

Registrant TTL

Specifies the Time-To-Live (TTL) value for inbound registration. Inbound registration values should be equal to or greater than this. Valid entry: Enter a value in seconds. Default value: 3600.

This field is visible when the Agent Type is set as Access Mode.

AD Attribute


Note

This field is applicable to SBC 1000/2000 only.

Specifies any desired Active Directory attribute name in which the PBX number to be Registered is located; this field is dependent on how AD is configured. Default entry: =pager=.

This field is visible when Interop Mode is set as Office 365 w/AD PBX.

AD Update Frequency


Note

This field is applicable to SBC 1000/2000 only.

Controls the frequency (in days) for how often SIP queries Active Directory for all records with the specific AD attribute populated. Valid entry: 1 - 30 days.

This field is visible when Interop Mode is set as Office 365 w/AD PBX.

Note

As an option, the AD Live Update feature forces the SBC to query AD directly to obtain updated records (rather than following the parameter set in the AD Update Frequency).

AD First Update Time


Note

This field is applicable to SBC 1000/2000 only.

Specifies time of first AD query update in hh:mm:ss (24-hour format). Valid entry: hh (hour), mm (minute), ss (seconds).

This field is visible when Interop Mode is set as Office 365 w/AD PBX.

RegistrarSpecifies the Registrar Table attached to the Signaling Group for routing purposes and adding registration records.
Registrar Min. TTLSpecifies the Time-To-Live (TTL) value for inbound registrations. Inbound registration values should be equal to or greater than this. This is configured in all registration scenarios.
Outbound Registrar TTLSpecifies the Time-To-Live (TTL) value for outbound registrations. This is configured only in the Forward modes of operation only.
SIP Server Table

Specifies the SIP Server Table to be used in the Signaling Group. The options in this field are derived from the configuration of SIP Server tables, see Creating and Modifying Entries in SIP Server Tables.

If a SIP Server Table is added which includes a server that has Stagger Registration enabled, Stagger Registration occurs. Also, if a SIP server table is removed which included a server that had Stagger Registration enabled, Stagger Un-registration occurs. For more information about Stagger Registration, see Creating and Modifying Entries in SIP Server Tables .

If you select an entry in the SIP Server table that is defined as DNS SRV, the Load Balancing field is not visible. See Load Balancing.

Load Balancing

Specifies the load balancing method used for SIP Server registration and redundancy in the Signaling Group.

    • First: The initial request goes to the first available server.
    • Priority: Register Active Only: Used with the Failover SIP Registration feature. The initial request goes to the SIP Server with the highest priority. If the registration fails, the SIP Server becomes unreachable, or the registration expires, and a re-register fails, the SBC falls back to the next available SIP Server.
    • Priority: Register All: The request goes to the SIP Server with the highest priority (this is configured in the SIP Server) as long as it is available.
    • Round Robin: Each initial INVITE is sent to the next SIP Server in the pool. As the basic algorithm, the scheduler selects a resource pointed to by a counter from a list, after which the counter is incremented and if the end is reached, returned to the beginning of the list. Round-robin selection has the positive characteristic of preventing starvation, as every resource will be eventually chosen by the scheduler.
Note

For the Failover SIP Registration feature, the following options must be enabled:

    • The Priority: Register Active Only must be selected in Load Balancing.
    • The Use Register as Keep Alive field must be enabled in the SIP Signaling Group.

The type of the SIP Server: IP/FQDN or DNS-SRV determines the available options for Load Balancing:

Load Balancing OptionIP/FQDNDNS-SRV
Round Robin(tick)(error)
Priority: Register All(tick)(tick)
Priority: Register Active Only(tick)(tick)
First(tick)(error)
Note

In the SIP Server configuration, the Priority configuration option determines the order in which an SIP Server is used for redundancy and registration. Refer to Creating and Modifying Entries in SIP Server Tables.

Notify Lync CAC ProfileEnables whether any CAC Profile updates received locally are transmitted to the SIP servers listed in this Signaling Group Configuration. Valid entry: Disable (Default, updates received locally are not transmitted to SIP servers) or Enable (updates received locally are transmitted to SIP servers).
Challenge Request

Indicates whether or not incoming request messages are challenged for security purposes. If this option is set to Enable, you must specify a realm and at least one entry in the Authorization Table.

