Configure SIP Trunking

SIP Trunking Configuration

1. Configure the Mitel ICP (MiVoice Business, MiVoice Office 250, MiVoice MX-One, or MiVoice Office 400) to support SIP trunking. See the MBG Installation and Administration Guide.
2. Configure the SIP trunk on MBG.
3. Configure routing rules to direct incoming SIP trunk calls based on the number dialed rather the SIP username. You can configure multiple routing rules and designate a primary and secondary ICP for each rule (as a minimum, one rule is required). See SIP Trunk Routing by DID.

Adding a SIP Trunk to MBG

To add a SIP trunk on MBG:

1. On the MBG main page, click the SIP trunking tab and click Configuration.
2. Click the sign.
3. Enter SIP trunk options as required and click Save:

   SIP Trunk Options
   Field	Description	Notes
   Name	Enter a name for the SIP trunk.
   Remote trunk endpoint address	Enter the IP address or DNS hostname of the remote endpoint. If the carrier has multiple IP addresses, enter a Fully Qualified Domain Name (FQDN) for the hostname.	If a FQDN is entered as the hostname, the system will use DNS to resolve the name into a list of IP addresses and then accept traffic from any of them.
   Remote trunk endpoint port	Enter port configuration for the remote endpoint OR accept the default. If using TLS transport protocol port 5061 must be used.	Default is 5060.
   Accept traffic from all UDP ports	Select to accept incoming requests from any UDP port at the remote trunk endpoint IP address. Clear to accept requests only from the specified IP address and port. Note: Outgoing requests are always sent to the specified IP address and port.	Default is False.
   Transport protocol	Use the drop-down to select trunking mode from following for the Trunk Service Provider. SRV UDP TCP TLS	Default is UDP. MBG does not support transport protocol translation. For example, if you select TCP as the transport protocol, the ICP end points and the service provider must be using TCP. Both end points must match, one cannot be UDP and the other TCP. If you select TLS as the transport protocol, option to select Outgoing TLS trust profile is displayed.
   Outgoing TLS trust profile	This option is available if TLS is selected as the Transport protocol. Trust public roots only: Validates the provider side of the connection by expecting a certificate signed by a known Certificate Authority (CA). The known CAs are contained in a CA bundle file on the MBG server, similar to the ones available in the web browsers today. Outgoing trust profile for <name>: Validates the trunking provider's choice of certificate for MBG to provide a full trust chain to the other end of the TLS connection. Here, <name> is the name of a certificate uploaded by the Administrator in the list file, using the Trust Store interface. No certificate validation: Does not validate the provider side of the connection.	Default is Trust public roots only. To validate trunking provider's choice of certificate, you must import the root CA certificate in use at that time, and configure to trust it. Click the Export root cert to export the root CA certificate corresponding to the currently used certificate by SIP services.
   DNS SRV query domain	Enter the domain of the SIP Trunk Provider for SRV query.	For example, abccompany.com
   DNS SRV resiliency timeout	Set the time to lapse between an unresponsive Trunk Endpoint before attempting to use an alternate Trunk Endpoint. A value too large could cause users to disconnect and abandon their outgoing calls prematurely, assuming that there is no response. A value too small could cause premature usage of an alternative Trunk Endpoint, although the call would have been successful using the original Trunk Endpoint. Note: To determine a value appropriate for your SIP service provider, refer to the Mitel SIP Center of Excellence Interop Guide.	Default is 5 seconds.
   Options keepalives	This setting controls whether SIP Options messages are sent to SIP Trunks as keepalive mechanisms. Never to prevent keepalives from being sent. Always to force keepalives to be sent. Note: For a resilient trunk configuration, set the Options keepalives to Always and Options interval to 20. This setting is automatically disabled when DNS SRV Support is enabled, because SRV does keepalives by doing resiliency when needed.	Default is Always.
   Options interval	If "Options keepalives" is enabled, this is the interval in seconds at which keep-alive messages are sent.	Default is 60.
   Rewrite host in PAI	Select to change the P-Asserted-Identity (PAI) header contained in outgoing ICP messages to the host IP of the MBG's public interface. Clear to leave the PAI in outgoing ICP messages unchanged.	Default is True.
   Remote RTP framesize (ms)	This setting controls the RTP framesize on the set side of MBG. By default, the requested framesize is respected. If you select a non-default setting (e.g. 30 ms), the specified value will be used. For more information about RTP framesize, see the MBG Engineering Guidelines. Notes: This setting should be changed only if a specific framesize is required on the set side of MBG. This setting does not affect the framesize used between MBG and the ICP (MiVoice Business or MiVoice Office 250).	Default is Auto.
