Skip to end of metadata
Go to start of metadata

Download PDF Document



2019-08-29
For Sentinel units
45.0.1809
Top

1 Information to Know Before Starting

Before starting to use these configuration notes, complete the following table to make sure you have the required information to complete the different steps.

Important

If you are not familiar with the meaning of the fields and buttons, click Show Help , located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Note

The Mediatrix unit must be reinitialised to its factory default settings to make sure the configuration can be successfully executed.

Information Value Used in Step
IP address used by your Mediatrix unit to communicate with the Management Interface.
  • If your computer is connected to the Ethernet port meant to be connected to the Local Area Network (LAN), i.e. Eth2 on most devices
Use this value 192.168.0.10 Logging on to the Mediatrix Unit Web Interface
  • If your Mediatrix unit is configured to use a DHCP server, use the DHCP server- provided IP address.
Logging on to the Mediatrix Unit Web Interface
  • If your Mediatrix unit is configured to use the IPv6 Link Local.
Locate the IP Link Local label underneath your Mediatrix unit. Logging on to the Mediatrix Unit Web Interface
LAN Static IP address as defined in your network address range. Configuring the Uplink Network Interface to a static IP address
IP address of each SNTP server. Configuring the SNTP Server to a Static IP Address
Static Default Router IP address of the Uplink Network Interface. Configuring the Default Network Gateway to a Static IP Address
IP address of each DNS server. Configuring the Domain Name Server (DNS)
Public IP address of the main office NAT/FW Configuring the uplink_s Signaling Interface and Configuring the uplink_m Media Interface
IP address of the IP PBX task_opr_sbx_gq
Public address or FQDN of the main office Configuring Your Mobile-Remote Phones
Make sure you have the latest rulesets.
  • rate_limit_invite_per_source_in.crs
Importing Rulesets
The rate_limit_invite_per_source_in.crs ruleset must be downloaded from the Media5 Support Portal at https://media5.secure.force.com/supportportal .
Top

2 Remote Users - Mediatrix SBC Located in the LAN

This use case describes the configuration of remote users when the Mediatrix unit is located in the LAN . When the Mediatrix unit is located in the LAN , it implies that:

  • The remote users are using SIP endpoints on the public Internet or behind a NAT on the public Internet.
  • The SIP endpoints register on a PBX located in the LAN of the office, using the Mediatrix unit as an outbound proxy.
  • The Mediatrix unit generates enough traffic from the SIP endpoints to maintain the firewall open.
  • The Mediatrix unit protects the local PBX from Internet threats.
  • The Mediatrix unit is in the LAN, behind the enterprise NAT

Top

2.1 Logging on to the Mediatrix Unit Web Interface

Before You Start
The computer IP address must be in the same TCP/IP network as the Mediatrix unit.
Context
For better performances, it is recommended to use the latest available version of Microsoft Internet Explorer, Google Chrome, or Mozilla Firefox.

Note

You may not be able to log on to the Mediatrix unit Web interface if you are using older browser versions.

Steps
  1. In your Web browser, enter the IP address at which the Web interface of your Mediatrix unit can be reached.
    • If your network has an IPv4 DHCP server, connect the primary Ethernet port of the Mediatrix unit to the network (ETH1 port), use the provided DHCP server IP address.
    • You can also connect your computer to the secondary Ethernet port of the Mediatrix unit (ETH2), use the 192.168.0.10 IP address. however, the computer must also own an IP address in the 192.168.0.0/24 network.
  2. Enter admin as your username and administrator as the password.

    Note

    You can also use public as a username and leave the password field empty. it has the full administration rights by default.

  3. Click Login .
Result
The Information page of the Web interface is displayed.

Next Step

2.2 Configuring the Uplink Network Interface to a static IP address
Top

2.2 Configuring the Uplink Network Interface to a static IP address

Steps
  1. Go to Network /Interfaces .
  2. In the Network Interface Configuration table, from the Link selection list located next to Uplink , leave the default value, i.e. ETH1.
  3. From the Type selection list, select IpStatic (IPv4 Static) .

    Note

    The Uplink Network Interface must be set with a fixed public IP address for the NAT/router to be able to do port-forwarding to the unit. It will also be easier for the PBX to communicate with the unit if the address is static.

  4. In the Static IP Address field enter the assigned static IP address.
  5. From the Activation selection list, select Enable .
  6. Click Apply to apply all changes to the configuration.

    Note

    Once the changes are applied, the connection with the unit might be lost. You may need to reconnect to the Web page using the new address.

