TELES VoIPBox BRI Reference Manual

VoIPBox BRI

Reference manual

Software version 18.0

VoIPBox BRI

Reference manual

TELES AG | HEADQUARTERS

Ernst-Reuter-Platz 8
10587 Berlin
GERMANY
Phone +49 30 399 28-066
Fax +49 30 399 28-051
E-mail sales@teles.com

http www.teles.com

Software version: 18.0 Revised: January 29, 2015Document version: 002

© Copyright 2015 TELES AG Informationstechnologien. All rights reserved.

®

, IntraSTAR®, Intra*®, CELLX®, and iSWITCH® are registered trademarks of TELES AG Informationstechno-

TELES
logien. All other trademarks used are the property of their respective owners.
The supplied hardware/software systems are protected by copyright and can be used solely by their lawful
owners.
All text and figures in this publication have been compiled with great attention to detail. Nonetheless, in­accuracies and typographical errors cannot be entirely avoided. TELES AG Informationstechnologien provides
this document 'as is' without warranty of any kind, expressed or implied. TELES AG Informationstechnologien
reserves the right to make changes in product design or specifications without notice.

Table of contents

Table of contents ......................................................................... 3

Preface ......................................................................................... 12

Organization............................................................................... 14

1 Safety and security precautions ...............................................16

1.1 Safety Measures.............................................................................17

1.2 Power Supply..................................................................................18

1.2.1 Technical Data ................................................................................18

1.2.2 Symbols...........................................................................................18

1.2.3 Instructions for Use .......................................................................19

1.2.4 Safety Precautions .........................................................................19

1.3 Jacks .................................................................................................20

1.4 EMC Protection...............................................................................20

1.5 System Security ..............................................................................20

1.5.1 Servicing the VoIPBox ....................................................................21

1.5.2 Protecting the Operating System.................................................22

1.6 CDR Files..........................................................................................23

1.7 Network Security............................................................................24

2 Overview ...................................................................................... 27

2.1 Features...........................................................................................28

2.2 Implementation scenarios ............................................................30

TELES Product Version 18.0.002 Page 3

Table of contents

3 VoIPBox installation ................................................................... 32

3.1 Checklist ..........................................................................................33

3.2 Package Contents...........................................................................33

3.3 VoIPBox Hardware Description....................................................34

3.4 Installation Requirements.............................................................34

3.4.1 ISDN Wiring.....................................................................................35

3.4.2 Ethernet Wiring ..............................................................................35

3.5 Preparing for Installation ..............................................................36

3.6 Hardware Connection ...................................................................36

3.7 LED Functionality............................................................................37

3.8 Startup with Quickstart .................................................................37

3.8.1 Installing Quickstart .......................................................................38

3.8.2 Configuration with Quickstart ......................................................38

3.9 Startup via FTP................................................................................41

3.10 Self Provisioning with NMS ...........................................................42

3.11 Remote Access and Access Security ............................................42

3.11.1 GATE Manager................................................................................43

3.11.2 Graphical User Interface ...............................................................44

3.11.3 FTP....................................................................................................46

3.11.4 Setting a Password for Remote Access .......................................47

TELES Product Version 18.0.002 Page 4

Table of contents

4 Configuration files ...................................................................... 49

4.1 Configuration File ip.cfg.................................................................51

4.1.1 System Section Configuration ......................................................52

4.1.2 Ethernet Interface Configuration .................................................53

4.1.3 GUI Settings ....................................................................................53

4.1.4 Bridge Configuration .....................................................................54

4.1.5 NAT Configuration..........................................................................55

4.1.6 PPPoE Configuration......................................................................56

4.1.7 Firewall Settings .............................................................................58

4.1.8 Bandwidth Control.........................................................................60

4.1.9 DHCP Server Settings.....................................................................62

4.1.10 DNSmasq settings..........................................................................64

4.1.11 PPP Configuration for Dial-Up Connection .................................65

4.1.12 VLAN Configuration .......................................................................67

4.1.13 Examples.........................................................................................67

4.1.13.1 Default configuration.....................................................................67

4.1.13.2 Active ethernet bridge ...................................................................68

4.1.13.3 Integrated DSL-Router Scenario for VoIP....................................68

4.1.13.4 VLAN Scenario ................................................................................70

4.2 Configuration File pabx.cfg ...........................................................70

4.2.1 System Settings ..............................................................................70

4.2.1.1 Bypass Relay ...................................................................................71

4.2.1.2 Log Files...........................................................................................71

4.2.1.3 Night Configuration .......................................................................73

4.2.1.4 Controllers ......................................................................................75

4.2.1.5 Subscribers .....................................................................................77

4.2.1.6 Global Settings................................................................................78

4.2.2 SMTP-Client Configuration............................................................82

TELES Product Version 18.0.002 Page 5

Table of contents

4.2.3 SNMP Settings ................................................................................84

4.2.4 Time-Controlled Configuration Settings......................................85

4.3 Configuration File route.cfg ..........................................................85

4.3.1 Entries in the Sections [System] and [Night<num>] ..................85

4.3.1.1 Restrict.............................................................................................85

4.3.1.2 MapAll..............................................................................................88

4.3.1.3 Redirect ...........................................................................................90

4.3.2 VoIP Profiles....................................................................................92

4.3.3 Gatekeeper Profiles .......................................................................96

4.3.4 Registrar Profiles............................................................................97

4.3.5 Radius Profiles................................................................................99

5 Routing examples ..................................................................... 101

5.1 VoIPBox as a second-generation LCR........................................102

5.2 VoIPBox in an H.323 network.....................................................104

5.3 Work@Home scenario with signaling through a SIP proxy ....106

5.4 ISDN dial-up for terminating VoIP calls .....................................108

5.5 Backbone router using a backup gatekeeper...........................110

5.6 Backbone router with direct endpoint signaling (H.323) ........112

5.7 IntraSTAR.......................................................................................114

5.8 Backbone router with RADIUS management ...........................116

5.9 VoIP backup and automatic reactivation ..................................117

TELES Product Version 18.0.002 Page 6

Table of contents

6 System maintenance and software update ..........................119

6.1 Configuration errors ....................................................................120

6.2 Status and error messages.........................................................120

6.3 Software update...........................................................................126

6.4 SNMP agent ..................................................................................128

6.5 DNS forwarder..............................................................................131

6.6 ipupdate - DynDNS client............................................................132

6.7 Trace ..............................................................................................134

6.7.1 ISDN trace output.........................................................................138

6.7.2 Call forwarding to SIP trace output............................................139

6.7.3 VoIP trace output .........................................................................140

6.7.3.1 Interface IP network.....................................................................141

6.7.3.2 RTP/RTCP output..........................................................................145

6.7.3.3 Internal protocol interface (to ISDN, POTS, mobile) ................152

6.7.3.4 H.245 messages ...........................................................................154

6.7.3.5 RAS (Registration, Admission, Status)........................................158

6.7.3.6 ENUM output................................................................................163

6.7.3.7 Examples .......................................................................................163

6.7.4 Remote output .............................................................................167

6.7.5 SMTP trace output .......................................................................168

6.7.6 Number portability trace output................................................172

6.7.7 DTMF tone trace output ..............................................................173

7 Signaling and routing features ...............................................175

7.1 IntraSTAR.......................................................................................176

TELES Product Version 18.0.002 Page 7

Table of contents

7.2 Digit collection (enblock/overlap receiving)..............................177

7.3 Rejecting data calls and specified numbers..............................178

7.3.1 Blacklist routing............................................................................178

7.3.2 Whitelist routing...........................................................................179

7.3.3 Rejecting calls with ISDN bearer capability data ......................180

7.3.4 Specific routing of data calls via VoIP ........................................180

7.4 CLIP and CLIR................................................................................181

7.4.1 Routing CLIP and CLIR calls.........................................................181

7.4.2 Setting CLIR...................................................................................182

7.4.3 Setting CLIP...................................................................................183

7.5 Conversion of call numbers........................................................183

7.6 Overwriting OAD ..........................................................................184

7.7 Setting number type in OAD/DAD..............................................185

7.8 Setting the screening indicator...................................................187

7.9 Setting a default OAD ..................................................................189

7.10 Setting sending complete byte in setup....................................190

7.11 OAD screening..............................................................................191

7.12 Miscellaneous routing methods.................................................193

7.12.1 Routing calls without a destination number.............................193

7.12.2 Routing calls based on existence of destination number.......194

7.12.3 Changing cause values ................................................................195

TELES Product Version 18.0.002 Page 8

Table of contents

7.13 Call forwarding translation: ISDN to SIP....................................199

7.14 Call forking ....................................................................................200

8 Least cost routing .....................................................................203

8.1 Carrier selection ...........................................................................205

8.1.1 Routing entries.............................................................................205

8.2 Alternative routing settings ........................................................206

8.3 Charge models .............................................................................207

8.4 Generating charges with the VoIPBox.......................................210

9 Online traffic monitor .............................................................. 214

9.1 Calculating and resetting statistic values and counters..........215

9.1.1 Calculation and resetting of statistic values .............................215

9.1.2 Additional resetting of counters A-F..........................................217

9.1.3 Resetting statistic counters.........................................................218

9.2 Generating and retrieving CDRs.................................................218

9.2.1 Call log ...........................................................................................219

9.2.2 Missed calls list.............................................................................222

9.3 Sending CDRs via e-mail..............................................................224

10 Two stage dialing/callback server functionality ................... 226

10.1 Activating DTMF tone recognition..............................................228

10.2 Announcements...........................................................................228

TELES Product Version 18.0.002 Page 9

Table of contents

10.3 Two stage dialing with DTMF......................................................230

10.4 Callback with DTMF and preconfigured callback number ......234

10.5 Callback to OAD with predefined destination number ...........235

10.6 Callback with PIN and preconfigured callback number ..........236

11 Additional VoIP parameters ....................................................238

11.1 Signaling parameters ..................................................................239

11.2 Location server parameters........................................................248

11.3 Routing parameters.....................................................................249

11.4 Quality parameters ......................................................................250

11.5 Compression parameters ...........................................................255

11.6 Fax/modem parameters .............................................................256

11.7 DTMF parameters ........................................................................258

11.8 Call forwarding parameters........................................................259

12 Troubleshooting........................................................................ 261

12.1 No connection to the system......................................................262

12.1.1 System does not start correctly..................................................263

12.1.2 Web interface is not accessible ..................................................264

12.1.3 IP address settings.......................................................................266

12.1.4 Firewall issues and NAT / PAT settings......................................266

12.1.5 ISDN dial-in number missing or wrong .....................................267

TELES Product Version 18.0.002 Page 10

Table of contents

12.1.6 ISDN port not loaded correctly / not active ..............................269

12.2 No calls are possible....................................................................270

12.2.1 Call does not arrive on the gateway ..........................................271

12.2.2 Call is rejected or not routed to destination.............................274

12.2.3 Call is rejected elsewhere............................................................278

12.3 Software update problems.........................................................279

TELES Product Version 18.0.002 Page 11

Preface

In this manual

This manual describes the set up of your VoIPBox BRI. It is
written for network administrators who use and maintain the
gateway. To use this manual you need some experience work­ing with networking devices and be familiar with the concepts
and terminology of telecommunication technology. Make
sure you familiarize yourself thoroughly with the safety and
security precautions detailed in Chapter 2 Security and hard-

ware on page 17 → before you begin to install your

VoIPBox BRI. TELES is not liable for any damage or injury re­sulting from a failure to follow these safety and security in­structions!

In addition to this manual there is a parameter manual sum­marizing the configuration parameters used in the config
files.

Conventions

This document uses the following typographic conventions:

 Bold – important information, and items from the GUI

and the menu.

 Code – file names, variables, and constants in config files

or commands in body text.

 "Conventions" on page 12 → – cross-references can be

accessed in the PDF by a single mouse click.

Configuration data or extracts are written in single-column tables with a gray background.

VoIPBox BRI Version 18.0.002 Page 12

Preface

!

!

!

Safety Symbols

The following symbols are used to indicate important infor­mation and to describe levels of possible danger.

Note

Useful information with no safety implications.

Attention

Information that must be adhered to as it is necessary to en­sure that the system functions correctly and to avoid mate­rial damage.

Warning

Danger. Could cause personal injury or damage to the sys­tem.

Dangerous voltage

Could cause injury by high voltage and/or damage the sys­tem.

Electrostatic discharge

Components at risk of discharge must be grounded before
being touched.

Explosion hazard

Injury hazard due to explosions endangering the person or
the system.

VoIPBox BRI Version 18.0.002 Page 13

Organization

Chapter 1 – Safety and security precautions starts with the
safety and security precautions. Make sure that everyone
who works with the VoIPBox BRI is aware of these precau­tions. The VoIPBox BRI described at the end of this chapter.

Chapter 2 – Overview describes the general features of the
VoIPBox BRI and the main features for VoIP and telephony.

Chapter 3 – VoIPBox installation contains information on
basic installation and configuration of your VoIPBox. Follow
the easy instructions to set up your VoIPBox in a matter of
minutes.

Chapter 4 – Configuration files describes the basic setup
and the most commonly used entries for the configuration
files. Configuration of VoIPBoxes is managed in the following
three files:

Chapter 5 – Routing examples contains some useful
route.cfg examples of scenario-bases configurations.

Chapter 6 – System maintenance and software update

describes system messages that are saved in the protocol file,
as well as trace options.

Chapter 7 – Signaling and routing features describes con­figurations of the route.cfg for adjusting the signaling and
specific scenarios.

Chapter 8 – Least cost routing describes the configuration
of the least cost routing method cerrier selection. Then fol­lows a chapter with a alternative routing example. The last
chapter describes charge generation configuration.

Chapter 9 – Online traffic monitor describes the Online
Traffic Monitor that allows you to collect and monitor statis­tics and call detail records (CDRs). The following functions are

VoIPBox BRI Version 18.0.002 Page 14

Organization

possible with this feature package: Calculation of statistic val­ues, Generation of CDRs, and Generation of online CDRs us­ing e-mail

Chapter 10 – Two stage dialing/callback server function­ality describes money-saving features that expand the func-

tionality of your VoIPBox to include DTMF services (two stage
dialing) and callback capability. It is particularly useful for
companies with employees who travel often, because it elim­inates expensive roaming fees.

Chapter 11 – Additional VoIP parameters contains addi­tional configuration entries to fine-tune conmmunication with
the VoIP peer. Enter the folliwing additional parameter in the
route.cfg to adjust the configurationfor improved communi­cation with the VoIP peer.

Chapter 12 – Troubleshooting discusses problems that you
may encounter when operating your VoIPBox and offers solu­tions. The reasons are listed that may cause the different
problems. Every reason is described in detail, the symptoms
are identified and suggestions are made for solving the issue.
If you cannot solve a problem using these instructions, please
contact your service partner.

VoIPBox BRI Version 18.0.002 Page 15

1 Safety and security

precautions

1 Safety and security precautions

This chapter starts with the safety and security precau­tions. Make sure that everyone who works with the
VoIPBox BRI is aware of these precautions. The VoIPBox BRI
described at the end of this chapter.

