7. Advanced Subscriber Configuration

7.1. Access Control for SIP Calls
7.1.1. Block Lists
7.1.1.1. Block Modes
7.1.1.2. Block Lists
7.1.1.3. Block Anonymous Numbers
7.1.2. NCOS Levels
7.1.2.1. Creating NCOS Levels
7.1.2.2. Creating Rules per NCOS Level
7.1.2.3. Assigning NCOS Levels to Subscribers/Domains
7.1.2.4. Assigning NCOS Level for Forwarded Calls to Subscribers/Domains
7.1.3. IP Address Restriction
7.2. Call Forwarding and Call Hunting
7.2.1. Setting a simple Call Forward
7.2.2. Advanced Call Hunting
7.2.2.1. Configuring Destination Sets
7.2.2.2. Configuring Time Sets
7.3. Header Manipulation
7.3.1. Header Filtering
7.3.2. Codec Filtering
7.3.3. Enable History and Diversion Headers
7.4. SIP Trunking with SIPconnect
7.4.1. User provisioning
7.4.2. Inbound calls routing
7.4.3. Number manipulations
7.4.3.1. Rewrite rules
7.4.3.2. User parameter
7.4.3.3. Forwarding number
7.4.3.4. Allowed CLIs
7.4.4. Registration
7.4.4.1. Trusted sources
7.5. Limiting Subscriber Preferences via Subscriber Profiles
7.5.1. Subscriber Profile Sets
7.6. Creating Trusted Subscribers
7.7. Voicemail System
7.7.1. Accessing the IVR Menu
7.7.1.1. Mapping numbers and codes to IVR access
7.7.1.2. External IVR access
7.7.2. IVR Menu Structure
7.7.3. Type Of Messages
7.7.3.1. Unavailable Message
7.7.3.2. Busy Message
7.7.3.3. Temporary Greeting
7.7.4. Folders
7.7.4.1. The Default Folder List
7.8. XMPP Instant Messaging
7.9. Configuring Subscriber IVR Language
7.10. Sound Sets
7.10.1. Configuring Early Reject Sound Sets
7.11. Conference System
7.11.1. Configuring Call Forward to Conference
7.11.2. Configuring Conference Sound Sets
7.11.3. Entering the Conference with a PIN
7.12. Malicious Call Identification (MCID)
7.12.1. Setup
7.12.2. Usage
7.12.3. Advanced configuration
7.13. Handling WebRTC Clients
7.14. SIP loop detection

The sip:provider CE provides a large amount of subscriber features in order to offer compelling VoIP services to end customers, and also to cover as many deployment scenarios as possible. In this chapter, we will go over the features and describe their behavior and their use cases.

7.1. Access Control for SIP Calls

There are two different methods to provide fine-grained call admission control to both subscribers and admins. One is Block Lists, where you can define which numbers or patterns can be called from a subscriber to outbound direction and which numbers or patterns are allowed to call a subscriber in inbound direction. The other is NCOS Levels, where the admin predefines rules for outbound calls, which are grouped in certain levels. The user can then just choose the level, or the admin can restrict a user to a certain level. Also sip:provider CE offers some options to restrict the IP addresses that subscriber is allowed to use the service from. The following chapters will discuss these features in detail.

7.1.1. Block Lists

Block Lists provide a way to control which users/numbers are able to call or to be called, based on a subscriber level, and can be found in the Call Blockings section of the subscriber preferences.

Subscriber Block Lists

Block Lists are separated into Administrative Block Lists (adm_block_*) and Subscriber Block Lists (block_*). They both have the same behavior, but Administrative Block Lists take higher precedence. Administrative Block Lists are only accessible by the system administrator and can thus be used to override any Subscriber Block Lists, e.g. to block certain destinations. The following break-down of the various block features apply to both types of lists.

7.1.1.1. Block Modes

Block lists can either be whitelists or blacklists and are controlled by the User Preferences block_in_mode, block_outmode__ and their administrative counterparts.

  • The blacklist mode (option is not checked tells the system to allow anything except the entries in the list. This mode is used if you want to just block certain numbers and allow all the rest.
  • The whitelist mode indicates to reject anything except the entries in the list. This is used if you want to enforce a strict policy and allow only selected destinations or sources.

You can change a list mode from one to the other at any time.

7.1.1.2. Block Lists

The list contents are controlled by the User Preferences block_in_list, block_out_list and their administrative counterparts. Click on the Edit button in the Preferences view to define the list entries.

In block list entries, you can provide shell patterns like * and []. The behavior of the list is controlled by the block_xxx_mode feature (so they are either allowed or rejected). In our example above we have block_out_mode set to blacklist, so all calls to US numbers and to the Austrian number +431234567 are going to be rejected.

Outgoing Block List

Click the Close icon once you’re done editing your list.

7.1.1.3. Block Anonymous Numbers

For incoming call, the User Preference block_in_clir and adm_block_in_clir controls whether or not to reject incoming calls with number supression (either "[Aa]nonymous" in the display- or user-part of the From-URI or a header Privacy: id is set). This flag is independent from the Block Mode.