Result
The unit can be reached (via the Web) through the Uplink static IP address

Next Step

2.3 Configuring the Default Network Gateway to a Static IP Address
Top

2.3 Configuring the Default Network Gateway to a Static IP Address

Steps
  1. Go to Network /Host .
  2. In the Default Gateway Configuration table, from the IPv4 /Configuration Source selection list, select Static .
  3. In the IPv4 /Default Gateway field, enter the IP address used as the Static Default Router for the Uplink Network Interface.
  4. In the Default Gateway Configuration table, from the IPv6 /Configuration Source selection list, select Static .
  5. In the IPv6 /Default Gateway field, enter the IP address used as the Static Default Router for the Uplink Network Interface.
  6. Click Apply .
Result
The specified address is used as the current default router address.

Next Step

2.4 Configuring the Domain Name Server (DNS)
Top

2.4 Configuring the Domain Name Server (DNS)

Before You Start
Although it is possible to use a public DNS server you may also ask your internet service provider for the name of the DNS server.
Steps
  1. Go to Network /Host .
  2. In the DNS Configuration table, form the Configuration Source selection list, select Static .
  3. For each DNS used, enter the IP address of the DNS.
  4. Click Apply .
Result

Next Step

2.5 Configuring the SNTP Server to a Static IP Address
Top

2.5 Configuring the SNTP Server to a Static IP Address

Before You Start
Make sure there is an SNTP server available.
Steps
  1. Go to Network /Host .
  2. In the SNTP Configuration table, from the Configuration Source selection list, select Static .
  3. Provide an IP address or domain name and port numbers for each SNTP server you are using.

    Note

    The best practice is to use the servers supplied by your Internet Service Provider, then complement with servers from a different network close to your geographical area.

    For example: time.nist.gov (USA), ntp4.sptime.se (Sweden), time1.isu.net.sa (Saudi Arabia), ntp.nict.jp (Japan), time.google.com (Worldwide), pool.ntp.org or one of their regional server pools (see https://www.ntppool.org/ for more information).

  4. If necessary, change the value of the Synchronisation Period .
  5. If necessary, change the value of the Synchronisation Period on Error .
  6. Click Apply .
Result
The SNTP host name and port will be displayed in the Host Status table under Network /Status .

Next Step

2.6 Configuring the Office NAT-FW
Top

2.6 Configuring the Office NAT-FW

Context
This procedure is executed on the device that is used as the NAT/FW.
Steps
  1. Set port forwarding on the public IP address for UDP/UTC protocols port 5060 to the Mediatrix unit's IP address on port 5060.

    Note

    This allows the connection to the Mediatrix unit uplink_s Signaling Interface.

  2. Set port forwarding on the public IP address for UDP port 20000-20999 to the Mediatrix unit's IP address on port 20000-20999.

    Note

    This allows the connection to the Mediatrix unit uplink_m Media Interface.

  3. Allow connections from the service provider's IP address to port 5060 and ports 20000-20999.

Next Step

2.7 Configuring the uplink_s Signaling Interface 2.14 Configuring Your Mobile-Remote Phones
Top
Steps
  1. Go to SBC /Configuration .
  2. In the Signaling Interface Configuration table, from the Network selection list located next to uplink_s , make sure Uplink is selected.

    Note

    The Network Interfaces displayed in the Network column, are created under the Network /Interfaces page.

  3. In the Port field, set the SIP listening port for the Sbc service, if a listening port other than 5060 is required, or leave it as it is.
  4. In the Public Address field, set the NAT/FW public IP Address that will be used to communicate with the service provider.
  5. Click Save .
  6. Click Apply to apply all changes to the configuration.
  7. Click restart required services , located at the top of the page.
Result
The Signaling Interface will be available when configuring a Call Agent, in the Configure Call Agent page in the Signaling Interface selection list.

Next Step

2.8 Configuring the uplink_m Media Interface
Top
Steps
  1. Go to SBC /Configuration .
  2. In the Media Interface Configuration table, from the Network selection list located next to uplink_m , make sure Uplink is selected.

    Note

    The Network Interfaces displayed in the Network column, are created under Network /Interfaces page.

  3. In the Public Address field, set the NAT/FW public IP Address that will be used to communicate with the service provider.
  4. In the Port Range field, set the media (RTP) port range, if a port range other than 20000-20999 is required, or leave it as it is .
  5. Click Save .
  6. Click Apply to apply all changes to the configuration.
  7. Click restart required services , located at the top of the page.
Result
The Media Interface will be available when configuring a call agent, in the Configure Call Agent page, in the Media Interface selection list.

Next Step

2.9 Importing Rulesets
Top

2.9 Importing Rulesets

Before You Start
Rulesets must be imported. The latest Ruleset package can be found on the https://media5.secure.force.com/supportportal (you will be required to supply a user name and password).
Context
Steps
  1. Go to Management /File .