Please be sure and take time to read this section to ensure
your personal safety and proper operation of your gateway.

To avoid personal injury or damage to the system, please fol­low all safety instructions before you begin working on your
gateway.

VoIPBoxes are CE certified and fulfill all relevant security re­quirements. The manufacturer assumes no liability for conse­quential damages or for damages resulting from
unauthorized changes.

1.1 Safety Measures

Danger of electric shock - the power supplies run on 230 V. Do
not open the VoIPBox or its power supply.

Make sure to install the VoIPBox near the power source and
that the power source is easily accessible.

Bear in mind that telephone and WAN lines are also energized
and can cause electric shocks.

Be sure to respect country-specific regulations, standards or
guidelines for accident prevention.

VoIPBox BRI Version 18.0.002 Page 17

1 Safety and security precautions

!

1.2 Power Supply

The included power supply is to be used exclusively for oper­ation of your VoIPBox.

Make sure you read this chapter thoroughly and save the
instructions for future reference. Use only the power sup­ply included in the package contents of your VoIPBox.

1.2.1 Technical Data

The following list includes technical information on the power
supply:

| Type: GSP-1216TLS/1 for VoIPBox
| Input voltage: 230V~ +/-15% 50-60Hz; 0.40A
| Output voltage: 12V
| Weight: 96g
| Tested and certified as per EN60950-1

1.2.2 Symbols

The symbols on the power supply have the following mean­ings:

Table 1.1 Power Supply Symbols

Symbol Meaning

Certified to conform with European norms.

Protective insulation provided.

---

; 1.6A

For indoor use only.

VoIPBox BRI Version 18.0.002 Page 18

1 Safety and security precautions

!

Table 1.1 Power Supply Symbols (continued)

Symbol Meaning

Not for public disposal. Make sure you dispose of the power supply
properly.

Indicates the output polarity of the power supply.

1.2.3 Instructions for Use

Plug the power supply directly into the outlet. The power sup­ply provides safety-low voltage with limited capacity for your
VoIPBox.

Use only the power supply included in the package con­tents of your VoIPBox.

The devices are designed for constant use in dry, indoor loca­tions. However, we recommend that you unplug them if you
do not intend to use them for an extended amount of time.
Make sure the power outlet is easily accessible at all time.

1.2.4 Safety Precautions

Make sure you follow these safety precautions:

| Electrical devices may not be used by individuals who are

not aware of the dangers of electricity and/or incorrect
use thereof.

| Make sure you use only the correct input voltage.
| Make sure the installation site is sufficiently ventilated.
| Use the device only in dry, indoor locations, and protect

it from humidity.

| Do not subject the device to direct sunlight.

VoIPBox BRI Version 18.0.002 Page 19

1 Safety and security precautions

| Unplug the device if you do not intend to use it for an ex-

tended amount of time.

| Hold the device by its housing when you unplug it. Wall

outlets can become mechanically overloaded; do not
pull on the cord.

| The room temperature may not exceed 35°C.
| Do not use the device if it is damaged or if there are signs

of misfunction. In this case, send it to TELES Service or
dispose of it properly (not with the public trash).

1.3 Jacks

The jacks on the VoIPBox have fulfilled the requirements of
the SELV safety standard.

1.4 EMC Protection

Use shielded cables.
Do not remove any housing components. They provide EMC
protection.

1.5 System Security

This section describes all points crucial to the VoIPBox’s sys­tem security.

VoIPBox BRI Version 18.0.002 Page 20

1 Safety and security precautions

!

The VoIPBox’s location must support normal operation ac­cording to EN ETS 300 386. Be sure to select the location with
the following conditions in mind:

Location: Make sure you install the system in a clean, dry,
dust-free location. If possible, use an air-conditioned site.
The site must be free of strong electrical or magnetic
fields, which cause disrupted signals and, in extreme cas­es, system failure.

Temperature: The site must maintain a temperature between
0 and 35°C. Be sure to guard against temperature fluctua­tions. Resulting condensation can cause short circuiting. The
humidity level may not exceed 80%.
To avoid overheating the system, make sure the site provides
adequate ventilation.

Power: The site must contain a central emergency switch for
the entire power source.
The site’s fuses must be calculated to provide adequate sys­tem security. The electrical facilities must comply with appli­cable regulations.
The operating voltage and frequency may not exceed or fall
below what is stated on the label.

1.5.1 Servicing the VoIPBox

Regular servicing ensures that your VoIPBox runs trouble­free. Servicing also includes looking after the room in which
the system is set up. Ensure that the air-conditioning and its
filter system are regularly checked and that the premises are
cleaned on a regular basis.

VoIPBox BRI Version 18.0.002 Page 21

1 Safety and security precautions

1.5.2 Protecting the Operating System

Changing configuration data may lead to malfunctions and/or
misrouting, as well as possible consequential damage. Make
changes at your own risk. TELES is not liable for any possible
damage resulting from or in relation to such changes. Please
thoroughly check any changes you or a third party have made
to your configuration!

To make changes in or perform tests on the database, make
sure your hard disk or flash disk contains enough storage
space. Downloading the log files and deleting them from the
VoIPBox on a regular basis will ensure your VoIPBox’s reliabil­ity.

Be careful when deleting files that you do not delete any files
necessary for system operation.

To check storage space and/or delete files, use GATE Manag­er. For more information see the document GATE Manager.

All files with the extension *.log can be deleted. To save files
before deleting them, use the Receive File option in GATE
Manager.

The following files, if included, must not be deleted:

Table 1.2 Mandatory files

Mandatory files

Mandatory system files

boot.rc

crypto.vnd

crypto5.vnd

gbox.tz1

gbox5.tz1

IMEIs.lst

ipv4.vnd

ipv6.vnd

license.key

VoIPBox BRI Version 18.0.002 Page 22

1 Safety and security precautions

!

Table 1.2 Mandatory files (continued)

Mandatory files

netbsd5fs.vnd

netbsd5i

netbsd5z

netbsdfs.gz

netbsdi

netbsdz

start

tools.tz0

xbribox.tz1

xgate.vnd

Mandatory configuration files

ip.cfg

pabx.cfg

route.cfg

1.6 CDR Files

Call Detail Records are intended for analysis of the VoIPBox’s
activity only. They are not designed to be used for billing pur­poses, as it may occur that the times they record are not ex­act.

Inaccuracies in the generation of CDRs may occur for ac­tive connections if traffic is flowing on the system while
modifications in configuration or routing files are activat­ed.

VoIPBox BRI Version 18.0.002 Page 23

1 Safety and security precautions

1.7 Network Security

Every day hackers develop new ways to break into systems
through the Internet. While TELES takes great care to ensure
the security of its systems, any system with access through
the Internet is only as secure as its user makes it. Therefore,
to avoid unwanted security breaches and resulting system
malfunctions, you must take the following steps to secure
your VoIPBox if you connect it to the Internet:

| Use an application gateway or a packet firewall.
| To limit access to the VoIPBox to secure remote devices,

delete the default route and add individual secure net­work segments.

| Access to the VoIPBox via Telnet, FTP or GATE Manager

must be password protected. Do not use obvious pass­words (anything from sesame to your mother-in-laws
maiden name). Bear in mind: the password that is easi­est to remember is also likely to be easiest to crack.

The firewall must support the following features:

| Protection against IP spoofing
| Logging of all attempts to access the VoIPBox

The firewall must be able to check the following information
and only allow trusted users to access the VoIPBox:

| IP source address
| IP destination address
| Protocol (whether the packet is TCP, UDP, or ICMP)
| TCP or UDP source port
| TCP or UDP destination port
| ICMP message type

VoIPBox BRI Version 18.0.002 Page 24

1 Safety and security precautions

For operation and remote administration of your VoIPBox
open only the following ports only when the indicated servic­es are used:

Table 1.3 Default Ports Used for Specific Services

Service Protocol Port

For all systems except CELLX Pro

FTP TCP 21 (default, can be set)

Telnet (for TELES debug access only) TCP 23 (default, can be set)

SMTP TCP 25

DNS forward UDP 53

HTTP TCP 80 (default, can be set)

SNTP UDP 123

SNMP UDP 161 (default, can be set)

H.225 registration, admission, status UDP 1719 (default, can be set)

H.225 signaling TCP 1720 (default, can be set)

Radius UDP 1812 (default, can be set)

Radius accounting UDP 1813 (default, can be set)

GATE Manager

SIP signaling UDP / TCP 5060 (default, can be set)

RTP UDP 29000-29120 (default,

CELLX Pro Control Unit TCP 57343

C

ELLX Pro tunneling TCP 4446

For CELLX Pro Control Unit and iMNP

FTP TCP 21

Tel ne t TCP 23

MySQL database TCP 3306

CELLX Plus or VoIPBox to CELLX Pro TCP 57342

C

ELLX Pro tunneling to CELLX Plus or VoIPBox TCP 4446

TCP 4445 (default, can be set)

can be set)

CELLX Plus or VoIPBox to iMNP TCP 9003

Remote C

Remote CELLX Pro Desktop (read only) TCP 57345

VoIPBox BRI Version 18.0.002 Page 25

ELLX Pro Desktop TCP 57344

1 Safety and security precautions

Table 1.3 Default Ports Used for Specific Services (continued)

Service Protocol Port

For NMS

FTP TCP 21

Tel ne t TCP 2 3

MySQL database TCP 3306

NMS protocol TCP 5000

NMS update TCP 5001

NMS task TCP 5002

NMS task TCP 5003

NMS Listen TCP 4444

For CELLX Pro Call Manager

Radius authentication UDP 1812

Radius accounting UDP 1813

VoIPBox BRI Version 18.0.002 Page 26

2Overview

2Overview

This chapter describes the general features of the
VoIPBox BRI and the main features for VoIP and telephony.

The VoIPBox BRI is a media converter that facilitates the con­nection of ISDN service equipment with a voice over IP (VoIP)
network. It converts line-based transmission on the ISDN side
to packet-based transmission in the IP network and vice ver­sa. Incoming traffic arrives at one VoIPBox, which routes the
calls accordingly, depending on the call’s destination and at­tributes. The VoIPBox is available with two, four, or eight BRI
ports.

2.1 Features

VoIP

| 8 or 16 media channels
| H.323 v.4 / SIP v.2 signaling (RFC 3261), operating in par-

allel

| Various audio codecs: G.711, G.723.1, G.726, G.728,

G.729, GSM, iLBC

| Fax: T.38
| Data: clear channel
| RTP multiplexing (reduces bandwidth required for RTP

data by up to 60%)

| ENUM client
| Echo cancellation G.168–2000
| Silence suppression, comfort noise generation, voice ac-

tivity detection

| Support for multiple gatekeepers and multiple registrars
| STUN client
| Traffic shaping
| Configurable time interval for echo detection in VoIP

VoIPBox BRI Version 18.0.002 Page 28

2Overview

ISDN

| 2, 4, or 8 BRI ports, TE or NT
| DSS1 (Q.931),Q.SIG-BC; PP or PMP

LCR Engine

| Multiple VoIP-carrier logins
| Multiple PSTN routing methods
| Multilevel alternative routing
| Dynamic fallback to PSTN
| Dynamic fallback to VoIP
| Lifeline functionality on power loss or system failure

General

| User-friendly GUI with easy and advanced mode config-

uration settings

| Ringtone generation
| Configurable ToS/DivServ
| AOC generation
| Integrated DSL router (PPPoE)
| 2nd separate 10/100 Base-T Ethernet interface
| Status indication via LEDs
| Integrated mail client capable of SMTP authentication
| E-mail messages can trigger calls and play attached an-

nouncements

| Automatic test call
| Redial function
| Autodial function

VoIPBox BRI Version 18.0.002 Page 29

2Overview

2.2 Implementation scenarios

These are the most commonly used implementation scenari­os.

VoIP gateway

The VoIPBox’s sophisticated routing algorithms allow VoIP
communication via SIP server and/or gatekeeper (H.323), as
well as multi-destination operation without a SIP Server or
gatekeeper. Various voice codecs ensure universal connec­tion to different VoIP destinations. Fax transmission occurs
via T.38 or fallback to G.711a. Backup routes can be activated
in case of VoIP peer failure. After a defined amount of time,
the VoIPBox resumes its primary route.

Figure 2.1 VoIP gateway

VoIPBox BRI Version 18.0.002 Page 30

2Overview

Least cost router 2nd generation

The VoIPBox’s sophisticated routing algorithms serve as an
LCR between your PBX and the PSTN or VoIP carrier. Internet
connection can occur via integrated DSL router. The system
reverts to ISDN if there is an IP connection failure.

Figure 2.2 Least cost router 2nd generation

VoIPBox BRI Version 18.0.002 Page 31

3 VoIPBox installation

3 VoIPBox installation

This chapter contains information on basic installation and
configuration of your VoIPBox. Follow the easy instructions
to set up your VoIPBox in a matter of minutes.

Implementation of individual scenarios require adjust­ments to the appropriate interfaces. Tips for basic settings
are described here. Links to relevant chapters are provided
for more specific configuration changes.

3.1 Checklist

The following checklist provides step-by-step installation in­structions.

1. Check the package contents

2. Install the device

3. Connect the BRI lines to the PBX and/or the PSTN

4. Check functionality (using the LEDs)

5. Using Quickstart, set the configuration (IP address and
BRI / VoIP configuration)

6. Secure the LAN connection

3.2 Package Contents

Your VoIPBox package contains the following components:

| 1 VoIPBox
| 1 power supply
| 2/4/8 RJ-45 ISDN cables (black)
| 1 RJ-45 LAN cable with gray connectors

Check the contents to make sure everything is complete and
undamaged. Immediately report any visible transport damag­es to customer service. If damage exists, do not attempt oper­ation without customer-service approval.

VoIPBox BRI Version 18.0.002 Page 33

3 VoIPBox installation

Call via

VoIP

Call via

ISDN

Flash

disk

Relay

Power

VoIP
reg.

ETH

emac1

ETH

emac0

ISDN3 ISDN4ISDN1 ISDN2

ETH1 ETH2

12V=

Not

assigned

Not

assigned

VoIPBOX BRI 4/2

active on BRI 4 only

Call via

VoIP

Call via

ISDN

Flash

disk

Relay

Power

VoIP
reg.

ETH

emac1

ETH

emac0

ISDN3 ISDN4

ISDN5

ISDN1

ISDN6

ISDN7

ISDN2

ISDN8

ETH1 ETH2

12V=

Not

assigned

Not

assigned

VoIPBOX BRI 8

Software and manual are available for download at:

http://as-support.teles.de.

3.3 VoIPBox Hardware Description

Figure 3.1 → shows the front and rear view of all VoIPBox vari-

ations. The VoIPBox handles traffic on up to 8/16 media chan­nels. The following pages describe installation of the
VoIPBox.