7.1.2. NCOS Levels

NCOS Levels provide predefined lists of allowed or denied destinations for outbound calls of local subscribers. Compared to Block Lists, they are much easier to manage, because they are defined on a global scope, and the individual levels can then be assigned to each subscriber. Again there is the distinction for user- and administrative-levels.

NCOS levels can either be whitelists or blacklists.

  • The blacklist mode indicates to allow everything except the entries in this level. This mode is used if you want to just block certain destinations and allow all the rest.
  • The whitelist mode indicates to reject anything except the entries in this level. This is used if you want to enforce a strict policy and allow only selected destinations.
7.1.2.1. Creating NCOS Levels

To create an NCOS Level, go to SettingsNCOS Levels and press the Create NCOS Level button.

NCOS Levels

Select a reseller, enter a name, select the mode and add a description, then click the Save button.

Create NCOS Levels

7.1.2.2. Creating Rules per NCOS Level

To define the rules within the newly created NCOS Level, click on the Patterns button of the level.

Enter NCOS Pattern View

In the Number Patterns view you can create multiple patterns to define your level, one after the other. Click on the Create Pattern Entry Button on top and fill out the form.

Create NCOS Pattern

In this example, we block (since the mode of the level is blacklist) all numbers starting with 439. Click the Save button to save the entry in the level.

The option include local area code in list for a blacklist means that calls within the area code of the subscribers are denied, and for whitelist that they are allowed, respectively. For example if a subscriber has country-code 43 and area-code 1, then selecting this checkbox would result in an implicit entry ^431.

7.1.2.3. Assigning NCOS Levels to Subscribers/Domains

Once you’ve defined your NCOS Levels, you can assign them to local subscribers. To do so, navigate to SettingsSubscribers, search for the subscriber you want to edit, press the Details button and go to the Preferences View. There, press the Edit button on either the ncos or admncos setting in the Call Blockings__ section.

Assign NCOS Level

You can assign the NCOS level to all subscribers within a particular domain. To do so, navigate to SettingsDomains, select the domain you want to edit and click Preferences. There, press the Edit button on either ncos or admin_ncos in the Call Blockings section.

Note: if both domain and subscriber have same NCOS preference set (either ncos or adm_ncos, or both) the subscriber’s preference is used. This is done so that you can override the domain-global setting on the subscriber level.

7.1.2.4. Assigning NCOS Level for Forwarded Calls to Subscribers/Domains

In some countries there are regulatory requirements that prohibit subscribers from forwarding their numbers to special numbers like emergency, police etc. While the sip:provider CE does not deny provisioning Call Forward to these numbers, the administrator can prevent the incoming calls from being actually forwarded to numbers defined in the NCOS list: just select the appropriate NCOS level in the domain’s or subscriber’s preference adm_cf_ncos. This NCOS will apply only to the Call Forward from the subscribers and not to the normal outgoing calls from them.

7.1.3. IP Address Restriction

The sip:provider CE provides subscriber preference allowed_ips to restrict the IP addresses that subscriber is allowed to use the service from. If the REGISTER or INVITE request comes from an IP address that is not in the allowed list, the sip:provider CE will reject it with a 403 message. Also a voice message can be played when the call attempt is rejected (if configured).

By default, allowed_ips is an empty list which means that subscriber is not restricted. If you want to configure a restriction, navigate to SettingsSubscribers, search for the subscriber you want to edit, press Details and then Preferences and press Edit for the allowed_ips preference in the Access Restrictions section.

Edit Subscriber Allowed IP Addresses

Press the Edit button to the right of empty drop-down list.

You can enter multiple allowed IP addresses or IP address ranges one after another. Click the Add button to save each entry in the list. Click the Delete button if you want to remove some entry.

7.2. Call Forwarding and Call Hunting

The sip:provider CE provides the capabilities for normal call forwarding (deflecting a call for a local subscriber to another party immediately or based on events like the called party being busy or doesn’t answer the phone for a certain number of seconds) and serial call hunting (sequentially executing a group of deflection targets until one of them succeeds). Targets can be stacked, which means if a target is also a local subscriber, it can have another call forward or hunt group which is executed accordingly.

Call Forwards and Call Hunting Groups can either be executed unconditionally or based on a Time Set Definition, so you can define deflections based on time period definitions (e.g. Monday to Friday 8am to 4pm etc).

7.2.1. Setting a simple Call Forward

Go to your Subscriber Preferences and click Edit on the Call Forward Type you want to set (e.g. Call Forward Unconditional).

Create Simple Call Forward

If you select URI/Number in the Destination field, you also have to set a URI/Number. The timeout defines for how long this destination should be tried to ring.

7.2.2. Advanced Call Hunting

If you want multiple destinations to be executed one after the other, you need to change into the Advanced View when editing your call forward. There, you can select multiple Destination Set/Time Set pairs to be executed.

A Destination Set is a list of destinations to be executed one after another.

A Time Set is a time definition when to execute this Destination Set.

