Application Note. SIP Domain Management



Similar documents
Application Note Multiple SIParator Distribution

Configuration Aid To Ingate Firewall/SIParator - Using Your Own SIP Domain. Lisa Hallingström Paul Donald

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

Configuring a LAN SIParator. Lisa Hallingström Paul Donald Bogdan Musat Adnan Khalid Per Johnsson Rickard Nilsson

Application Note. Connecting Networks

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

Application Note Startup Tool - Getting Started Guide

Configuration Notes 0215

nexvortex Setup Guide

Appendix D: Configuring Firewalls and Network Address Translation

Application Notes for the Ingate SIParator with Avaya Converged Communication Server (CCS) - Issue 1.0

How to Add Domains and DNS Records

Application Note. Onsight TeamLink And Firewall Detect v6.3

TALKSWITCH VOIP NETWORK TROUBLESHOOTING GUIDE

UX5000 with CommPartners SIP Trunks

Unified Communications in RealPresence Access Director System Environments

SIP Domain/Proxy, Ring Detect Extension or/and Page Audio Extension, (The 8180 needs its own phone extension) Authentication ID, Password,

ThinkTel ITSP with Registration Setup Quick Start Guide

SIP Trunking using the EdgeMarc Network Services Gateway and the Mitel 3300 ICP IP-PBX

Cisco Unified Communications 500 Series

LifeSize Transit Deployment Guide June 2011

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

Connecting Remote Offices by Setting Up VPN Tunnels

How To Guide. SIP Trunking Configuration Using the SIP Trunk Page

nexvortex Setup Template

VoIP CONFIGURATION GUIDE FOR MULTI-LOCATION NETWORKS

Vega 100G and Vega 200G Gamma Config Guide

SIP Trunking Service Configuration Guide for Skype

How To Setup Cyberoam VPN Client to connect a Cyberoam for remote access using preshared key

How to configure WFS (Windows File Sharing ) Acceleration on SonicWALL WAN Acceleration Appliances

DNS SRV Usage June 22, 2011

SIP Trunking Service Configuration Guide for Time Warner Cable Business Class

How to Configure edgebox as an Server

Application Note Configuring the Synapse SB67070 SIP Gateway for Broadvox GO! SIP Trunking

Application Note Patton SmartNode in combination with a CheckPoint Firewall for Multimedia security

SIP Trunking Service Configuration Guide for Broadvox Fusion

nexvortex Setup Guide

Use Domain Name System and IP Version 6

LAN TCP/IP and DHCP Setup

Application Note. Onsight Connect Network Requirements v6.3

SIP Trunking Service Configuration Guide for MegaPath

THINKTEL COMMUNICATIONS DIGIUM G100/G200 PRI OVER IP SIP TRUNKING

Note: As of Feb 25, 2010 Priority Telecom has not completed FXS verification of fax capabilities. This will be updated as soon as verified.

How To - Setup Cyberoam VPN Client to connect to a Cyberoam for the remote access using preshared key

CONFIGURING TALKSWITCH FOR RUBICON SERVICE

VoIP Application Note:

SIP Trunking Service Configuration Guide for PAETEC (Broadsoft Platform)

Microsoft Lync Server Overview

VOIP NETWORK CONFIGURATION GUIDE RELEASE 6.10

1 SIP Carriers Warnings Vendor Contact Vendor Web Site : Versions Verified SIP Carrier status as of 9/11/2011

Knowledgebase Solution

1.1.3 Versions Verified SIP Carrier status as of 18 Sep 2014 : validated on CIC 4.0 SU6.

Vega 100G and Vega 200G Gamma Config Guide

Configuring Network Address Translation (NAT)

Application Notes for Configuring Intelepeer SIP Trunking with Avaya IP Office Issue 1.0

This article describes a detailed configuration example that demonstrates how to configure Cyberoam to provide the access of internal resources.