Figure 3.1 VoIPBox BRI: front and rear view

3.4 Installation Requirements

Before installing your VoIPBox, make sure you have the fol­lowing connections in place:

| ISDN BRI connection to PBX and/or to the PSTN
| Power

VoIPBox BRI Version 18.0.002 Page 34

3 VoIPBox installation

!

3.4.1 ISDN Wiring

The TE ports connect to the PSTN and the NT ports connect to
the PBX. Starting from the left, we recommend alternating TE
NT TE NT... configuration of the ISDN ports. Only this configu­ration supports bypass relay between ISDN1 and ISDN2 when
power failure occurs. You can connect the VoIPBox to addi­tional outlets for any additional interfaces.

An attached NTBA or PBX must be connected to the ISDN1
TE outlet if it is to provide the clock for the VoIPBox!

Figure 3.2 → shows the standard pin assignment for TE and

NT modes. The cables included in the package contents have
this pin assignment. You must change the pin assignment if it
differs on the connected equipment.

Figure 3.2 ISDN Wiring Scheme

3.4.2 Ethernet Wiring

To connect the VoIPBox’s Ethernet port to your local network,
connect the system to an Ethernet switch or hub in your net­work. Use the three meter cable with gray connectors.

VoIPBox BRI Version 18.0.002 Page 35

3 VoIPBox installation

!

3.5 Preparing for Installation

Each computer that is to communicate with the VoIPBox re­quires a network connection. DHCP can be used to automati­cally assign an IP address and the netmask. If you don’t use
DHCP, please have the following information for connection
to your network available:

| IP address in your local network for the VoIPBox to be

configured

| Netmask for the VoIPBox to be configured
| Default gateway for VoIPBox to be configured

Bear in mind that the preconfigured VoIPBox’s default IP
address is 192.168.1.2. If this IP address is already being
used in your local network, you must run Quickstart with­out a connection to your local network. This can occur us­ing a back-to-back Ethernet connection from your
computer to the VoIPBox.
If the desired IP address for the VoIPBox is not in your net­work, you must assign your computer a temporary IP ad­dress from this IP-address range.

3.6 Hardware Connection

Connect your computer with the local network.

| Connect the VoIPBox with the local network
| Using the ISDN connection cables included in the pack-

age contents, connect the VoIPBox with your PBX and/or
the PSTN according to the required port configuration.

| Connect the VoIPBox with the power supply.

VoIPBox BRI Version 18.0.002 Page 36

3 VoIPBox installation

3.7 LED Functionality

Each VoIPBox has the following status LEDs:

Table 3.1 VoIPBox LEDs

LED Name Description

Green 1 Ethernet emac1 Off: Link down.

On: Link up.
Blinking: Link active.

Green 2 Ethernet emac0 Off: Link down.

Green 3-4 Not assigned.

Green 5 ISDN TE port status Off: No call on ISDN TE port.

Green 6 VoIP call status Off: No VoIP calls.

Green 7 VoIP registration Off: VoIPBox is not registered.

Green 8 Flash disk Blinking: Flash disk active.

Green 9 Bypass relay Off: Relay inactive.

Red Power Off: Power off.

On: Link up.
Blinking: Link active.

On: At least one call on ISDN TE port.

On: At least one VoIP call.

On: VoIPBox is registered with the SIP

server or no registrar has been
configured.

On: Relay active.

On: Power on.

3.8 Startup with Quickstart

Quickstart is an application that helps you to configure the IP
settings of your VoIPBox quickly and conveniently without
changing any network settings on your computer. You will
need Quickstart as of version 15.0.

Quickstart can be installed on Windows operating systems.

VoIPBox BRI Version 18.0.002 Page 37

3 VoIPBox installation

If you are using Windows please follow the instructions in this
chapter. If you are using a non-Windows operating system
(e.g. Linux) follow the instructions in Chapter 3.9 →.

3.8.1 Installing Quickstart

Make sure the GATE Manager is not running on your comput­er. To install Quickstart on your computer, download the soft­ware from the web side http://195.4.12.80/board. Here the
software Quickstart and GATE Manager is needed. Download
the zip archives, extract them and install the programs using
the setup.exe file.

When asked if you want to install components on your ma­chine, click Install.

Click Next in the introduction window to begin installation of
the Quickstart.

Once installation begins, click Next to install Quickstart in the
predefined folder. To install it in another location, click
Browse and select a folder from the browser that appears.
Then click Next.

Click Close to exit when installation is complete.

3.8.2 Configuration with Quickstart

Now you can use Quickstart to set up your VoIPBox. Open
Quickstart.exe. The program will automatically search for
your VoIPBox in the local network. For Quickstart, the source
UDP port is 57445. It might be necessary to change the fire­wall rules on your system.

VoIPBox BRI Version 18.0.002 Page 38

3 VoIPBox installation

Click the Search button to restart the search. When the pro­gram has found your VoIPBox, it will appear in the main win­dow. As soon as it appears, you can end the search by clicking
Stop. The window on the right provides a running tally of the
system’s status.

The system’s icon will appear in gray if it is unconfigured.
Once it has been configured, it will appear in green. The serial
number appears as the system’s name.

To change the appearance of the window, select Large Icons,
Small Icons or Details from the View menu. In the following
description, we will use the Details View, which contains the
following columns:

Table 3.2 Quickstart Details View Columns

Heading Definition

Identifier This column lists the system’s serial number.

IP Address This column lists the system’s IP address.

Configured An X means the system contains the configuration files.

# of VoIP Ctrls This column lists the number of VoIP Modules installed in the system.

It will always be 1.

VoIP Channels This column shows the number of VoIP channels per VoIP Module.

Type Lists the type of system.

Box An X means the system is a TELES box-based system.

CF Mounted This column is not relevant for TELES box-based systems.

In the Options menu, you can suppress or activate ICMP ping
to test the Internet connection.

To perform the initial configuration of the system, double­click the icon or right-click and select Configure. The IP Set-
tings dialog will appear. If you are using a DHCP server, acti­vate the checkbox DHCP. This will deactivate the next three
lines. Your DHCP server will automatically provide all of the
other necessary information. If you do not have a DHCP serv­er, leave the DHCP checkbox empty. The default IP address
appears in the IP Address box. Enter a new IP address. If the

VoIPBox BRI Version 18.0.002 Page 39

3 VoIPBox installation

!

address you enter already exists in the network, you will be
notified to choose another address at the end of the configu­ration process. Enter the system’s netmask in the Mask dialog
box. Enter the IP address for the Default Gateway in the cor-
responding dialog box. Click Finish.

Figure 3.3 Quickstart Configuration: IP Settings

There is no internal time generation for the system when
the power is interrupted. That means the default time is
used when the system is restarted or rebooted! Therefore
it is important to set the system time with an NTP server.If
the system is connected via ISDN, a clock may come from
the network connected to the corresponding port. Enter
TIME in the pabx.cfg’s Subscriber line for the TE port to
retrieve the time from the port.

Now the IP settings are configured; all other processes run au­tomatically. First the system’s IP address will be changed and
then the system will start with the new IP address.

If you right-click the system’s icon in the main window and
choose Temporarily Configure IP Address, only the IP ad-
dress for the system’s first Ethernet interface and the net­mask will be temporary changed. This can be helpful if you
want to set up local remote access to the system and use oth-

VoIPBox BRI Version 18.0.002 Page 40

3 VoIPBox installation

er IP settings on the remote device than the system’s IP con­figuration in the network. Bear in mind that the functions on
the system’s first Ethernet interface work with the new set­tings.

Now you can complete the system’s configuration using the
GATE Manager (cf. Chapter 3.11.1 on page 43 →).

3.9 Startup via FTP

If you are using a computer that does not use a Windows OS
preconfigure the system via FTP. The system’s default IP ad­dress is 192.168.1.2. To configure the system using FTP, you
must assign your computer an IP address from network range

192.168.1.0 Class C and then access the system via FTP. The

default user is teles and the default password is tcs-ag.
Download the default configuration files from the /boot direc-

tory from the system:

| ip.cfg – This file is responsible for configuration of the

Ethernet interface.

| pabx.cfg – This file is responsible for the port configura-

tion.

| route.cfg – This file is responsible for the routing config-

uration.

To edit the default configuration as described in

Chapter 4.2.1.4 →. Upload the configuration files into the

/boot directory. For a detailed description of FTP access
please refer to Chapter 3.11.3 on page 46 →.

VoIPBox BRI Version 18.0.002 Page 41

3 VoIPBox installation

3.10 Self Provisioning with NMS

With a management connection to the NMS (Network Man­agement System), the VoIPBox can retrieve its configuration
files from the configured NMS. That means that custom con­figuration of the device occurs automatically when the device
is started. The following setting must be made in the [System]
section of the pabx.cfg:

AlarmCallback=<ip address NMS server>
RemoteCallback=<ip address NMS server> <time> <days of week + holiday>

As soon as the device is started, it connects automatically with
the NMS, which uses the device’s TAG number to send a pre­pared configuration. For further information on configuration
of the NMS, please refer to the NMS Systems Manual.

3.11 Remote Access and Access Security

After the system has been configured via Quickstart and all
cables are connected, remote administration and mainte­nance can occur with the GATE Manager (Chapter 3.11.1 →),
the GUI (Chapter 3.11.2 →), or via FTP (Chapter 3.11.3 →).

VoIPBox BRI Version 18.0.002 Page 42

3 VoIPBox installation

3.11.1 GATE Manager

The GATE Manager administration and maintenance software
offers a broad range of functions. The GATE Manager is user
friendly and can be customized to suit your needs.

Figure 3.4 GATE Manager

The following maintenance functions are possible:

| Display system information and network element status.
| Retrieve and display configuration files.
| Restart network elements.
| Use of a trace option for checking functions and fault di-

agnosis. Option to use an external tool, e.g. to display
and break down trace data.

| Update the system software (firmware) and configura-

tion tables.

| Retrieve CDRs (Call Detail Records).
| Display the current connections (status).
| Display statistical information for network elements and

interfaces.

| Display the status of the interfaces.

To complete the configuration retrieve and edit the config
files as described in Chapter 4 on page 49 →. You have to use
GATE Manager version 17.1 or later. For a detailed description

VoIPBox BRI Version 18.0.002 Page 43

3 VoIPBox installation

of installation and implementation of the GATE Manager,
please refer to the GATE Manager and Utilities Programs Man­ual.

GATE Manager remote access can occur via IP or ISDN. GATE
Manager access via IP uses port 4444 as origination TCP port
and port 4445 as destination port. The following default value
(4445) is configured in the pabx.cfg file for the system’s port:

MoipPort=4445

In the default configuration, ISDN remote access is disabled.
To configure the system so that certain data calls are received
as remote administration calls, make the following changes in
the pabx.cfg:

RemoteCode=BBB

Add the following mapping to the route.cfg:

MapAll<direct>=BBB DATA

Make the following entries in the route.cfg if the system is to
handle all ISDN data calls as remote-administration calls:

MapAll?=BBB DATA

3.11.2 Graphical User Interface

Remote access can occur via the GUI. Even users with little ex­perience can easily configure standard system settings with
this interface. Simply open a browser and enter the system’s
IP address in the address bar. We recommend that you use In­ternet Explorer 6/7 or later.

The following administrative levels apply:

VoIPBox BRI Version 18.0.002 Page 44

3 VoIPBox installation

!

Administrator Mode (Full Access)

User: teles-admin
Password: tcs-admin

This access level is for the user network’s administrator. All
configuration pages can be accessed in this mode.

Read-Only Mode

User: teles-user
Password: tcs-user

No configuration changes can be made at this level. Only sta­tus and statistics can be retrieved.

The passwords are saved in the ip.cfg in encrypted form:

PwdAdmin=<crypt>
PwdUser=<crypt>

Example 3.1 → shows an ip.cfg entry.

Example 3.1 ip.cfg password section

[httpd]
PwdUser=k24X0sdc.uMcM
PwdAdmin=k2UMj19qtovzI

Never copy these entries from one system to another, as
the encryption is unique for each system.

The user interface is divided into the following main sections:

Table 3.3 GUI: Sections

Section Description

User Data Here you can change the user passwords and the language for the

HTTP interface.

System Settings IP Settings:Settings for the Ethernet interfaces and related servic-

es.

VoIPBox BRI Version 18.0.002 Page 45

3 VoIPBox installation

Table 3.3 GUI: Sections (continued)

Section Description

System Overview Overview of system information and drivers.

Commands Here you can activate a configuration or restart the system.

All of the user interface’s pages contain Help buttons and
links to the online help, which provides a detailed description
of all of the individual configuration settings.

3.11.3 FTP

Remote access can also occur via FTP. You can use FTP to
transfer configuration files. You can also carry out functions
and traces with raw commands. Use the username teles and
the defined password to connect to the system with FTP.

The following entries ensure the security of your FTP access:

Table 3.4 FTP Security Entries

FTP Security

FtpdPort=<port>

Defines the FTP access port (default 21).

RemotePassword=<password>

Defines the password for FTP and GATE Manager access. Please refer to

Chapter 3.11.4 → for instructions on how to enter an encrypted password in the

pabx.cfg. If you do not define a password, access to the system via GATE Manager oc­curs without a password, and FTP access occurs with the default password tcs-ag.

VoIPBox BRI Version 18.0.002 Page 46

3 VoIPBox installation

Once you have access to the system, you will be in the folder
/home/teles. To upload or download configuration files
change to the directory /boot. To download log files, also
change to the directory /boot. The following commands can
be carried out via FTP access:

Table 3.5 FTP Commands

Command Function

site xgboot Boots the entire system.

site xgact Activates the configuration.

site xgact 1-19 Activates the Night section corresponding with the number 1-

site xgtrace 0 Deactivates trace.

site xgtrace 1 Activates layer 2 trace.

19.

site xgtrace 2 Activates layer 3 trace.

If your FTP client does not support the site command, try “lit­eral site” instead.

3.11.4 Setting a Password for Remote Access

The system comes with no password set for GATE Manager
access. If you do not define a password, access to the system
via GATE Manager takes place without one, and FTP access
takes place with the default password tcs-ag.

The password is set with the parameter
RemotePassword=<password> in the pabx.cfg. The value
<password> contains the encrypted text of the password.

Define the encrypted text with the GATE Manager as follows:

1. Open the GATE Manager,

2. Select the menu Edit | Encode Password…

VoIPBox BRI Version 18.0.002 Page 47

3 VoIPBox installation

3. Enter the password in clear text in the Encode Pass­word box and click OK.

4. In the screenshot above, the clear text password is

Weihnachtsmann@Bln. The encoded password is
vDLGTEBIZUNDMR@fNP54B.

5. Enter the encoded password as shown in Example

3.2 →.

Example 3.2 pabx.cfg with an encoded password

RemotePassword=vDLGTEBIZUNDMR@fNP54B

Transfer the pabx.cfg to the system using the GATE Manager
and activate the new configuration. After the file has been
transferred reboot the system. The system can than be ac­cessed only with the correct password. Don’t forget to mem­orize it!

