Top
Basic Concepts
Sentinel 100 and Sentinel 400
This technical bulletin explains how the physical and logical network ports can be configured to suit different needs whether the Sentinel needs to be in the Lan or on the Edge of the network.
The Sentinel 100 or 400 includes:
- 1x Gigabit Ethernet WAN
- 4x Gigabit Ethernet LAN switch
- VLAN, PPPoE, 802.1X
- Multiple IP (different subnets) support per network interface
- Multiple VLANs per network interface
- Static IP Routing
- Stateful local and network Firewall
- NAT
For more details visit the Media5 Corporation official Web site.at https://www.media5corp.com or the Media5 Documentation Portal.
Top
Sentinel on the LAN
The Sentinel 100 or 400 is designed to fit different network roles and topologies. It can be deployed inside a LAN behind a NAT firewall.

In this scenario, the Sentinel is usually configured as follows:
- Private (local) IP assigned to LAN port, Internal SIP clients (e.g. IP phones and IP PBX) also on the same LAN network.
- The Uplink Network interface is associated with the Wan/Eth1 physical link.
- The Lan1 Network interface is associated with the LAN/Eth2-5 physical link.
- The LAN signaling and media interfaces are not used.
- A signaling and media interface (pbx_s and pbx_m) wil be created to avoid port conflicts when configuring the Call agents. They will be assigned associated to the LAN/Eth2-5 network interface
- Local firewall rules created to protect the SBC from outside attack (to complement the Edge NAT firewall router, optional). For more details refer to the Configuring Local Firewalls Configuration guide published on the Media5 documentation portal at https://documentation.media5corp.com
- Port forwarding for SIP and RTP ports set up on the edge NAT firewall router
- SBC SIP near end NAT traversal is configured
- SBC rules to process VoIP calls
Top
Sentinel on the Edge
The Sentinel 100 or 400 is designed to fit different network roles and topologies. It can be deployed on the network Edge, with a public IP address and firewall enabled.

The Sentinel located on the Edge is usually configured as follows:
- Public IP assigned to WAN/Eth1 port
- Uplink Network interface is associated with the WAN/Eth1
- Lan1 network interface is associated with the LAN/eth2-5
- Private (local) IP assigned to LAN port
- Local firewall rules created to protect the SBC from outside attack, for reference: https://documentation.media5corp.com/display/DGWLATEST/Configuring+Local+Firewalls
- NAT, IP forwarding and Network Firewall are enabled if Sentinel is used as a router (this is optional, the Sentinel by default does not forward any IP packets between the WAN and LAN) for local IP clients, for reference: https://documentation.media5corp.com/display/DGWLATEST/Configuring+a+Mediatrix+unit+as+a+NAT-Firewall+between+the+LAN+and+the+Internet , https://documentation.media5corp.com/display/DGWLATEST/Configuring+the+Network+Firewall
- SBC rules to process VoIP calls
Top
Signaling and Media Interfaces
The Signaling Interface is used for SIP signaling and the Media Interface is used for media ( RTP, UDPTL ) processing.
When configuring a Call Agent, you must select a Signaling Interface and a Media Interface. These interfaces are used whenever SIP signaling or media packets are sent to or received by the Call Agent.
It is possible to create several Signaling and Media Interfaces on the same Network Interface but for different purposes. For example, one set of Signaling and Media Interfaces for a WAN SIP Trunk and another set of Signaling and Media Interfaces for remote user calls. This means, for instance, that two Signaling Interfaces will be created on the same Network Interface, using the same IP address, but with a port range that will differ according to their intended use and to avoid conflicts.
A Media or Signaling Interface can be used by more than one Call Agent, but a specific Signaling or Media Interface can be created for a specific Call Agent. This provides the liberty to define non conflicting range of contactable interfaces on any physical network interfaces of the units for your network structure needs (such as Vlans, PPPoE interfaces, multiple Ethernet ports or multiple addresses on a link).
- lan1_m
- lan1_s
- loop_m
- loop_s
- uplink_s
- uplink_m
loop_m and loop_s interfaces are used to communicate with the internal services of the unit. For example, the loop interfaces can be used to communicate with the SipEp service to access phone ports.
Top
Default Network Interfaces
There are four Network Interfaces created by default on the Mediatrix unit: Uplink, Lan 1, UplinkV6, and Rescue.
- The Uplink network interface defines the uplink information required by the Mediatrix unit to properly connect to the WAN. (By default eth1 for all platforms, except for the 4102S which is WAN . By default, this interface uses the IpDhcp (IPv4 DHCP) connection type. If you are using only one Network Interface, you must use Uplink.
- The Lan1 network interface defines the information required by the Mediatrix unit to properly connect to the LAN.(By default eth2-5 for all platforms, except for the 4102 which is LAN) By default, the Lan1 Network Interface uses the IpStatic (IPv4 Static) connection type. The Lan1 network interface can only be added on units with 2 network ports.
- The Rescue network interface,
is used to display the Rescue
Management Interface when a partial reset of the unit is performed. By default, the
Rescue network interface
- is disabled and automatically enabled when a partial reset is performed.
- uses the IpStatic (IPv4 Static) or the Ip6Static (IPv6 Static) addresses.
- The UplinkV6 network interface defines the IPv6 uplink information required by the Mediatrix unit to properly connect to the WAN. By default, this interface uses the IP6autoConf (IPv6 Auto-Conf) configuration mode.
Top
Call Agents
Call Agents represent logical end-points that connect the Mediatrix unit to peers.
For security reasons, the Mediatrix unit communicates by default only with well-known and defined peers. When a request cannot be associated with a Call Agent, it is rejected. Each Call Agent is tied to a specific peer, ensuring all inbound and outbound communications with that peer. Routing rulesets are used to route SIP signaling between Call Agents, where inbound requests from a Call Agent are sent to another (or the same) Call Agent that will send an outbound request to it's related peer. Call Agents can be associated with one or several Rulesets which can be applied to the inbound or the outbound requests.
When there is an inbound request, to determine the Call Agent the inbound request will go through, the Mediatrix unit uses the destination IP address to choose the Network interface. Then the destination port of the inbound request will determine the Signaling or Media Interface used. Finally, the source address and the source port, will allow the Mediatrix unit to direct the request to the appropriate Call Agent. At this point any Rulesets associated with the Call Agent will be applied in order of priority.