Borderware Firewall Server Version 7.1. VPN Authentication Configuration Guide. Copyright 2005 CRYPTOCard Corporation All Rights Reserved

Release the full potential of your Cisco Call Manager with Ingate Systems

IP Phone Presence Setup

BorderWare Firewall Server 7.1. Release Notes

Using the NetVanta 7100 Series

FortiVoice. Version 7.00 VoIP Configuration Guide

Skype Connect Getting Started Guide

Using DNS SRV to Provide High Availability Scenarios

Avaya IP Office 8.1 Configuration Guide

How to Configure the Toshiba Strata CIX for use with Integra Telecom SIP Solutions

Using LifeSize Systems with Microsoft Office Communications Server 2007

Key Features of Dynamic Address Objects

How To Understand The Purpose Of A Sip Aware Firewall/Alg (Sip) With An Alg (Sip) And An Algen (S Ip) (Alg) (Siph) (Network) (Ip) (Lib

THINKTEL COMMUNICATIONS TALKSWITCH VS TALKSWITCH VS THINKTEL SIP TRUNK & DID

Configuring for Integra Telecom SIP Solutions

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

SV9100 SIP Trunking Service Configuration Guide for Time Warner Cable Business Class

Enabling NAT and Routing in DGW v2.0 June 6, 2012

Fireware Essentials Exam Study Guide

NetSpective Global Proxy Configuration Guide

Using LifeSize systems with Microsoft Office Communications Server Server Setup

Interactive Intelligence CIC 2015 R4 Patch1 Configuration Guide

Personal Telepresence. Place the VidyoPortal/VidyoRouter on a public Static IP address

VPN Configuration Guide. Dell SonicWALL

How to Configure the NEC SV8100 for use with Integra Telecom SIP Solutions

Configuration Network Management Card-2

Chapter 2 Connecting the FVX538 to the Internet

VPN Configuration Guide. Linksys (Belkin) LRT214 / LRT224 Gigabit VPN Router

Application Notes for Avaya IP Office 7.0 Integration with Skype Connect R2.0 Issue 1.0

Configuring a Mediatrix 500 / 600 Enterprise SIP Trunk SBC June 28, 2011

1 SIP Carriers. 1.1 Tele Warnings Vendor Contact Versions Verified Interaction Center 2015 R2 Patch

How to configure Enterprise Cloud

TELEPHONE MAN OF AMERICA. Earning Your Business Every Step of the Way!

DEPLOYMENT GUIDE Version 1.1. DNS Traffic Management using the BIG-IP Local Traffic Manager

Ecessa Proxy VoIP Manual

Broadvox SIP Trunk Setup

AT&T IP Flex Reach/ IP Toll Free Configuration Guide IC 3.0 with Interaction SIP Proxy

Unified Communications Mobile and Remote Access via Cisco VCS

SwyxWare VoIP Zone Controller, 4-Port Audio Out Setup Guide

Time Warner ITSP Setup Guide

Configuring Sonus SBC 1000/2000. with. Rogers Business Solution (RBS) SIP Trunking Service. Application Note

Understand SIP trunk and registration in DWG gateway Version: 1.0 Dinstar Technologies Co., Ltd. Date:

Polycom Unified Communications in RealPresence Access Director System Environments

Transcription:

Application Note SIP Domain Management 28 March 2008

Table of Contents 1 WHAT IS A SIP DOMAIN?... 1 2 LOCAL SIP DOMAIN... 2 3 OTHER SIP DOMAIN... 3 4 DNS CONSIDERATIONS... 4 5 USING A PUBLIC DNS... 5 6 SPLIT DNS CONFIGURATION... 7 Tested versions: Ingate Firewall/SIParator/MEDIAtor version 4.6.2 Revision History: Revision Date Author Comments 1 2008-03-28 Scott Beer 1 st Release

1 What is a SIP Domain? A SIP Domain is the distinguished part of an abstract or physical space where SIP devices exist, where they perform communication between each other, and are valid or authorized for communication. For example, the domain of SIP activity implies there is communication between SIP devices within the domain. The SIP domain may be the same or different then the domain for Web activity. The most common types of domain names are hostnames that provide more memorable names to stand in for numeric IP addresses. They allow for any service to move to a different location in the topology of the Internet (or an intranet), which would then have a different IP address. By allowing the use of unique alphabetical addresses instead of IP addresses, domain names allow Internet users to more easily find and communicate with SIP servers, web sites and other server-based services. The flexibility of the domain name system allows multiple IP addresses to be assigned to a single domain name, or multiple domain names to be assigned to a single IP address. This means that one server may have multiple roles, or that one role can be spread among many servers. Page 1 of 7