7.2.2.1. Configuring Destination Sets

Click on Manage Destination Sets to see a list of available sets. The quickset_cfu has been implicitly created during our creation of a simple call forward. You can edit it to add more destinations, or you can create a new destination set.

Create CF Destination Set

When you close the Destination Set Overview, you can now assign your new set in addition or instead of the quickset_cfu set.

Assign CF Destination Sets

Press Save to store your settings.

7.2.2.2. Configuring Time Sets

Click on Manage Time Sets in the advanced call-forward menu to see a list of available time sets. By default there are none, so you have to create one.

Create CF Time Set

You need to provide a Name, and a list of Periods where this set is active. If you only set the top setting of a date field (like the Year setting in our example above), then it’s valid for just this setting (like the full year of 2013 in our case). If you provide the bottom setting as well, it defines a period (like our Month setting, which means from beginning of April to end of September). For example, if a CF is set with the following timeset: "hour { 10-12 } minute { 20-30 }", the CF will be matched within the following time ranges:

  • from 10.20am to 10:30am
  • from 11.20am to 11:30am
  • from 12.20am to 12:30am
[Important]

the period is a through definition, so it covers the full range. If you define an Hour definition 8-16, then this means from 08:00 to 16:59:59 (unless you filter the Minutes down to something else).

If you close the Time Sets management, you can assign your new time set to the call forwards you’re configuring.

7.3. Header Manipulation

7.3.1. Header Filtering

Adding additional SIP headers to the initial INVITEs relayed to the callee (second leg) is possible by modifying the following template file: /etc/ngcp-config/templates/etc/ngcp-sems/etc/ngcp.sbcprofile.conf.customtt.tt2. The following section can be changed:

header_filter=whitelist
header_list=P-R-Uri,P-D-Uri,P-Preferred-Identity,P-Asserted-Identity,Diversion,Privacy,Allow,Supported,Require,RAck,RSeq,Rseq,User-Agent,History-Info,Call-Info

By default the system will remove from the second leg all the SIP headers which are not in the above list. If you want to keep some additional/custom SIP headers, coming from the first leg, into the second leg you just need to add them at the end of the header_list= list. After that, as usual, you need to apply the changes. In this way the system will keep your headers in the INVITE sent to the destination subscriber/peer.

[Warning]

DO NOT TOUCH the list if you don’t know what you are doing.

7.3.2. Codec Filtering

Sometimes you may need to filter some audio CODEC from the SDP payload, for example if you want to force your subscribers to do not talk a certain codecs or force them to talk a particular one. To achieve that you just need to change the /etc/ngcp-config/config.yml, in the following section:

sdp_filter:
      codecs: PCMA,PCMU,telephone-event
      enable: yes
      mode: whitelist

In the example above, the system is removing all the audio CODECS from the initial INVITE except G711 alaw,ulaw and telephone-event. In this way the callee will be notified that the caller is able to talk only PCMA. Another example is the blacklist mode:

sdp_filter:
      codecs: G729,G722
      enable: yes
      mode: blacklist

In this way the G729 and G722 will be removed from the SDP payload. In order to apply the changes, as usual, you need to run ngcpcfg apply Enable CODEC filtering .

7.3.3. Enable History and Diversion Headers

It may be useful and mandatory - specially with NGN interconnection - to enable SIP History header and/or Diversion header for outbound requests to a peer or even for on-net calls. In order to do so, you should enable the following preferences in Domain’s and Peer’s Preferences:

  • Domain’s Prefererences: inbound_uprn = Forwarder’s NPN
  • Peer’s Prefererences: outbound_history_info = UPRN
  • Peer’s Prefererences: outbound_diversion = UPRN
  • Domain’s Prefererences: outbound_history_info = UPRN (if you want to allow History Header for on-net call as well)
  • Domain’s Prefererences: outbound_diversion = UPRN (if you want to allow Diversion Header for on-net call as well)

7.4. SIP Trunking with SIPconnect

7.4.1. User provisioning

For the purpose of external SIP-PBX interconnect with sip:provider CE the platform admin should create a subscriber with multiple aliases representing the numbers and number ranges served by the SIP-PBX.

  • Subscriber username - any SIP username that forms an "email-style" SIP URI.
  • Subscriber Aliases - numbers in the global E.164 format without leading plus.

To configure the Subscriber, go to SettingsSubscribers and click Details on the row of your subscriber. There, click on the Preferences button on top.

You should look into the Number Manipulations and Access Restrictions sections in particular, which control the calling and called number presentation.

7.4.2. Inbound calls routing

Enable preference Number Manipulationse164_to_ruri for routing inbound calls to SIP-PBX. This ensures that the Request-URI will comprise a SIP-URI containing the dialed alias-number as user-part, instead of the user-part of the registered AOR (which is normally a static value).

7.4.3. Number manipulations

The following sections describe the recommended configuration for correct call routing and CLI presentation according to the SIPconnect 1.1 recommendation.

