Sippy Softswitch IP to IP Authentication
IP to IP Authentication is fundamental to Sippy's softswitch configuration. IP to IP Authentication provides significant call management flexibility and allows you and your customers to conduct business in as safe a manner as possible.
Note: This document is designed to complement the Sippy VoIP Softswitch Introduction Video Tutorial found in YouTube.
Termination IP Authentication
As described in the video tutorial, IP Authentication is achieved with the termination supplier through the Vendor's "Connection" relationship (Vendor > Connection).
A "Vendor" is a termination supplier such as an Interconnect, a Carrier, a GSM Gateway, an IP-PBX or any other end point used for call termination by the upstream or egress side of a call. Each Vendor can be assigned as many individual "Connections" as required, empowering flexibility for number translation, quality monitoring, capacity limitations, CPS limitations, etc.
The following images provide a brief overview of the steps required only to set up IP Authentication. Additional configuration is required to pass calls successfully.
To configure IP Authentication on the termination side, go to the "My Vendors" sub-section found inside the "Vendors" menu. Add a new Vendor or select one from the list. Click "Open Connections" to add an IP to the Vendor (see above).
Existing Connections listed in this example as Gateway1, Gateway2 and Gateway3 are shown in the table. Your configuration would add one additional Connection to the list for Authentication. Add a new Connection (see above) for the new IP to be authenticated for routing.
Provide a Connection Name for reference in the Connections table and add the IP address into the "Destination" field (see above). Click "Save and Close" to add the IP address to your list of Authenticated IP's.
The Vendor's "Connections" table will show the IP addresses that have been configured. You will note that in the screenshot above, IP 220.127.116.11 is presented as "SIP:18.104.22.168" thus indicating SIP as the protocol of the Connection.
Note: If working with a new Sippy Softswitch, additional configurations are required to succeed in accomplishing what is highlighted in the next step of this document, specifically adding a new Connection to a Routing Group as a Routing Entry. With existing routing and billing parameters already set up, following this document will result in a completed IP to IP authentication. The YouTube video will walk you through the additional steps required. You may also follow the Wholesale Scenario checklist for additional information.
Origination IP Authentication
Once the base configuration is completed (Vendor's Rates, Routing Preferences, and Billing Parameters), IP Authentication for the call origination side can be configured.
An Account matches entries in the CDRs and a single Balance that relates to all authenticated calls from the originating source. Accounts are flexible entities that can be used to fulfill various business and client requirements. Digest Authentication and flexible CLI/CLD authentication methods can be used with Accounts. Accounts are the elements against which IP Authentication for ingress traffic is checked (call origination). Each Account can have as many specified "Authentication Rules" as required, thereby increasing security against fraudulent traffic, and providing flexibility for call routing and billing.
To add originating IP Authentication, Navigate to an Account in the Customer Menu where you will need to configure the call origination IP. If a new Account is to be created for your client, add the Account by clicking the Add button (see above). Configure the Account parameters and Save your new Account. Select the Action dropdown menu that corresponds to the Account you created and click on the Authentication Rules option.
Add Authentication Rule. Enter the originating IP Address in the Remote IP field (see above). Save and Close to add the rule. Additional parameters can be used for flexible authentication or restriction of traffic from a specified remote IP address. See additional online resources for more information.
The Account's Authentication Rules table will show the IP address that has been configured. The example above shows IP address 22.214.171.124 was configured.
This completes the configuration of the call origination IP to IP model. Your client will be able to pass calls using the configuration you set in his Account.
Additional online resources
Sippy Fundamentals videos:
Sippy online documentation:
- Understanding Authentication - Read more about configuring Account's Authentication.