SipDeviceConfiguration

Version 72 (Adrian Georgescu, 09/26/2012 08:57 pm) → Version 73/106 (Adrian Georgescu, 11/04/2012 05:24 pm)

h1. SIP Device Configuration

There are thousands of SIP devices on the market, for how to configure them we advise you to consult the support forum of the device manufacturer.

Please do not open a ticket related to how a particular device must be configured.

Setup your SIP device as follows:

h2. SIP Account Credentials

Account credentials are used for authentication and authorization of SIP requests performed by the SIP device.

Your SIP address is XXX@sip2sip.info replace XXX with the username chosen during the account enrollment.

| Username| XXX|
| Password| YYY|
| Domain/Realm|sip2sip.info|

Register must be turned On in order to receive incoming calls.

If your SIP devices is smart enough, there is no need to set manually anything else than the above settings. If you need to manually fine tune the configuration read below.

[[SipDevices|Specific SIP devices configuration]]

h2. Outbound Proxy

There are multiple SIP servers distributed in multiple geographic locations. To locate them, the SIP device must always perform DNS lookups as defined in SIP standard "RFC3263":http://www.ietf.org/rfc/rfc3263.txt (NAPTR + SRV + A DNS lookups)

You must should never set manually a host an IP address or transport belonging to SIP2SIP server infrastructure into your SIP device as it may change. Your device You must use proper DNS lookups instead of hardwiring such these setting into your SIP device.

For informational purposes, the servers are reachable at the following addresses, but again you must query the DNS to discover them as they may and will change in the future.

| Host | Port | Protocol |
| proxy.sipthor.net| 5060| UDP |
| proxy.sipthor.net| 5060| TCP |
| proxy.sipthor.net| 5061| TLS |

h2. TLS Settings

You may use TLS transport, the SIP servers have a valid X.509 certificate issued by "RapidSSL":http://www.rapidssl.com corresponding to the proxy.sipthor.net hostname of the proxy. If the client does not RapidSSL certificate authority loaded, it may fail to validate the certificate. If the client allows it you can download the "RapidSSL root CA":http://www.geotrust.com/resources/root_certificates/certificates/Equifax_Secure_Certificate_Authority.cer into it. Turn TLS certificate validation off to circumvent the problem.

TLS as any other transport like UDP or TCP may not be always available, set your SIP device to use DNS to discover which transport is available.



h2. XCAP Root

If you use SIMPLE presence you need to set XCAP root:

| XCAP Root | https://xcap.sipthor.net/xcap-root/|

h2. MSRP Relay

If you use SIMPLE instant messaging based on "MSRP":http://tools.ietf.org/html/rfc4975, a "relay":http://tools.ietf.org/html/rfc4976 is available for helping traverse the NAT. You need to use the relay if you are the receiving party and you are behind a NAT-ed router. The MSRP relays can be found in the DNS by using SRV lookup for _msrps._tcp.sip2sip.info.

h2. STUN Servers

You may use STUN for ICE NAT traversal. The STUN servers can be found in the DNS by using SRV lookup for _stun._udp.sip2sip.info.

h2. NAT Traversal

SIP2SIP infrastructure is smart enough to handle the NAT traversal for both SIP signaling, RTP and MSRP media sessions. Also it supports ICE negotiation in the clients and provides automatically a TURN relay candidate.

Practically, you should not set any NAT traversal features in the client as the chance of fixing things is much smaller than breaking them.

* Do not use STUN for Register purposes
* Do not set your client to discover a global IP address