fusionpbx/resources/templates/conf/sip_profiles/external.xml

<profile name="external">
	<!-- http://wiki.freeswitch.org/wiki/Sofia_Configuration_Files --> 
	<!-- This profile is only for outbound registrations to providers -->
	<gateways>
		<X-PRE-PROCESS cmd="include" data="external/*.xml"/>
	</gateways>

	<aliases>
		<!-- 
		<alias name="outbound"/>
		<alias name="nat"/>
		-->
	</aliases>

	<domains>
		<domain name="all" alias="false" parse="true"/>
	</domains>

	<settings>
		<param name="debug" value="0"/>
		<!-- If you want FreeSWITCH to shutdown if this profile fails to load, uncomment the next line. -->
		<param name="shutdown-on-fail" value="true" enabled="false"/>
		<param name="sip-trace" value="no"/>
		<param name="sip-capture" value="no"/>        
		<param name="rfc2833-pt" value="101"/>
		<!-- RFC 5626 : Send reg-id and sip.instance -->
		<param name="enable-rfc-5626" value="true" enabled="false"/>
		<param name="sip-port" value="$${external_sip_port}"/>
		<param name="dialplan" value="XML"/>
		<param name="context" value="public"/>
		<param name="dtmf-duration" value="2000"/>
		<param name="inbound-codec-prefs" value="$${global_codec_prefs}"/>
		<param name="outbound-codec-prefs" value="$${outbound_codec_prefs}"/>
		<param name="hold-music" value="$${hold_music}"/>
		<param name="zrtp-passthru" value="true"/>
		<param name="rtp-timer-name" value="soft"/>
		<param name="enable-100rel" value="true" enabled="false"/>
		<param name="disable-srv503" value="true" enabled="false"/>
		<!-- This could be set to "passive" -->
		<param name="local-network-acl" value="localnet.auto"/>
		<param name="manage-presence" value="false"/>

		<!-- used to share presence info across sofia profiles 
		 manage-presence needs to be set to passive on this profile
		 if you want it to behave as if it were the internal profile 
		 for presence.
		-->
		<!-- Name of the db to use for this profile -->
		<param name="dbname" value="share_presence" enabled="false"/>
		<param name="presence-hosts" value="$${domain}" enabled="false"/>
		<param name="force-register-domain" value="$${domain}" enabled="false"/>
		<!--all inbound reg will stored in the db using this domain -->
		<param name="force-register-db-domain" value="$${domain}" enabled="false"/>
		<!-- ************************************************* -->

		<!--<param name="aggressive-nat-detection" value="true"/>-->
		<param name="inbound-codec-negotiation" value="generous"/>
		<param name="nonce-ttl" value="60"/>
		<param name="auth-calls" value="false"/>
		<!--
		DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
		-->
		<param name="rtp-ip" value="$${local_ip_v4}"/>
		<param name="sip-ip" value="$${local_ip_v4}"/>
		<param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
		<param name="ext-sip-ip" value="$${external_sip_ip}"/>
		<param name="rtp-timeout-sec" value="300"/>
		<param name="rtp-hold-timeout-sec" value="1800"/>
		<!--<param name="enable-3pcc" value="true"/>-->

		<!-- TLS: disabled by default, set to "true" to enable -->
		<param name="tls" value="$${external_ssl_enable}"/>
		<!-- Set to true to not bind on the normal sip-port but only on the TLS port -->
		<param name="tls-only" value="false"/>
		<!-- additional bind parameters for TLS -->
		<param name="tls-bind-params" value="transport=tls"/>
		<!-- Port to listen on for TLS requests. (5081 will be used if unspecified) -->
		<param name="tls-sip-port" value="$${external_tls_port}"/>
		<!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
		<param name="tls-cert-dir" value="$${external_ssl_dir}"/>
		<!-- Optionally set the passphrase password used by openSSL to encrypt/decrypt TLS private key files -->
		<param name="tls-passphrase" value=""/>
		<!-- Verify the date on TLS certificates -->
		<param name="tls-verify-date" value="true"/>
		<!-- TLS verify policy, when registering/inviting gateways with other servers (outbound) or handling inbound registration/invite requests how should we verify their certificate -->
		<!-- set to 'in' to only verify incoming connections, 'out' to only verify outgoing connections, 'all' to verify all connections, also 'in_subjects', 'out_subjects' and 'all_subjects' for subject validation. Multiple policies can be split with a '|' pipe -->
		<param name="tls-verify-policy" value="none"/>
		<!-- Certificate max verify depth to use for validating peer TLS certificates when the verify policy is not none -->
		<param name="tls-verify-depth" value="2"/>
		<!-- If the tls-verify-policy is set to subjects_all or subjects_in this sets which subjects are allowed, multiple subjects can be split with a '|' pipe -->
		<param name="tls-verify-in-subjects" value=""/>
		<!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
		<param name="tls-version" value="$${sip_tls_version}"/>