7.4.3.1. Rewrite rules

The SIP PBX by default inherits the domain dialplan which usually has rewrite rules applied to normal Class 5 subscribers with inbound rewrite rules normalizing the dialed number to the E.164 standard. If most users of this domain are Class 5 subscribers the dialplan may supply calling number in national format - see Section 6.6, “Configuring Rewrite Rule Sets”. While the SIP-PBX trunk configuration can be sometimes amended it is a good idea in sense of SIPconnect recommendation to send only the global E.164 numbers.

Moreover, in mixed environments with the sip:provider CE Cloud PBX sharing the same domain with SIP trunking (SIP-PBX) customers the subscribers may have different rewrite rules sets assigned to them. The difference is caused by the fact that the dialplan for Cloud PBX is fundamentally different from the dialplan for SIP trunks due to extension dialing, where the Cloud PBX subscribers use the break-out code (see ???) to dial numbers outside of this PBX.

The SIPconnect compliant numbering plan can be accommodated by assigning Rewrite Rules Set to the SIP-PBX subscriber. Below is a sample Rewrite Rule Set for using the global E.164 numbers with plus required for the calling and called number format compliant to the recommendation.

Inbound Rewrite Rule for Caller

  • Match Pattern: ^(00|\+)([1-9][0-9]+)$
  • Replacement Pattern: \2
  • Description: International to E.164
  • Direction: Inbound
  • Field: Caller

Inbound Rewrite Rule for Callee

  • Match Pattern: ^(00|\+)([1-9][0-9]+)$
  • Replacement Pattern: \2
  • Description: International to E.164
  • Direction: Inbound
  • Field: Callee

Outbound Rewrite Rule for Caller

  • Match Pattern: ^([1-9][0-9]+)$
  • Replacement Pattern: +\1
  • Description: For the calls to SIP-PBX add plus to E.164
  • Direction: Outbound
  • Field: Caller

Outbound Rewrite Rule for Callee

  • Match Pattern: ^([1-9][0-9]+)$
  • Replacement Pattern: +\1
  • Description: For the calls to SIP-PBX add plus to E.164
  • Direction: Outbound
  • Field: Callee

Assign the aforementioned Rewrite Rule Set to the SIP-PBX subscribers.

[Warning]

Outbound Rewrite Rules for Callee shall NOT be applied to the calls to normal SIP UAs like IP phones since the number with plus does not correspond to their SIP username.

7.4.3.2. User parameter

The following configuration is needed for your platform to populate the From and To headers and Request-URI of the INVITE request with "user=phone" parameter as per RFC 3261 Section 19.1.1 (if the user part of the URI contains telephone number formatted as a telephone-subscriber).

  • Domain’s Prefererences: outbound_from_user_is_phone = Y
  • Domain’s Prefererences: outbound_to_user_is_phone = Y
7.4.3.3. Forwarding number

The following is our common configuration that covers the calling number presentation in a variety of use-cases, including the incoming calls, on-net calls and Call Forward by the platform:

  • Domain’s Preferences: inbound_uprn = Forwarder’s NPN
  • Domain’s Preferences: outbound_from_user = UPRN (if set) or User-Provided Number
  • Domain’s Preferences: outbound_pai_user = UPRN (if set) or Network-Provided Number
  • Domain’s Preferences: outbound_history_info = UPRN (if the called user expects History-Info header)
  • Domain’s Preferences: outbound_diversion = UPRN (if the called user expects Diversion header)
  • Domain’s Preferences: outbound_to_user = Original (Forwarding) called user if the callee expects the number of the subscriber forwarding the call, otherwise leave default.

The above parameters can be tuned to operator specifics as required. You can of course override these settings in the Subscriber Preferences if particular subscribers need special settings.

[Tip]

On outgoing call from SIP-PBX subscriber the Network-Provided Number (NPN) is set to the cli preference prefilled with main E.164 number. In order to have the full alias number as NPN on outgoing call set preference extension_in_npn = Y.

Externally forwarded call. If the call forward takes place inside the SIP-PBX it can use one of the following specification for signaling the diversion number to the platform:

  • using Diversion method (RFC 5806): configure Subscriber’s Prefererences: inbound_uprn = Forwarder’s NPN / Received Diversion
  • using History-Info method (RFC 7044): NGCP platform extends the History-Info header received from the PBX by adding another level of indexing according to the specification RFC 7044.
7.4.3.4. Allowed CLIs
  • For correct calling number presentation on outgoing calls, you should include the pattern matching all the alias numbers of SIP-PBX or each individual alias number under the allowed_clis preference.
  • If the signalling calling number (usually taken from From user-part, see inbound_upn preferences) does not match the allowed_clis pattern, the user_cli or cli preference (Network-Provided Number) will be used for calling number presentation.

7.4.4. Registration

SIP-PBX can use either Static or Registration Mode. While SIPconnect 1.1 continues to require TLS support at MUST strength, one should note that using TLS for signaling does not require the use of the SIPS URI scheme. SIPS URI scheme is obsolete for this purpose.

