Howto:MyApps Cloud - Connecting 3rd-party SIP devices (general considerations): Difference between revisions
No edit summary |
No edit summary |
||
Line 8: | Line 8: | ||
==Disclaimer== | ==Disclaimer== | ||
This article is presenting a summary of our experience, connecting 3rd-party devices to the myApps Cloud | This article is presenting a summary of our experience, connecting 3rd-party devices to the myApps Cloud Platform. As innovaphone is not able to track all changes in functionality or firmware of 3rd-party SIP devices, this document is meant to be an orientation to our certified partners. In any case, we recommended to our partners to verify the functionality of a 3rd-party product. As such innovaphone is not liable for any malfunction of, or caused through a 3rd-party product, even if the respective product is listed in this article. | ||
==Requirements to 3-rd party SIP devices, when connecting to the myApps Cloud == | ==Requirements to 3-rd party SIP devices, when connecting to the myApps Cloud == | ||
By default, the myApps Cloud service relies on the ICE protocol to establish peer-to-peer media communication between connected 3rd-party SIP devices. Thus, the connecting SIP device has | # By default, the myApps Cloud service relies on the '''ICE protocol''' to establish peer-to-peer media communication between connected 3rd-party SIP devices. Thus, the connecting SIP device has to support STUN, TURN and the ICE mechanism. | ||
* In case ICE | #* In case ICE and TURN are not supported by the SIP device, the absolute minimum requirement is '''STUN support''' (in such case, the respective PBX User Object has to enable Media-Relay). In this scenario the media stream is always routed through the PBX (instead of peer-to-peer routing, when using the default ICE mechanism as described above).<br /><br /> | ||
To | # The innovaphone PBX uses the standardized '''SIP Digest Access Authentication''' to verify the credentials of any connected 3rd-party SIP device. | ||
* Yealink | #* If the selected 3rd-party device does not support this protocol, the Digest Authentication Reply Check can be disabled on the customer PBX, for all incoming SIP connections, with the following commands: | ||
#** At the advanced PBX user interface > Maintenance > Diagnostics > Command | |||
#** !config change TSIP /disable-digest-replay-check /log on | |||
#** !config change SIPS /disable-digest-replay-check /log on | |||
#** !config write | |||
#** !config activate<br /><br /> | |||
# To ensure secure data connections, the myApps Cloud relies by default '''TLS''' encryption (e.g. SIPS or SIP/TLS). Thus, we recommend to select a 3rd-party SIP device supporting TLS. For this reason, the myApps Cloud platform already includes the root certificates of the following 3-rd party manufacturers: | |||
#* Yealink | |||
#* (this list will be enhanced, step-by-step) | |||
Line 25: | Line 33: | ||
== 3-rd party SIP devices without STUN support == | ==Workaround: 3-rd party SIP devices without STUN support == | ||
If a 3rd-party SIP device (e.g. doorphone) does not meet the above defined minimum requirements, an additional local gateway (edge component) on the customers premises is needed, to connect the device to the myApps Cloud platform. | If a 3rd-party SIP device (e.g. doorphone) does not meet the above defined minimum requirements, an additional local gateway (edge component) on the customers premises is needed, to connect the device to the myApps Cloud platform. | ||
[[Image:3rd-party-SIP-device.png]] |
Revision as of 16:47, 3 March 2021
Applies To
This information applies to
- myApps Cloud v13
- General considerations on 3rd-party SIP devices
Disclaimer
This article is presenting a summary of our experience, connecting 3rd-party devices to the myApps Cloud Platform. As innovaphone is not able to track all changes in functionality or firmware of 3rd-party SIP devices, this document is meant to be an orientation to our certified partners. In any case, we recommended to our partners to verify the functionality of a 3rd-party product. As such innovaphone is not liable for any malfunction of, or caused through a 3rd-party product, even if the respective product is listed in this article.
Requirements to 3-rd party SIP devices, when connecting to the myApps Cloud
- By default, the myApps Cloud service relies on the ICE protocol to establish peer-to-peer media communication between connected 3rd-party SIP devices. Thus, the connecting SIP device has to support STUN, TURN and the ICE mechanism.
- In case ICE and TURN are not supported by the SIP device, the absolute minimum requirement is STUN support (in such case, the respective PBX User Object has to enable Media-Relay). In this scenario the media stream is always routed through the PBX (instead of peer-to-peer routing, when using the default ICE mechanism as described above).
- In case ICE and TURN are not supported by the SIP device, the absolute minimum requirement is STUN support (in such case, the respective PBX User Object has to enable Media-Relay). In this scenario the media stream is always routed through the PBX (instead of peer-to-peer routing, when using the default ICE mechanism as described above).
- The innovaphone PBX uses the standardized SIP Digest Access Authentication to verify the credentials of any connected 3rd-party SIP device.
- If the selected 3rd-party device does not support this protocol, the Digest Authentication Reply Check can be disabled on the customer PBX, for all incoming SIP connections, with the following commands:
- At the advanced PBX user interface > Maintenance > Diagnostics > Command
- !config change TSIP /disable-digest-replay-check /log on
- !config change SIPS /disable-digest-replay-check /log on
- !config write
- !config activate
- If the selected 3rd-party device does not support this protocol, the Digest Authentication Reply Check can be disabled on the customer PBX, for all incoming SIP connections, with the following commands:
- To ensure secure data connections, the myApps Cloud relies by default TLS encryption (e.g. SIPS or SIP/TLS). Thus, we recommend to select a 3rd-party SIP device supporting TLS. For this reason, the myApps Cloud platform already includes the root certificates of the following 3-rd party manufacturers:
- Yealink
- (this list will be enhanced, step-by-step)
Howto articles, for selected 3-rd party SIP devices
For the following 3-rd party devices, a specific description is available, describing details of the respective configuration:
Workaround: 3-rd party SIP devices without STUN support
If a 3rd-party SIP device (e.g. doorphone) does not meet the above defined minimum requirements, an additional local gateway (edge component) on the customers premises is needed, to connect the device to the myApps Cloud platform.