When a request is sent out, i.e. there is an outbound request, the Routing Rulesets will determine which Call Agent will be used. Then the Call Agent Rulesets will be applied to the outbound request, in reverse priority order. The outbound request will then be sent through the Signaling and Media Interface associated with the Call Agent. If the public IP address is used, then the SIP request will use this address as the source IP address. The outbound request will then be sent to the peer address of the Call Agent or according to the routing Ruleset if the peer is a Network.

In addition, a Call Agent tracks REGISTER requests or monitor the peer host using SIP options. When these features are activated, the Call Agent registration state and monitoring state are updated allowing a Routing Ruleset to select another Call Agent based on the state of a primary Call Agent.
Eight default types of Call Agents were created for Mediatrix unit. This should be enough to cover all your needs. However, for advanced users, it is possible to create new Call Agents.
Seven of the eight default Call Agents allow the Mediatrix unit to communicate with seven different types of end-points.
Call Agent Name | SIP or Endpoint Peer |
---|---|
wan_ip_trunk_ca | SIP server located on the WAN. |
trunk_lines_ca | Public Switch Telephony Network (PSTN), through PRI, BRI or FXO ports. |
phone_lines_ca | Telephones, through FXS ports. |
lan_ip_pbx_ca | IP Private branch exchange (PBX) located on the LAN. |
local_users_ca | Users via SIP telephony located on the LAN. |
remote_users_ca | Users using SIP telephony located on the WAN. |
registration_ca | Used to route the registrations issued by the Registration Agent. |
secondary_ip_trunk_ca | SIP server if the wan_ip_trunk_ca Call Agent is not available. |
Top
Basic Tasks
Configuring the Network Interfaces

Top
Network Interface Binding for LAN Scenarios
Configuring Signaling and Media Interfaces for LAN Scenarios
For the LAN scenarios, the default uplink Signaling and Media interfaces are used as well as a custom signaling and media interface that will bind to the LAN1 Network interface.
- Go to SBC/Configuration.
-
In the Signaling Interface Configuration, click
located on the same line as lan1_s to delete it.
-
On the uplink_s line,
complete the fields as follows:
- Network=Uplink
- Port = 5064
- Secure Port=0
- Allowed Transport=All
- TLS Mode=Client
- Public Address=NAT/FW IP address
-
click
at the bottom of the table to add a new signalling interface. Complete the fields as follows:
- Name=pbx_s
- Network=Lan1
- Port=5060
- Secure Port=0
- Allowed Transport=All
- TLS Mode=Client
- Public Address=leave empty
-
In the Media Interface Configuration
table, click
located on the same line as lan1_m to delete it.
-
On the uplink_m line,
complete the fields as follows:
- Network=Uplink.
- Port Range=20000-20999
- Public Address=NAT/FW IP address
-
Click
at the bottom of the table to add a new signalling interface. Complete the fields as follows:
- Name=pbx_m
- Network=Lan1
- Port Range=21000-21999
- Public Address=leave empty
- Click Apply