VoIPBox BRI Version 18.0.002 Page 48

4 Configuration files

4 Configuration files

!

This chapter describes the basic setup and the most com­monly used entries for the configuration files. Configura­tion of VoIPBoxes is managed in the following three files:

Table 4.1 Configuration Files

File Function

ip.cfg This file is for the basic configuration of the Ethernet interfaces.

pabx.cfg This file is for system-specific and port-specific settings.

route.cfg This file is for routing entries.

Changing configuration data may lead to malfunctions
and/or misrouting, as well as possible consequential dam­age. All changes are made at own risk. TELES is not liable
for any possible damage out of or in relation to such
changes. Please thoroughly check any changes you or a
third party have made to your configuration.

The system comes without the files. The default configuration
with the IP address 192.168.1.2 is active when the files are not
on the system. You can configure the system using Quickstart,
GATE Manager or via FTP (user teles, password tcs-ag). If you
use the GUI to make configuration changes, the files will be
adjusted automatically.

Make sure you secure the system with new passwords follow­ing configuration and remember to memorize the passwords!

These configuration files contain all system-specific settings
and are used when the system starts. Comments included in
these files must begin with a semicolon. They do not need to
be at the beginning of a line. Configuration files must end with
an empty line.

VoIPBox BRI Version 18.0.002 Page 50

4 Configuration files

The configuration files follow these conventions: Individual
files are divided into sections. These sections always begin
with a line entry in square brackets. The basic required sec­tions are in these files:

Table 4.2 Required Configuration File Sections

Section File Function

[System] pabx.cfg

rou te.cfg
ip.cfg

[Night<num>]
EXAMPLE: [Night1]

[Night2]

[emac0] ip.cfg This section contains the IP configuration for

pabx.cfg
rou te.cfg

This section contains the system’s basic set­tings.

This section contains time dependent entries
that only apply for limited times.

the first Ethernet interface.

4.1 Configuration File ip.cfg

The basic settings for the two Ethernet interfaces are entered
here. One interface usually suffices. The second interface can
be used for special requirements, e.g. as a hub port, DSL rout­er or vLAN interface. Generally, these settings are entered
once and then left unchanged.

This file contains the following sections, which must appear in
the order given:

Table 4.3 Sections in the ip.cfg File

Section Function

[System] (required) This section contains entries that define the default gateway

and/or special routing entries.

[emac0] (required)
[emac1] (optional)

[httpd] This section contains the port and access password parame-

[nat] (optional) This section includes settings for Network Address Translation.

VoIPBox BRI Version 18.0.002 Page 51

The Ethernet Media Access Controller section(s) define the
physical Ethernet interface(s).

ters for the graphical user interface.

4 Configuration files

Table 4.3 Sections in the ip.cfg File (continued)

Section Function

[bridge0] (optional) These section(s) contain settings for the second Ethernet con-

troller in bridge mode.

[pppoe<x>] (optional) These sections contain settings for direct connection between

the system and the DSLAM when the PPPoE protocol is used.
<x> can be 0 or 1.

[firewall] (optional) This section contains settings for activating the system’s fire-

wall.

[altqd] (optional ) This section enables prioritization of VoIP packets in the

VoIPBox through an IP network using bandwidth control.

[dhcpd] (optional) This sections contains a list of parameters and settings for the

DHCP server in the system. It is divided into global settings for
the server and parameters for the DHCP subnet.

[vlan<x>] (optional) These section(s) contain settings for the virtual networks. <x>

can be anything from 0 to 9.

4.1.1 System Section Configuration

The [System] section contains entries that define the default
gateway and/or special routing entries. To define the stan­dard gateway, use the following entry to set the IP address:

DefaultGw=<ip addr>

Example 4.1 Default gateway configuration

[System]
DefaultGw=192.168.1.254

VoIPBox BRI Version 18.0.002 Page 52

4 Configuration files

If you must route specific net ranges to gateways other than
what is defined in the default route, make the following en­tries in the [System] section:
Route=<target range> -netmask <ip mask> <ip gateway>

Example 4.2 Routing specific net ranges

[System]
DefaultGw=192.168.1.254
Route=10.0.0.0 -netmask 255.0.0.0 192.168.1.1

If only certain routes apply, leave the line DefaultGw empty.

4.1.2 Ethernet Interface Configuration

The following settings are possible for the sections [emac0]
and [emac1]:

IpAddress=<ip addr>/<netmask>

The IP address is entered in decimal notation, followed by a
slash (/) and the netmask in bit notation.

Example 4.3 IP address configuration

IpAddress=192.168.1.2/24

The following entry is used to allocate an IP address via DHCP:

IpAddress=dhcp

The following entry is used in the [emac1] section if operation
of the system is occurs in bridge mode. IpAddress=up

4.1.3 GUI Settings

The following parameter is used to change the GUI port in the
section [httpd] (default 80):

GuiPort=<num>

VoIPBox BRI Version 18.0.002 Page 53

4 Configuration files

Bear in mind that the passwords for different access levels are
not set here. The encrypted passwords are stored here and
can only be changed via GUI (see Chapter 3.11.2 Graphical

User Interface →).

Example 4.4 GUI configuration

[httpd]
GuiPort=80
PwdUser=k24X0sdc.uMcM
PwdAdmin=k2UMj19qtovzI

4.1.4 Bridge Configuration

A bridge can connect two networks with each other. A bridge
works like a hub, forwarding traffic from one interface to an­other. Multicast and broadcast packets are always forwarded
to all interfaces that are part of the bridge. This can occur on
the Ethernet or VLAN level:

BrConfig=add <interface-x> add <interface-y> up

Activating another Ethernet interface in this way is useful, for
example, when the Ethernet switch does not have any more
ports available for connection of the system. You can simply
unplug a cable and plug it into the system’s second Ethernet
interface.

Example 4.5 Bridge configuration

[bridge0]
BrConfig=add emac0 add emac1 up

VoIPBox BRI Version 18.0.002 Page 54

4 Configuration files

4.1.5 NAT Configuration

The NAT (Network Address Translation) module translates IP
addresses from the local network to an IP address or range on
a public interface. All rules are defined in the [nat] section:

Table 4.4 NAT Configuration

map=<interface> <local network address/mask> -> <public network address/
mask> <optional entries>

This parameter maps the IP address in the local network to the IP address in the public
network.

<interface> Defines the translated interface or protocol:

emac1 The system’s second Ethernet interface
pppoe0 Protocol used for DSL connections
xppp<0> Protocol used for dial-up connections

<local ip address/mask> The IP address is entered in decimal notation, followed by

a slash (/) and the netmask in bit notation. The entire local
network range is configured.

<public ip address/mask> Defines the public network range, with network address

and mask (usually exactly one address), into which the lo­cal IP addresses are to be translated. The IP address is en­tered in decimal notation, followed by a slash (/) and the
netmask in bit notation.

<optional entries> Special rules can be defined for some services or proto-

cols. The system can serve as a proxy for FTP:
proxy port ftp ftp/tcp
Special ports for the public address(es) can be assigned for
the protocols TCP and UDP. The range is defined by the
start and end ports:
portmap tcp/udp <start port>:<end port>
If no optional entry is defined, all other addresses will be
translated without special rules.

rdr=<interface> <public network address/mask> port <port> -> <local network address/
mask> port <port_number> <protocol>

This parameter redirects packets from one port and IP address to another.

<interface> Defines the translated interface or protocol:

emac1 The system’s second Ethernet interface
pppoe0 Protocol used for DSL connections
xppp<0> Protocol used for dial-up connections

<public ip address/mask> Defines the public network range, with network address

and mask (usually exactly one address), into which the lo­cal IP addresses are to be translated. The IP address is en­tered in decimal notation, followed by a slash (/) and the
netmask in bit notation.

VoIPBox BRI Version 18.0.002 Page 55

4 Configuration files

Table 4.4 NAT Configuration (continued)

<port> Defines the port number.

<local ip address/mask> The IP address is entered in decimal notation, followed by

<protocol> Defines the protocol. tcp and udp are possible.

watch=<interface 1> <interface 2> ... <interface n>

Enter all interfaces that you have configured. If an interface is activated, the NAT table is
resetted to ensure correct IP address translation.

The following NAT settings are for a system in which PPPoE
(DSL) is used toward the Internet. The local network range

192.168.1.0 Class C is translated with the following rules:

| The proxy mode is used for FTP.
| All other TCP and UDP packets are mapped to the exter-

nal ports 40000 to 60000.

| There are no special rules for any other services.
| Incoming requests to port 80 and 443 in the public IP ad-

dress 192.168.1.100 are redirected to ports 80 and 443 in
the local IP address 192.168.1.100.

a slash (/) and the netmask in bit notation. The entire local
network range is configured.

Example 4.6 NAT configuration

[nat]
map=ppoe0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp
map=ppoe0 192.168.1.0/24 -> 0/32 portmap tcp/udp 40000:60000
map=ppoe0 192.168.1.0/24 -> 0/32
rdr=ppoe0 0/0 port 80 -> 192.168.1.100 port 80 tcp
rdr=ppoe0 0/0 port 443 -> 192.168.1.100 port 443 tcp

4.1.6 PPPoE Configuration

The protocol Point-to-Point over Ethernet is used for DSL
communication with the DSLAM. That means the system can
connect directly with the carrier network and terminate VoIP
traffic directly.

VoIPBox BRI Version 18.0.002 Page 56

4 Configuration files

All necessary information for setup of the PPPoE connection
is defined in the [pppoe<x>] section. That means username,
password and authentication protocol are set here. The Eth­ernet interface is emac1 and the gateway can also be defined.
The parameter PppoeIf defines the physical Ethernet inter­face used (always emac1). The settings are entered as follows:

[pppoe<x>]
PppoeIf=emac1
User=<user>
Pwd=<pwd>
AuthProto=<pap|chap>
Route=<ip_gw> (optional)

Table 4.5 Settings in the [pppoe<x>] Section of the ip.cfg

[pppoe<x>]

PppoeIf=<interface>

Enter the Ethernet interface used for the DSL connection (usually emac1).

User=<username>

Enter the username used for DSL access.

Pwd=<password>

Enter the password used for DSL access.

AuthProto=<protocol>

Enter chap or pap for the protocol used for authentication.

Route=<ip-addr> (optional)

Enter the target IP address range, e.g. 0.0.0.0 (default route). All packets that are not
defined for the local network will be sent through this interface. In this case, the pa­rameter DefaultGW in the [System] section (Chapter 4.1.1 →) must remain empty.
Only network ranges can be routed. The syntax in this case is Route=<target range> ­netmask <ip mask>. If several different network ranges are used, you must enter the
Route parameter for each range.

Bear in mind that configuration of the firewall, the NAT mod­ule and prioritization of the VoIP packets must be considered
when routing voice and data through the DSL line.

VoIPBox BRI Version 18.0.002 Page 57

4 Configuration files

!

The following entry will create the interface pppoe0, with the
username user and the password pwd. The PAP authentica­tion protocol is used. The default route occurs via DSL:

Example 4.7 pppoe0 configuration

[pppoe0]
PppoeIf=emac1
User=user
Pwd=pwd
AuthProto=pap
Route=0.0.0.0

4.1.7 Firewall Settings

The firewall settings provide options for limiting or denying
access to and from the system. If you do not configure this
section, the firewall is inactive and access is unlimited.

Make sure you configure the firewall rules carefully. The
rules are processed from top to bottom. If you use the op­tion quick, you will break the sequence. We recommend
that you put the most restrictive rule at the end of the con­figuration.

In the following example, only port 4445 allows incoming con­nections from the IP address 192.168.1.10. All others will be
blocked

Example 4.8 Firewall settings: blocking ports

[firewall]
fw=pass in quick on emac0 proto tcp from 192.168.1.10/32 to any port
eq 4445 flags S keepstate keep frags
fw=block in log quick on emac0 all

VoIPBox BRI Version 18.0.002 Page 58

4 Configuration files

Table 4.6 Settings in the [firewall] Section of the ip.cfg

[firewall]
fw=<mode> <direction> <list>

<mode> Two modes are possible for permitting or denying access:

pass permits access
block denies access

<direction> Possible directions are in and out:

in external to internal
out internal to external

<list> All other entries specify the other settings for the corresponding

firewall rules and are optional. The order in the line is as listed be­low:

log

Records non-matching packets.

quick

Allows short-cut rules in order to speed up the filter or override later rules. If a packet
matches a filter rule that is marked as quick, this rule will be the last rule checked, al­lowing a short-circuit path to avoid processing later rules for this packet. If this option
is missing, the rule is taken to be a "fall-through rule, meaning that the result of the
match (block/pass) is saved and that processing will continue to see if there are any
more matches.

on <interface>

The firewall rule is used only for the defined interface (e.g. emac0, pppoe0).

from <networkaddress/mask>
to <networkaddress/mask>

from defines the source IP-address range for incoming packets. to defines the target

IP-address range for outgoing packets. The IP address appears in decimal notation,
followed by a slash (/) and the netmask in bit notation. any stands for all IP addresses
(e.g.: to any).

NOTE: If you use the rule pass in/out in combination with the option from <ip> to <ip>, you
must specify a protocol number with proto and a port number. If you not specify the port, the
system may not be reachable.

EXAMPLE: fw=pass in quick on pppoe0 proto tcp from any to any port eq 4445

proto <protocol>

defines the protocol, for which the rule is valid (e.g.: proto tcp, proto udp, proto icmp).

port eq <num>

<num> defines the port as number (e.g.: port eq 4445).

keep state

Ensures that the firewall checks packets from the beginning to the end of a session.
This is necessary, as the firewall does not know when a session begins or ends.

VoIPBox BRI Version 18.0.002 Page 59

4 Configuration files

Table 4.6 Settings in the [firewall] Section of the ip.cfg (continued)

[firewall]
fw=<mode> <direction> <list>

flags S

Only syn. packets are accepted and recorded in the state table. In conjunction with
keep state, packets from sessions that have been inactive will also be routed. The ad­vantage of this entry is that random packets will not be accepted.

keep frags

Fragmented packets are also routed.

Example 4.9 Firewall settings

[firewall]
; loopback
fw=pass in quick on emac0 all
fw=pass out quick on emac0 all

; traffic to outgoing
fw=pass out quick on pppoe0 proto tcp all flags S keep state keep frags
fw=pass out quick on pppoe0 proto udp all keep state keep frags
fw=pass out quick on pppoe0 proto icmp all keep state keep frags

; incoming traffic
fw=pass in quick on pppoe0 proto tcp from 10.4.0.0/16 to any port eq 21 flags S keep state keep
frags
fw=pass in quick on pppoe0 proto tcp from 10.4.0.0/16 to any port eq 23 flags S keep state keep
frags
fw=pass in quick on pppoe0 proto tcp from 10.4.0.0/16 to any port eq 4445 keep state

; icmp traffic
fw=pass in quick on pppoe0 proto icmp all keep state

; other will be blocked
fw=block in log quick on pppoe0 all
fw=block out log quick on pppoe0 all

4.1.8 Bandwidth Control

In many implementation scenarios, the VoIPBox in router
mode (e.g. as DSL router) sends voice and data traffic through
a connection with limited bandwidth. This can lead to lost
voice packets that arrive too late to be used in the voice
stream. To avoid lost packets, this QOS setting prioritizes
packet transmission. You must set the priority for voice signal­ing and for the voice packets. That means you must prioritize
SIP/H.323, RTP and RTCP. You will find the ports used in Table

4.16 →, in the following entries:

H225Port

VoIPBox BRI Version 18.0.002 Page 60

4 Configuration files

SipPort
VoipRtp Port
VoipRtpPortSpacing

Different ports can be used for RTP and RTCP, depending on
the configuration.