2 Local SIP Domain As it applies to the Ingate products, the term Local SIP Domain are domains that the SIP registrar in the Firewall or SIParator should handle. Thus the Ingate is responsible for providing registration and authentication to SIP clients attempting to register with a SIP Server. These SIP clients will also send SIP Requests to the Local SIP Domain for the Ingate to process and direct using the Ingate SIP Proxy capabilities. Page 2 of 7

3 Other SIP Domain Other SIP Domains are domains not handled by the Ingate products. Upon receiving a SIP Request for another SIP domain, the Ingate determines the location (by various means) of the other domain and sends the SIP Request along. Typically, DNS Lookups are used to determine the location of the other SIP Domains. Page 3 of 7

4 DNS Considerations The Ingate Firewall needs to do DNS query for both incoming and outgoing traffic whenever it encounters a routing-participating header that contains a FQDN. This section highlights the DNS configuration items for a SIP call to get through the firewall from the SIP Servers perspective when using FQDNs with the Ingate Firewall. Please refer to the Ingate reference documentation for more detailed programming instructions. Configuration Steps: In the Basic Configuration page: 1. Assign the IP address of the DNS Server, whether a Private internal DNS Server or Public DNS Server. Page 4 of 7

5 Using a Public DNS In a scenario where the Ingate must only use a public DNS Server, the Ingate Firewall has a table/function to take care of this. This configuration assumes that all DNS servers (regardless of location) in the environment resolve domain names to the same IP addresses (e.g., this is NOT a split-dns configuration). The SIP Server is located on a NAT d network, and DNS queries for the FQDN of the SIP Server should point to the external IP address of the Ingate Firewall. The SIP Server on the LAN should be authoritative for that domain name and respond to SIP requests using that name when received. This means that the SIP Server must have a host name and a domain name. These names should be the same as the DNS name of the external WAN port of the Ingate firewall. We will use an example of the FQDN othersip.domain.com, where it publicly resolves to the external WAN IP of the Ingate. If the Ingate received a request for othersip.domain.com, it would look it up and it would resolve to itself. Therefore, there would be a loop. Instead, under the SIP Traffic > Routing tab, you can use the "DNS Override For SIP Requests" table. There, you can specify that if the Ingate gets a request for a particular domain, the Ingate will not perform a DNS Lookup, the Ingate will send the SIP Request to the IP address and port listed in the table. It is like a static DNS table. Page 5 of 7

Configuration Steps: In the Routing tab, in the DNS Override for SIP Requests, enter the following; 1. Domain Enter the full domain name that you wish to override. 2. DNS name or IP address Enter the IP Address of UC Server. 3. Port Enter 5060 4. Transport Select UDP Page 6 of 7

6 Split DNS Configuration Another method is for the enterprise site to use a "Split DNS", meaning that they can point the Ingate to an internal DNS server that can resolve domain names differently than they are on a public DNS server. This requires the least configuration on the Ingate. For this method, it is recommended that all DNS queries for FQDNs are always directed to the DNS server on the Intranet side. All FQDN local to the Intranet side must be provisioned on the DNS server on the Intranet side. For outgoing traffic, the firewall needs to perform DNS query for FQDN resolvable on the Internet side. This is also done through the DNS server on the Intranet side that is trusted to an external DNS server. Within the Rules & Relays configuration page of the Ingate Firewall, the DNS Tunneling can be configured. In the Basic Configuration tab in the Ingate Firewall configuration web page, the IP addresses of multiple DNS servers can be provisioned with each assigned a number. All servers provisioned are ordered according to the number assigned. The DNS server with the lowest number assigned is the first one to be queried. The Ingate firewall will not turn to the next DNS server in the list unless the first one is not reachable. Thus if the first DNS Server responds, but with no address for the initial query, this is deemed a successful response and the second DNS server is not queried. It is recommended that the DNS servers provisioned should reside inside the firewall. Page 7 of 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information