    Note

    Required Rulesets depend on the scenario being configured. Refer to the Call Agent and Routing Ruleset sections of the configuration notes for details on Rulesets needed to complete the configuration.

    Note

    Step 2 is only required when importing the first Ruleset and if you are not using a secure connexion to access the Management Interface (http://).

  2. Click Activate unsecure file importation from the Web browser .
  3. From the Path field, select sbc/rulesets/.
  4. Click Browse , and navigate to the Ruleset you wish to import, i.e.
    1. rate_limit_invite_per_source_in.crs

    Note

    Ruleset file extension must be *.crs for Call Agent Rulesets or *.rrs for Routing Rulesets.

  5. Click Import .
Result
The imported Ruleset will appear in the Internal files table, with the selected path in front of the name. The Ruleset will be available in the tables of the SBC /Rulesets page.

Next Step

2.10 Configuring the remote_users_ca Call Agent
Top

2.10 Configuring the remote_users_ca Call Agent

Context
If you are not familiar with the meaning of the fields and buttons, click Show Help , located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.
Steps
  1. Go to SBC /Configuration .
  2. Click +
  3. In the Call Agent Configuration table, click located on the same row as remote_users_ca .
  4. In the Configure Call Agent table, complete the following fields:
    1. Select the Enable check box.
    2. From the Signaling Interface selection list, select uplink_s .
    3. From the Media Interface selection list, select uplink_m .
    4. Set the Peer Network to 0.0.0.0/0
  5. From the Name selection list, choose rate_limit_register_per_source_in .
  6. Click Save .
  7. In the Configuration page, click Save .
  8. Click Apply to apply all changes to the configuration.
Result
No will be displayed in the Config. Modified field, indicating that the configuration that was modified is now applied to the system. When the Mediatrix SBC unit will use the selected Call Agent for a communication, the selected parameters will be applied.

Next Step

2.11 Configuring the lan_ip_pbx_ca Call Agent
Top

2.11 Configuring the lan_ip_pbx_ca Call Agent

Context
If you are not familiar with the meaning of the fields and buttons, click Show Help , located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.
Steps
  1. Go to SBC /Configuration .
  2. In the Call Agent Configuration table, click located on the same row as lan_ip_pbx_ca .
  3. In the Configure Call Agent table, complete the fields as follows:
    1. Select the Enable check box.
    2. From the Signaling Interface selection list, select uplink_s .
    3. From the Media Interface selection list, select uplink_m
    4. Set the Peer Host to the IP address of the IP PBX.
  4. Click Save .
  5. In the Configuration page, click Save .
  6. Click Apply to apply all changes to the configuration.
Result
No will be displayed in the Config. Modified field, indicating that the configuration that was modified is now applied to the system. When the Mediatrix SBC unit will use the selected Call Agent for a communication, the selected parameters will be applied.

Next Step

2.12 Associating Routing Rulesets to Your Configuration
Top

2.12 Associating Routing Rulesets to Your Configuration

Before You Start
task_a5v_y2q_bq must be completed for Routing Rulesets to be available.
Steps
  1. Go to SBC /Configuration
  2. Click .
  3. In the Routing Rulesets table, from the Name selection list, select lan_pbx_to_remote_users .
  4. From the Name selection list, select remote_users_to_lan_pbx .
  5. Click Save .
  6. Click Apply to apply all changes to the configuration.
Result

Next Step

2.13 Adding Local Firewall Rules
Top

2.13 Adding Local Firewall Rules

Before You Start
You must have a Network Interface created.
Steps
  1. Go to Network /Local Firewall .
  2. In the Local Firewall Rules table, click +.
  3. In the Local Firewall Rules table, complete the fields.

    Note

    Not all fields are mandatory. You may leave some fields empty.

    • From the Activation selection list, select Enable .
    • In the Destination Address , enter Uplink .

      Note

      Uplink is case sensitive.

    • From the Protocol selection list, select UDP .
    • In the Destination Port , enter 20000-20999.
    • From the Action selection list, select Accept .
  4. Click +.
  5. In the Local Firewall Rules table, complete the fields.

    Note

    Not all fields are mandatory. You may leave some fields empty.

    • From the Activation selection list, select Enable .
    • In the Destination Address , enter Lan1 .

      Note

      Lan1 is case sensitive.

    • From the Protocol selection list, select UDP .
    • In the Destination Port , enter 20000-20999.
    • From the Action selection list, select Accept .
  6. Click +.
  7. In the Local Firewall Rules table, complete the fields.