The parameter VoipRtpPort shows the first RTP port used.
The corresponding RTCP port is the next one up. The param­eter VoipRtpPortSpacing shows the next RTP port (RTP port +
port spacing).

Table 4.7 Settings in the [altqd] Section of the ip.cfg

interface <interface> bandwidth <bw> priq

Defines the interface for which the rule applies.

<interface> Sets the interface for which prioritization applies (e.e. pppoe0).

<bw> Sets the bandwidth that is available on the interface in Kbit/s (e.g.

256K).

priq Priority qeueing. A higher priority class is always served first.

class priq <interface> <class> root priority <prio>

Defines the priority of the filter entries.

<class> Two types can be set:

 realtime_class (VoIP packets)
 regular_class (data packets)

<prio> Enter a value between 0 and 15. The higher the value (e.g. 15), the

higher the priority.

filter <interface> <class> <values>

Defines the individual rules.

<values> The individual values are divided into the following entries. A 0 can

be entered as a wildcard, in which case all values are possible:

 <dest_addr> (can be followed by netmask <mask>)
 <dest_port>


<src_addr> (can be followed by netmask <mask>)

 <src_port>

<protocol tos value>:


 6 for TCP

17 for UDP

VoIPBox BRI Version 18.0.002 Page 61

4 Configuration files

In the following example, prioritization is set for an eight­channel VoIP connection. The SIP signaling port 5060 and the
RTP/RTCP ports 29000 to 29015 are prioritized at level 7. All
other services are set at level 0.

Example 4.10 Settings in the [altqd] Section of the ip.cfg

[altqd]
interface pppoe0 bandwidth 256K priq
class priq pppoe0 realtime_class root priority 7
filter pppoe0 realtime_class 0 5060 0 0 0
filter pppoe0 realtime_class 0 0 0 5060 0
filter pppoe0 realtime_class 0 29000 0 0 17
filter pppoe0 realtime_class 0 0 0 29000 17
filter pppoe0 realtime_class 0 29001 0 0 17
filter pppoe0 realtime_class 0 0 0 29001 17

....

filter pppoe0 realtime_class 0 29014 0 0 17
filter pppoe0 realtime_class 0 0 0 29014 17
filter pppoe0 realtime_class 0 29015 0 0 17
filter pppoe0 realtime_class 0 0 0 29015 17
class priq pppoe0 regular_class root priority 0 default

4.1.9 DHCP Server Settings

The DHCP (Dynamic Host Configuration Protocol) server pro­vides a mechanism for allocation of IP addresses to client
hosts. The section [dhcpd] contains a list of parameters and
settings for the DHCP server in the system. It is divided into
global settings for the server and parameters for the DHCP
subnet.

Table 4.8 Settings in the [dhcpd] Section of the ip.cfg

[dhcpd]

; Global dhcpd parameters

allow unknown-clients;

All DHCP queries are accepted and the configured settings are transmitted to the cli­ents.

ddns-update-style none;

Deactivates dynamic update of the domain name system as per RFC 2136.

; Parameters for the Subnet

subnet <network address> netmask <mask for network range> {
<list>
}

VoIPBox BRI Version 18.0.002 Page 62

4 Configuration files

Table 4.8 Settings in the [dhcpd] Section of the ip.cfg (continued)

[dhcpd]

In <list> you can enter any of the following specific network settings activated by the
DHCP server. Each option must begin in a new line and end with a semicolon (;).

range <start IP address> <end IP address>;

The DHCP network range is defined by the first and last address in the range. Client
assignment begins with the last address.

option broadcast-address <IP address>;

Defines the broadcast address for the clients in the subnet.

option domain-name "<string>";

Defines the domain name used in the network.

option domain-name-servers <IP address>;

Defines the DNS-server address to be assigned (as per RFC 1035)
All of the following optional entries defining server addresses are also transmitted as
per RFC 1035. Separate multiple addresses per server with a comma:
… <IP address>, <IP address>;
(this also applies for all other optional entries with IP addresses).

option netbios-name-servers <IP address>

Defines the WINS-server address to be assigned.

option ntp-servers <ip address>;

Defines the NTP-server address to be assigned.

option time-servers <ip address>;

Defines the time-server address to be assigned (RFC 868).

option routers <IP address>;

Defines the default gateway address to be assigned.

option subnet-mask <net mask>;

Defines the netmask to be assigned (as per RFC 950).

option tftp-server-name "<link>";

Defines the TFTP server name (option 66), as per RFC 2132.
EXAMPLE: option tftp-server-name "http://192.168.0.9";

Example 4.11 Settings in the [dhcpd] Section of the ip.cfg

[dhcpd]
; Global dhcp parameters
allow unknown-clients;
ddns-update-style none;

; Parameter for the Subnet
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.3 192.168.1.20;
option broadcast-address 192.168.1.255;
option domain-name "company.de";
option domain-name-servers 192.168.1.2;
option routers 192.168.1.2;
option subnet-mask 255.255.255.0;
}

VoIPBox BRI Version 18.0.002 Page 63

4 Configuration files

4.1.10 DNSmasq settings

Dnsmasq is an easy to configure DNS forwarder. It is designed
to provide DNS to a small network.

Table 4.9 Settings in the [dnsmasq] Section of the ip.cfg

[dnsmasq]

bogus-priv

Bogus private reverse lookups. All reverse lookups for private IP ranges (ie

192.168.x.x, etc) which are not found in /etc/hosts or the DHCP leases file are an­swered with "no such domain" rather than being forwarded upstream.

filterwin2k

Later versions of windows make periodic DNS requests which don't get sensible an­swers from the public DNS and can cause problems by triggering dial-on-demand
links. This flag turns on an option to filter such requests. The requests blocked are for
records of types SOA and SRV, and type ANY where the requested name has under­scores, to catch LDAP requests.

user=<username>

Specify the userid to which dnsmasq will change after startup. Dnsmasq must nor­mally be started as root, but it will drop root privileges after startup by changing id to
another user. Normally this user is "nobody" but that can be over-ridden with this
switch.

cache-size=<cachesize>

Set the size of dnsmasq's cache. The default is 150 names. Setting the cache size to
zero disables caching.

clear-on-reload

Whenever /etc/resolv.conf is re-read, clear the DNS cache. This is useful when new
nameservers may have different data than that held in cache.

Example 4.12 DNSmasq settings

bogus-priv
filterwin2k
user=teles
cache-size=150
cler-on-reload

VoIPBox BRI Version 18.0.002 Page 64

4 Configuration files

4.1.11 PPP Configuration for Dial-Up Connection

The point-to-point protocol is used for dial-up connections.
The gateway can establish either a connection to the Internet
or – if ISDN is used for the connection – to another gateway. If
you use PPP to establish an Internet connection, don’t forget
to configure the firewall accordingly.

The advantages of VoIP over ISDN can be seen especially in
corporate implementation. For example, it is useful when a
very high number of connections occurs between subsidiaries
and one subsidiary does not have a broadband Internet con­nection. An ISDN B-channel can be connected to the Internet
and up to six voice calls can occur simultaniously over one
ISDN line. All necessary information for setup of the PPP con­nection is defined in the section [xppp<num>].

The settings are entered as follows:

Table 4.10 Settings in the [xppp] Section of the ip.cfg

[xppp<num>]

Dad=<num>

Enter the dial-up number.

User=<username>

Enter a username.

Pwd=<password>

Enter a password.

Route=<ip-addr>

Enter the target IP address range, e.g. 0.0.0.0 (default route).

AuthProto=<protocol>

Enter chap (default) or

AutoUp=<int>

Defines if the PPP interface is activated automatically after system start. The following
values are possible:
0 = No automatic PPP activation (default)
1 = Automatic PPP activation

IdleTO=<sec>

Enter the number of seconds without traffic before the interface tears down the con­nection.

pap for the protocol used for authentication.

VoIPBox BRI Version 18.0.002 Page 65

4 Configuration files

Table 4.10 Settings in the [xppp] Section of the ip.cfg (continued)

[xppp<num>]

MTU=<int>

Maximum Transfer Unit. We recommend the following default values:
1500 for ISDN dial-up.

Rfc1662=<val>

Framing to be use:
0 for ISDN.

LcpTO=<msec>

Allows you to change the value of the LCP timeout. The timeout-value must be spec­ified in milliseconds (default 1000).

DNS=<bitmask>

Enter here to which of the carrier’s DNS server the gateway shall send the DNS re­quest. The following values are possible:
1 = primary DNS server
2 = secondary DNS server
3 = both servers

StartDelay=<sec>

Time in seconds the system will wait to start the ppp process.

OwnIP=<IP address>

A temporay IP address assigned to the interface (such as 0.0.0.0). This address is valid
until an IP address has been assigned to the interface by the carrier. Not needed for
the xppp0 interface.

PeerIP=<IP address>

The IP address that is configured for the peer (such as 0.0.0.1). Not needed for the
xxxp0 interface, each other interface has to have a different peer IP address.

Example 4.13 Settings in the [xppp] Section of the ip.cfg

[xppp0]
Dad=12345
User=user
Pwd=pwd
Route=0.0.0.0
AuthProto=chap
IdleTO=60
MTU=1500
Rfc1662=0
LcpTO=500
StartDelay=10
AutoUp=1

VoIPBox BRI Version 18.0.002 Page 66

4 Configuration files

4.1.12 VLAN Configuration

A VLAN (Virtual Local Area Network) is a virtual LAN within a
physical network. Each VLAN is assigned a unique number
(VLAN ID) and defined in the [vlan<x>] section with

Tag: value between 1 and 4095

Priority: value between 0 and 7 (0 is lowest and 7 is the highest
priority)

[vlan0]

IfConfig=vlan <tag>,<priority> vlanif <interface>

The following entry will create the interface vlan1, with VLAN
tag 10 and priority 7, on the Ethernet interface emac0. Follow­ing this configuration, IP addresses (and/or other protocols)
can be assigned to the vlan1 interface.

Example 4.14 VLAN configuration

[vlan1]
IfConfig=vlan 10,7 vlanif emac0
IpAddress=192.168.199.1

4.1.13 Examples

4.1.13.1 Default configuration

In the following example, the system’s IP address is

192.168.1.1, the netmask is 255.255.255.0, and the standard

gateway is 192.168.1.254.

Example 4.15 Default configuration

[System]
DefaultGw=192.168.1.254

[emac0]
IpAddress=192.168.1.1/24

VoIPBox BRI Version 18.0.002 Page 67

4 Configuration files

4.1.13.2 Active ethernet bridge

In the following example a two-port Ethernet bridge is config­ured. The system’s IP address is 192.168.1.1, the netmask is

255.255.255.0, and the standard gateway is 192.168.1.254.

The emac1 interface is active and both Ethernet interfaces are
set to bridge mode in the [bridge0] section.

Example 4.16 Active ethernet bridge

[System]
DefaultGw=192.168.1.254

[emac0]
IpAddress=192.168.1.1/24

[emac1]
IpAddress=up

[bridge0]
BrConfig=add emac0 add emac1 up

4.1.13.3 Integrated DSL-Router Scenario for VoIP

In the following example, the system is connected to the local
IP network through emac0. The DSL modem is connected to
the emac1 interface, which enables the system to connect di-

VoIPBox BRI Version 18.0.002 Page 68

4 Configuration files

rectly to the carrier network without an additional router
when the connection is used only for VoIP data. A DHCP serv­er is used for dynamic IP-address allocation.

Example 4.17 Integrated DSL-Router Scenario for VoIP

[System]

[emac0]
IpAddress=192.168.0.2/24

[emac1]
IpAddress=up

[pppoe0]
PppoeIf=emac1
User=usertelekom
Pwd=pwd
AuthProto=chap
Route=default

[nat]
map=pppoe0 192.168.0.0/24 -> 0/32 proxy port ftp ftp/tcp
map=pppoe0 192.168.0.0/24 -> 0/32 portmap tcp/udp 40000:60000
map=pppoe0 192.168.0.0/24 -> 0/32

[firewall]
; loopback
fw=pass in quick on emac0 all
fw=pass out quick on emac0 all

; traffic to outgoing
fw=pass out quick on pppoe0 proto tcp all flags S keep state keep frags
fw=pass out quick on pppoe0 proto udp all keep state keep frags
fw=pass out quick on pppoe0 proto icmp all keep state keep frags

; incoming traffic
fw=pass in quick on pppoe0 proto tcp from 10.4.0.0/16 to any port eq 21 flags S keep state keep
frags
fw=pass in quick on pppoe0 proto tcp from 10.4.0.0/16 to any port eq 23 flags S keep state keep
frags
fw=pass in quick on pppoe0 proto tcp from 10.4.0.0/16 to any port eq 4445 keep state

; icmp traffic
fw=pass in quick on pppoe0 proto icmp all keep state

; other will be blocked
fw=block in log quick on pppoe0 all
fw=block out log quick on pppoe0 all

[dhcpd]
; Global dhcp parameters
allow unknown-clients;
ddns-update-style none;
; Parameter for the Subnet
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.3 192.168.1.20;
option broadcast-address 192.168.1.255;
option domain-name "company.de";
option domain-name-servers 192.168.1.100;
option routers 192.168.1.2;
option subnet-mask 255.255.255.0;

VoIPBox BRI Version 18.0.002 Page 69

4 Configuration files

4.1.13.4 VLAN Scenario

In the following example, the system is connected to the IP
backbone through emac0. One Computer is connected to the
emac1 interface. You can separate voice and data traffic with
two different VLANs (vlan0 with tag 10 for voice, vlan1 with tag
11 for data). All traffic coming from emac1 will be sent to
vlan1. Voice and data will not be mixed.

Example 4.18 VLAN Scenario

[System]
[emac0]
IpAddress=192.168.1.12/16

[emac1]
IpAddress=up

[vlan0]
IfConfig=vlan 10,7 vlanif emac0
IpAddress=10.0.1.2/24

[vlan1]
IfConfig=vlan 11,1 vlanif emac0
IpAddress=172.16.4.5/16

[bridge0]
BrConfig=add vlan1 add emac1 up

4.2 Configuration File pabx.cfg

The pabx.cfg is divided into the [System] section and the op­tional [Night<num>], [Mail] and [Snmpd] sections.