    • False: No request messages are challenged.
    • True: All requests are challenged for the realm, user, and password.
Outbound ProxySpecifies the outbound proxy through which all SIP messages are sent. For in-depth configuration details, see Outbound Proxy Configuration.
Outbound Proxy PortSpecifies the port number for the outbound proxy, if one is configured. The port number must be in the range 1024 through 65535.
No Channel Available Override


Note

This field is applicable to SBC 1000/2000 only.

In the event of a call release due to the No Channel/Circuit available release cause code, the specified cause code is sent to the relevant protocol module. For more information, refer to the list of Cause Codes.

Note

This attribute should be applied to the inbound Signaling Group of calls. Even in the case of an outbound Signaling Group having no channel available, the parameter value on the inbound Signaling Group is used to determine the cause code to send.

See below for an example of this behavior:

Call Setup Response Timer

Specifies the interval of time, in seconds, after a call is initiated that the SBC Edge Portfolio (SBC) waits for a call to connect before terminating the incoming call.

Call Proceeding Timer

Timer indicates the amount of time to wait after receiving a “100 Trying” for a call attempt (egress INVITE). When the timer expires the call will not proceed.

Option: 24 - 750 seconds.

QoE Reporting


Note

This field is applicable to SBC 1000/2000 only.

Enables the QoE (Quality of Experience) reporting feature in the SBC. Valid options: Enabled (enables the feature) or Disabled (disables the feature). This field must be enabled for the QoE options to be available through the QoE Settings. See Configuring Quality of Experience (QoE) Settings

Use Register as Keep AliveUse Registration requests as Keep Alive for marking the Signaling group as up or down. Default entry: Enabled.

When this field is set to Disabled, only SIP Options (if configured) are used as a keep-alive mechanism to mark the Signaling group as up or down.

Forked Call Answered Too Soon

When enabled, the SBC Edge Portfolio ignore a forked leg (disconnect) if that leg is going to a voicemail box, but the rest of the forked legs may connect to the subscriber's other numbers. For details, refer to Forked Calls Answered To Soon (Disconnect on Quick Connect).

Possible entries:

    • Disabled: The forked leg is not ignored (disconnected) if that leg is going to a voicemail box.
    • Enabled: The forked leg is ignored (disconnected) if that leg is going to a voicemail box, but the rest of the forked legs may connect to the subscriber's other numbers.
Answer Too Soon Timer

This field is available only when Forked Call Answered Too Soon is Enabled.

Specifies the timer for the forked leg to be disconnected. Valid entry: 1 - 5000 ms.

SIP Recording Status

For SIPREC, enables or disables the SIP Recording functionality on the selected signaling group.

Select from the drop-down list.

    • Disabled: Disables voice recording on the selected Signaling Group.
    • Enabled: Enables voice recording on the selected Signaling Group.
SIP Recorder

When SIPREC is enabled for the specific Signaling Group, this field enables the selection of an entry from an SIP Recording Table.  Select from the drop-down list. This list is populated from the entries configured in the SIP Recording table. For details, refer to Creating and Modifying Entries in the SIP Recorder Table.

This field is available only when SIP Recording Status is set to Enabled.

Media Information - Field Definitions

FieldDescription
Audio/Fax Stream Mode
Note

This field available is for SBC 1000/2000 only. For SBC SWe Edge , see Supported Audio Modes .

Determines the streaming mode for audio, fax, and media transmission.

    • Direct: Audio/fax stream is passed directly from one compatible end-point to another, this uses neither the SBC processor or a DSP resource.
    • DSP: Audio/fax stream is processed using a DSP resource, and consumes a DSP license.
    • Proxy: Audio/fax stream is processed using the SBC internal processing resources and does not require a DSP resource or license.

All options are enabled by default.

Supported Audio Modes
Note

This field available is for SBC SWe only. For SBC 1000/2000 see Audio/Fax Stream Mode.

