Digium

How to Set Up and Manage Switchvox for Sangoma Talk

Printable View
« Go Back

Information

 
Hot Topic Rating0
Answer

IMPORTANT: this article describes Switchvox versions 8.x. See How to Set Up and Manage Switchvox 7.x for Sangoma Talk for how to do this in prior versions.

 

The Sangoma Talk Mobile App (Talk) enables an iPhone or an Android device to be used as a phone with a Switchvox PBX. 

​Switchvox Admins use the Switchvox Admin Suite (/admin) to assign Talk to a phone extension, and to set correct networking parameters as required by Talk. This document describes these Admin procedures.

How do I Use Sangoma Talk mobile softphone with Switchvox? is the article for phone users to learn how to use Talk.

Firewall/NAT Checklist has important information about requirements for configuring your firewall for use with Sangoma Talk Mobile.

Sunsetting Switchvox Mobile Softphone is the article with details about how to transition from Switchvox Mobile to Sangoma Talk.

 

For security reasons, if there is no call activity within 7 days, the Talk app will prompt the user to verify it's still in use. If the app isn't actively in use, the SIP registration credentials will be removed from the push servers and the app won't receive notifications of incoming calls. To remedy this, the user simply needs to open Talk (or respond to the prompt to verify use of the app). That causes the app to again register and receive incoming-call notifications.

Assign the Talk App to a SIP Phone Extension

A user must have a valid unique email address, to use Talk. Enter the user's email address in their extension information, in the Login Email field.

There is also a login_email column in the CSV import/export functionality, so that you can use a CSV file to create and modify extensions including this login_email data.


Switchvox On-Premisis Requirements

  • Administrative Access to Server > Networking
  • Switchvox should be running the latest version of the Switchvox software, version 7.6.2 or later is required. Mobile devices and their operating systems change on a regular basis, and the latest updated Switchvox software is required to handle those changes.
  • Switchvox Subscriptions must be active. If Subscriptions are expired, Talk Mobile cannot be used.
  • Users must have a valid unique email address to use Talk.
We highly recommend (but it is not required) that you install an SSL certificate from a trusted authority (see HTTPS and SSL Certificates), and use the SIP Transport TLS/SRTP. Encryption not only increases your security but also bypasses any connection issues created by routers with improper SIP ALG implementations. (Your extension's phone settings do not default to Transport TLS/SRTP, so this requires a change to the default.) Encrypted calls use more hardware resources, so be sure that you have the resources available. Encrypting your calls could use up to 20% more of your hardware resources than unencrypted calling.

These are the network topologies that can be used with Talk
DMZExternal hostname that resolves to Switchvox's external IP address.

Internal, Dual-resolve hostname

Dual-resolve hostname that resolves to
Switchvox’s internal IP address from within
the network, and resolves to Switchvox’s
external IP from outside of the network. 
Internal, NAT ReflectionExternal hostname that resolves to Switchvox's external IP address. 

NAT reflection is sometimes called NAT loopback, or NAT hairpinning. Without it, you must have a dual-resolve hostname for Switchvox. 

See What are the Differences among the Basic Network Topologies Used with the Switchvox Softphone for Mobile for illustrations of each topology. 

Setting Network Parameters for Talk 

Set the following Networking values:

Server > Networking > IP Configuration

  • Allow NAT Port Forwarding set to YES.
  • Advanced Options, Hostname. Set the hostname that resolves to Switchvox’s IP address. Depending on your chosen network topology and DNS entries, this hostname may resolve to Switchvox’s internal IP for a device that is on the local network and Switchvox's external IP for devices (e.g., the mobile softphone app) outside the local network. It must be set to an FQDN, an IP address will not suffice.
  • Advanced Options, Enable ICE Support should be set to YES. ICE enables Talk to communicate with Switchvox in the most reliable way possible. 

Server > Networking > Access Control

  • In All Networks, set SIP to On.

NOTE: Unlike the Switchvox Softphone for Mobile app, Talk does not refer to any of the settings in Server > Networking > Phone Networks.  That section only applies to the D-Series phones.

Firewall

Please see Firewall/NAT Checklist, and the network diagram at the bottom of this page.

It's important that your edge firewall passes data on the required ports. Sangoma public push notification servers must be able to register to Switchvox. If the PBX is only accessible via VPN or in a private network, Sangoma public push notification server IP addresses must be port forwarded or whitelisted. (Note: push servers are auto-configured by the mobile app; administrators only need to provide network access to the PBX.)

