Configuring Ribbon Core SBC Series with CLI


[ 1 ] Create Codec Entry
# G.711 Codec
set profiles media codecEntry G711-default dtmf relay rfc2833
set profiles media codecEntry G711-default packetSize 20
[ 2 ] Set RTCP Interval
set system media mediaRtcpControl senderReportInterval 5
[3] Create SIP Domains
set global sipDomain ribbon1.interopdomain.com
[4] Configuring Tone And Announcement Profile
set profiles media toneAndAnnouncementProfile LRBT_PROF
set profiles media toneAndAnnouncementProfile LRBT_PROF localRingBackTone signalingTonePackageState enable makeInbandToneAvailable enable
set profiles media toneAndAnnouncementProfile
LRBT_PROF localRingBackTone flags useThisLrbtForIngress enable
set profiles media toneAndAnnouncementProfile
LRBT_PROF localRingBackTone flags dynamicLRBT enable
set system mediaProfile compression
75 tone 25
[ 5 ] Create Path Check Profile
set profiles services pathCheckProfile TEAMS_OPTIONS protocol sipOptions sendInterval 20 replyTimeoutCount 1 recoveryCount 1
[6] Create Zone
set addressContext default zone TEAMS_ZONE id 4
set addressContext default zone TEAMS_ZONE domainName ribbon1.interopdomain.com
[7] Create IP Interface Group
set addressContext default ipInterfaceGroup LIF2 ipInterface PKT1_V4 ceName IOTTESLA portName pkt1
set addressContext default ipInterfaceGroup LIF2 ipInterface PKT1_V4 ipAddress 115.XXX.XXX.XXX prefix 27
set addressContext default ipInterfaceGroup LIF2 ipInterface PKT1_V4 mode inService state enabled

[8] Create SIP Signaling Port
set addressContext default zone TEAMS_ZONE id 4 sipSigPort 4 ipInterfaceGroupName LIF2 ipAddressV4 115.XXX.XXX.XXX portNumber 5060 transportProtocolsAllowed siptcp,sip-udp,sip-tls-tcp
set addressContext
default zone TEAMS_ZONE id 4 sipSigPort 4 state enabled mode inService
[9] Create DNS Group
set addressContext default dnsGroup EXT_DNS
set addressContext default dnsGroup EXT_DNS type ip interface LIF2 server DNS2 ipAddress 8.8.8.8 state enabled
set addressContext
default zone TEAMS_ZONE dnsGroup EXT_DNS
[10] Static route
set addressContext default staticRoute 0.0.0.0 0 115.XXX.XXX.XXX LIF2 PKT1_V4 preference 100
[11] Create IP Signalling Profile
set profiles signaling ipSignalingProfile TEAMS_IPSP ipProtocolType sipOnly
set profiles signaling ipSignalingProfile
TEAMS_IPSP commonIpAttributes flags disableMediaLockDown enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP commonIpAttributes flags includeReasonHeader enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP commonIpAttributes flags includeTransportTypeInContactHeader enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP commonIpAttributes flags publishIPInHoldSDP enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP commonIpAttributes flags routeUsingRecvdFqdn enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP commonIpAttributes flags sendPtimeInSdp enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP commonIpAttributes flags sendRtcpPortInSdp enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP commonIpAttributes flags storePChargingVector enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP commonIpAttributes optionTagInRequireHeader suppressReplaceTag enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP commonIpAttributes relayFlags notify enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP commonIpAttributes relayFlags statusCode4xx6xx enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP commonIpAttributes transparencyFlags mwiBody enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP egressIpAttributes flags disable2806Compliance enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP egressIpAttributes domainName useZoneLevelDomainNameInContact enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP egressIpAttributes domainName useIpSignalingPeerDomainInRequestUri enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP egressIpAttributes privacy flags includePrivacy enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP egressIpAttributes redirect flags forceRequeryForRedirection enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP egressIpAttributes transport type1 tlsOverTcp
set profiles signaling ipSignalingProfile
TEAMS_IPSP egressIpAttributes sipHeadersAndParameters callForwarding diversionHeaderTransparency enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP ingressIpAttributes flags sendSdpIn200OkIf18xReliable enable
set profiles signaling ipSignalingProfile
TEAMS_IPSP egressIpAttributes numberGlobalizationProfile DEFAULT_IP

 