    Note

    Not all fields are mandatory. You may leave some fields empty.

    • From the Activation selection list, select Enable .
    • In the Destination Address , enter Lan1 .

      Note

      Lan1 is case sensitive.

    • From the Protocol selection list, select TCP .
    • In the Destination Port , enter 80.
    • From the Action selection list, select Accept .
  8. Click +.
  9. In the Local Firewall Rules table, complete the fields.

    Note

    Not all fields are mandatory. You may leave some fields empty.

    • From the Activation selection list, select Enable .
    • In the Destination Address , enter Uplink .

      Note

      Uplink is case sensitive.

    • From the Protocol selection list, select UDP .
    • In the Destination Port , enter 5060.
    • From the Action selection list, select Rate Limit Source .
    • In the Rate Limit Value field, enter 10.
    • In the Rate Limit Time Unit field, enter 60.
  10. Click +.
  11. In the Local Firewall Rules table, complete the fields.

    Note

    Not all fields are mandatory. You may leave some fields empty.

    • From the Activation selection list, select Enable .
    • In the Destination Address , enter Lan1 .

      Note

      Lan1 is case sensitive.

    • From the Protocol selection list, select UDP .
    • In the Destination Port , enter 5060.
    • From the Action selection list, select Rate Limit Source .
    • In the Rate Limit Value field, enter 10.
    • In the Rate Limit Time Unit field, enter 60.
  12. Click +.
  13. In the Local Firewall Rules table, complete the fields.

    Note

    Not all fields are mandatory. You may leave some fields empty.

    • From the Activation selection list, select Enable .
    • In the Destination Address , enter Uplink .

      Note

      Uplink is case sensitive.

    • From the Protocol selection list, select TCP .
    • In the Destination Port , enter 5060.
    • From the Action selection list, select Rate Limit Source .
    • In the Rate Limit Value field, enter 10.
    • In the Rate Limit Time Unit field, enter 60.
  14. Click +.
  15. In the Local Firewall Rules table, complete the fields.

    Note

    Not all fields are mandatory. You may leave some fields empty.

    • From the Activation selection list, select Enable .
    • In the Destination Address , enter Lan1 .

      Note

      Lan1 is case sensitive.

    • From the Protocol selection list, select TCP .
    • In the Destination Port , enter 5060.
    • From the Action selection list, select Rate Limit Source .
    • In the Rate Limit Value field, enter 10.
    • In the Rate Limit Time Unit field, enter 60.
  16. In the Local Firewall Configuration table, from the Default Policy selection list, select Drop .

    Note

    Before setting the Default Policy to Drop , review your rules to make sure that at least one rule accepts incoming packets, otherwise the communication with the Mediatrix unit will be lost.

  17. Click Save & Apply to apply all changes to the configuration.
Result
External calls will only reach the Mediatrix unit if they are using SIP (port 5060) protocol or RTP (port 20000-20999).The Local Firewall rules will open the ports intended for:
  • RTP on the WAN side (Step 3 )
  • RTP on the LAN side (Step 5 )
  • Web access (Step 7 )
  • UDP for SIP signaling on the WAN side (Step 9 )
  • UDP for SIP signaling on the LAN side (Step 11 )
  • TCP for SIP signaling on the WAN side (Step 13 )
  • TCP for SIP signaling on the LAN side (Step 15 )

Next Step

2.6 Configuring the Office NAT-FW
Top

2.14 Configuring Your Mobile-Remote Phones

Context
These phones are registered to the IP PBX using the Mediatrix unit as an outbound proxy.
Steps
  1. Set the SIP server to the (private) IP address of the IP PBX in the main office.
  2. Set the outbound proxy to the public IP address or FQDN of the main office.
  3. Set the username and password according to the IP PBX configuration.
  4. Test inbound/outbound calls between remote extensions.
  5. Test inbound/outbound calls between remote and internal extensions.
  6. Test inbound/outbound calls between remote extensions and the PSTN.
  7. Test all the IP-PBX telephony services on the remote extensions.
Top

3 Available Documentation

For more details, refer to the Mediatrix Documentation published on the Media5 documentation portail https://documentation.media5corp.com/
Top

4 Copyright Notice

Copyright © 2019 Media5 Corporation.

This document contains information that is proprietary to Media5 Corporation.

Media5 Corporation reserves all rights to this document as well as to the Intellectual Property of the document and the technology and know-how that it includes and represents.

This publication cannot be reproduced, neither in whole nor in part, in any form whatsoever, without written prior approval by Media5 Corporation.

Media5 Corporation reserves the right to revise this publication and make changes at any time and without the obligation to notify any person and/or entity of such revisions and/or changes.

Top