4.2.1 System Settings

The [System] section is divided into several categories to en­sure clarity:

| Hardware
| Bypass relay
| Log files
| Night configuration

VoIPBox BRI Version 18.0.002 Page 70

4 Configuration files

!

| Controllers
| Subscribers
| Global Settings

4.2.1.1 Bypass Relay

The entry in this category is responsible for the bypass func­tionality of the BRI port’s relay when the system is on. When
the system is off, the ports are connected as follows: Bypass
relay occurs between ISDN ports 1 and 2.

This means there is a transparent connection between the
PBX (or the telephones) and the PSTN. When the system is on,
all routing algorithms are active.

Bypass=ON/OFF (default ON)

ON: Bypass relay is on (system controls all ports).

OFF: Bypass relay is off (ports are connected to each other as
described above, regardless of whether or not the system is
running).

To ensure bypass functionality, make sure this parameter
is always set to ON (default).

4.2.1.2 Log Files

CDRs, unconnected calls, system events, trace output and sta­tistics can be saved into files.

The following entries are necessary to generate log files:

Table 4.11 pabx.cfg: Log File Entries

Entry Description

ActionLog=/boot/protocol.log System events

Log=/boot/cdr.log CDR entries

VoIPBox BRI Version 18.0.002 Page 71

4 Configuration files

!

Table 4.11 pabx.cfg: Log File Entries (continued)

Entry Description

failedlog=/boot/failed.log Unconnected calls

TraceLog=/boot/trace.log System trace

The available internal memory is approximately 8 MB.
Make sure you monitor the available memory.

You can define how the log files are to be divided. There are
two possiblities for saving entries into a new file:

| In increments of time (twice-daily, daily, weekly, monthly)
| Depending on the size of the file

You can also define a maximum number of up to 7 files to be
generated.

A dash (-) appears in place of information that is to be ignored.

Table 4.12 pabx.cfg: Log Parameters

Log=/boot/<file> <saved> <size> <count>

<file> The name of the log file is generated as follows:

[file]yymmdd[0-9|A-Z].log.

<saved> Refers to the frequency with which the file is saved. The following

options are possible:
halfdaily Every day at 11:59 and 23:59

daily Every day at 23:59
weekly Sunday at 23:59
monthly The last day of the month at 23:59

<size> Regardless of the value entered in <day>, the file will be saved

when the <size> has been reached (in kB).

NOTE: We recommend a file size of a multiple of 60kB.

<count> Refers to the number of files that will be saved in the system (be-

tween 5 and 35) before the first file is overwritten. This setting is
useful not only for limited file size, but also for files that store
events. Normally size can be limited for these files, e.g. 5 files of
1MB each. If the fifth file is full, the first one will automatically be
overwritten.

VoIPBox BRI Version 18.0.002 Page 72

4 Configuration files

!

!

Bear in mind that file size will be unlimited if no parame­ters are defined.

In the following entry, the file cdr.log is renamed every day.
Up to 35 CDR files will be saved on the system.

Example 4.19 cdr.log renamed daily

Log=/boot/cdr.log daily - 35

In the following entry, the file failed.log is renamed once a
week. Up to 10 failed files will be saved on the system.

Example 4.20 failed.log renamed once a week

failedlog=/boot/failed.log weekly - 10

In the following entry, the file protocol.log is renamed when
the file has reached 1MB. Up to five log files will be saved on
the system.

Example 4.21 protocol.log renamed when file size = 1MB

ActionLog=/boot/protocol.log - 1000 5

Please remember to keep track of how much memory is
available on the system.

4.2.1.3 Night Configuration

The sections for the time-dependent configuration changes
and time-controlled routings are defined here.

VoIPBox BRI Version 18.0.002 Page 73

4 Configuration files

A maximum of 19 additional daily configuration zones are
possible (Night1 to Night19). The entry NightResetTime reac­tivates the original configuration contained in the [System]
section.

The entry will have the following syntax:

Table 4.13 pabx.cfg: Night Parameters

Night<num>=<time> <day>

<num> Enter a value between 1 and 19 to define which configuration is to be load-

ed.

<time> If there is a time set with the format hh:mm after this entry, this configu-

ration is loaded daily at that time on the defined day.

<day> Use a bitmask to set the weekdays on which the configuration applies

here. The daymask appears in the following order: HoSaFrThWeTuMoSu.

The configuration section is activated Fridays, Wednesdays
and Mondays at noon unless the day in question is a holiday:

Example 4.22 Night parameters 1

Night2=12:00 00101010

The configuration section switches back to the default config­uration ([System] section) every day at 8:00 p.m:

Example 4.23 Night parameters 2

NightResetTime=20:00 11111111

The configuration section is activated on November 5, Decem­ber 24, and at noon on Mondays.

Example 4.24 Night parameters 3

Night1=12:00 10000010
Holiday=05.11.
Holiday=24.12.

VoIPBox BRI Version 18.0.002 Page 74

4 Configuration files

!

Holidays

Up to 50 different dates can be set for night sections used by
holiday. The variable dd.mm sets the day and month in which
the night section is activated when the 8th bit is set in the bit­mask (see Table 4.13 →).

Any defined Night sections must be set in the files
pabx.cfg and route.cfg. If there are no changes in these

sections, you must copy them from the [System] section.
The complete Subscriber section must appear in the
Night section of the pabx.cfg (see Chapter 4.2.4 Time-

Controlled Configuration Settings →). The active route(s)

(MapAll, Restrict and Redirect entries) must appear in the
Night section of the route.cfg (see

Chapter 4.3 Configuration File route.cfg →).

4.2.1.4 Controllers

This category defines the parameters that apply to the ports.

The individual ports are defined with the following parame­ters.Ports set to the same type can have the same address. In
this case they will form a trunk group. If you change this pa­rameter in the configuration, you must restart the system.The

Table 4.14 pabx.cfg: Controller Parameters

Controller<port>=<address> <type> <mode> <line_type> FCT UNIT:<unit> VAL­UE:<value>
AUTOUP TRAP

<port> Defines the running (physical) port number.

<address> Defines the configured (virtual) port address. In the default configura-

tion, the BRI TE port is 9, and the BRI NT port is 10. The VoIP port is 40.

<type> Defines the connection type:

TE external (Terminal Endpoint). All TE ports must be con-

NT internal (Network Termination). All NT ports must be

VOIP VoIP module

figured together starting with port 1 on the left.

configured together to the right of the TE ports.

VoIPBox BRI Version 18.0.002 Page 75

4 Configuration files

Table 4.14 pabx.cfg: Controller Parameters (continued)

Controller<port>=<address> <type> <mode> <line_type> FCT UNIT:<unit> VAL­UE:<value>
AUTOUP TRAP

<mode> Defines the protocol for BRI lines:

DSS1

<line_type> Defines Point-to-Multipoint or Point-to-Point mode:

UNIT:<unit> (Optional) Defines the currency for the charges (default EUR). Special

VALUE:<value> (Optional) For DSS1 NT ports only. Defines the charges that accumu-

AUTOUP For TE-ports only: keeps ISDN layer 2 active all the time.

TRAP Sends an SNMP trap if layer 1 changes from active to inactive or from

PMP Point-to-Multipoint
PP Point-to-Point

charge generation is possible for:
France UNIT:&F

Spain UNIT:&SP
Portugal UNIT:&P
Greece UNIT:&G
Switzerland UNIT:&CH
Netherlands UNIT:&NL
Italy UNIT:&I

NOTE: The <line_type> must be configured for these entries to work.

EXAMPLE:

Controller02=10 NT DSS1 PMP UNIT: VALUE:0.010
Controller03=10 NT DSS1 PMP UNIT: VALUE:0.010

late by unit. Enter the values in the following formats: x.y, x.yy, or x.yyy.
Default is 0.120.

inactive to active.

following example applies for the VoIPBox BRI with 4 ISDN
ports.

Example 4.25 VoIPBox BRI with 4 ISDN ports

Controller00=9 TE DSS1 PMP
Controller01=9 TE DSS1 PMP
Controller02=10 NT DSS1 PMP
Controller03=10 NT DSS1 PMP
Controller04=40 VOIP

VoIPBox BRI Version 18.0.002 Page 76

4 Configuration files

!

4.2.1.5 Subscribers

Features for each port can be defined using this entry. Chang­es become active following a restart.

You must restart the system after making changes to acti­vate the settings.

Table 4.15 pabx.cfg: Subscriber Parameters

Subscriber<port>=<list>

<port> Refers to the running (physical) port number.

The <list> variable may contain one or more of the following keywords:

DEFAULT The standard configuration will be used.

TRANSPARENT
ROUTER

ALARM Activates the monitoring mode for the respective port. If a relevant er-

SWITCH Changes internal port handling. In the default configuration, the VoIP

CHMAX[x] Defines the number of VoIP channels (8) or DTMF channels. A maxi-

DTMF[<sec>,/
<dir>/<file>]

Only the number is sent as caller ID (without the virtual port address).
Activate configuration suffices to activate changes. If TRANSPARENT
ROUTER is not set, the address of the incoming port is added to the A
party number as a prefix.

ror occurs at the port, the error is written in the protocol.log file. De­pending on the configuration, a remote connection to the number
defined for AlarmCallback is established and/or an SNMP trap is gen­erated. Activate configuration suffices to activate changes.

controller is set to NT. You can use this parameter to change it from NT
to TE.

mum of two concurrent channels are possible for DTMF recognition if
the callback platform is used.

Keyword to configure the DTMF controller. For a description of the for­mat, please see Chapter 10.2 on page 228 →.

VoIPBox BRI Version 18.0.002 Page 77

4 Configuration files

4.2.1.6 Global Settings

This category contains the following system parameters:

Table 4.16 pabx.cfg: global settings (page 1 of 4)

System Parameters

VoipGlobalMaxChan=<count>

Max. number of channels for the entire system.

VoipMaxChanOut=<count>

Limits outgoing calls through this profile. You have to define the number of VoIP chan­nels to be used.

VoipSuppressRtcp=<mode>

Suppresses (Yes) or allows (No) the sending of RTCP packets.

VoipAnnounce=<filename>,NOCONN FAKEALERT

Only for outgoing calls which are sent through the VoIP profile where this parameter
is included.

VoipAnnounce defines an audio file which is played to the caller. The entire file is

played, even if the called person picks up the call before the end of the announce­ment. Enter a comma after the filename to mark the end of the file.
In the defa ult set tin g, a conn ect is s ent to th e cal ler s tra igh t aw ay s o th at th e ca ller c an
hear the announcement.
Set the option
Set the option FAKEALERT to play a ringtone after the announcement.

NOCONN to suppress this connect.

VoipStopAnnounceOnConnect=<mode>

If

Yes is set and the call changes to the state CONNECTED, the announcement config-

ured with VoipAnnounce is stopped.

VoipStopAnnounceOnAlert=<mode>

If

Yes is set and the call changes to the state ALERTING, the announcement configured

with VoipAnnounce is stopped.

VoipFaxVolume=<volume>

Defines the volume of fax and CID tones.
Range: 0 (-21 dB) to 15 (-6 dB)
Default: 9 (-12 db)

VoipCEDTransferMode=<int>

Defines whether CED (a tone initially sent by a fax device) is sent via T.38 or RTP:
0 = T.38 (default)
1 = RTP

VoipCngRelayEnable=<int>

Defines whether CNG (a tone initially sent by a fax device) is transmitted by means of
T.38 or RTP:
0 = RTP (default)
1 = T.38

Voi pS end Up dat e= <mo de >

Allows (

Yes) sending of UPDATE messages or not (No). Yes is the default value.

VoIPBox BRI Version 18.0.002 Page 78

4 Configuration files

Table 4.16 pabx.cfg: global settings (page 2 of 4)

System Parameters

VoipRtpPort=<port>

Defines the starting UDP port used to transmit RTP packets (default 29000).

VoipRtpPortSpacing=<count>

Defines the space between the ports used for individual RTP streams (default 2).

H225Port=<port>

Endpoint-to-endpoint port (default 1720).

SipPort=<port>

SIP signaling port (default 5060). A different port for sending can be set in the

route.cfg’s Vo IP p rofi le. Oth erwi se t he p ort s et h ere wil l be u sed f or s endi ng a nd r ece iv-

ing.

VoipMaximumBandwidth=<int>

Defines an upper limit for available bandwidth for the VoIP profiles to be configured
(see VoipBandwidthRestriction in Table 11.6 →) if traffic shaping is active for the cor-
responding VoIP profile. Individual codecs are assigned the following values in kBit/s:

g711a, f711u, trp: 8
g72632, t38: 4
g72624 3
g72616, gsm 2

Other 1
You must define the list of codecs to be used in the VoIP profiles, whereby the codec
with the highest priority must be defined first. Calls will be set up using the codec with
the highest priority as long as the sum of the values for individual calls remains lower
than defined here. If the sum is greater, the next call will be set up with, and existing
calls will be switched to, a higher compression rate. Bear in mind that the VoIP peer
must support this feature.

VoipStrictRfc3261=<mode>

If yes is set, the SIP transaction/dialog matching will occur strictly as per RFC3261. You
must disable this feature for peers that use RFC2543 (from and to name). Default is
yes.

VoipLinger=<sec>

After an H.323 release complete has been sent, the TCP session will remain open for
the number of seconds entered if there is no response from TCP message sent so that
the system can resend the TCP packet.

StunServerAddress=<ip addr>

When this parameter is active, the VoIPBox looks for a (NAT) firewall in the network
and figures out how to bypass it without requiring changes. All ports for signaling, RTP
and RTCP are checked. The parameter VoipGlobalMaxChan defines the number of
ports for RTP and RTCP.

NOTE: This is not a solution for all firewall types.

StunServerPollInterval=<sec>
Interval (in seconds) for the stun request at each port (default 600).

Radius=<mode>

On (default) activates the Radius service. If you change Off to On, you must restart the
system.

VoIPBox BRI Version 18.0.002 Page 79

4 Configuration files

Table 4.16 pabx.cfg: global settings (page 3 of 4)

System Parameters

RadiusAuthPort=<num>

Port used for Radius authentication (default 1812).

RadiusAcctPort=<num>

Port used for Radius accounting (default 1813).

NameServer=<ip addr>

IP-address configuration for the DNS server. Enter your network or ISP’s DNS server.
If you don’t know it, you can also enter another DNS server. If you have more than one
address, enter this parameter up to three times on different lines.

Timezone=<continent/city>

Defines the time difference between the VoIPBox’s time zone and time zone 0 (Green­wich Mean Time). Enter the continent and a large city (usually the capital) in the time
zone.

NtpServer=<ip addr>

Sets the IP address at which the VoIPBox’s SNTP server queries the standard time. The
query occurs every four hours.

NOTE: If your system is not attached to an NTP server, you can enter the following configuration
to query the time on an attached PBX via a TE port:

SubscriberXX=...TIME

MoipPort=<port>

Defines the GATE Manager access port (default 4445).

FtpdPort=<port>

Defines the FTP access port (default 21).