When the Talk Mobile app goes to the background or closes, a push notification registrar server is instructed to register to the PBX and listen for incoming SIP INVITEs. When a SIP INVITE is received, the push registrar server sends the notification to the Talk app, and the app is woken up/started by that notification. The Talk app then handles the communication between the user and PBX directly.

The push notification servers store the SIP credentials for the purpose of registration, and those credentials are always transported and stored securely. The credentials are removed from the push servers when the app is reset or the Talk user is disabled on the PBX. Furthermore, the Push servers will stop attempting to register and remove the credentials if registration repeatedly fails. All push notification servers are located in the U.S., and are separate from the Sangoma Cloud service.

Sangoma Cloud Service

The Sangoma Cloud service acts as a proxy to facilitate non-SIP communications between the app and the PBX, to provision and authenticate the app as well as provide contacts data. The extension’s SIP credentials are not stored on Sangoma Cloud. All Sangoma Cloud servers are located in the U.S. and Canada, and are separate from the Sangoma Push Notification servers.

Related: Please see the network diagram at the bottom of this page.

 

SIP Transport and Video Codecs

SIP Transport:

  • Transport should be set to TCP, or TLS/SRTP for secure calling. UDP should not normally be used. Secure calling with TLS/SRTP requires a valid certificate from a trusted authority. See HTTPS and SSL Certificates, and What do I need to know about TLS and SRTP in Switchvox?. TLS/SRTP encryption is recommended not only for security but because it bypasses any issues created by routers with improper SIP ALG implementations.
  • To set a SIP Transport for the Main extension, use the SIP extension's settings.
  • To set a SIP Transport for an Additional extension, use the Manage Phones tool.
IMPORTANT: it can take up to 15 minutes to change the transport on the Talk app. During that time, calling will be interrupted. We recommend making this change outside of your business hours.

Video Codecs are set in the Main SIP extension's Digium Phones settings (found in the Other Manufacturer's tab). H263 and H264 are on by default.

Consideration when using a VPN on your smartphone

Technically there is nothing that prevents the software to Talk to a PBX over a VPN. Please read the following recommendations 

  • Always use a hostname in your Phone Networks: All Networks item. Do not use an IP address.
  • Server > IP Configuration > Additional Local Networks: include the CIDR block for the VPN.
  • Depending on the smartphone's address on the VPN, you may need to modify Server > Access Control Rules. The same services will need to be On as if the smartphone were coming from outside of Switchvox's network. 

Understanding and Troubleshooting Talk 

  • If you are having trouble receiving calls, on the mobile phone open Talk (in the foreground) then place a call. If that is not successful, it indicates a network issue (SIP ALG, Firewall rules, etc). If your firewall has SIP ALG capabilities and you cannot disable it, we recommend using TLS/SRTP. This option requires that your PBX have a valid HTTPS certificate from a trusted authority (see HTTPS and SSL Certificates). To set TLS/SRTP for a Main phone extension, use the Digium Phone Settings in the extension's settings. If you need an Additional Phone extension to use TLS/SRTP but the Main extension is not using it, you can set TLS/SRTP when you assign Talk to the Additional Phone extension, right in the Manage Phones tool.
  • Make sure that the IP or hostname indicated in the Phone Networks > All Network > Primary Hostname is reachable from the network your mobile phone is located on. If you are using an FQDL as Hostname, make sure that when the mobile phone is on the internal network, DNS resolves to the private IP address. Most routers and firewalls block connections from internal devices to internal PBXs if the device is using the PBX's public hostname. 
  • To confirm connectivity, open Talk on the mobile phone (have Talk in the foreground), then in the Switchvox admin suite navigate to Server > Connection Status > Phone and confirm an IP is listed for this extension. If you don't see an IP, it's likely there is a networking or SIP ALG issue that is preventing reliable communications.  
  • Talk is a SIP-enabled device and as such is susceptible to bad SIP ALG implementation. Many routers have this feature enabled by default (and some of them cannot allow it to be disabled from its web interface). Use LTE Mode instead, to determine if SIP ALG is causing a problem. 

Sangoma Talk Mobile Network Diagram

Sangoma Connect Mobile network diagram
TitleHow to Set Up and Manage Switchvox for Sangoma Talk
URL NameHow-to-Set-Up-and-Manage-Switchvox-for-Sangoma-Talk-Mobile
Powered by