Sync up the external-ipv6 SIP Profile

resources/templates/conf/sip_profiles/external-ipv6.xml.noload

@@ -15,8 +15,8 @@
 
 	<settings>
 		<param name="debug" value="0"/>
-		<!-- If you want FreeSWITCH to shutdown if this profile fails to load, uncomment the next line. -->
 		<param name="user-agent-string" value="FreeSWITCH" enabled="true"/>
+		<!-- If you want FreeSWITCH to shutdown if this profile fails to load, uncomment the next line. -->
 		<param name="shutdown-on-fail" value="true" enabled="false"/>
 		<param name="sip-trace" value="no"/>
 		<param name="sip-capture" value="no"/>
@@ -25,14 +25,11 @@
 		<param name="enable-rfc-5626" value="true" enabled="false"/>
 		<param name="sip-port" value="$${external_sip_port}"/>
 		<param name="dialplan" value="XML"/>
-		<param name="track-calls" value="false"/>
 		<param name="context" value="public"/>
-		<param name="dtmf-type" value="rfc2833"/>
 		<param name="dtmf-duration" value="2000"/>
 		<param name="inbound-codec-prefs" value="$${global_codec_prefs}"/>
 		<param name="outbound-codec-prefs" value="$${outbound_codec_prefs}"/>
 		<param name="hold-music" value="$${hold_music}"/>
-		<param name="zrtp-passthru" value="true"/>
 		<param name="rtp-timer-name" value="soft"/>
 		<param name="enable-100rel" value="true" enabled="false"/>
 		<param name="disable-srv503" value="true" enabled="false"/>
@@ -41,9 +38,9 @@
 		<param name="manage-presence" value="false"/>
 
 		<!-- used to share presence info across sofia profiles
-		 manage-presence needs to be set to passive on this profile
-		 if you want it to behave as if it were the internal profile
-		 for presence.
+		manage-presence needs to be set to passive on this profile
+		if you want it to behave as if it were the internal profile
+		for presence.
 		-->
 		<!-- Name of the db to use for this profile -->
 		<param name="dbname" value="share_presence" enabled="false"/>
@@ -58,13 +55,14 @@
 		<param name="nonce-ttl" value="60"/>
 		<param name="auth-calls" value="true"/>
 		<param name="auth-subscriptions" value="true"/>
-		<!-- on authed calls, authenticate *all* the packets not just invite -->
-		<param name="auth-all-packets" value="false"/>
-
-		<!-- ip address to use for rtp, DO NOT USE HOSTNAMES ONLY IP ADDRESSES -->
+		<param name="inbound-late-negotiation" value="true"/>
+		<param name="inbound-zrtp-passthru" value="true"/> <!-- (also enables late negotiation) -->
+		<!--
+		DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
+		-->
 		<param name="rtp-ip" value="$${local_ip_v6}"/>
-		<!-- ip address to bind to, DO NOT USE HOSTNAMES ONLY IP ADDRESSES -->
 		<param name="sip-ip" value="$${local_ip_v6}"/>
+		<!-- Shouldn't set these on IPv6 -->
 		<param name="ext-rtp-ip" value="$${external_rtp_ip}" enabled="false"/>
 		<param name="ext-sip-ip" value="$${external_sip_ip}" enabled="false"/>
 		<param name="rtp-timeout-sec" value="300" description="deprecated" enabled="false"/>
@@ -73,11 +71,6 @@
 		<param name="media_hold_timeout" value="1800" enabled="true"/>
 		<param name="enable-3pcc" value="true" enabled="false"/>
 
-		<!--session timers -->
-		<param name="session-timeout" value="0" enabled="true"/>
-		<param name="enable-timer" value="false" enabled="true"/>
-		<param name="minimum-session-expires" value="0" enabled="false"/>
-
 		<!-- TLS: disabled by default, set to "true" to enable -->
 		<param name="tls" value="$${external_ssl_enable}"/>
 		<!-- Set to true to not bind on the normal sip-port but only on the TLS port -->
@@ -93,8 +86,8 @@
 		<!-- Verify the date on TLS certificates -->
 		<param name="tls-verify-date" value="false"/>
 		<!-- TLS verify policy, when registering/inviting gateways with other servers (outbound) or handling inbound registration/invite requests how should we verify their certificate -->
-		<!-- set to 'in' to only verify incoming connections, 'out' to only verify outgoing connections, 'all' to verify all connections, also 'in_subjects', 'out_subjects' and 'all_subjects' for subject validation. Multiple policies can be split with a '|' pipe -->
-		<param name="tls-verify-policy" value="all|subjects_all" enabled="false"/>
+		<!-- set to 'in' to only verify incoming connections, 'out' to only verify outgoing connections, 'all' to verify all connections, also 'subjects_in', 'subjects_out' and 'subjects_all' for subject validation. Multiple policies can be split with a '|' pipe -->
+		<param name="tls-verify-policy" value="none"/>
 		<!-- Certificate max verify depth to use for validating peer TLS certificates when the verify policy is not none -->
 		<param name="tls-verify-depth" value="2"/>
 		<!-- If the tls-verify-policy is set to subjects_all or subjects_in this sets which subjects are allowed, multiple subjects can be split with a '|' pipe -->
@@ -102,7 +95,21 @@
 		<!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
 		<param name="tls-version" value="$${sip_tls_version}"/>
 
+		<param name="zrtp-passthru" value="true"/>
+		<!-- on authed calls, authenticate *all* the packets not just invite -->
+		<param name="auth-all-packets" value="false"/>
+
+		<!--session timers -->
+		<param name="session-timeout" value="0" enabled="true"/>
+		<param name="enable-timer" value="false" enabled="true"/>
+		<param name="minimum-session-expires" value="0" enabled="false"/>
+
 		<!--If you have ODBC support and a working dsn you can use it instead of SQLite-->
 		<param name="odbc-dsn" value="$${dsn}" enabled="false"/>
+
+		<param name="dtmf-type" value="rfc2833"/>
+
+		<!-- save session in the database for option to restore SIP UDP calls -->
+		<param name="track-calls" value="false"/>
 	</settings>
 </profile>