Determines the streaming mode for audio, fax, and media transmission.

    • Direct: Audio stream is passed directly from one compatible end-point to another, using neither the SBC processor nor a DSP resource.
    • DSP: Audio stream is processed using a DSP resource, and consumes a transcoding license if the codecs are different.
    • Proxy Relay: Audio stream is processed using the SBC internal processing resources and does not require a DSP resource or transcoding license. Refer to Node-Locked Licensing. SRTP is untouched locally by the SBC.
    • Proxy with Local SRTP: Media stream is switched between endpoints using SRTP media encryption on a call-leg basis. Note: Support of Proxy with Local SRTP (encryption/decryption) requires licensing up to 1,000 signaling sessions. See Node-Locked Licensing.

All options are enabled by default.

Proxy Local SRTP Crypto Profile ID
Note

Available for SBC SWe Edge only. This field is available only when Proxy with Local SRTP is included in the Supported Audio mode list. 

Determines whether a call crypto file is used with SRTP media negotiation.

    • Crypto File: Indicates the crypto file profile used to negotiate SRTP.
    • None: SRTP is not used for media negotiation.
Video/Application Stream Mode

Determines the streaming mode for audio, fax, and media transmission. This feature requires a video license.

    • Direct: the video/application stream is passed directly from one compatible end-point to another; this operation uses neither SBC processor.
    • Disabled : the route is not used for video calls.
    • Proxy: the video/application stream is processed using the SBC internal processing resources.

The first two options are enabled by default.

Media List IDSpecifies the Media List used by this Signaling Group.
Play Ringback

Specifies how ringback plays on a channel.

Note

The Play Ringback configuration functions with 180 Ringing or ISDN Alert. The function also executes when SIP 183 is received with Session Description Protocol (SDP).

  • Auto on 180 (applies to 180/Alert only) or Auto on 180/183 (applies to 180/Alert and 183/Progress): Configured for Auto, the SBC operates in the nominal RFC 3960 pattern
    • SBC generates ringback until in-band media arrives.
    • SBC-generated ringback is discontinued in the presence of in-band ringback.
    • Additionally, any ALERT is sent with PI=8 regardless of whether or not an SDP was received on the SIP side. Doing so allows the SBC to send in-band audio without signaling PROGRESS.

Click to see more information about this topic.

  • Always on 180 (applies to 180/Alert only) or Always on 180/183 (applies to 180/Alert and 183/Progress): SBC provides ringback, ignoring any arriving in-band media.
    • For SIP-originated call legs, 180 is sent to permit SBC to provide in-band ringback via early media.
    • For ISDN-originated call legs, ALERT+PI will be sent along with SBC-inband ringing.

Click to see more information about this topic.

  • Never: SBC does not provide ringback and cuts through ringback from the source when/if it arrives.
    • With NEVER, SBC will send 180/ALERT to the originating call leg without SDP/PI as in this configuration SBC will not supply inband ringback.

Click to see more information about this topic.

(info) Note: The Play Ring Back setting is activated only after the channel receives an ALERT or 180 Ringing. Issues with ringback and 183 Session Progress must be addressed using a Message Translation.
Click to see more information about Activating Play Ring Back.

Tone TableSpecifies the Tone Table used by this Signaling Group. Only visible if Always or Auto is specified for Play Ring Back.
Play Congestion Tone

Specifies whether a congestion tone plays when a 503 response with reason header Q.850 and cause code = 42 is received for outbound INVITE.

Options: Enable (congestion tone is plays) or Disable (default; congestion tone does not play).

Early 183

Specifies whether to send a SIP 183 response immediately after receiving an Invite message. The early 183 Session Progress with SDP provides the SRTP key that will be used to decrypt the transmit stream from SBC to the SIP peer. This setting is used to prevent the peer device (e.g. Mediation server) from staying in the Trying state. This setting is required for Skype for Business interoperability.

Early 183 is applicable only when Audio/Fax Stream DSP Mode is enabled as the media mode.