		<!--If you have ODBC support and a working dsn you can use it instead of SQLite-->
		<param name="odbc-dsn" value="$${dsn}" enabled="false"/>
	</settings>
</profile>
Add a missing file sip_profile_copy.php to the dev branch. 2012-06-04 16:58:40 +02:00			`<profile name="external">`
			`<!-- http://wiki.freeswitch.org/wiki/Sofia_Configuration_Files -->`
			`<!-- This profile is only for outbound registrations to providers -->`
			`<gateways>`
			`<X-PRE-PROCESS cmd="include" data="external/*.xml"/>`
			`</gateways>`

			`<aliases>`
			`<!--`
			`<alias name="outbound"/>`
			`<alias name="nat"/>`
			`-->`
			`</aliases>`

			`<domains>`
			`<domain name="all" alias="false" parse="true"/>`
			`</domains>`

			`<settings>`
			`<param name="debug" value="0"/>`
			`<!-- If you want FreeSWITCH to shutdown if this profile fails to load, uncomment the next line. -->`
Add sip profiles enabled="false" for variables that are default disabled. 2015-01-22 01:22:15 +01:00			`<param name="shutdown-on-fail" value="true" enabled="false"/>`
Add a missing file sip_profile_copy.php to the dev branch. 2012-06-04 16:58:40 +02:00			`<param name="sip-trace" value="no"/>`
			`<param name="sip-capture" value="no"/>`
			`<param name="rfc2833-pt" value="101"/>`
			`<!-- RFC 5626 : Send reg-id and sip.instance -->`
Add sip profiles enabled="false" for variables that are default disabled. 2015-01-22 01:22:15 +01:00			`<param name="enable-rfc-5626" value="true" enabled="false"/>`
Add a missing file sip_profile_copy.php to the dev branch. 2012-06-04 16:58:40 +02:00			`<param name="sip-port" value="$${external_sip_port}"/>`
			`<param name="dialplan" value="XML"/>`
			`<param name="context" value="public"/>`
			`<param name="dtmf-duration" value="2000"/>`
			`<param name="inbound-codec-prefs" value="$${global_codec_prefs}"/>`
			`<param name="outbound-codec-prefs" value="$${outbound_codec_prefs}"/>`
			`<param name="hold-music" value="$${hold_music}"/>`
Add to add zrtp-passthru as a default to the external sip profile. 2012-08-10 17:45:46 +02:00			`<param name="zrtp-passthru" value="true"/>`
Add a missing file sip_profile_copy.php to the dev branch. 2012-06-04 16:58:40 +02:00			`<param name="rtp-timer-name" value="soft"/>`
Add sip profiles enabled="false" for variables that are default disabled. 2015-01-22 01:22:15 +01:00			`<param name="enable-100rel" value="true" enabled="false"/>`
			`<param name="disable-srv503" value="true" enabled="false"/>`
Add a missing file sip_profile_copy.php to the dev branch. 2012-06-04 16:58:40 +02:00			`<!-- This could be set to "passive" -->`
			`<param name="local-network-acl" value="localnet.auto"/>`
			`<param name="manage-presence" value="false"/>`

