Transcription
I n n o v a t i o nN e t w o r k A p pN o t eIN- 13056Date : Sept, 2013Product: ShoreTel Ingate BroadvoxSystem version: ShoreTel 13.xShoreTel, Ingate & Broadvox for SIP TrunkingSIP Trunking allows the use of Session Initiation Protocol (SIP) communications from Broadvox instead ofthe typical analog, Basic Rate Interface (BRI), T-1 or E-1 trunk connections. Having the pure IP trunk to theInternet Telephony Service Provider allows for more control and options over the communication link. Thisapplication note provides the details on connecting the ShoreTel IP phone system through an Ingate boxwhich is connected to both the LAN and WAN and acts as a gateway and security device to Broadvox forSIP Trunking.Table of ContentsOverview . 2Broadvox Overview and Contact . 2Ingate Overview & Contact . 2Architecture Overview. 3Requirements, Certification and Limitations 5Broadvox Validation Test Results . 6Table 1-1: Initialization and Basic Calls.6Table 1-2: Media and DTMF Support .7Table 1-3: Performance & Quality of Service.7Table 1-4: Enhanced Services and Features.9Configuration Overview. 11ShoreTel Unsupported Features . 11ShoreTel Configuration . 11Ingate Configuration . 24Web Admin.24Connecting the Ingate Firewall/SIParator .25Using the Startup Tool .26Configure the Unit for the First Time .26Change or Update Configuration .30Network Topology .33IP-PBX.44Internet Service provider (ITSP) .46Upload Configuration .47Ingate – Additional Coniguration Parameters .50OPTIONS Configuration.51Interoperability parameters .52Configuration Troubleshooting . 53Startup Tool Troubleshooting .53Status Bar .53Configure Unit for the First Time .53Change or Update Configuration .54Network Topology .55IP-PBX.56Internet service provider (ITSP) .56Apply Configuration .56Ingate Web GUI Configuration . 57Network – Network & Computers.58Basic Configuration – SIParator Type.58SIP Service – Basic.59SIP Service – Interoperability .59SIP Traffic – Filtering .60SIP Traffic – Dial Plan.61SIP Traffic – SIP Trunk.62Ingate Basic Call Troubleshooting . 63Troubleshooting Outbound Calls .63Troubleshooting Inbound calls .66Broadvox Configuration & Support . 69Document & Software Copyrights . 69Trademarks. 69Disclaimer . 69Company Information. 69ShoreTel tests and validates the interoperability of the Member's solution with ShoreTel's published softwareinterfaces. ShoreTel does not test, nor vouch for the Member's development and/or quality assuranceprocess, nor the overall feature functionality of the Member's solution(s). ShoreTel does not test theMember's solution under load or assess the scalability of the Member's solution. It is the responsibility of theMember to ensure their solution is current with ShoreTel's published interfaces.The ShoreTel Technical Support organization will provide Customers with support of ShoreTel's publishedsoftware interfaces. This does not imply any support for the Member's solution directly. Customers or resellerpartners will need to work directly with the Member to obtain support for their solution.960 Stewart Drive Sunnyvale, CA 94085 USA Phone 1.408.331.3300 1.877.80SHORE Fax 1.408.331.3333 www.ShoreTel.com-1-
OverviewThis document provides details for connecting the ShoreTel system through the Ingate SIParator / Firewall toBroadvox for SIP Trunking, which enables audio communications. The document specifically focuses on theconfiguration procedures needed to set up these systems to interoperate.Broadvox Overview and ContactBroadvox is a leader in providing customized integrated managed VoIP communication and collaboration solutionsto support SMB, Enterprise and Carrier customers. It has deployed one of the largest, full-featured global VoIPnetworks and is trusted by over 300 telecommunications carriers, ASPs, ISPs and more than 10,000 businesses and4,000 partners nationwide. Broadvox delivers SIP Trunking, SIP origination and termination services, broadbandand Hosted Communications. Broadvox is headquartered in Dallas, Texas. For more information, visitwww.broadvox.com.Contact:Technical Support:Email: techsupport@Broadvox.comPhone: 888-849-9608Ingate Overview & ContactINGATE SYSTEMS offers the only fully SIP capable security products offering features important to enterpriseadoption of SIP Trunking. The Ingate Firewall offers a single device to protect the network and manage SIPtraffic. The Ingate SIParator allows the enterprise to adopt SIP without replacing their existing firewall. Bothproducts include a SIP Application Layer Gateway (ALG), proxy and registrar that enable SIP