Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    BT SIP Trunk Port configuration

    NAT
    1
    1
    1417
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      johnbairner last edited by

      If anyone can help with the following setup.
      We are in the process of having a BT Sip Trunk /BTnet service installed at our business and BT have asked to have the floowing configuration setup on our Firewall I am new to Pfsense so a step by step guide would be very appreciated.
      Thank you in advance
      John.

      1 Overview
      This document describes the requirements of your local area network (LAN) infrastructure to
      support your BT SIP Service over BTnet.
      Your SIP Trunk service provided by BT enables you to make and receive calls via your PBX
      utilising your BTnet Internet access service thus providing a consolidated voice and data service.
      It is important that the BT SIP Trunk service has connectivity across your internal data network so
      that your PBX can communicate with our network platform to ensure consistent quality.
      2 Firewalls
      There is a wide range of firewalls available from a variety of manufacturers and as a result there
      is no single method of configuration to achieve support of a given application. The information in
      this document states the requirements of the BT SIP Trunk service however you will need to
      determine the most appropriate method of configuration in-conjunction with your IT/Firewall
      provider or maintainer.
      The SIP service is established as an outbound session established during registration and
      therefore in some instances you may find that the service will be available without the need for
      any additional configuration. If however you are experiencing connectivity issues then changes
      may need to be implemented on your firewall to ensure that BT’s SIP service can be accessed
      from your network.
      Issued by: BT Business Date 14.02.2012
      Issue: v1.3 4
      3 Recommendations
      It is recommended that your firewall maintainer is consulted before any changes are made to
      ensure that there is no potential breach to your network security or any changes invoked which
      may contravene any local IT policies.
      Network Routing
      The BT SIP Trunk / BTnet service has the following requirements:
      If address translation is required then SIP will only work with NAT and not PAT
      The PBX will need to appear on the outside of the firewall with a RIPE IP address
      Your PBX requires access to the BT SIP platform on IP address 85.119.63.4 using port
      numbers 5060 to 5070.
      SIP ALG must be disabled
      IMPORTANT NOTE:
      If your router and/or firewall is “SIP Aware” / has a SIP ALG enabled, then this functionality must
      be turned OFF so that the device does not interfere with any signalling.
      Not all firewall configurations need ports to be opened. If your firewall is running inside to outside
      rules then ports should be opened to allow access to the BT SIP service. There should be no
      reason to open ports inbound on the firewall.
      Prioritisation
      In order to achieve consistent voice quality the BTnet service prioritises your SIP signalling and
      VoIP traffic over other traffic. In order to ensure end to end voice quality is maintained your LAN
      should also prioritise this traffic.
      BT’s SIP Platform has an IP address of 85.119.63.4. This address should be used to build the
      policies to support prioritisation i.e. traffic to and from this address should be prioritised over other
      competing traffic in your LAN infrastructure.
      In particular:
      1. The incoming and outgoing BT SIP and VoIP (RTP) traffic should be prioritised over
      other traffic though the firewall.
      2. If the SIP signalling and VoIP traffic traverses your LAN (e.g. between IP phones and
      PBX or between the PBX and the firewall) and competes with other traffic then it will
      need to be prioritised over that other traffic.
      Important Note: The SIP and VoIP (RTP) packets are not re-marked in terms of CoS, ToS,
      DSCP or any other Quality of Service markings. Any received DSCP markings should be
      regarded as un-trusted and not used for QoS.
      Issued by: BT Business Date 14.02.2012
      Issue: v1.3 5
      4 Ports
      This section identifies all the required TCP/UDP ports for correct operation.
      Device Protocol Outbound Destination Destination Port
      IP PBX / SIP
      Trunking Gateway
      SIP 85.119.63.4 UDP/TCP 5060 to
      5070
      IP PBX / SIP
      Trunking Gateway
      RTP 85.119.63.4 UDP 16384 to 32766
      5 Warning & Disclaimer
      Your BT SIP Trunks service together with a correctly dimensioned BTnet access service has
      been designed to appropriately support a quality voice service alongside the use of data. In
      order to maintain the quality it is essential that the internal network components suitably support
      the service for delivery of your voice calls. If this is not implemented correctly then this may
      result in a degraded service. If faults are reported to BT which are found to be caused by
      customer equipment (i.e. equipment which that is not part of BT’s network and which is owned or
      controlled by the customer) then BT may apply a charge.
      The information in this document is provided for general guidance only. It is recommended that
      your firewall maintainer, switch maintainer or IT consultant is consulted on all matters relating to
      your communications network including, but not limited to, PBX configuration, LAN and firewall
      configuration. This is particularly important in connection with any issues which may impact on
      your network security or local IT policies.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post