Static Mode. While SIPconnect 1.1 allows the use of Static mode as described in Section 16 this poses additional maintenance overhead on the operator. The administrator should create a static registration for the SIP-PBX: go to Susbcribers, DetailsRegistered DevicesCreate Permanent Registration and put address of the SIP-PBX in the following format: sip:username@ipaddress:5060 where username=username portion of SIP URI and ipaddress = IP address of the device.

Registration Mode. It is recommended to use the Registration mode with SIP credentials defined for the SIP-PBX subscriber.

[Important]

The use of RFC 6140 style "bulk number registration" is discouraged. The SIP-PBX should register one AOR with email-style SIP URI. The sip:provider CE will take care of routing the aliases to the AOR with e164_to_ruri preference.

7.4.4.1. Trusted sources

You can do IP-based authentication for subscribers using the Trusted Source mechanism in your subscriber’s preferences (DetailsPreferencesTrusted Sources) if the SIP-PBX can’t authenticate.

7.5. Limiting Subscriber Preferences via Subscriber Profiles

The preferences a subscriber can provision by himself via the CSC can be limited via profiles within profile sets assigned to subscribers.

7.5.1. Subscriber Profile Sets

Profile sets define containers for profiles. The idea is to define profile sets with different profiles by the administrator (or the reseller, if he is permitted to do so). Then, a subscriber with administrative privileges can re-assign profiles within his profile sets for the subscribers of his customer account.

Profile Sets can be defined in SettingsSubscriber Profiles. To create a new Profile Set, click Create Subscriber Profile Set.

Create Subscriber Profile Set

You need to provide a reseller, name and description.

To create Profiles within a Profile Set, hover over the Profile Set and click the Profiles button.

Profiles within a Profile Set can be created by clicking the Create Subscriber Profile button.

Create Subscriber Profile

Checking the Default Profile option causes this profile to get assigned automatically to all subscribers, who have the profile set assigned. Other options define the user preferences which should be made available to the subscriber.

7.6. Creating Trusted Subscribers

In some cases, when you have a device that cannot authenticate itself towards sip:provider CE, you may need to create Trusted Subscriber. Trusted Subscribers use IP-based authentication and they have a Permanent SIP Registration URI in order to receive messages from sip:provider CE. In order to create a Trusted Subscriber you just need to create a normal subscriber, then Create a Permanent Registration via (SubscribersDetails-→Registered Devices-→Create Permanent Registration) and also you need to add the devices IP as Trusted Source in your subscriber’s preferences (DetailsPreferencesTrusted Sources). In this way, all messages coming from your device IP will be trusted (and authenticate just via the source IP), on the other side all the SIP messages to your devices will be sent to the SIP URI specified in the Permanent Registration.

7.7. Voicemail System

7.7.1. Accessing the IVR Menu

For a subscriber to manage his voicebox via IVR, there are two ways to access the voicebox. One is to call the URI voicebox@yourdomain from the subscriber itself, allowing password-less access to the IVR, as the authentication is already done on SIP level. The second is to call the URI voiceboxpass@yourdomain from any subscriber, causing the system to prompt for a mailbox and a PIN.

7.7.1.1. Mapping numbers and codes to IVR access

Since access might need to be provided from external networks like PSTN/Mobile, and since certain SIP phones don’t support calling alphanumeric numbers to dial voicebox, you can map any arbitrary number to the voicebox URIs using rewrite rules.

To do so, you can provision a match pattern like ^(00|\+)12345$ with a replace pattern voicebox or voiceboxpass to map a number to either password-less or password-based IVR access.

7.7.1.2. External IVR access

When reaching voiceboxpass, the subscriber is prompted for her mailbox number and a password. All numbers assigned to a subscriber are valid input (primary number and any alias number). By default, the required format is in E.164, so the subscriber needs to enter the full number including country code, for example 4912345 if she got assigned a German number.

You can globally configure a rewrite rule in config.yml using asterisk.voicemail.normalize_match and asterisk.voicemail.normalize_replace, allowing you to customize the format a subscriber can enter, e.g. having ^0([1-9][0-9]+)$ as match part and 49$1 as replace part to accept German national format.

7.7.2. IVR Menu Structure

The following list shows you how the voicebox menu is structured.

  • 1 Read voicemail messages

    • 3 Advanced options

      • 3 To Hear messages Envelope
      • * Return to the main menu
    • 4 Play previous message
    • 5 Repeat current message
    • 6 Play next message
    • 7 Delete current message
    • 9 Save message in a folder

      • 0 Save in new Messages
      • 1 Save in old Messages
      • 2 Save in Work Messages
      • 3 Save in Family Messages
      • 4 Save in Friends Messages
      • # Return to the main menu
  • 2 Change folders

    • 0 Switch to new Messages
    • 1 Switch to old Messages
    • 2 Switch to Work Messages
    • 3 Switch to Family Messages
    • 4 Switch to Friends Messages
    • # Get Back
  • 3 Advanced Options