signaling to traversethe firewall, support for dynamic media port management to keep the network safe, encryption for privacy, addedrouting capabilities to make the installation of SIP Trunks simple and inexpensive, and remote SIP connectivity sothat the enterprise can offer SIP services to their remote workers.NORTH AMERICAFor general sales questions, please contact your reseller or contact Ingate directly at:Steven esellers who want to start selling this solution should contact:Steven MEAFor general sales questions, please contact your reseller or contact Ingate directly at:Ingate Systems HQ 46 86007750960 Stewart Drive Sunnyvale, CA 94085 USA Phone 1.408.331.3300 1.877.80SHORE Fax 1.408.331.3333 www.ShoreTel.com-2-
sales@ingate.comwww.ingate.comResellers who want to start selling this solution should contact:Ingate Systems HQ 46 86007750sales@ingate.comwww.ingate.comArchitecture OverviewSIP Trunking allows the use of Session Initiation Protocol (SIP) communications from an Internet TelephonyService Provider (ITSP) instead of the typical analog, Basic Rate Interface (BRI), T1 or E1 trunk connections.Having the pure IP trunk to the ITSP allows for more control and options over the communication link. Thisapplication note provides the details on connecting the ShoreTel IP phone system through an Ingate SIParatorwhich is connected to both the LAN and WAN and acts as a secure gateway to Broadvox for SIP Trunking.ShoreTel and Ingate have teamed up to build a solid security focused solution, ShoreTel being the IP PBX whichresides on the LAN and connects to the Ingate SIParator / Firewall. Providing a solution to allow customers theability to connect to SIP Trunks offered by Broadvox in a secure manner is important. The Ingate then is connectedto not only the LAN but also the WAN, providing the typical firewall security abilities and additionally intelligentSIP routing and SIP features such as: Registration Digest Authentication Dial Plan Modification Back to Back User Agent (Terminates SIP messaging on both LAN and WAN side for SIP ProtocolNormalization) Transfer conversion of SIP REFER to SIP reINVITE messaging Quick configuration templates for each of the certified ITSPsThe image below shows a high level drawing of a basic ShoreTel / Ingate / ITSP design. This drawing onlyrepresents SIP and Real-time Transfer protocol (RTP) traffic. The next section of this application note covers actualdeployment design options.960 Stewart Drive Sunnyvale, CA 94085 USA Phone 1.408.331.3300 1.877.80SHORE Fax 1.408.331.3333 www.ShoreTel.com-3-
FIGURE 2 – ARCHITECTURAL OVERVIEWIngate has two products for this solution, the Ingate Firewall and Ingate SIParator. From a SIP functionality point ofview they are basically the same. The Ingate Firewall also provides normal data firewalling functionality and isrecommended if the enterprise wants to replace the existing firewall. Ingate Firewalls handle both data and voicetraffic as a single device. The Ingate SIParator is the solution for those who want the keep an existing firewall whenadopting SIP. In this case the Ingate SIParator will co-exist in parallel with the normal data firewall.The routing of SIP traffic to the Ingate SIParator can be accomplished in three primary ways. The first is the mostcommonly deployed though each configuration offers its own advantages for the enterprise: Configuration 1: Single leg/DMZ only, Firewall logs all activity Configuration 2: DMZ/LAN, Reduced load on firewall Configuration 3: Two legged/Standalone, SIP traffic separate from data traffic960 Stewart Drive Sunnyvale, CA 94085 USA Phone 1.408.331.3300 1.877.80SHORE Fax 1.408.331.3333 www.ShoreTel.com-4-
FIGURE 3 – INGATE 3 POSSIBLE CONFIGURATIONSRequirements, Certification and LimitationsAny Ingate SIParator or Ingate Firewall model will work in this configuration. In a Trunking scenario it is requiredto have the Ingate SIP Trunking module installed.A few traversal licenses are included with the Ingate unit at delivery. Typically one traversal license will be neededfor each expected concurrent phone call on the SIP Trunk. Additional licenses can be bought via your Ingatereseller.G711 and G729 are the preferred codec’s on Broadvox’s network. ShoreTel does not support more than one G729dialog for a single local switchboard, therefore some call scenarios involving multiple inbound and outbounddialogs will fail if the Ingate is set to pass only G729, even though ShoreTel is set for G729 first and G711 (or anyother) second. With this combination ShoreTel will negotiate to use G729 for the first dialog but not for subsequentdialogs. It’s in these subsequent dialogs where the chosen codec offered by ShoreTel will be stripped by the Ingatesince it’s set to pass only G729. The requirement here would be to not set the Ingate to pass only G729, but to setupthe Ingate to also include other codec’s that are in the chosen ShoreTel codec list.All outbound calls to the PSTN will require an assigned prefix as per customer’s requirements.960 Stewart Drive Sunnyvale, CA 94085 USA Phone 1.408.331.3300 1.877.80SHORE Fax 1.408.331.3333 www.ShoreTel.com-5-
