Use the specific configuration guide below as an example to configure an SV8100 or SL11100/SL1000
PBX for connection to the service described above via SIP trunks.

nec_sl1100_and_sv8100_sip_trunk_configuration_guide.pdf
 

What is VoIP Phone Provisioning?

Most phones that are SIP compatible can work to some level with our system. However, if a phone cannot be provisioned with our service then we can only assist in a limited role in their configuration for any deployment and cannot accept any liability for any problems arising from their use. We take no responsibility for externally sourced hardware via third-party suppliers and cannot guarantee successful deployment and continued usage with the VoiceHost platform.

Provisioning is a FREE service for all SIP phones purchased from our VoIP store: https://store.voicehost.co.uk

How to auto-provision to the platform: 
To auto-provision a device onto the VoiceHost Hosted PBX simply login to your account and select 'provisioning' from the menu and follow the simple instructions.

Auto-provisionable phones purchased from the VoiceHost VoIP Store already have this information pre-populated.

VoiceHost can Auto-Provision the following handsets:

VoiceHost pre-configuration available (Recommended):

1. All Gigaset desk phones excluding the Maxwell
2. Gigaset IP DECT Bases
3. Gigaset N720IP multi-cell DECT
4. Zoiper Softphone for Windows PC, Macintosh OSX, iOS, Android.

Phones that are Manually configurable but cannot be provisioned (Not recommended):

1. Snom m3
2. Aastra 67xxi and 5xi (needs latest firmware to operate correctly and fix an IP address limitation bug within the web configuration)
3. Mitel 5330
4. Any other SIP compatible device or Softphone
5. Counterpath X-Lite or Counterpath Bria
6. Media5 fone
7. Eyebeam (end-of-life)

Other Devices (Non-Standard Phones):

1. ProTalk - Door Entry SIP devices (needs IP address of registrar/proxy to operate correctly) - (Door Entry/Access Control)
2. Paxton Access Net2Entry (IPv6 and IPv4 SIP stack as stand-alone or as a Paxton Net2 system) (Door Entry/Access Control)
3. 2n Helios Modular Door Entry SIP devices (Door Entry/Access Control)
4. Algo (SIP Alerter/Strobe)

CISCO & LINKSYS SPA PROVISIONING

This URL goes in the web configuration of the phone (menu button -> option 9 -> current IP will give you the current IP address of the phone, pop this into a web browser's address bar to load the web configuration of the phone).

Navigate to Admin Login -> Advanced -> Provisioning tab and locate the section called "Profile Rule".

Remove any existing entries in this text box, and input the URL above, if you copy and paste it be careful not to have any trailing spaces.

Above the Profile Rule section, there are Resync Delay values and a Resync Periodic value, change these to 1 second (our script will re-write these with correct values), click Submit All Changes, and the phone will restart. Changing the values makes the phone immediately talk to our provisioning service, rather than waiting for 10-20 minutes, to fetch the settings.

The phone should then communicate immediately with our provisioning service, it may go through a series of firmware updates, when completed it should be ready for use.

SNOM PROVISIONING

Navigate via the phone HTTP login to Advanced -> Update -> Setting URL in the web configuration:

Set "Subscribe Config" to "yes", save and reboot the phone, this should then communicate immediately with our provisioning service to take the settings required.

Note: this only works on version 7 firmware or later, previous versions must have their firmware upgraded to minimum version 7.3.30

YEALINK PROVISIONING

On the Phone: Press OK, make a note of the IP address of the phone.

From a Computer connected to the same network: Open an internet Browser Put the IP address into the address bar. It will now ask for you phones username and password, enter it here. On the main menu click Upgrade. Now click Advanced. Copy the URL into Provisioning Server; Now click confirm.

Note: only works on major version 70 or later, previous versions must have their firmware upgraded to minimum version 70.23.6

PANASONIC PROVISIONING

Note: basic support only, i.e. seat details and SIP settings for connectivity

GRANDSTREAM PROVISIONING

Note: basic support only, i.e. seat details and SIP settings for connectivity

POLYCOM PROVISIONING

Note: basic support only, i.e. seat details and SIP settings for connectivity

GIGASET PROVISIONING

Note: basic support only, i.e. seat details and SIP settings for connectivity

FANVIL PROVISIONING

Note: basic support only, i.e. seat details and SIP settings for connectivity

WHAT IS NUMBER PRESENTATION | SPOOFING?