    • * To return to the main menu
  • 0 Mailbox options

    • 1 Record your unavailable message

      • 1 accept it
      • 2 Listen to it
      • 3 Rerecord it
    • 2 Record your busy message

      • 1 accept it
      • 2 Listen to it
      • 3 Rerecord it
    • 3 Record your name

      • 1 accept it
      • 2 Listen to it
      • 3 Rerecord it
    • 4 Record your temporary greetings

      • 1 accept it / or re-record if one already exist
      • 2 Listen to it / or delete if one already exist
      • 3 Rerecord it
    • 5 Change your password
    • * To return to the main menu
  • * Help
  • # Exit

7.7.3. Type Of Messages

A message/greeting is a short message that plays before the caller is allowed to record a message. The message is intended to let the caller know that you are not able to answer their call. It can also be used to convey other information like when you will be available, other methods to contact you, or other options that the caller can use to receive assistance.

The IVR menu has three types of greetings.

7.7.3.1. Unavailable Message

The standard voice mail greeting is the "unavailable" greeting. This is used if you don’t answer the phone and so the call is directed to your voice mailbox.

  • You can record a custom unavailable greeting.
  • If you have not recorded your unavailable greeting but have recorded your name, the system will play a generic message like: “Recorded name is unavailable.”
  • If you have not recorded your unavailable greeting, the phone system will play a generic message like: "Digits-of-number-dialed is unavailable".
7.7.3.2. Busy Message

If you wish, you can record a custom greeting used when someone calls you and you are currently on the phone. This is called your "Busy" greeting.

  • You can record a custom busy greeting.
  • If you have not recorded your busy greeting but have recorded your name, the phone system will play a generic message: "Recorded name is busy."
  • If you have not recorded your busy greeting and have not recorded your name (see below), the phone system will play a generic message: "Digits-of-number-dialed is busy."
7.7.3.3. Temporary Greeting

You can also record a temporary greeting. If it exists, a temporary greeting will always be played instead of your "busy" or "unavailable" greetings. This could be used, for example, if you are going on vacation or will be out of the office for a while and want to inform people not to expect a return call anytime soon. Using a temporary greeting avoids having to change your normal unavailable greeting when you leave and when you come back.

7.7.4. Folders

The Voicemail system allows you to save and organize your messages into folders. There can be up to ten folders.

7.7.4.1. The Default Folder List
  • 0 - New Messages
  • 1 - Old Messages
  • 2 - Work Messages
  • 3 - Family Messages
  • 4 - Friends Messages

When a caller leaves a message for you,the system will put the message into the "New Messages" folder. If you listen to the message, but do not delete the message or save the message to a different folder, it will automatically move the message to the "Old Messages" folder. When you first log into your mailbox, the Voicemail System will make the "New Messages" folder the current folder if you have any new messages. If you do not have any new messages the it will make the "Old Messages" folder the current folder.

7.8. XMPP Instant Messaging

Instant Messaging (IM) based on XMPP comes with sip:provider CE out of the box. sip:provider CE uses prosody as internal XMPP server. Each subscriber created on the platform have assigned a XMPP user, reachable already - out of the box - by using the same SIP credentials. You can easily open an XMPP client (e.g. Pidgin) and login with your SIP username@domain and your SIP password. Then, using the XMPP client options, you can create your buddy list by adding your buddies in the format user@domain.

7.9. Configuring Subscriber IVR Language

The language for the Voicemail system IVR or Vertical Service Codes (VSC) IVRs may be set using the subscriber or domain preference language.

Set Subscriber IVR Language

The sip:provider CE provides the pre-installed prompts for the Voicemail in the English, Spanish, French and Italian languages and the pre-installed prompts for the Vertical Service Codes IVRs in English only.

The other IVRs such as the Conference system and the error announcements use the Sound Sets configured in NGCP Panel and uploaded by the administrator in his language of choice.

7.10. Sound Sets

The sip:provider CE provides the administrator with ability to upload the voice prompts such as conference prompts or call error announcements on the Sound Sets page. There is a preference sound_set on Domain and Subscriber levels to link subscribers to the sound set that they should hear (as usual the subscriber preference overrides the domain one). Sound Sets can be defined in SettingsSound Sets. To create a new Sound Set, click Create Sound Set. Then click the Files button.

Create a Sound Set

[Note]

You may use 8 or 16 bit mono WAV audio files for all of the voice prompts.

7.10.1. Configuring Early Reject Sound Sets

The call error announcements are grouped under Early Rejects section. Unfold the section and click Upload next to the sound handles (Names) that you want to use. Choose a WAV file from your file system, and click the Loopplay setting if you want to play the file in a loop instead of just once. Click Save to upload the file.

Early Reject Sounds

The call error announcements are played to the user in early media hence the name "Early Reject". If you don’t provide the sound files for any handles they will not be used and the sip:provider CE will fallback to sending the error response code back to the user.