Version SupportProducts are certified via the Technology Partner Certification Process for the ShoreTel system. Table belowcontains the matrix of Ingate Firewall and Ingate SIParator versions firmware releases certified on the identifiedShoreTel software releases.Ingate Firewall and IngateSIParator versionShoreTel 13.x5.0.1 Broadvox network equipment:Broadvox Fusion Version 1.0Broadvox Validation Test ResultsBasic test plan:TABLE 1-1: INITIALIZATION AND BASIC CALLSIDName1.0ConfigurationApplication Note1.11.21.31.41.51.61.71.8DescriptionInnovation Network Lab will use theconfiguration application noteprovided by the vendor to configurethe vendor’s product to work with theShoreTel system.Setup andVerify successful setup andinitializationinitialization of the SUTOutbound CallVerify calls outbound placed through(Domestic)the SUT reach the externaldestination.Inbound CallVerify calls received by the SUT are(Domestic)routed to the default trunk groupdestination.Device restart –Verify that the SUT recovers afterPower Losspower loss to the SUTDevice restart –Verify the SUT recovers after loss ofNetwork Lossnetwork link to the SUT.All Trunks Busy Verify an inbound callers hears busy– Inbound Callers tone when all channels/trunks are inuseAll Trunks Busy Verify an outbound callers hears busy– Outboundtone when all channels/trunks are inCallersuseIncompleteVerify proper call progress tones areInbound Callsprovided and proper call teardown forincomplete inbound 60 Stewart Drive Sunnyvale, CA 94085 USA Phone 1.408.331.3300 1.877.80SHORE Fax 1.408.331.3333 www.ShoreTel.com-6-
TABLE 1-2: MEDIA AND DTMF SUPPORTID2.1NameDescriptionNotesMedia Support –ShoreTel to SUTPass2.2Media Support –SIP Reference toSUT2.3CodecNegotiation2.4DTMFTransmission –Out of Band / InBandAuto AttendantMenuVerify call connection and audio pathfrom a ShoreTel phone to an externaldestination through the serviceprovider using all supported codeswith both sides set to a commoncodec.Verify call connection and audio pathfrom a SIP Reference phones to anexternal destination through theservice provider using all supportedcodes with both sides set to acommon codec.Verify codec negotiation between theSUT and the calling device with eachside configured for a different codec.Verify transmission of in-band andout-of-band digits per RFC 2833 forvarious devices connected to the SUT.Verify that inbound calls are properlyterminated on the ShoreTel AutoAttendant menu and that you cantransfer to the desired extension.Verify that inbound calls are properlyterminated on the ShoreTel AutoAttendant menu and that you cantransfer to the desired extension usingthe “Dial by Name” feature.Verify that inbound calls are properlyterminated on the ShoreTel AutoAttendant menu and that you cantransfer to the Voice Mail LoginExtension.Pass2.52.6Auto AttendantMenu “Dial byName”2.7Auto AttendantMenu checkingVoice MailmailboxPassPass1PassPassPassTABLE 1-3: PERFORMANCE & QUALITY OF SERVICEIDNameDescriptionNotes3.1Voice QualityService LevelsVerify the SUT can provide a voicequality SLA across the WAN fromthe customer premises to the SUT SIPgateway.Not Tested1With some call scenarios ShoreTel does not support more than a single G729 dialog; therefore audio issues occur when theIngate is set to pass only G729. Here ShoreTel is selecting a different codec for the second dialog of the call which the Ingateremoves. The recommendation is to not set the Ingate to pass G729 only, include others or set to pass all codecs.960 Stewart Drive Sunnyvale, CA 94085 USA Phone 1.408.331.3300 1.877.80SHORE Fax 1.408.331.3333 www.ShoreTel.com-7-
IDNameDescriptionNotes3.2Capacity TestPass3.3Post Dial DelayVerify the service provider interfacecan sustain services through period ofheavy outbound and inbound load.Verify that post dial delay is withinacceptable limits.3.4Billing AccuracyVerify that all test calls made areaccurately reflected in the SUT’sCDR and billing reports.PassPass960 Stewart Drive Sunnyvale, CA 94085 USA Phone 1.408.331.3300 1.877.80SHORE Fax 1.408.331.3333 www.ShoreTel.com-8-
