...
SIP/TLS is about configuring the encrypted communication channel among PrivateServer and its clients. The configuration form is reachable by the SIP/TLS main menu entry. From the editing form
| Subtitle | ||||||
|---|---|---|---|---|---|---|
| ||||||
|
From the
| Xref | ||
|---|---|---|
|
...
In this form that you get by the RTP main menu entry, you can set up the voice transport features. Rtpstart and Rtpend are the number of RTP ports available for the calls.
| Noteinfo |
|---|
Each call uses 4 ports, thus you can do your math on the RTP number necessary in your configuration multiplying the number of foreseen concurrent calls for 4. |
In the example shown in
you see:Xref AnchorName rtp form
...
Key is a shared numeric key to be reported on the clients configuration as well.
| Warningtip |
|---|
To avoid calls problems such as abruptly interrupted calls you make sure the obfuscation mode and key are equally set up on the server and the clients. |
2.4.5 NAT Configuration
If you are using the appliance in an internal network then it's most possible that you need to configure the NAT option. NAT stands for Network Address Translation and it's commonly used to let services on a private IP address to be reachable by a public IP address.
...
Apart from your router/firewall configuration (that we won't cover hereplease check PrivateGSM installation pre-requisites) and your network design/topology, from the PrivateServer point of view the only known thing is that the appliance is configured on a private IP address but the requests of the encrypted voice service are made to an external and public IP address. To avoid wrong replies the PrivateServer must know of this setup and be configured accordingly. Thus if you fall in the described scenario access to the "NAT Configuration" form (showed in
| Xref | ||
|---|---|---|
|
By default this option is disabled, so to enable it you first need to select "YES" in "NAT" option. If you have enabled the NAT then it's mandatory to configure the remaining options as well.
| Info | ||
|---|---|---|
| ||
The "Keep-alive Frequency" is part of a new feature that is not directly connected to the NAT setup. To better understand what a keep-alive is, please refer to PSOM 1.0 Accounts and Groups. |
External media address
This is the public IP address used for the RTP delivery. It means that this is the secured voice IP you want to use.
| Warning | ||
|---|---|---|
| ||
| Unless you need to specify for some reason a specific IP address for RTP, you'd better leave this field empty and let Asterisk do the job for you! |
External SIP address
This is the public IP address used for the SIP delivery. It means that this is the IP you want to use for SIP signalling.
...
If you want to perform a PAT (Port Address Translation) in addition to the NAT, then please use this option to explain to the appliance which port number is used on the external interface for providing the encrypted SIP service.
2.4.5.
...
1 Keep-alive Frequency
If you are using the keep-alive option (please refer to PSOM 1.0 Groups) then you may find this option handy. You can define here how many seconds should pass between each keep-alive request sent by the server to each client configured with the keep-alive option.
| Note |
|---|
Please keep in mind that the default keep-alive |
...
timeout is 60 seconds and thus it can lead to a quick battery drain since the radio system on the mobile device could never be idled. |
If any mobile user has been configured with the keep-alive option on, then we strongly suggest you to set the keep-alive Frequency to 180 seconds (i.e. 3 minutes) at least in order to save battery life.
| Tip |
|---|
| This option is the same as the qualifyfreq one in the standard Asterisk configuration. |
Navbar