Allow Refresh SDPSpecifies whether to allow refresh SDP after the media has been negotiated. Options: Enable (enables SDP after negotiation) or Disable (does not allow SDP after negotiation). Default entry: Enable.
Music on Hold

The field enables Music on Hold at the SIP Signaling group level. Available options:

    • Always Enabled: Enables local Music on Hold (for SDP attribute “sendonly” or “inactive”).
    • Disabled: Disables Music on Hold for the SIP Signaling Group.
    • Enabled for SDP Inactive: Enables local Music on Hold when there is no possibility of the peer device sending its own music during hold (for SDP attribute “inactive”).

Default value: Disabled.

For detailed information about enabling Music On Hold as part of the Media configuration, see Configuring the Media System. For detailed information about uploading music files, see Uploading Music on Hold Files - SBC Edge Portfolio.

RTCP Multiplexing
Note

For details on how to use Real-Time Transport Control Protocol (RTCP) Multiplexing with Microsoft Teams Direct Routing, refer to the following pages:

Enables RTCP Multiplexing to combine two parts of the Real-Time Transport Protocol (RTP) for data traffic and RTCP (for control information) onto a single multiplexed UDP port. RTCP Multiplexing is supported according to RFC 5761, in which the SDP contains the value of a=rtcp-mux. RTCP Multiplexing is supported for DSP mode only.

Valid entries: Enable ( SDP contains an a=rtcp-mux attribute, and RTP and RTCP are able to be combined on a single multiplexed port if the far end is capable ) or Disable ( SDP does not contain an a=rtcp-mux attribute and  RTP and RTCP consume two ports).

Default value: Disable.

The peer endpoint must support the a=rtcp-mux exchange for the RTP and RTCP port multiplexing onto one data port.

Media Codec Latch

Media Codec Latch allows enabling or disabling of the codec lockdown when receiving multiple codecs in offer answer model.

When disabling Media Codec Latch, the SBC will not renegotiate the codec if the peer sends more than one codec in the answer. 

Valid entries: Enable or Disable

Default value: Enable

Mapping Tables- Field Definitions

FieldDescription
SIP To Q.850 Override TableSpecifies the SIP to Q.850 Override Table to use for this Signaling Group.
Q.850 To SIP Override TableSpecifies the Q.850 To SIP Override Table to use for this Signaling Group.
Pass-thru Peer SIP Response CodeThe default value is Enabled. If you disable the pass-thru peer SIP response, then the mapping tables will be applied to SIP-SIP calls.

SIP IP Details - Field Definitions

FieldDescription
Teams Local Media Optimization Microsoft Teams Direct Routing media flow uses the shortest path to improve the SBC Edge's media quality and bandwidth usage.
Signaling/Media Source IP

Specifies the Logical IP address at which SIP messages are received. This address is used as the source IP for all SIP messages leaving the SBC SWe Edge or SBC 1000/2000 through this Signaling Group. The physical interface on which these messages leave the system is determined by the System IP routing configuration. The IP version (IPv4 or IPv6) for the SIP Server used by this Signaling Group determines the IP version used for all outgoing messages leaving the SBC through this Signaling Group.

Note

If Static NAT is used, the configured NAT Public IP replaces the Source IP selected or acquired when set to Auto mode. When the  Outbound NAT Traversal  field is set to  Static NAT, the name of the   Signaling/Media Source IP option changes to  Signaling /Media Private IP. 

Warning

It is recommended to set the Signaling/Media Source IP to the actual Ethernet IP Interface that the Signaling group uses to ensure Signaling and Media flow correctly.


    • Auto: The node automatically selects the IP address used as the source address of all outgoing SIP messages leaving the SBC through this Signaling Group. The IP address is based on the physical interface selected by the IP routing configuration.
    • Ethernet IP: Allows you to select a specific source IP address for outgoing SIP messages through this Signaling Group.

Private Media Source IP The private IP address that handles routing of messages for media. This field is displayed only when  Teams Local Media Optimization  is enabled. Valid entry: select an IP address from the drop-down list. 
Signaling DSCP

Each SIP-SG is configurable with the DSCP value to be used for signaling. This allows for improved quality of service in real-time applications, such as conferencing and conversations. The settings take effect for both client and server modes of SIP. The default value of 40 is the most common value used in the VOIP networks for signaling packets. The configured value should be chosen according to the QoS policies of the IP network in which the signaling packets travel.