A presentation number is a number nominated or provided by the caller that can identify that caller or be used to make a return or subsequent call. In the UK the industry has recognised a number of scenarios where presentation numbers may be provided, as a commercial service, to meet differing customer calling requirements. The purpose of this guide is to describe the various types of presentation number service that have been developed to meet these end-user requirements and the conditions that are to be observed for their use.

Unlike a network number, a presentation number will not necessarily identify a caller's point of ingress to a public network. However, it may well carry more useful information.

NUMBER PRESENTATION REQUIREMENTS

The requirements of a presentation number on the VoiceHost network are that:

(i) It must either be
                (a) a dial-able number, or
                (b) a number that has been received from the public network and passed on unchanged

(ii) It will have been allocated either to the caller or if allocated to a third party, only used with the third party's explicit permission

(iii) it must not be a number that connects to a Premium Rate Service prefixed 09 or 070, or to a revenue sharing number that generates an excessive or unexpected call charge (NB the exploitation of a Presentation Number to generate revenue sharing calls may constitute persistent misuse of an Electronic Communications Network or Electronic Communications Service).

(iv) It is supported by an underlying network number.

PROTECTING VOICEHOST CUSTOMERS

We will not allow calls into our network to present excessive revenue generating types 09 and 070. These Inbound calls will be marked as number 'withheld'. 

BENEFITS OF CLI MANIPULATION

Number presentation manipulation of the Calling Line Identifier (CLI) can be beneficial in order to:

1. Centralised and controlled callbacks to improve telephony capability and efficiency
2. Protect the privacy of private extensions or mobiles (Pertinent for DISA / Dial-Through)
3. Give a valid return route should the caller not have a DDI
4. Allow for updated inward routing whilst telephone number porting is in progress.
5. Improved perception by giving a local or national geographic image of presence.

TYPES OF NUMBER PRESENTATION

• Type 1 - A presentation number generated by the subscriber's network provider. The number is stored in the network and applied to an outgoing call at the local exchange by the provider. Because the number is applied by network equipment there is no need for it to be verified each time a call is made – instead, the level of authenticity will depend on the checks made by a network provider that a subscriber is entitled to use a particular presentation number.
• Type 2 - A presentation number which identifies a caller's extension number behind a DDI switchboard. Although the number or a partial number is generated by the user's own equipment, the network provider is able to check that it falls within the range and length allocated to a particular subscriber. In this way, the authenticity of the number may be ensured. It should be noted that some network providers classify type 2 presentation numbers as network numbers (especially where the full number is constituted at the local exchange). This type of number is considered to carry sufficient authenticity to be classified as a network number and is carried as such by some networks.
• Type 3 - A presentation number limited to the far-end breakout scenario where a call's ingress to the public network may be geographically remote from where it was originated. The number is generated by the user's equipment and is not capable of being subjected to network verification procedures. Verification is based on a contract between the subscriber and the network provider in which the subscriber gives an undertaking that only authentic calling party numbers will be generated.
• Type 4 - A presentation number available for the onward transmission of the originating number where a call breaks into a private network and breaks out again before termination, as in a DISA scenario. On the break outbound leg, the number is generated by the user's equipment although it will have already been verified in consequence of having been delivered to the private network. To maintain the verification it is necessary to ensure that the number submitted by the private network is the number that was received. Network providers wishing to offer a type 4 service will require a contractual commitment from customers that they will only submit CLIs that have been received from the public network. Unlike other types of presentation numbers, type 4 numbers may not always be dial-able; this will depend on the nature of the number received from the public network.
• Type 5 - Presentation numbers that identify separate groups of callers behind a private network switch wishing to send different outgoing CLIs. A typical scenario is a call centre making calls on behalf of more than one client. Type 5 presentation numbers are generated by the user's equipment. Subscribers will need to enter into a similar contractual commitment with their network providers as for type 1 presentation numbers - which they are entitled to use the numbers they have selected.

SPOOFING APPLICATION PROCESS

A signed declaration by a person with subscription authority for the CLI to be presented must be received by VoiceHost prior to presenting the number over the VoiceHost network.

How to configure Draytek 27xx and 28xx series routers for VoIP

This config guide applies to following routers:

1. Draytek Vigor 2820
2. Draytek Vigor 2830

Settings to change:

1. Disable SIP ALG
2. Allow traffic to/from VoiceHost
3. Update Firmware to latest version
4. Untick "Accept large fragmented UDP packets" under the firewall configuration

SIP ALG
Issues such as one way audio, lack of incoming calls, registration issues and etc. can be due to SIP ALG

To disable SIP ALG you have to telnet into the router and enter the following commands.

