SARK V4.0.0 siptrunks
Contents
Introduction
You will often find it necessary to talk to downstream PBX systems or gateways; either inside your company perhaps outside if you are running an ITSP service. Here is a set-up guide for such trunks.
N.B.
- This information does NOT apply to regular SIP trunks to upstream carriers.
Registered Trunks (recommended)
Unless you have a good reason not to, you should require the downstream PBX to register with you. N.B.
- You should not run multiple trunks to the same endpoint for accounting or your call accounting will likely be incorrect
On your Upstream PBX
Create each trunk on your upstream PBX as follows
type=peer context=internal host=dynamic username=someuser secret=somesecret qualify=yes canreinvite=no insecure=port,invite disallow=all allow=alaw allow=ulaw
N.B.
- In SARK, if you are using multi-tenant support, you must also set the username and the peername (in the separate peername box) to the SAME value as the trunkname
On the Downstream PBX or gateway
Create each trunk on the downstream PBX as follows
type=peer host={ip address} qualify=yes username=someuser secret=somesecret canreinvite=no insecure=port,invite disallow=all allow=alaw allow=ulaw nat=yes
If this a SARK box then check registration=YES when creating the trunk. Otherwise, create a registration entry as follows
register => someuser:somesecret@{ip address}/someuser
Direct Connect
You can set up a "direct connect" with or without login credentials. This kind of trunk is often used in conjunction with SIP gateways or known, friendly endpoints.
N.B.
- You MUST ensure you restrict access in the SARK firewall or your perimeter firewall if you wish to run without credentials. Otherwise you will, in effect, have an open SIP proxy and anyone will be able to send calls through your PBX.
On your Upstream PBX
All that is needed is a general sip trunk with the asterisk peer set as follows (add username and secret if require authentication)
type=peer context=internal host={ip addr} qualify=yes canreinvite=no insecure=port,invite disallow=all allow=alaw allow=ulaw
On the Downstream PBX or gateway
Create each trunk on the downstream PBX as follows(add username and secret if require authentication).
type=peer host={ip addr} qualify=yes canreinvite=no insecure=port,invite disallow=all allow=alaw allow=ulaw
N.B.
- For direct connect, you will also need to set up a port forward in your firewall for 5060 and 10000-20000 UDP. For this reason it is recommended that you use registration wherever possible because it does not normally require any port forwarding.