Valid entry range: 0 to 63 (inclusive). Default value: 40.

NAT Traversal

Specifies whether or not the Signaling Group uses a third-party entity IP address inside the SIP message to support network address translation (NAT). Only visible when NAT Traversal is set to Static NAT.

    • None: Specifies that network address translation is not used.
    • Static NAT: Specifies that network address translation is used.

Symmetric NAT (port forwarding) is the only supported NAT type. This NAT configuration type means that packets received on a specific NAT server port are always forwarded to the same SBC port, for example, packets on the NAT public IP, port 5060 are forwarded to a private (SBC) IP, port 5060.

ICE Support

Specifies whether ICE support is enabled/disabled. Enable/disable is displayed only when SIP Mode is configured to Basic Call.

    • Disable: When the ICE Support option is disabled, the SBC Edge Portfolio SBC Edge Portfolio does not support ICE for both incoming and outgoing calls. If ICE is disabled on a Signaling Group and if the incoming offer contains ICE, the SBC Edge Portfolio responds with no ICE attributes in the SDP.
    • Enable: When ICE support option is enabled on the signaling group, SBC Edge Portfolio allows SIP to propose ICE candidates in INVITE and 183/200 responses based on the call direction for that Signaling Group. If no candidate is proposed by the other side, the call proceeds as if ICE was not enabled.

When Interactive Connection Establishment (ICE) support is enabled, it takes precedence over all other media related NAT configuration.

ICE Mode

Specifies the Interactive Connection Establishment (ICE) Mode that is enabled/disabled. This field is displayed only when ICE Support is enabled.

For SBC 1000/2000:

Two ICE Modes are available:

    • Full: The SBC operates as an ICE (full) agent endpoint.
    • Lite: The SBC operates as an ICE-Lite agent endpoint (for SIP calls involving NAT devices) with a full ICE agent in the role of controlling agent.    


For SBC SWe Edge:
    • Lite: For theSBC SWe Edge, only Lite mode is supported. The SBC operates as an ICE-Lite agent endpoint (for SIP calls involving NAT devices) with a full ICE agent in the role of controlling agent. 
 
For details on ICE, refer to Working with the SBC Edge Portfolio as an ICE-Lite Agent and Working with the SBC Edge Portfolio as an ICE Agent.


Static NAT - Outbound

If the selected Outbound NAT Traversal is Static NAT, you must enter the field NAT Public IP (Signaling/Media) appears.

Static NAT - Inbound

Detection

Enables and disables NAT Traversal detection for inbound SIP/RTP packets.

    • When detection is disabled, none of the following fields are visible.
Qualified Prefixes TableSpecifies which SIP NAT Qualified Prefix Table to use in association with this SIP Signaling Group. The Qualified Prefixes Table is used to determine whether or not a particular subnet is behind a NAT device. If None is selected from the Qualified Prefixes Table drop-down list, then all subnets are treated as if they were behind a NAT device. The options available from this drop-down list are configured as part of NAT Qualified Prefixes
Secure Media LatchingEnables and disables Secure Media Latching for inbound RTP packets. When enabled, media latching occurs only if the RTP packet's IP is in the same subnet as the public IP seen by SIP signaling. When disabled, no IP address security checks are performed during RTP latching.
Source Media Netmask

Specifies the netmask used to compare the SIP Signaling IP and the RTP IP used for latching.

    • The Source Media Netmask field is present if Inbound NAT Transversal Detection and Secure Media Latching are enabled.
    • The netmask must be specified in dotted decimal format (e.g., 255.255.255.255).
Registrar Max. TTL EnabledEnables and disables the time to live (TTL) functionality for inbound registrants from behind a NAT. If a client registers with an expires value greater than the value specified in the Registry Max. TTL field, the expiration is adjusted to the value specified in the Registrar Max TTL field.
Registrar Max. TTL

Specifies a maximum time to live (TTL) for the SIP registration. The SBC uses this feature to determine that the client is still active, and aid in keeping bindings to remote NAT devices alive. If the SBC does not receive a request to re-register from the client before the expiry, the call and the registration are torn down.

