SipDeviceConfiguration
Version 75 (Adrian Georgescu, 11/06/2012 12:06 am) → Version 76/109 (Adrian Georgescu, 11/06/2012 12:06 am)
h1. SIP Device Configuration
There are thousands of SIP devices on the market, for how to configure them we advise you to consult the support forum of the device manufacturer.
Please do not open a ticket related to how a particular device must be configured.
Setup your SIP device as follows:
h2. SIP Account Credentials
Account credentials are used for authentication and authorization of SIP requests performed by the SIP device.
Your SIP address is XXX@sip2sip.info replace XXX with the username chosen during the account enrollment.
| Username| XXX|
| Password| YYY|
| Domain/Realm|sip2sip.info|
Register must be turned On in order to receive incoming calls.
If your SIP devices is smart enough, there is no need to set manually anything else than the above settings. If you need to manually fine tune the configuration read below.
[[SipDevices|Specific SIP devices configuration]]
h2. Server Location
There are multiple SIP servers distributed in multiple geographic locations. To locate them, the SIP device must always perform DNS lookups as defined in SIP standard "RFC3263":http://www.ietf.org/rfc/rfc3263.txt (NAPTR + SRV + A DNS lookups)
You must never set manually a host address or transport belonging to SIP2SIP server infrastructure into your SIP device as it may and will change over time. Your device must use DNS lookups instead of hardwiring any such settings into your SIP device.
For informational purposes, the servers are reachable at the following addresses, but again you must query the DNS to discover them as they may and will change in the future.
| Host | Port | Protocol |
| proxy.sipthor.net| 5060| UDP |
| proxy.sipthor.net| 5060| TCP |
| proxy.sipthor.net| 5061| TLS |
h2. TLS Settings
SIP2SIP servers serverss have a X.509 certificate issued by "RapidSSL":http://www.rapidssl.com corresponding to the proxy.sipthor.net hostname of the proxy. If the client does not RapidSSL certificate authority loaded, it may fail to validate the certificate. If the client allows it you can download the "RapidSSL root CA":http://www.geotrust.com/resources/root_certificates/certificates/Equifax_Secure_Certificate_Authority.cer into it. Turn TLS certificate validation off to circumvent the problem.
TLS as any other transport like UDP or TCP may not be always available, set your SIP device to use DNS to discover which transport is available.
h2. XCAP Root
If you use SIMPLE presence you need to set XCAP root:
| XCAP Root | https://xcap.sipthor.net/xcap-root/|
h2. MSRP Relay
If you use SIMPLE instant messaging based on "MSRP":http://tools.ietf.org/html/rfc4975, a "relay":http://tools.ietf.org/html/rfc4976 is available for helping traverse the NAT. You need to use the relay if you are the receiving party and you are behind a NAT-ed router. The MSRP relays can be found in the DNS by using SRV lookup for _msrps._tcp.sip2sip.info.
h2. STUN Servers
You may use STUN for ICE NAT traversal. The STUN servers can be found in the DNS by using SRV lookup for _stun._udp.sip2sip.info.
h2. NAT Traversal
SIP2SIP infrastructure is smart enough to handle the NAT traversal for both SIP signaling, RTP and MSRP media sessions. Also it supports ICE negotiation in the clients and provides automatically a TURN relay candidate.
Practically, you should not set any NAT traversal features in the client as the chance of fixing things is much smaller than breaking them.
* Do not use STUN for Register purposes
* Do not set your client to discover a global IP address
There are thousands of SIP devices on the market, for how to configure them we advise you to consult the support forum of the device manufacturer.
Please do not open a ticket related to how a particular device must be configured.
Setup your SIP device as follows:
h2. SIP Account Credentials
Account credentials are used for authentication and authorization of SIP requests performed by the SIP device.
Your SIP address is XXX@sip2sip.info replace XXX with the username chosen during the account enrollment.
| Username| XXX|
| Password| YYY|
| Domain/Realm|sip2sip.info|
Register must be turned On in order to receive incoming calls.
If your SIP devices is smart enough, there is no need to set manually anything else than the above settings. If you need to manually fine tune the configuration read below.
[[SipDevices|Specific SIP devices configuration]]
h2. Server Location
There are multiple SIP servers distributed in multiple geographic locations. To locate them, the SIP device must always perform DNS lookups as defined in SIP standard "RFC3263":http://www.ietf.org/rfc/rfc3263.txt (NAPTR + SRV + A DNS lookups)
You must never set manually a host address or transport belonging to SIP2SIP server infrastructure into your SIP device as it may and will change over time. Your device must use DNS lookups instead of hardwiring any such settings into your SIP device.
For informational purposes, the servers are reachable at the following addresses, but again you must query the DNS to discover them as they may and will change in the future.
| Host | Port | Protocol |
| proxy.sipthor.net| 5060| UDP |
| proxy.sipthor.net| 5060| TCP |
| proxy.sipthor.net| 5061| TLS |
h2. TLS Settings
SIP2SIP servers serverss have a X.509 certificate issued by "RapidSSL":http://www.rapidssl.com corresponding to the proxy.sipthor.net hostname of the proxy. If the client does not RapidSSL certificate authority loaded, it may fail to validate the certificate. If the client allows it you can download the "RapidSSL root CA":http://www.geotrust.com/resources/root_certificates/certificates/Equifax_Secure_Certificate_Authority.cer into it. Turn TLS certificate validation off to circumvent the problem.
TLS as any other transport like UDP or TCP may not be always available, set your SIP device to use DNS to discover which transport is available.
h2. XCAP Root
If you use SIMPLE presence you need to set XCAP root:
| XCAP Root | https://xcap.sipthor.net/xcap-root/|
h2. MSRP Relay
If you use SIMPLE instant messaging based on "MSRP":http://tools.ietf.org/html/rfc4975, a "relay":http://tools.ietf.org/html/rfc4976 is available for helping traverse the NAT. You need to use the relay if you are the receiving party and you are behind a NAT-ed router. The MSRP relays can be found in the DNS by using SRV lookup for _msrps._tcp.sip2sip.info.
h2. STUN Servers
You may use STUN for ICE NAT traversal. The STUN servers can be found in the DNS by using SRV lookup for _stun._udp.sip2sip.info.
h2. NAT Traversal
SIP2SIP infrastructure is smart enough to handle the NAT traversal for both SIP signaling, RTP and MSRP media sessions. Also it supports ICE negotiation in the clients and provides automatically a TURN relay candidate.
Practically, you should not set any NAT traversal features in the client as the chance of fixing things is much smaller than breaking them.
* Do not use STUN for Register purposes
* Do not set your client to discover a global IP address