[12] Create Packet Service Profile
set profiles media packetServiceProfile TEAMS_PSP
set profiles media packetServiceProfile TEAMS_PSP codec codecEntry1 G711-default
set profiles media packetServiceProfile
TEAMS_PSP rtcpOptions rtcp enable
set profiles media packetServiceProfile
TEAMS_PSP preferredRtpPayloadTypeForDtmfRelay 101
set profiles media packetServiceProfile
TEAMS_PSP silenceInsertionDescriptor g711SidRtpPayloadType 13 heartbeat enable
set profiles media packetServiceProfile
TEAMS_PSP secureRtpRtcp flags enableSrtp enable
set profiles media packetServiceProfile
TEAMS_PSP secureRtpRtcp cryptoSuiteProfile CRYPT_PROF
[13] Create SIP Trunk
set addressContext default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG media mediaIpInterfaceGroupName LIF2
set addressContext default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG signaling honorMaddrParam enabled
set addressContext
default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG policy media packetServiceProfile TEAMS_PSP
set addressContext default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG policy signaling ipSignalingProfile TEAMS_IPSP
set addressContext default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG downstreamForkingSupport enabled
set addressContext
default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG signaling rel100Support enabled
set addressContext
default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG services dnsSupportType a-only
set addressContext
default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG ingressIpPrefix 0.0.0.0 0
set addressContext default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG signaling relayNonInviteRequest enabled
set addressContext
default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG signaling methods notify allow
set addressContext
default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG policy media toneAndAnnouncementProfile LRBT_PROF
set addressContext default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG mode inService state enabled
set addressContext
default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG media sdpAttributesSelectiveRelay enabled
[14] Create IP PEER
set addressContext default zone TEAMS_ZONE ipPeer TEAMS_PEER policy sip fqdn sip.pstnhub.microsoft.com fqdnPort 5060
[15] Create Routing Label
set global callRouting routingLabel TEAMS_RL routingLabelRoute 1 trunkGroup TEAMS_TG ipPeer TEAMS_PEER inService inService
[16] Create Route
set global callRouting route none Sonus_NULL Sonus_NULL standard 777888500 1 all all ALL none Sonus_NULL routingLabel TEAMS_RL

 

 

PSTN Side Configuration

 

[ 1 ] Create IP Interface Group
set addressContext default ipInterfaceGroup LIF1 ipInterface PKT0_V4 ceName IOTTESLA portName pkt0
set addressContext default ipInterfaceGroup LIF1 ipInterface PKT0_V4 ceName IOTTESLA ipAddress 172.16.102.188 prefix 24
set addressContext default ipInterfaceGroup LIF1 ipInterface PKT0_V4 mode inService state enabled
[ 2 ] Create Zone
set addressContext default zone PSTN_ZONE id 2 sipSigPort 1 ipInterfaceGroupName LIF1 ipAddressV4 172.16.102.188 portNumber 5060 transportProtocolsAllowed sip-tcp,sipudp,sip-tls-tcp
set addressContext
default zone PSTN_ZONE id 2 sipSigPort 1 mode inService state enabled
[3] Create IP Signalling Profile
set profiles signaling ipSignalingProfile PSTN_IPSP
set profiles signaling ipSignalingProfile PSTN_IPSP commonIpAttributes flags includeReasonHeader enable
set profiles signaling ipSignalingProfile
PSTN_IPSP commonIpAttributes flags sendPtimeInSdp enable
set profiles signaling ipSignalingProfile
PSTN_IPSP commonIpAttributes flags sendRtcpPortInSdp enable
set profiles signaling ipSignalingProfile
PSTN_IPSP egressIpAttributes flags disable2806Compliance enable
set profiles signaling ipSignalingProfile
PSTN_IPSP egressIpAttributes transport type1 tcp
set profiles signaling ipSignalingProfile
PSTN_IPSP egressIpAttributes transport type2 udp
set profiles signaling ipSignalingProfile
PSTN_IPSP ingressIpAttributes flags sendSdpIn200OkIf18xReliable enable
set profiles signaling ipSignalingProfile
PSTN_IPSP egressIpAttributes redirect flags forceRequeryForRedirection enable
set profiles signaling ipSignalingProfile
PSTN_IPSP commonIpAttributes flags routeUsingRecvdFqdn enable
set profiles signaling ipSignalingProfile
PSTN_IPSP commonIpAttributes relayFlags notify enable
set profiles signaling ipSignalingProfile
PSTN_IPSP commonIpAttributes relayFlags statusCode4xx6xx enable
set profiles signaling ipSignalingProfile
PSTN_IPSP commonIpAttributes flags includeTransportTypeInContactHeader enable
set profiles signaling ipSignalingProfile
PSTN_IPSP egressIpAttributes sipHeadersAndParameters callForwarding dataMapping none
set profiles signaling ipSignalingProfile
PSTN_IPSP egressIpAttributes sipHeadersAndParameters callForwarding diversionHeaderTransparency enable
set profiles signaling ipSignalingProfile
PSTN_IPSP commonIpAttributes transparencyFlags mwiBody enable
set profiles signaling ipSignalingProfile
PSTN_IPSP commonIpAttributes optionTagInRequireHeader suppressReplaceTag enable
[4] Create Packet Service Profile
set profiles media packetServiceProfile PSTN_PSP