   Idle timeout (s)	This timer monitors "no traffic" conditions on the trunk. When there is no traffic on the trunk for the selected amount of time (default is one hour), the timer expires and all connections are closed until the next packet is received.	Default is 3600.
   RTP address override	Select the interface the MBG server uses to access the SIP trunk provider. If no selection is made, the interface is set in accordance to the configured route to the SIP trunk provider.	Default is no selection. After you update this setting, restart the system to have the change take effect. For details, see Stop MBG and Start MBG.
   Local streaming between trunk calls	Select this option to allow the MBG to drop out of the media path on calls that involve only public trunk participants. With this option disabled (the default), MBG will anchor the media streams and connect them internally. This uses more bandwidth. With this option enabled, MBG will set up the call such that the carrier's SBC connects the two streams directly, and MBG is only involved in call signaling. Some carriers require the former and some require the latter. To determine which setting is required by your SIP service provider, consult the Mitel SIP Center of Excellence Interop Guide.	Default is disabled. Enable this option only if local streaming is required by your SIP service provider. In all other circumstances, leave this option disabled. The wrong Local streaming setting for the SIP trunk can result in call failures or no audio.
   PRACK support	This option controls whether the "Provisional Response ACKnowledgement" (PRACK) method is used. Use master setting to use the global PRACK option programmed on the Settings screen. This option controls whether MBG supports PRACK between itself and the peer, and is the default setting for all SIP trunks. Enabled to enable the trunk to use PRACK while the global PRACK option is disabled. Disabled to prevent the trunk from using PRACK whilethe global PRACK option is enabled. For example, if the PRACK option is globally disabled on MBG and the peer but enabled on the trunk, then MBG will support PRACK only on calls between itself and the trunk. Alternatively, if the PRACK option is globally enabled on MBG but disabled on the trunk, then MBG will use PRACK only between itself and the peer but not with the trunk.	Default is Use master setting. Most peers now support PRACK, which can be useful in interoperability scenarios with the PSTN (see RFC 3262). If the remote SIP trunk supports PRACK, this option should be enabled.
   Log verbosity	At times, it may be necessary to increase log verbosity for specific troubleshooting purposes. Select Normal, Very Quiet, Quiet, Verbose, Very Verbose, or Use master setting to use the Log Verbosity setting programmed on the Settings screen.	Default is Use master setting.
   Authentication username	Some SIP service providers require authentication of PRACK requests before allowing a trunk connection. Username and password information is provided by the SIP Service Provider and must match the authentication credentials in the SIP Peer Profile form in the MiVoice Business System Administration Tool.	If you cannot make a call and the log contains this string: “SipUA: RX <<< PRACK (401) response”, then you must enter this information.
   Authentication password
   DNS SRV auto-registration	Select this option if registration is required on failover to an alternate SRV TRUNK endpoint. See DNS SRV auto-registration for more information.
   Trunk-side RTP security	This setting controls whether streaming between MBG and the Trunk endpoint should be encrypted (SRTP) or not encrypted (RTP); refer to the MBG Engineering Guidelines for further details.
   Inbound	SRTP or RTP: Accept any inbound SRTP or RTP offers on the TRUNK side. SRTP only: Accept only inbound SRTP offers on the TRUNK side – reject inbound RTP offers on the TRUNK side. RTP only: Accept only inbound RTP offers on the TRUNK side – reject inbound SRTP offers on the TRUNK side. Note: To enable usage of encrypted SRTP streaming, in addition to selecting the SRTP setting, the remote Trunk endpoint also needs to be properly configured to use SRTP as well. Otherwise, calls might fallback to unencrypted RTP streaming or even be rejected.	Default is SRTP or RTP.
   Outbound	SRTP only: Use only SRTP when making outbound offers on the TRUNK side. RTP only: Use only RTP when making outbound offers on the TRUNK side. AVP+crypto: Use both SRTP or RTP when making outbound offers on the TRUNK side (SRTP preferred over RTP). Note: To enable usage of encrypted SRTP streaming, in addition to selecting the SRTP setting, the remote Trunk endpoint also needs to be properly configured to use SRTP as well. Otherwise, calls might fallback to unencrypted RTP streaming or even be rejected.	Default is RTP only.
