The Adtran community holiday season is starting next week! The holiday period will span from December 21, 2024 to January 6, 2025. During this time, responses to feedback form submissions may be delayed. If you are encountering product issues, you can reach out to Adtran support at any time.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
nicholas_g
New Contributor

Bandwidth.com SIP Trunk Configuration

Has anyone successfully setup Bandwidth.com SIP Trunks?  

 

They provide 2 main IP address, then multiple media IP address for each.

 

SIP

Bandwidth SIP (Session Initiation Protocol) signaling protocol is designed for RFC3261. If any other method is used, calls will fail to set up. 

Allowed ports for media and audio

If your PBX is protected by a firewall, the manufacturer compliance will need to be verified that the firewall has the ability to act as either a SIP ALG or a Back-to-Back User Agent (B2BUA). The following ports are required to allow for full 2-­way audio:

  • UDP port 5060 – must be opened to support SIP signaling and is the default port for Bandwidth.
  • UDP ports 1024-­64,000 – must be opened either statically or dynamically (ALG) to allow for audio path.
  • Bandwidth will use multiple IP addresses to allow media from its gateways.

 

 

0 Kudos
2 Replies
curtc
New Contributor III

Re: Bandwidth.com SIP Trunk Configuration

Sure.

 

interface eth 0/1
  ip address  your.public.ip.address  255.255.255.240
  no shutdown
  media-gateway ip primary

ip access-list standard AllowSIP
permit host 216.x.x.x
permit host 216.x.x.x

voice codec-list trunk
  codec g711ulaw
  codec g729

voice trunk T02 type sip
  description "Bandwidth"
  match dnis "NXX-NXX-XXXX" substitute "1-NXX-NXX-XXXX"
  match dnis "011$" substitute "$"
  sip-server primary 216.x.x.x
  sip-server secondary 216.x.x.x
  codec-list trunk both

voice grouped-trunk SIP
  trunk T02
  accept $ cost 0

sip access-class ip "AllowSIP" in

 

 

curtc
New Contributor III

Re: Bandwidth.com SIP Trunk Configuration

Oh by the way, then, if I were me (and I am) I would lock down SSH and disable telnet.

no username admin
username "me" password encrypted "02d7dy1f0a3b963175g5f46a58a7da42f"

ip access-list standard AllowSSH
  permit 65.x.x.x 0.0.0.15
  permit host 145.x.x.x

line con 0
  login local-userlist
!
line telnet 0 4
  login local-userlist
  shutdown
line ssh 0 4
  login local-userlist
  no shutdown
  ip access-class AllowSSH in