set profiles media packetServiceProfile PSTN_PSP codec codecEntry1 G711-default
set profiles media packetServiceProfile PSTN_PSP rtcpOptions rtcp enable
set profiles media packetServiceProfile
PSTN_PSP preferredRtpPayloadTypeForDtmfRelay 101
set profiles media packetServiceProfile
PSTN_PSP silenceInsertionDescriptor g711SidRtpPayloadType 13 heartbeat enable
[ 5 ] Create SIP Trunk
set addressContext default zone PSTN_ZONE sipTrunkGroup PSTN_TG media mediaIpInterfaceGroupName LIF1
set addressContext default zone PSTN_ZONE sipTrunkGroup PSTN_TG policy media packetServiceProfile PSTN_PSP
set addressContext default zone PSTN_ZONE sipTrunkGroup PSTN_TG policy signaling ipSignalingProfile PSTN_IPSP
set addressContext default zone PSTN_ZONE sipTrunkGroup PSTN_TG downstreamForkingSupport enabled
set addressContext
default zone PSTN_ZONE sipTrunkGroup PSTN_TG signaling rel100Support enabled
set addressContext
default zone PSTN_ZONE sipTrunkGroup PSTN_TG services dnsSupportType a-only
set addressContext
default zone PSTN_ZONE sipTrunkGroup PSTN_TG ingressIpPrefix 0.0.0.0 0
set addressContext default zone PSTN_ZONE sipTrunkGroup PSTN_TG mode inService state enabled
set addressContext
default zone PSTN_ZONE sipTrunkGroup PSTN_TG signaling honorMaddrParam enabled
set addressContext
default zone PSTN_ZONE sipTrunkGroup PSTN_TG signaling relayNonInviteRequest enabled
set addressContext
default zone PSTN_ZONE sipTrunkGroup PSTN_TG signaling methods notify allow
set addressContext
default zone PSTN_ZONE sipTrunkGroup PSTN_TG media sdpAttributesSelectiveRelay enabled
set addressContext
default zone PSTN_ZONE sipTrunkGroup PSTN_TG policy media toneAndAnnouncementProfile LRBT_PROF
[6] Static Route
set addressContext default staticRoute 0.0.0.0 0 172.16.102.1 LIF1 PKT0_V4 preference 100
[7] Create IP PEER
set addressContext default zone PSTN_ZONE ipPeer PSTN_IPP ipAddress 172.16.100.56 fqdnPort 5060
[15] Create Routing Label
set global callRouting routingLabel PSTN_RL routingLabelRoute 1 trunkGroup PSTN_TG ipPeer PSTN_IPP inService inService
[16] Create Route
set global callRouting route none Sonus_NULL Sonus_NULL standard 962042 1 all all ALL none Sonus_NULL routingLabel PSTN_RL

 

Using TLS/SRTP
Global Configuration
[ 1 ] Create a configuration object to hold a locally generated RSA key pair
set system security pki certificate SBC_CERT type local-internal
[ 2 ] Generate Key pair and CSR (certificate signing request) for submission to a Certificate Authority (CA)
request system security pki certificate SBC_CERT generateCSR csrSub /C=IN/ST=KA/L=Bangalore/O=Sonus/CN=ribbon1.interopdomain.com keySize keySize2K
Generate required certificates
[ 3 ] Create Crypto Suite Profile
set profiles security cryptoSuiteProfile CRYPT_PROF entry 1 cryptoSuite AES-CM-128-HMAC-SHA1-80
[ 4 ] Import Public CA Root Certificate into database
set system security pki certificate ROOT_CERT type remote fileName rootcert.cer state enabled
Note: You may get one or more intermediate certificates from your CA (depanding on Certificate Authority you are using), all intermediates certificates need to be converted to
.cer format and need to be place as “
type remote”.
[ 5 ] Import Baltimore Certificate into database
set system security pki certificate BALTIMORE_CERT type remote fileName BAcert.cer state enabled
Note: You can get Baltimore certificate online in .pem format and need to be converted into .cer format using openssl.
http://certificate.fyicenter.com/319_Root_CA_Baltimore_CyberTrust_Root_CyberTrust_Baltimore_IE.html
[ 6 ] Import Public CA Certified SBC Server Certificate into database
set system security pki certificate SBC_CERT filename sbccert.pem type local-internal state enabled
[7] Create TLS Profile
set profiles security tlsProfile TLS_PROF clientCertName SBC_CERT serverCertName SBC_CERT cipherSuite1 rsa-with-3des-ede-cbc-sha cipherSuite2 rsa-with-aes-128-cbc-sha authClient true
allowedRoles clientandserver acceptableCertValidationErrors invalidPurpose
SBC Side Configuration
[ 8 ] Configure SIP Signailng Port
set addressContext default zone TEAM_ZONE sipSigPort 4 tlsProfileName TLS_PROF