TABLE 1-4: ENHANCED SERVICES AND FEATURESIDNameDescriptionNotes4.1Caller ID Nameand Number InboundCaller ID Nameand Number OutboundHold from SUTto SIP ReferenceCall Forward SUTVerify that Caller ID name andnumber is received from SIP endpointdeviceVerify that Caller ID name andnumber is sent from SIP endpointdeviceVerify successful hold and resume ofconnected callVerify outbound calls that are beingforwarded by the SUT are redirectedand connected to the appropriatedestination.Verify outbound calls that are beingforwarded by the SUT are redirectedand connected to the appropriatedestination.Verify a call connected from the SUTto the ShoreTel phone can betransferred to an alternate destination.Verify a call connected from the SUTto the ShoreTel phone can betransferred to an alternate destination.Verify successful ad hoc conferenceof three partiesVerify the SUT provides inbound“dialed number information” and iscorrectly routed to the configureddestination.Verify that outbound calls to 911 arerouted to the correct PSAP for thecalling location and that caller IDinformation is delivered.Verify that 0 calls are routed to anoperator for calling assistance.Verify that calls with Blocked CallerID route properly and the answeringphone does not display any Caller IDinformation.Verify that calls route to the properHunt Group and are answered by anavailable hunt group member withaudio in both directions using G.729and G.711 codecs.Pass4.24.34.44.5Call Forward –External PSTNNumber4.6Call Transfer –blind4.7Call Transfer –Consultative4.8Conference – adhocInboundDID/DNIS4.94.10Outbound 9114.11OperatorAssistedInbound /Outbound callwith BlockedCaller IDInbound call to aHunt N/APassPass2When SIP Bria client version 3.5.2-70364 is assigned as a ShoreTel user extension, file based MoH is not heard to the callerplaced on hold by the Bria. This is a known limitation for some 3rd party SIP endpoints.960 Stewart Drive Sunnyvale, CA 94085 USA Phone 1.408.331.3300 1.877.80SHORE Fax 1.408.331.3333 www.ShoreTel.com-9-
IDNameDescriptionNotes4.14Inbound call to aWorkgroupPass4.15Inbound call toDNIS / DID andleave a voicemail messageCall Forward –“FindMe”Verify that calls route to the properWorkgroup and are answeredsuccessfully by an availableworkgroup agent with audio in bothdirections using G.729 and G.711codecs.Verify that inbound calls to a user, viaDID / DNIS, routes to the proper usermailbox and a message can be leftwith proper audio.Verify that inbound calls areforwarded to a user’s “FindMe”destination.Verify that inbound calls areimmediately automatically forwardedto a user’s external destination.Verify that inbound / outbound faxcalls complete successfully.Verify that inbound calls are properlyforwarded to the ShoreTel ConvergedConferencing Server and it properlyaccepts the access code and you’reable to participate in the conferencebridge.Verify that inbound calls properlypresented to all of the phones thathave BCA configured and that the callcan be answered, placed on-hold andthen transferred.Verify that inbound calls properlypresented to all of the phones thathave Group Pickup configured andthat the call can be answered, placedon-hold and then transferred.Verify that inbound calls are properlypresented to the Office AnywhereExternal PSTN destination.Verify that inbound calls are properlypresented to the desired extension andthe “Additional Phones” destinations.Verify that an inbound call can beconferenced with three (or more)additional partiesVerify that an inbound call can beparked and unparkedVerify that external calls can berecorded via the SIP Trunk usingShoreTel CommunicatorNot Tested4.164.17Call ForwardAlways4.18Inbound /Outbound 0Inbound call toBridged CallAppearance(BCA) extension4.21Inbound call to aGroup Pickupextension4.22Office AnywhereExternal4.23Simul Ring4.24MakeMeConference4.25Park / Unpark4.26Call ass960 Stewart Drive Sunnyvale, CA 94085 USA Phone 1.408.331.3300 1.877.80SHORE Fax 1.408.331.3333 www.ShoreTel.com- 10 -
IDNameDescriptionNotes4.27Silent Monitor /Barge-In /Whisper PageLong Duration –InboundVerify that external calls can besilently monitored, barged-in andwhisper paged via the SUT.Verify that an inbound call isestablished for a minimum of 30minutes.Verify that an outbound call isestablished for a minimum
960 Stewart Drive Sunnyvale, CA 94085 USA Phone 1.408.331.3300 1.877.80SHORE Fax 1.408.331.3333 www.ShoreTel.com - 1 - ShoreTel, Ingate & Broadvox for SIP Trunking SIP Trunking allows the use of Session Initiation Protocol (