    • Note that this field is only applicable to clients registering from behind NAT devices.
    • Setting the Max. TTL to a low duration may result in excessively high system resource usage as the number of NAT clients increases.
Application Layer IP

Specifies how the Signaling Group will select the local IP.

    • Auto: Means that the SBC connects to the peer and queries the local IP which is used in SIP headers and SDP.
    • Bind: Binds to a specified interface and uses that IP address (1st/2nd) in headers and SDP.
NAT Public IP Address

Specifies the public IP of the NAT server visible from Internet. The NAT server's ports must be configured to allow SIP and RTP traffic, for example: port range 5060-5061 for SIP and 16000-17000 for RTP.

The IP address specified in this field must be publicly accessible.

Listen Ports - Field Definitions

This section defines a listening port and protocol for the SIP Signaling Group.

FieldDescription
Listen Port

This section defines a listening port and protocol for the SIP Signaling Group.

The Listen Ports populated in this screen are derived from the configuration in the Listen Port Table. The Signaling Group uses this port for communication with external peers. 

    • Add/Edit. Displays a drop-down list of available message tables. Select an entry and click Apply.
    • Remove. Removes the port entry from the list.

When several TLS Signaling Groups are all listening on the same port (for example, 5067), you must use the same TLS profile. If you need different TLS profiles, the Signaling Groups must listen on a different port.


Note

For the SfB to Microsoft Teams migration, do not configure the Listen Ports table of the SfB signaling group with the same Listen Ports of the Microsoft Teams signaling group.

Federated IP/FQDN - Field Definitions

Note

Federated IP addresses and FQDNs specified in a SIP Signaling Group are permitted.

The Federated IP/FQDN feature acts as an access control by defining from which server a SIP Signaling Group will accept messages. 

FieldDescription
IPv4/6 Address or FQDN

Specifies the IP Address (IPv4 or IPv6) or Fully Qualified Domain Name of a server from which the SBC will accept SIP messages. Federated IP allows IPv4, IPv6, or FQDN address format.

For IPv4:

  • If the Netmask is not specified, 255.255.255.255 is used.
  • When an IP Address is specified the Netmask is mandatory.

For IPv6:

  • Prefix format is used to identify the subnet.

For FQDN:

  • When an FQDN is specified, all the IPs in that domain are added.
  • Uses the Federated IP Netmask/Prefix field to determine whether the signaling group uses IPv4 or IPv6.
Federated IP Netmask/Prefix

For IPv4: Specifies the network address mask to apply against the specified server address.

For IPv6: Specifies the prefix to identify the subnet.

Message Manipulation - Field Definitions

FieldDescription
Message Manipulation

This option enables or disables the ability for the SBC to manipulate SIP messages using previously configured Message Tables.

Select from the drop-down list: Enable (enables the feature) or Disable (disables the feature).

Inbound Message Manipulation

The rules in this table are used to manipulate inbound SIP messages in the Signaling Group. The Signaling Group will support a maximum of 10 Message Rule Tools allowed in the Signaling Group (inbound direction).

    • Add: Displays a drop-down list of available message tables. Select an entry and click Apply.
    • Down: Moves the message table entry down in the list. The rules are applied in the order the tables are listed.
    • Remove: Removes the message table entry from the list.
    • Up: Moves the message table entry up in the list. The rules are applied in the order the tables are listed.
Outbound Message Manipulation

The rules in this table are used to manipulate outbound SIP messages in the Signaling Group. The Signaling Group will support a maximum of 10 Message Rule Tools allowed in the Signaling Group (outbound direction).

    • Add: Displays a drop-down list of available Message Tables. Select an entry and click Apply.
    • Down: Moves the message table entry down in the list. The rules are applied in the order the tables are listed.
    • Remove: Removes the message table entry from the list.
    • Up: Moves the message table entry up in the list. The rules are applied in the order the tables are listed.