   Preferred cipher	AES_CM_128_HMAC_SHA1_32: Use AES_CM_128_HMAC_SHA1_32 as the preferred cryptosuite over AES_CM_128_HMAC_SHA1_80 when making outbound offers on the TRUNK side. AES_CM_128_HMAC_SHA1_80: Use AES_CM_128_HMAC_SHA1_80 as the preferred cryptosuite over AES_CM_128_HMAC_SHA1_32 when making outbound offers on the TRUNK side.	Default is AES_CM_128_HMAC_SHA1_32.
   ICP-side RTP security	This setting controls whether streaming between MBG and the ICP should be encrypted (SRTP) or not encrypted (RTP); refer to the MBG Engineering Guidelines for further details.
   Inbound	SRTP or RTP: Accept any inbound SRTP or RTP offers on the ICP side. SRTP only: Accept ONLY inbound SRTP offers – reject inbound RTP offers on the ICP side. RTP only: Accept ONLY inbound RTP offers – reject inbound SRTP offers on the ICP side. Note: To enable usage of encrypted SRTP streaming, in addition to selecting the SRTP setting, the remote ICP endpoint must be properly configured to use SRTP. Otherwise, calls might fallback to unencrypted RTP streaming or even be rejected.	Default is RTP only.
   Outbound	SRTP only: Only use SRTP when making outbound offers on the ICP side. RTP only: Only use RTP when making outbound offers on the ICP side. AVP+crypto: Use both SRTP or RTP when making outbound offers on the ICP side (SRTP preferred over RTP). Note: To enable usage of encrypted SRTP streaming, in addition to selecting the SRTP setting, the remote ICP endpoint must be properly configured to use SRTP. Otherwise, calls might fallback to unencrypted RTP streaming or even be rejected.	Default is RTP only.
   Preferred cipher	AES_CM_128_HMAC_SHA1_32: Use AES_CM_128_HMAC_SHA1_32 as the preferred cryptosuite over AES_CM_128_HMAC_SHA1_80 when making outbound offers on the ICP side. AES_CM_128_HMAC_SHA1_80: Use AES_CM_128_HMAC_SHA1_80 as the preferred cryptosuite over AES_CM_128_HMAC_SHA1_32 when making outbound offers.	Default is AES_CM_128_HMAC_SHA1_32.
   SIP adaptation receive pipeline	From the drop-down, select the pipeline to receive SIP messages.	The drop-down list contains the pipelines configured in SIP Adaptation page.
   SIP adaptation send pipeline	From the drop-down, select the pipeline to send SIP messages.
   Add additional routing rule	(Optional) Enter the DID routing rule mask for this SIP trunk to use. See Configuring DID Routing Rules for more information. In the Routing rules section of the screen, locate the place where you wish to add the new rule. Use the following screen tools to sort through the list. Note: If the trunk does not yet have any rules, a single unprogrammed rule will be listed by default. Click Prepend to add the new rule ahead of an existing rule, or Append to add the new rule after an existing rule. Specify the rule parameters: Match: Select the match criteria: Request URI, From header URI, or To header URI. Rule: Enter the rule, making sure to adhere to the format outlined below. Primary: Select the primary ICP to route the call. Secondary: Select the secondary ICP to route the call (if applicable). Note: Note: MBG routes an incoming SIP trunk call to the secondary ICPonly ifthe primary ICP is marked unavailable, unreachable, or down because the primary ICP failed to respond to three consecutive SIP option keepalives or to a SIP message within 32 seconds. Click Save. The rules are applied in descending order starting from the top of the list. Use the Raise and Lower fields to re-sort the list.	There is no limit to the number of routing rules you may add.
   Re-Invite Conversion	If this option is selected, when MBG receives RE-INVITE messages from the ICP that lack SDP, it will perform a conversion, adding SDP before forwarding the messages to the SIP trunk. If this option is cleared, MBG will not perform the conversion.	Default is no selection (MBG does not perform the conversion). RE-INVITE messages without SDP are also known as SLOWSTART RE-INVITE messages. Enable this option only if required by your SIP service provider. For more information, consult the Mitel SIP Center of Excellence Interop Guide. If this option is enabled and if your SIP service provider requires authentication for INVITE messages, you must configure the Authentication Username and Password for your trunk.

Editing a SIP Trunk on MBG

To edit a SIP trunk on MBG:

1. On the MBG main page, click the SIP trunking tab and click Configuration.
2. In the trunk list, click beside the trunk you want to edit.
3. Edit the SIP trunk options as required.
4. Click Save.

Viewing the Status of a SIP Trunk on MBG

To view the status of SIP trunks on MBG, see SIP Trunk Status.

Run Diagnostics

To run diagnostics for a specific ICP:

1. On the MBG main page, click the SIP trunkingtab and click Configuration.

2. In the trunk list, locate the trunk you want to run the diagnostics for, and click . Test results for the selected trunk are displayed.