			`<!-- used to share presence info across sofia profiles`
			`manage-presence needs to be set to passive on this profile`
			`if you want it to behave as if it were the internal profile`
			`for presence.`
			`-->`
			`<!-- Name of the db to use for this profile -->`
Add sip profiles enabled="false" for variables that are default disabled. 2015-01-22 01:22:15 +01:00			`<param name="dbname" value="share_presence" enabled="false"/>`
			`<param name="presence-hosts" value="$${domain}" enabled="false"/>`
			`<param name="force-register-domain" value="$${domain}" enabled="false"/>`
Add a missing file sip_profile_copy.php to the dev branch. 2012-06-04 16:58:40 +02:00			`<!--all inbound reg will stored in the db using this domain -->`
Add sip profiles enabled="false" for variables that are default disabled. 2015-01-22 01:22:15 +01:00			`<param name="force-register-db-domain" value="$${domain}" enabled="false"/>`
Add a missing file sip_profile_copy.php to the dev branch. 2012-06-04 16:58:40 +02:00			`<!-- ************************************************* -->`

			`<!--<param name="aggressive-nat-detection" value="true"/>-->`
			`<param name="inbound-codec-negotiation" value="generous"/>`
			`<param name="nonce-ttl" value="60"/>`
			`<param name="auth-calls" value="false"/>`
			`<!--`
			`DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!`
			`-->`
			`<param name="rtp-ip" value="$${local_ip_v4}"/>`
			`<param name="sip-ip" value="$${local_ip_v4}"/>`
			`<param name="ext-rtp-ip" value="$${external_rtp_ip}"/>`
			`<param name="ext-sip-ip" value="$${external_sip_ip}"/>`
			`<param name="rtp-timeout-sec" value="300"/>`
			`<param name="rtp-hold-timeout-sec" value="1800"/>`
			`<!--<param name="enable-3pcc" value="true"/>-->`

			`<!-- TLS: disabled by default, set to "true" to enable -->`
			`<param name="tls" value="$${external_ssl_enable}"/>`
			`<!-- Set to true to not bind on the normal sip-port but only on the TLS port -->`
			`<param name="tls-only" value="false"/>`
			`<!-- additional bind parameters for TLS -->`
			`<param name="tls-bind-params" value="transport=tls"/>`
			`<!-- Port to listen on for TLS requests. (5081 will be used if unspecified) -->`
			`<param name="tls-sip-port" value="$${external_tls_port}"/>`
			`<!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->`
			`<param name="tls-cert-dir" value="$${external_ssl_dir}"/>`
			`<!-- Optionally set the passphrase password used by openSSL to encrypt/decrypt TLS private key files -->`
			`<param name="tls-passphrase" value=""/>`
			`<!-- Verify the date on TLS certificates -->`
			`<param name="tls-verify-date" value="true"/>`
			`<!-- TLS verify policy, when registering/inviting gateways with other servers (outbound) or handling inbound registration/invite requests how should we verify their certificate -->`
			`<!-- set to 'in' to only verify incoming connections, 'out' to only verify outgoing connections, 'all' to verify all connections, also 'in_subjects', 'out_subjects' and 'all_subjects' for subject validation. Multiple policies can be split with a '\|' pipe -->`
			`<param name="tls-verify-policy" value="none"/>`
			`<!-- Certificate max verify depth to use for validating peer TLS certificates when the verify policy is not none -->`
			`<param name="tls-verify-depth" value="2"/>`
			`<!-- If the tls-verify-policy is set to subjects_all or subjects_in this sets which subjects are allowed, multiple subjects can be split with a '\|' pipe -->`
			`<param name="tls-verify-in-subjects" value=""/>`
			`<!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->`
			`<param name="tls-version" value="$${sip_tls_version}"/>`

Add odbc-dsn to external and ipv6 sip profiles. 2015-02-03 04:21:21 +01:00			`<!--If you have ODBC support and a working dsn you can use it instead of SQLite-->`
			`<param name="odbc-dsn" value="$${dsn}" enabled="false"/>`
Add a missing file sip_profile_copy.php to the dev branch. 2012-06-04 16:58:40 +02:00			`</settings>`
			`</profile>`