Table 2. Early Reject Sound Sets

HandleDescriptionMessage played

block_in

This is what the calling party hears when a call is made from a number that is blocked by the incoming block list (adm_block_in_list, block_in_list subscriber preferences)

Your call is blocked by the number you are trying to reach.

block_out

This is what the calling party hears when a call is made to a number that is blocked by the outgoing block list (adm_block_out_list, block_out_list subscriber preferences)

Your call to the number you are trying to reach is blocked.

block_ncos

This is what the calling party hears when a call is made to a number that is blocked by the NCOS level assigned to the subscriber or domain (the NCOS level chosen in ncos and adm_ncos preferences)

Your call to the number you are trying to reach is not permitted.

block_override_pin_wrong

Announcement played to calling party if it used wrong PIN code to override the outgoing user block list or the NCOS level for this call (the PIN set by block_out_override_pin and adm_block_out_override_pin preferences)

The PIN code you have entered is not correct.

locked_in

Announcement played on incoming call to a subscriber that is locked for incoming calls

The number you are trying to reach is currently not permitted to receive calls.

locked_out

Announcement played on outgoing call to subscriber that is locked for outgoing calls

You are currently not allowed to place outbound calls.

max_calls_in

Announcement played on incoming call to a subscriber who has exceeded the concurrent_max limit by sum of incoming and outgoing calls or whose customer has exceeded the concurrent_max_per_account limit by sum of incoming and outgoing calls

The number you are trying to reach is currently busy. Please try again later.

max_calls_out

Announcement played on outgoing call to a subscriber who has exceeded the concurrent_max (total limit) or concurrent_max_out (limit on number of outbound calls) or whose customer has exceeded the concurrent_max_per_account or concurrent_max_out_per_account limit

All outgoing lines are currently in use. Please try again later.

max_calls_peer

Announcement played on calls from the peering if that peer has reached the maximum number of concurrent calls (configured by admin in concurrent_max preference of peering server)

The network you are trying to reach is currently busy. Please try again later.

unauth_caller_ip

This is what the calling party hears when it tries to make a call from unauthorized IP address or network (allowed_ips, man_allowed_ips preferences)

You are not allowed to place calls from your current network location.

relaying_denied

Announcement played on inbound call from trusted IP (e.g. external PBX) with non-local Request-URI domain

The network you are trying to reach is not available.

invalid_speeddial

This is what the calling party hears when it calls an empty speed-dial slot

The speed dial slot you are trying to use is not available.

cf_loop

Announcement played when the called subscriber has the call forwarding configured to itself

The number you are trying to reach is forwarded to an invalid destination.

callee_offline

Announcement played on incoming call to the subscriber which is currently not registered

The number you are trying to reach is currently not available. Please try again later.

callee_busy

Announcement played on incoming call to the subscriber which is currently busy (486 response from the UAS)

The number you are trying to reach is currently busy. Please try again later.

callee_unknown

Announcement that is played on call to unknown or invalid number (not associated with any of our subscribers/hunt groups)

The number you are trying to reach is not in use.

callee_tmp_unavailable

Announcement played on incoming call to the subscriber which is currently unavailable (408, other 4xx or no response code or 30x with malformed contact)

The number you are trying to reach is currently not available. Please try again later.

peering_unavailable

Announcement played in case of outgoing off-net call when there is no peering rule matching this destination and/or source

The network you are trying to reach is not available.

voicebox_unavailable

Announcement played on call to voicebox if the voicemail server is not configured (system operation is impaired)

The voicemail of the number you are trying to reach is currently not available. Please try again later.

emergency_unsupported

Announcement played when emergency destination is dialed but the emergency calls are administratively prohibited for this user or domain (reject_emergency preference is enabled)

You are not allowed to place emergency calls from this line. Please use a different phone.

no_credit

Announcement played when prepaid account has insufficient balance to make a call to this destination


 

7.11. Conference System

The sip:provider CE provides the simple pin-protected conferencing service built using the SEMS DSM scripting language. Hence it is open for all kinds of modifications and extensions.

Template files for the sems conference scripts stored in /etc/ngcp-config/templates/etc/ngcp-sems/:

  • IVR script: /etc/ngcp-config/templates/etc/ngcp-sems/dsm/confpin.dsm.tt2
  • Config: /etc/ngcp-config/templates/etc/ngcp-sems/dsm/confpin.conf.tt2

7.11.1. Configuring Call Forward to Conference

Go to your Subscriber Preferences and click Edit on the Call Forward Type you want to set (e.g. Call Forward Unconditional).

Configure Call Forward to Conference

You should select Conference option in the Destination field and leave the URI/Number empty. The timeout defines for how long this destination should be tried to ring.

7.11.2. Configuring Conference Sound Sets

Sound Sets can be defined in SettingsSound Sets. To create a new Sound Set, click Create Sound Set. Then click the Files button.

Conference Sounds

Upload the following files:

Table 3. Conference Sound Sets

HandleMessage played

conference_greeting

Welcome to the conferencing service. Please enter your PIN, followed by the pound key.

conference_pin_wrong

You have entered an invalid PIN number. Please try again.

conference_joined

You will be placed into the conference.

conference_join

A person has joined the conference.

conference_leave

A person has left the conference.

goodbye

Goodbye.


