====== Vitelity ====== http://www.vitelity.com/ Vitelity is a wholesale IP telecommunications provider and we are their local agent: * SIP Trunking * vFAX * International DIDs ===== vFax ===== To audit your vFax usage/billing, you would: **User Portal -> Billing -> Invoice -> vFax -> ** ==== Fax Blacklist ==== ===== VoIP ===== VoIP Servers: 64.2.142.0/24 66.241.96.0/24 66.241.97.0/24 66.241.99.0/24 66.241.107.0/24 66.241.109.0/24 66.241.111.0/24 140.239.143.0/24 207.166.136.0/24 207.166.137.0/24 207.166.138.0/24 ==== Firewall ==== Our normal method for firewalling PBXs is: - Locate the PBX behind your primary NAT firewall - Permit all outbound traffic * Only because it's easy - Permit no inbound traffic * Other than the next items - Forward voice traffic in to the PBX * Destination NAT (DNAT) * All forwarded port ranges are UDP * 5060-5061 for SIP and SIPS * 10000-20000 for RTP - Limit the port forwarding rules by source-address-list * Create an address list * Add all Vitelity IP addresses * Add fixed IP addresses of any remote extensions * Only forward the ports if the traffic comes from trusted partners - Make sure that forwarded traffic is permitted * Mikrotik RouterOS devices do this automatically with the forwarding rules === Mikrotik === /ip firewall address-list add address=64.2.142.0/24 comment="Vitelity Voice Servers" list=vitelity add address=66.241.96.0/24 list=vitelity add address=66.241.97.0/24 list=vitelity add address=66.241.99.0/24 list=vitelity add address=66.241.107.0/24 list=vitelity add address=66.241.109.0/24 list=vitelity add address=66.241.111.0/24 list=vitelity add address=140.239.143.0/24 list=vitelity add address=207.166.136.0/24 list=vitelity add address=207.166.137.0/24 list=vitelity add address=207.166.138.0/24 list=vitelity === iptables === vim /etc/sysconfig/iptables # Allow INTERNAL connections to SIP and IAX signalling ports -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 5060,4569 -s 192.168.30.0/24 # Allow SIP PROVIDER connections to SIP and IAX signalling ports -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 5060,4569 -s 64.2.142.0/24 -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 5060,4569 -s 66.241.96.0/24 -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 5060,4569 -s 66.241.97.0/24 -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 5060,4569 -s 66.241.99.0/24 -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 5060,4569 -s 66.241.107.0/24 -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 5060,4569 -s 66.241.109.0/24 -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 5060,4569 -s 66.241.111.0/24 -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 5060,4569 -s 140.239.143.0/24 -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 5060,4569 -s 207.166.136.0/24 -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 5060,4569 -s 207.166.137.0/24 -A INPUT -p udp -m udp -m multiport -j ACCEPT --dports 5060,4569 -s 207.166.138.0/24 # Allow connections to RTP ports -A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT ==== International Calling ==== There is a configurable cap to limit calls to expensive international destinations. This is done to limit exposure to abuse. - Click on Settings - Click on International - Choose the desired amount To view current International rates click the ''View Rates'' button to download the CSV for all or enter the countries numerical calling code. ===== PJSIP in FreePBX ===== https://community.freepbx.org/t/i-finally-gave-up-chan-sip-for-chan-pjsip-and-it-was-fine/61772/5