Top
Configuring the lan_ip_pbx_ca Call Agent for LAN Scenarios
- Go to SBC/Configuration.
-
In the Call Agent Configuration
table, click
next to lan_ip_pbx_ca.
-
In the Configure Call Agent table,
complete the fields as follows:
- Select the Enable check box.
- From the Signaling Interface selection list, select pbx_s.
- From the Media Interface selection list, select pbx_m .
- Set the Peer Host to IP address of the IP PBX.
- Click Save.
- Click Apply to apply all changes to the configuration.

Top
Network Interface Binding for Edge Scenarios
Configuring Signaling and Media Interfaces for Edge Scenarios
For the Edge scenarios, the default uplink and lan Signaling and Media interfaces are used.
- Go to SBC/Configuration.
-
In the Signaling Interface Configuration, on the uplink_s
line, complete the fields as follows:
- Network=Uplink
- Port=5060
- Secure Port=All
- Allowed Transport=All
- TLS Mode=Client
- Public Address=leave empty
-
On the same line as lan1_s, complete the fields
as follows:
- Network=Lan1
- Port=5060
- Secure Port=0
- Allowed Transport=All
- TLS Mode=Client
- Public Address=leave empty
-
In the Media Interface Configuration
table, on the uplink_m
line, complete the fields as follows:
- Network=Uplink
- Port Range=20000-20999
- Public Address=leave empty
-
On the lan1_m line,
complete the fields as follows:
- Name=lan1_m
- Network=Lan1
- Port Range=20000-20999
- Public Address=leave empty
- Click Apply

Top
Configuring the lan_ip_pbx_ca Call Agent for Edge Scenarios
This is an example on how to configure the lan_ip_pbx_ca Call Agent.
- Go to SBC/Configuration.
- Select the Enable check box located next to lan_ip_pbx_ca.
-
In the Call Agent Configuration
table, click
next to lan_ip_pbx_ca.
-
In the Configure Call Agent table,
complete the fields as follows:
- From the Signaling Interface selection list, select lan1_s.
- From the Media Interface selection list, select lan1_m.
- Set the Peer Host to IP address of the IP PBX.
- Click Save.
- Click Apply to apply all changes to the configuration.

Top
DGW Documentation
Mediatrix devices are supplied with an exhaustive set of documentation.
Mediatrix user documentation is available on the Media5 Documentation Portal.
- Release notes: Generated at each GA release, this document includes the known and solved issues of the software. It also outlines the changes and the new features the release includes.
- Configuration notes: These documents are created to facilitate the configuration of a specific use case. They address a configuration aspect we consider that most users will need to perform. However, in some cases, a configuration note is created after receiving a question from a customer. They provide standard step-by-step procedures detailing the values of the parameters to use. They provide a means of validation and present some conceptual information. The configuration notes are specifically created to guide the user through an aspect of the configuration.
- Technical bulletins: These documents are created to facilitate the configuration of a specific technical action, such as performing a firmware upgrade.
- Hardware installation guide: They provide the detailed procedure on how to safely and adequately install the unit. It provides information on card installation, cable connections, and how to access for the first time the Management interface.
- User guide: The user guide explains how to customise to your needs the configuration of the unit. Although this document is task oriented, it provides conceptual information to help the user understand the purpose and impact of each task. The User Guide will provide information such as where and how TR-069 can be configured in the Management Interface, how to set firewalls, or how to use the CLI to configure parameters that are not available in the Management Interface.
- Reference guide: This exhaustive document has been created for advanced users. It includes a description of all the parameters used by all the services of the Mediatrix units. You will find, for example, scripts to configure a specific parameter, notification messages sent by a service, or an action description used to create Rulesets. This document includes reference information such as a dictionary, and it does not include any step-by-step procedures.
Top
Copyright Notice
Copyright © 2023 Media5 Corporation.
This document contains information that is proprietary to Media5 Corporation.
Media5 Corporation reserves all rights to this document as well as to the Intellectual Property of the document and the technology and know-how that it includes and represents.
This publication cannot be reproduced, neither in whole nor in part, in any form whatsoever, without written prior approval by Media5 Corporation.
Media5 Corporation reserves the right to revise this publication and make changes at any time and without the obligation to notify any person and/or entity of such revisions and/or changes.