[Note]

You may use 8 or 16 bit mono WAV audio files.

Then set the preference sound_set on the Domain or Subscriber level in order to assign the Sound Set you have just created to the subscriber (as usual the subscriber preference overrides the domain one).

7.11.3. Entering the Conference with a PIN

It is mandatory to configure the PIN code for entrance to the conference on the same subscriber which has the Call Forwarding active. Responsible for this is the conference_pin preference in the Internals section of subscriber preferences.

Set Subscriber IVR Language

When calling the conference IVR you are requested to enter this PIN. Upon the successful entry of the PIN the caller hears the announcement that he is going to be placed into a conference and at the same time this is announced to all participants in the conference.

7.12. Malicious Call Identification (MCID)

MCID feature allows customers to report unwanted calls to the platform operator.

7.12.1. Setup

To enable the feature first edit config.yml and enable there apps: malicious_call: yes and kamailio: store_recentcalls: yes. The latter option enables kamailio to store recent calls per subscrbriber UUID in the redis DB (the amount of stored recent calls will not exceed the amount of provisionined subscribers).

Next step is to create a system sound set for the feature. In Settings→Sound Sets either use your already existing Sound Set or create a new Sound Set and then assign it to your domain or subscribers. In the Sound Set there is a fileset malicious_call_identification→mailicious_call_report for that purpose.

Once the Sound Set is created the Subscriber’s Preferences Malicious Call Identification must be enabled under Subcriber → Preferences → Applications menu. The same parameter can be set in the Customer’s preferences to enable this feature for all its subscribers.

The final step is to create a new Rewrite Rule and to route calls to, for instance *123 → MCID application. For that you create a Calee Inbound rewrite rule ^(\*123)$malicious_call

Finaly you run ngcpcfg apply Enabling MCID to recreate the templates and automatically restart depended services.

7.12.2. Usage

As a subscriber, to report a malicious call you call to either malicious_call or to your custom number assigned for that purpose. Please note that you can report only your last received call. You will hear the media reply from the Sound Set you have previosuly configured.

To check reported malicious calls as the plafrom operator open Settings→Malicious Calls tab where you will see a list of registered calls. You can selectively delete records from the list and alternatively you can manage the reported calls by using the REST API.

7.12.3. Advanced configuration

By default the expiration time for the most recent call per subscriber is 3600 seconds (1 hour). If you wish to prolong or shorten the expiration time open constants.yml and set there recentcalls: expire: 3600 to a new value, and issue ngcpcfg apply Enabling MCID afterwards.

7.13. Handling WebRTC Clients

WebRTC is an open project providing browsers and mobile applications with Real-Time Communications (RTC) capabilities. Configuring your platform to offer WebRTC is quite easy and straightforward. This allows you to have a SIP-WebRTC bridge in place and make audio/video call towards normal SIP users from WebRTC clients and vice versa. Sip Provider listens, by default, on the following WebSockets and WebSocket Secure: ws://your-ip:5060/ws, wss://your-ip:5061/ws and wss://your-ip:1443/wss/sip/.

The WebRTC subscriber is just a normal subscriber which has just a different configuration in his Preferences. You need to change the following preferences under Subscribers→Details→Preferences→NAT and Media Flow Control:

  • use_rtpproxy: Always with rtpproxy as additional ICE candidate
  • transport_protocol: RTP/SAVPF (encrypted SRTP with RTCP feedback)

The transport_protocol setting may change, depending on your WebRTC client/browser configuration. Supported protocols are the following:

  • Transparent (Pass through using the client’s transport protocol)
  • RTP/AVP (Plain RTP)
  • RTP/SAVP (encrypted SRTP)
  • RTP/AVPF (RTP with RTCP feedback)
  • RTP/SAVPF (encrypted SRTP with RTCP feedback)
  • UDP/TLS/RTP/SAVP (Encrypted SRTP using DTLS)
  • UDP/TLS/RTP/SAVPF (Encrypted SRTP using DTLS with RTCP feedback)
[Warning]

The below configuration is enough to handle a WebRTC client/browser. As mentioned, you may need to tune a little bit your transport_protocol configuration, depending on your client/browser settings.

In order to have a bridge between normal SIP clients (using plain RTP for example) and WebRTC client, the normal SIP clients' preferences have to have the following configuration:

transport_protocol: RTP/AVP (Plain RTP)

This will teach Sip Provider to translate between Plain RTP and RTP/SAVPF when you have calls between normal SIP clients and WebRTC clients.

7.14. SIP loop detection

In order to detect a SIP loop ( incoming call as a response for a call request ) sip:provider CE checks the combination of SIP-URI, To and From headers.

This check can be enabled in config.yml by setting kamailio.proxy.loop_detection.enable: 'yes'. The system tolerates kamailio.proxy.loop_detection.max loops within kamailio.proxy.loop_detection.expire seconds. Higher occurrence of loops will be reported with a SIP 482 "Loop Detected" error message

.