 1. > sys sip_alg 0 -- Disables sip alg
 2. > sys commit -- Apply changes
 3. > sys reboot -- Reboot router

Once the router is back online, reboot the IP phone or press re-register.

Incoming Call Problems

This is caused by a large IP SIP packet that is fragmented, but the router will not forward it. I understand that the new version will work if the checkbox under firewall -> general setup -> Accept large incoming fragmented UDP or ICMP packets is UNTICKED. This is the opposite to what you would expect.

Paxton Access Net2Entry SIP Intercom Panel Configuration

Once the hardware and configuration utility is installed you should allocate an extension your VoiceHost control panel.

Enter the details for the extension into the SIP tab within the Paxton Access Net2Entry configuration utility.

VoIP calls can be instigated from the Intercom panel and once answered simply press '1' to release the door as per the Net2 settings.

Video codec negotiation is not optional nor transcode and should is forced to H.264 on all other endpoints on the VoiceHost Network.

You will be able to do the following which does have limitations:

1. Release the Net2 door ACU from any handset or softphone on the VoiceHost network. NOTE: You will not be able to release/open the door off-network (i.e mobile NTS) as DTMF is not carried are per RFC2833 'out-of-band'
2. Instigating a call directly to the panel will not work as the SIP stack does not register at custom intervals
3. The far-end will experience echo as the SIP stack doesn't allow the settings to be changed.

Enable SIP in the Net2Entry Configuration Utility

Load the Paxton Access Net2 Entry Configuration Utility and select the site you wish to enable SIP for. Navigate to the SIP Account tab and enter the VoiceHost SIP details as shown below.

You should now be able to make calls to your VoiceHost extension(s) via the Paxton Net2 Entry Intercom Panel

1. Download Zoiper Here
2. The only option required from this screen to make the softphone work is the Accounts button. All the other options are personal to your own requirements from the phone and will rarely be needed to get Zoiper working with your VoIP account.
3. After selecting Accounts you then need to add an account by tapping the + symbol highlighted above, then choose SIP account and enter your extension credentials:
   • Account name: This can be set as you wish and is merely for reference. If you’re configuring multiple accounts then it makes sense to set this to something relevant.
   • Domain: As per your VoiceHost control panel.
   • User name: As per your VoiceHost control panel.
   • Password: This is the password relevant to your ext/seat
   • Network Settings: In this option is another setting titled Refresh which should be set to 60.
4. With all the above done, come out of the Network Settings screen so your back at the SIP Account screen, scroll to the top and tap Register.
5. Your Zoiper softphone should now be registered.

Configuration instructions for Android and iOS

A browser extension which converts telephone numbers into clickable links to call using the VoiceHost desktop softphone application

How does it work?

This extension recognizes phone numbers on web pages and converts them into clickable links.

This is done by passing the phone number to the configured system protocol handler and from there to the application which registered this protocol handler. Just like an URL starting with “http”, a link can also start with other protocol specifiers, e.g. “tel”, “sip” or “callto”.

Phone numbers on a web page recognized by the extension and highlighted with an optional icon. When you click on a number. By clicking on this menu item the phone number is passed to the dial-pad of the desktop application “as is”.

Download the Extension for your browser:

How to configure pfSense firewall for VoIP

pfSense is a free and open source firewall and router that also features unified threat management, load balancing, multi WAN, and more.

Configure Ports

Configure your SIP and RTP ports. SIP port is the default 5060 and RTP is between 10000 and 65335.

Configure the WAN IP Address

Asterisk Example - Also be sure to specify "externip" or "externhost" in sip.conf. externhost configured to a dyndns.org account that resolves to my WAN ip address.

Configure NAT

Asterisk Example - Make sure you have "nat=yes" and "canreinvite=yes" in sip.conf

Configure your local network

Make sure you have localnet setup to correspond with your local network in sip.conf. You can use the RFC1918 method or CIDR method.

localnet=192.168.1.0/24

Configure your SIP context

In your SIP provider's context in sip.conf, make sure you have "outboundproxy=192.168.1.1", replacing 192.168.1.1 with whatever your pfSense running siproxd ip address is.