TelnetdPort=<port>

Defines the TELNET access port (default 23).

TftpdPort=<port>

Defines the TFTP access port (default 69).

Ftpd=<mode>

Activates (on) or deactivates (off) FTP access. Default on.

Telnetd=<mode>

Activates (on) or deactivates (off) TELNET access. Default on.

Tftpd=<mode>

Activates (on) or deactivates (off) TFTP access. Default off.

VoIPBox BRI Version 18.0.002 Page 80

4 Configuration files

!

Table 4.16 pabx.cfg: global settings (page 4 of 4)

System Parameters

RemotePassword=<password>

Defines the password for FTP and GATE Manager access. Please refer to

Chapter 3.11.4 → for instructions on how to enter an encrypted password in the

pabx.cfg. If you do not define a password, access to the system via GATE Manager oc­curs without a password, and FTP access occurs with the default password tcs-ag.

DialTone=<country>

If the system is used in a corporate settings and attached through a PBX to the PSTN,
it may be necessary to generate the carrier’s dial tone. It depends on whether the sys­tem sends the dialed digits to the PSTN or whether it waits for a routing entry to take
the call.
The following values can be entered: GE, DE, IR, UK, US, FR, IT

Example 4.26 pabx.cfg: IP Configuration System Parameters

VoipGlobalMaxChan=8
H225Port=1720
SipPort=5060
VoipRtpPort=29000
VoipRtpPortSpacing=2
StunServerAddress=172.16.0.1
StunServerPollInterval=600
NameServer=192.168.0.254
Timezone=Europe/Berlin
NtpServer=192.168.0.254
DialTone=GE

There is no internal time generation for the system when
the power is interrupted. That means the default time is
used when the system is restarted or rebooted!
Therefore it is important to set the system time with an
NTP server.
If the system is connected via ISDN, a clock may come
from the network connected to the corresponding port.
Enter TIME in the pabx.cfg’s Subscriber line for the TE port
to take the time from the port.

VoIPBox BRI Version 18.0.002 Page 81

4 Configuration files

!

4.2.2 SMTP-Client Configuration

The following entries in the pabx.cfg’s [Mail] section are used
to send e-mail messages from the VoIPBox. The connection to
the SMTP server can be used to send CDR files or alarm mes­sages.

You must restart the system after making changes to acti­vate the settings.

The following features are possible:

| Sending CDRs via e-mail
| Sending alarm messages via e-mail

Table 4.17 pabx.cfg Mail Parameters

Mail Parameters

MailAllowedPeers=<ip addr>

Defines IP addresses from which incoming SMTP connections will be accepted. Sepa­rate IP addresses with a space. If a dash (-) is entered, the SMTP port (25) will be
blocked for incoming sessions. If this parameter is left empty (default), incoming con­nections will be accepted from all IP addresses.

MailAuthEncr=<type>

Enter an encryption method for e-mail authentication (default base64).

MailFrom=<URL>

Enter here the URL that will be sent in the e-mail’s FROM field in the following possible
formats:
MailFrom=domain to send OAD@domain (or user@domain, if no OAD available).
MailFrom=ipaddress to send OAD@ipaddress (or user@ipaddress, if no OAD avail­able).
MailFrom=123@ to send 123@<IP address of gateway>.
MailFrom=123@teles.de to send 123@teles.de.
MailFrom=123@ipaddress to send 123@ipaddress.

MailMaxIncomingClients=<count>

Defines the maximum number of clients that can access the system simultaneously.
If 0 is entered, the SMTP port (25) will be blocked for incoming sessions. Default 100.

MailPortIn=<num>

Enter a TCP port for incoming e-mail (default 25).

MailPortOut=<num>

Enter a TCP port for outgoing e-mail (default 25).

VoIPBox BRI Version 18.0.002 Page 82

4 Configuration files

Table 4.17 pabx.cfg Mail Parameters (continued)

Mail Parameters

MailPropPort=<num>

Enter the port number for a TELES proprietary mail protocol.

MailPwdIn=<password>

Enter a password for incoming e-mail authentication.

MailPwdIn=<password>

Enter a password for incoming e-mail authentication.

MailPwdOut=<password>

Enter a password for outgoing e-mail authentication.

MailRcpt=<domain>

In <domain>, enter the destination domain, the destination address and an @ sign. If
the destination address is already complete (with an @ sign), <domain> is not added.

MailRcptMax=<count>

Number of "RCPT TO" entries in e-mails that come from the LAN (a message is sent to
the LCR for each "RCPT TO" entry in each incoming e-mail ).

MailRcvMax=<count>

Maximum number of incoming e-mails queued for transmission via SMS.

MailSendRetries=<count>

Number of times an attempt is made to send an e-mail. Default 10.

MailTcpRcvTimeout=<sec>

Defines the number of seconds after which a session will be terminated following a
possible receiving error in the data stream. Default 0 (immediately).

MailTcpSndTimeout=<sec>

Defines the number of seconds after which a session will be terminated following a
possible transmission error in the data stream. Default 0 (immediately).

MailToHostRetries=<count>

Number of retries when SMS transmission is not successful. When the limit entered
is reached, an error message is sent to the e-mail sender (default 3).

MailUserIn=<username>

Enter a username for incoming e-mail authentication.

MailUserOut=<username>

Enter a username for outgoing e-mail authentication.

MaxMailsToHost=<count>

Maximum number of e-mail messages sent to the LCR simultaneously. Default 4.

SmtpServer=<ip addr>

In <ip addr>, enter the IP address of the destination SMTP server that is to receive the
e-mail messages.

VoIPBox BRI Version 18.0.002 Page 83

4 Configuration files

!

Example 4.27 pabx.cfg Mail Parameters

[Mail]
SmtpServer=172.16.0.10
MailRcpt=teles.de
MailFrom=172.16.0.100
MailRcvMax=300
MailRcptMax=50
MaxMailsToHost=2
MailToHostRetries=10
MailSendRetries=10
MailAllowedPeers=172.16.0.10

Sending Alarm Messages via E-mail

With the appropriate configuration, you can send e-mails con­taining alarm messages that are written into the log file. The
sender is given as alarm and the system’s name appears in
the subject box. The text box contains the alarm message.

The following entry in the configuration file activates this func­tion.

Example 4.28 Sending Alarm Messages via E-mail

...
ActionLog=/data/protocol.log daily 1000 5 @<e-mail account>
...

4.2.3 SNMP Settings

The Simple Network Management Protocol facilitates net­work management and monitoring of VoIPBox network devic­es and their functions. For a detailed description of SNMP
configuration, please refer to Chapter 6.4 SNMP agent →.

You must restart the system after making changes to acti­vate the settings.

VoIPBox BRI Version 18.0.002 Page 84

4 Configuration files

4.2.4 Time-Controlled Configuration Settings

The [Night<num>] section is reserved for prospective time­controlled configuration changes. In the pabx.cfg file, the
Night sections contain all of the system’s Subscriber entries.
Simply copy all Subscriber lines into the Night Section without
making any changes.

4.3 Configuration File route.cfg

The system’s routing information is saved in the route.cfg. The
file contains the following sections:

| [System]
| [Night<num>]
| [VoIP=<name>]
| [GateKeeper=<name>]
| [Registrar=<name>]
| [Radius=<name>]

4.3.1 Entries in the Sections [System] and [Night<num>]

The sections [System] and [Night<num>] contain the follow­ing entries.

4.3.1.1 Restrict

Restrict entries are used to handle calls in a mapping based
on the controller / controller group where the calls originate.
A Restrict entry can be used, for instance, to route all calls
coming from PSTN directly to the PBX.

VoIPBox BRI Version 18.0.002 Page 85

4 Configuration files

The Restrict parameter adds a prefix to a DAD before the DAD
is mapped. Restrict parameters are always handled before
the MapAll parameters and always require a matching MapAll
parameter.

The left side of the equals sign in the Restrict parameter con­tains the controller number plus an optional trunk number or
a specific calling number (OAD). The special symbol ? may be
used as a wildcard to represent any character. The right side
contains the prefix that is to be put in front of the DAD and an
optional service indicator.

In the route.cfg, the list of Restrict parameters is searched
from bottom to top for a matching controller plus optional
trunk number / OAD. Because the search is done bottom up,
place the more specific Restrict entries below the more gen­eral ones. Once a match has been found, the DAD is prefixed
with the contents of the <pl> variable. Then the call is
mapped.

Table 4.18 route.cfg: Restrict Parameters

Restrict<controller><calling number>=<pl> <sin> |
RestrictD<diverting number>=<pl> 15
RestrictR<calling number>=<pl> 15
RestrictT<calling number>=<pl> 15

Parameter Description No. Digits Optional

<controller> Contains the controller number.

<calling number> Contains the calling number (OAD). The

special symbol ? may be used as a wild­card to represent any character.

<pl> Stands for a virtual placeholder. The

DAD is prefixed with the contents of this
variable.

59

59

VoIPBox BRI Version 18.0.002 Page 86

4 Configuration files

Table 4.18 route.cfg: Restrict Parameters (continued)

Restrict<controller><calling number>=<pl> <sin> |
RestrictD<diverting number>=<pl> 15
RestrictR<calling number>=<pl> 15
RestrictT<calling number>=<pl> 15

Parameter Description No. Digits Optional

<sin> The service indicator variable sin re-

stricts the command to one service.
Without a sin, the Restrict command is
valid for all services.
Possible service indicator values are:
01 Telephony

02 Analog services
03 X.21-services
04 Telefax group 4
05 Videotext (64 kbps)
07 Data transfer 64 kbps
08 X.25-services
09 Teletext 64
10 Mixed mode
15 Used internally for call-

16 Video telephone

D<diverting num­ber>

R<calling number> For calls that are redirected with

For calls that have been diverted by the
network, RestrictD replaces the con­tents in <diverting number> by the con­tents in <pl>. Only in combination with
the service indicator 15.

Redirect3, the original OAD can be
changed again using RestrictR. Only in
combination with service indicator 15.

ing-party manipulation

2

59 for the
diverting
number

59 for the
calling
number

T<calling number> For calls that are redirected with

Redirect2, the original OAD can be
changed again using RestrictT. Only in
combination with service indicator 15.

All calls coming from BRI controller 9 (PSTN) are sent to BRI
controller 10 (PBX). First, the Restrict command adds the pre­fix “pl” to the DAD of the received call for all calls coming from

VoIPBox BRI Version 18.0.002 Page 87

59 for the
calling
number

4 Configuration files

PSTN. Then the call is mapped. In the mapping, everything
that is prefixed with “pl” is sent to controller 10 by removing
the prefix and adding the controller to the number.

Example 4.29 route.cfg Restrict Parameters

Restrict9=pl
MapAllpl=10

4.3.1.2 MapAll

Mapping entries are necessary for routing calls. The prefix or
telephone number (DAD) for which the mapping applies is
searched and the call routed according to the matching map­ping entry.

Mapping entries begin with the keyword MapAll. They work as
follows: anything on the left of the equals sign is removed
from the prefix / telephone number (DAD) that has come in
and replaced with what is on the right of the equals sign.

If, for example, the incoming DAD is 12345678 with 123456
being the trunk number and 78 the extension,
MapAll123456=9123456 means that 123456 is cut off the
number and 9123456 is added to it. The called number is
912345678 with 9 being the port. MapAll123456=9 means
that 123456 is cut off and 9 added. The called number is 978
with 9 being the port.

VoIPBox BRI Version 18.0.002 Page 88

4 Configuration files

Mappings are searched from top to bottom. Place the more
specific entries above the more general ones.

Table 4.19 route.cfg: Map Parameters

MapAll<direct>=<num> <mode>

Parameter Description No. Digits Optional

<direct> Defines the prefix or telephone number

(DAD) for which the entry applies.

<num> Defines the routing for a call in the order

given:
 Destination port’s controller num-

ber

 Optional VoIP profile name followed

by a colon if the call is terminated via
VoIP

 Optional prefix
 Part of the number on the left that is

transmitted
The special symbol ? may be used as a
wildcard to represent any character.
The special symbol . may be used as a
wildcard to represent any digit.

<mode> VOICE Applies for calls with the

service indicator voice
(default).

DATA Applies for calls with the

service indicator data.

29

59

4 or 5 X

All international calls (DAD starts with 00) are sent to the VoIP
controller 40 with the profile name DF. 00 is removed from
the DAD, 40DF:00 is added to it. All national calls (DAD starts
with 0) are sent to the controller with the number 9. It is im­portant that the mapping for international calls is placed
above the mapping for national calls. If you change the order
of both mappings, international calls would be sent to con­troller 9 instead of 40.

Example 4.30 route.cfg Map Parameters

MapAll00=40DF:00
MapAll0=90

VoIPBox BRI Version 18.0.002 Page 89

4 Configuration files

4.3.1.3 Redirect

This entry facilitates alternative routing when the first desti­nation cannot be reached or is busy. A placeholder appears to
the right of the equal sign. The routing entry (MapAll) can be
defined for the redirect using the placeholder entered:

Table 4.20 route.cfg: Redirect Parameters

Redirect<type><num>=<redirect> <sin> <time>

Parameter Description No. Digits Optional

<type> Enter 2 or 3 to set the following types:

2 call forwarding no answer
3 call forwarding when busy

<num> Defines the number for which calls will be redi-

rected. The special symbol ? may be used as a
wildcard to represent any character.

<redirect> Defines the placeholder used in the two-target

routing entry and the number to which calls to
<x> will be redirected.

<sin> The service indicator variable sin restricts the

command to a service. Without a sin, the
Redirect command is valid for all services.
Possible service indicator values are:
00 All services
01 Telephony

02 Analog services
03 X.21-services
04 Telefax group 4
05 Videotext (64 kbps)
07 Data transfer 64 kbps
08 X.25-services
09 Teletex 64
10 Mixed mode
15 Videotext (new standard )
16 Video telephone
NOTE: Fax forwarding must be set for analog

and telephony services because incoming fax
calls from the analog network may arrive with
either telephony or analog service indicators.

1

59

59

2 (X)

(Only op­tional if
<time> is
not set. If
<time> is
set and
<sin> is
not need­ed please
select 00
for sin.)

<time> For type 2 redirect entries, a timer (in seconds)

can be defined after the service indicator entry.

VoIPBox BRI Version 18.0.002 Page 90

255 X

4 Configuration files

In the following example all international calls (beginning with

00) are sent to VoIP controller 40 with the carrier profile DF. If
the carrier cannot be reached or is busy, the redirect com­mand activates the second target mapping with the place­holder A and the call is automatically sent to controller 9.

Example 4.31 Redirect 1

MapAll00=40DF:00
Redirect340DF:=A
MapAllA=9

In the following example, calls to 20 that remain unanswered
for 12 seconds and calls to 21 that remain unanswered for 20
seconds are redirected through the PSTN port.