[sipconvergence]
type=peer
user=phone
host=SEE VOICEHOST CONTROL PANEL FOR DETAILS
outboundproxy=192.168.1.1
fromdomain=SEE VOICEHOST CONTROL PANEL FOR DETAILS
fromuser=<censored>
secret=<censored>
username=<censored>
insecure=very
context=ivr
authname=<censored>
canreinvite=yes

Please note that if you don't use a PBX like Aterisk and use a softphone to connect, you will use your pfSense ip address for the proxy instead of sip.sipconvergence.co.uk

Configure pfSense firewall/nat rules

RTP

Add a NAT rule for RTP. This is essential or you will have no audio or one way audio in your calls. Also change the NAT IP to whatever your Asterisk server is and change the description to something that makes sense for you.

Interface: WAN
Protocol: UDP
External port range: From: 10000
External port range: To: 65335
NAT IP: 192.168.1.50
Local Port: 10000
Description: Hosted PBX - RTP
Enable Auto-add a firewall rule to permit traffic through this NAT rule

SIP

Add a NAT rule for SIP. This is essential or you won't be able to receive calls and you may have trouble registering with your SIP provider. Also change the NAT IP to whatever your Asterisk server is and change the description to something that makes sense for you.

Interface: WAN
Protocol: UDP
External port range: From: 5060
External port range: To: 5060
NAT IP: 192.168.1.50
Local Port: 6000
Description: Hosted PBX - SIP
Enable Auto-add a firewall rule to permit traffic through this NAT rule

The SIP Proxy siproxd

Install siproxd

Go to the pfSense web UI and going to System -> Packages. Hit the "+" button to the right of siproxd and let pfSense install the SIP proxy.

Configure siproxd

Go back to the main pfSense web UI page then go to Services -> siproxd. It may be under Services -> SIP Proxy as well. siproxd configured, be sure to change your "Outbound Proxy Hostname" to the hostname or IP (IP in my case) to your sip provider. Options not specified, leave blank or default.

Inbound Interface: LAN
Outbound Interface: WAN
Enable RTP Proxy: Enable
RTP Port Range (lower): 7070
RTP Port Range (upper): 7080
Outbound Proxy Hostname: xx.xx.xx.xx

Summary

Basically when you make a call your asterisk box will talk to the SIP proxy, the SIP proxy will then talk to your VoIP provider. When you receive a call your VoIP provider will talk directly with your asterisk box (this is important for setting "externip" or "externhost" in sip.conf).

QoS (Traffic Shaping) Traffic shaping can be enabled to allow n simultaneous 64kbps calls to happen and guarantee bandwidth. Please refer to http://doc.pfsense.org/index.php/Traffic_Shaping_Guide for traffic shaping help.

Outbound calls error with "all circuits busy" or "congestion":

This is the default configuration of Asterisk regardless of the actual error generated (which is infuriating when you are trying to diagnose the real problem) unless PBX is updated to send back the real error rather than the changed error. This error most commonly occurs when the call is not authenticating properly, at which point check the above in the SIP trunk configuration (If Asterisk, swap username= for defaultuser= to see if this solves the issue. Just because a trunk is showing as registered does not mean it will authenticate correctly.

Outbound calls fail with SIP error 488 (Not Accepted Here) or I-SUP errors 58 (bearer capability not available) or 88 (incompatible destination):

Check the codecs allowed in the SIP trunk configuration above, VoiceHost only supports: alaw, ulaw, gsm
If a codec is defined in Asterisk that is not one of the above, or is offering a differing sample rate or interval rate (e.g. 8000/20i - 8000Hz at 20ms) cannot interwork with 16000/30i - 16000Hz at 30ms) the call will fail and the codecs in the SIP trunk configuration need to be aligned to use one of the above codecs.

Inbound calls fail with SIP error 408 (Request Timeout):

Check the inbound number is mapped in the system correctly, if necessary the SIP trunk on the portal can be configured to strip the plus, e.g. if Asterisk is configured to use plus somewhere else. Check the trunk is registered. Ascertain how long the 408 error took to come back if it was immediate the trunk is usually unregistered if it took a few seconds the number is usually not mapped correctly.

Calls fail with SIP error 503, I-SUP errors 34 or 38:

If our platform replies back with 503 it usually means the gateway trying to process the call can't due to "issues", or the customer has hit their Calls-Per-Second (CPS) limit and is sending too many calls at once. Sometimes the error is passed back from IP Exchange through VoiceHost to the customer's system, at which point the call will usually hunt to another route to try and place the call.