Example 4.32 Redirect 2

MapAll01555=|2001555<<13
MapAll01556=|2101556<<13
Redirect220=A 01 12
Redirect221=A 01 20
MapAllA=9

Excluding Busy Calls or Specific Cause Values from Redi­rect

Defines a hexadecimal cause value according to DSS1. When
connections to the destination are rejected because of the
reason defined by the cause value, the VoIPBox sends a busy
signal to the attached PBX. Alternative routing is not carried
out.

To avoid second-choice routings when the called-party num­ber is busy, set the following parameter in the first-choice
port’s Subscriber line in the pabx.cfg:

BUSY[<cause>]

This parameter defines a hexadecimal cause value according
to DSS1. When connections to the destination are rejected be­cause of the reason defined by the cause value, the VoIPBox

VoIPBox BRI Version 18.0.002 Page 91

4 Configuration files

sends a busy signal to the attached PBX. Alternative routing is
not carried out. You can also define a range of consecutive
cause values:

BUSY[<cause>,<cause>].

An exclamation point (!) in front of a cause value means all
cause values except the one listed. For example, BUSY[!95],
means all cause values except 95 will be rejected with a busy
signal.

In the following example, all outgoing calls over controller 04
are rejected with the cause value 91 when the called party is
busy. Alternative routing is not carried out.

Subscriber04=....BUSY[91]

4.3.2 VoIP Profiles

This section includes all of the most important parameters for
communication with the VoIP peer.

Basic Parameters

Table 4.21 route.cfg: VoIP Basic Parameters

VoIP Basic Parameters

[Voip=<name>]

Name of the routing profile. The name must begin with a letter. Choose a short and
meaningful name.

VoipDirection=<mode>

Defines the direction in which VoIP calls can be set up. Possible options: In, Out, IO,
None).

VoipPeerAddress=<ip addr> or <name>

The peer’s IP address or name. Default is 0 (if it is not set, please set the parameter
VoipIpMask to 0x00000000).

VoipIpMask=<ip mask>

The subnetmask is used to determine the size of the IP address range for incoming
traffic. The syntax is 0x followed by the mask in hexadecimal notation. Example of a
Class C mask entry: 0xffffff00. Default is 0xffffffff (only incoming traffic is accepted
from the defined peer address).

VoIPBox BRI Version 18.0.002 Page 92

4 Configuration files

Table 4.21 route.cfg: VoIP Basic Parameters (continued)

VoIP Basic Parameters

VoipSignalling=<int>

Determines the profile’s signaling protocol for outgoing VoIP calls. In the case of in­coming calls, autorecognition ensures that each call from the peer is accepted, re­gardless of the protocol:
0=H.323 (default), 1=SIP udp, 2=SIP tcp, 3=tls.

NOTE: TLS requires the following additional software: crypto.vnd and the key files key.pem and
cert.pem.

VoipCompression=<list>

The compression to be used, in order of preference. At least one matching codec with
the peer must be defined.
Voice:
g729, g729a, g729b, g729ab

These codecs have a bit rate of 8 kbit/s (compression ratio 1:8). A stands
for annex a and b for Annex b.

g72616, g72624, g72632, g72640

These ADPCM codecs have various bit rates: g72616 = 16kBit/s (compres­sion ratio 1:4), g72624 = 24kBit/s, g72632 = 32kBit/s (compression ratio
1:2), and g72640 = 40kBit/s.

NOTE: G726 32kBit/s can also be signaled as G.721 by using the entry g721.

g728

The Codec has a bit rate of 16kBit/s (compression ratio 1:4).

g711a, g711u

These PCM codecs have a bit rate of 64kBit/s. No voice compression oc­curs. a stands for a-law and u for μ-law.

g723, g723L

These codecs work with 30ms data frames. g723.1 uses a bit rate of 6.3
kbit/s, and g723L uses a bit rate of 5.3 kbit/s to send RTP packets.

NOTE: This has no influence on the compression ratio of incoming RTP packets. Both sides must
be able to receive both ratios.

gsm

GSM-FR (full rate) has a bit rate of 13 kbit/s.

The following codecs are also possible: g721 (SIP only)

Fax: t38

T.38 (fax over IP) allows the transfer of fax documents in real time between
2 fax machines over IP. Following fax detection during a call, the voice co­dec will switch to T.38.

Data: trp

Transparent or clear mode (RFC 4040). Transparent relay of 64 kbit/s data
streams.

gnx64
ccd

Clear-channel signaling (as per RFC3108)
Define a special profile for data call origination or destination numbers. Bear in mind
that echo cancelation in this VoIP profile might be switched off (

VoipECE=no).

Voi pM axC ha n=< co unt >

Maximum number of channels that can be used with the profile. If this parameter is
not defined (default), there will be no limit.

VoIPBox BRI Version 18.0.002 Page 93

4 Configuration files

Table 4.21 route.cfg: VoIP Basic Parameters (continued)

VoIP Basic Parameters

VoipSilenceSuppression=<mode>

Yes activates silence suppression, CNG (comfort noise generation) and VAD (voice ac-

tivity detection).

NOTE: In SIP signaling, silence suppression is negotiated as per RFC3555.

VoipTxM=<num> or <list> fix

The multiplication factor (1-12) for the frame size for transmission of RTP packets (de­fault is 4). 10ms is the default frame size. A list can be defined if different frame sizes
are to be used for different codecs in the VoIP profile. The list must correspond with
the list in the parameter VoipCompression.
Normally the peer’s frame size will be used if it is smal ler than the one defined. If you
enter fix, the configured factor will always be used.

No (default) deactivates silence suppression.

Please refer to Chapter 7 Signaling and routing features → for
information on other possible entries.

Management Parameters

Table 4.22 route.cfg: VoIP Management Parameters

VoIP Management Parameters

Voi pG k=< li st>

Name of the assigned gatekeeper profile. You can assign a profile to several gatekeep­ers to define backup gatekeepers for a VoIP profile. In this case, the next gatekeeper
will be used if the previous one fails.

Voi pProxy=<ip add r>

Enter the IP address of the SIP server.

VoipUser=<username>

Define the username for the remote device if au thentication is required (SIP only).

VoipPwd=<password>

Define the password for the remote device if authentication is required (SIP only).

Voi pR egi st rar =< nam e>

Enter the name of a registrar to be used for the VoIP profile.

VoipRadiusAuthenticate=<name>

Enter the name of the Radius server to activate user au thentication.

VoipRadiusAccounting=<name>

Enter the name of the Radius server to activate accounting.

Voi pR adi us IMS IN ego ti ati on =<m od e>

If yes is entered, the <system> will nego tiate the IMSI to be used in the Radius access
request. It will transmit the IMSI in the RADIUS attribute: Filter-Id (11). Default no.

VoIPBox BRI Version 18.0.002 Page 94

4 Configuration files

Table 4.22 route.cfg: VoIP Management Parameters (continued)

VoIP Management Parameters

VoipIpLogging=<mode>

Enter

Yes to activate recording IP addresses in the CDRs (default is No). The first IP ad-

dress is the signaling address and the second is the RTP address, followed by the co­dec and the frame size used. The IMSI appears after the IP addresses.

Example of a CDR entry:

21.08.07-11:01:42,21.08.07­11:01:58,40,912345,192.168.0.2:192.168.0.2,G729,10,0101,16,10,0

Example of a failed log entry:

21.08.07-11:11:30,40,91234,192.168.0.2:192.168.0.2,G729,10,0101,ff,2,1

VoipStatLogging=<mode>

When

Yes is entered, statistic values (e.g. fraction lost, round trip time, etc.) for the

VoIP profile are saved into the protocol.log file every ten minutes. This is helpful dur­ing problem analysis when IP issues occur (default =

Voi pH old =< mod e>

Determines the behavior of the HOLD feature if a PBX sends an Re-INVITE message
for HOLD to the VoIPBox.

transparent: HOLD is sent to PSTN
notify: HOLD is sent as notification to the telephone exchange
ignore: HOLD is not sent to the telephone exchange - the VoIPBox suppresses the

messages to PSTN

No).

VoipSelectProfilesBySignalling=<Yes/No>

When

Yes is entered, VoipSignalling=<int> is taken as the criterion for selecting a voip-

profile for an incoming voip call, i.e. the signalling for this voip call must match the
VoipSignalling parameter in this profile. Default

No.

VoIPBox BRI Version 18.0.002 Page 95

4 Configuration files

4.3.3 Gatekeeper Profiles

Gatekeeper profiles are used to connect the VoIPBox to sev­eral systems by using a gatekeeper if the protocol is H.323. It
is possible to configure different gatekeepers for different
destinations and to define backup gatekeepers. These gate­keeper profiles are then assigned to the VoIP profiles:

Table 4.23 route.cfg: Gatekeeper Parameters

Gatekeeper Parameters

[Gatekeeper=<name>]

Name of the gatekeeper profile.

RasPort=<port>

Indicates the port the gatekeeper uses (default 1719) for registration, admission and
status.

OwnRasPort=<port>

Indicates the port the system uses (default 1719) for registration, admission and sta­tus.

RasPrefix=<list>

VoIPBox’s defined prefix(es). Use a space to separate entries.

RasId=<name>

The alias used for gatekeeper registration.

GkId=<name>

The gatekeeper’s alias.

GkPwd=<name>

Password to log onto the gatekeeper. If you do not use authentication, leave this entry
blank.

GkAdd=<ip addr>

The gatekeeper’s IP address.

GkTtl=<sec>

Gatekeeper time to live (default 0 means infinite).

GkMaxChan=<count>

Max. number of channels used for this gatekeeper. If this parameter is not defined
(default), there will be no limit.

GkUseStun=<mode>

Enter

yes (default) to use the STUN values for the GK profile.

GkTerminalAliasWithPrefix=<mode>

Some gatekeepers may require that prefixes are listed in the Terminal Alias section.
Enter

Yes to activate this function; default value is No).

VoIPBox BRI Version 18.0.002 Page 96

4 Configuration files

Table 4.23 route.cfg: Gatekeeper Parameters (continued)

Gatekeeper Parameters

GkTerminalTypeWithPrefix=<mode>

Enter

No to deactivate sending the Dialed Prefix Information in the Registration Re-

quest (default

GkDynRai=<mode>

When yes is entered, the GK receives an RAI (resource availability indication) when a
status change occurs on the available mobile channels. When no is entered, the RAI is
sent with each ARQ (admission request) and DRQ (disengaged request). Default is no.

GkNoResourceAvailableIndication=<mode>

With this parameter the <system> will not send RAI indications to the Gatekeeper. De­fault No.

Yes).

4.3.4 Registrar Profiles

Registrar profiles are used to register the VoIPBox with a SIP
registrar. It is possible to configure different registrars for dif­ferent destinations and to define backup registrars. These
registrar profiles are then assigned to the VoIP profiles:

Table 4.24 route.cfg: Registrar Parameters

Registrar Parameters

[Registrar=<name>]

The name of the registrar profile.

RegId=<name or ip addr>

Host name or IP address used in the register’s request header. Bear in mind that the
DNS service must be active if you enter the host name.

RegOwnId=<name@ip addr/domain>

Typically a host name or telephone number followed by an @ sign and a domain
name or IP address. The entry used in the

RegUser@RegId.

RegSameCallID=<mode>

When Yes is set (default), the same caller ID is always used for SIP registration. Set N o
to change the caller ID for each SIP registration.

RegContact=<name or ip addr>

Used in the

Contact: field.

From: field. The default setting is

RegContactParam=<string>

Sets additional header-parameters in the contact field (e.g.the q-value: RegContact­Param=q=1.0).

VoIPBox BRI Version 18.0.002 Page 97

4 Configuration files

Table 4.24 route.cfg: Registrar Parameters (continued)

Registrar Parameters

RegUser=<name>

Enter a username for authorization.

RegPwd=<password>

Enter a password for authorization.

RegProxy=<ip addr>

Enter an alternative IP address if you want the request to be sent to an address other than
the one entered in RegId.

RegExpires=<sec>

Enter the number of seconds registration is to be valid. Default 0 means infinite.

RegPing=<sec>

Interval (in seconds) for the registrar ping. The VoIPBox sends an empty UDP packet
to the registrar’s IP address. The packet is essentially an alive packet to avoid possible
firewall problems.

RegSignalling=<int>

Determines the profile’s signaling protocol for registration with the SIP registrar.
1=SIP udp (default)
2=SIP tcp
3=SIP tls

RegUseReceived=<mode>

Enter Yes when an VoIPBox appears behind a NAT and STUN cannot be used. Default
No.

RegSameCallID=<mode>

The same call ID is used for SIP registration Enter No to change the call ID for every
reregistration. (default Yes).

VoIPBox BRI Version 18.0.002 Page 98

4 Configuration files

4.3.5 Radius Profiles

Radius profiles are used to connect the VoIPBox to a Radius
server. You can use a Radius server for different destinations
and for access and/or accounting. These Radius profiles are
then assigned to the VoIP profiles:

Table 4.25 route.cfg: Radius Parameters

Radius Parameters

[Radius=<name>]

The name of the Radius server profile assigned to one or more VoIP profiles.

Host=<name or ip addr>

Radius server’s host name or IP address. Bear in mind that the DNS service must be
active if you enter the host name.

User=<name>

Enter a username for authorization.

Password=<password>

Enter a password for authorization.

Secret=<secret>

Enter the shared secret.

OwnId=<name or ip addr>

Host name or IP address used in the NAS identifier or NAS IP address (Cisco VSA gate­way ID).

ServiceType=<num>

As defined in RFC 2865, Chapter 5.6.

RequestTimeout=<sec>

Number of seconds during which the request is repeated if the Radius server does not
respond.

RequestRetries=<count>

Number of packet retries sent at one time.

StopOnly=<mode>

When Yes is entered, only Acco unting Reque st Me ssag es with the st atus type sto p are
transmitted to the Radius server.

AlwaysConnected=<mode>

Enter No (default) to set the value for the field ConnectedTime to that of the field
DisconnectedTime in accounting-stop messages when the call was not connected.

CallingStationId=<num>

This parameter is used to set the calling station ID. The default setting is the OAD, but
you can define any calling station ID. To define a partial calling station ID, enter a ? for
each digit. For example, CallingStationId=??? will consist of the first three digits of the
OAD.

VoIPBox BRI Version 18.0.002 Page 99

4 Configuration files

Table 4.25 route.cfg: Radius Parameters (continued)

Radius Parameters

CallType=<int>

Enter one of the following to define the call type:
3 = VoIP and telephony
2 = VoIP only
1 = Telephony only

FramedProtocol=<int>

Enter one of the following to define the framed protocol (see RFC 2865, Chapter 5.7):
1 = PPP
2 = SLIP
3 = AppleTalk Remote Access Protocol (ARAP)
4 = Gandalf proprietary SingleLink/MultiLink protocol
5 = Xylogics proprietary IPX/SLIP
6 = X.75 Synchronous

NasId=<string>

The string entered is used as network access server identifier attribute in access re­quests. If no string is entered, the attribute will not be set (default).

VoIPBox BRI Version 18.0.002 Page 100