Menu Categories Author

Nubis Novem

IT consulting company with real cloud experience

Asterisk connected to RingCentral VOIP provider with proper SIP setup

RingCentral: Asterisk agnostic VOIP service provider, tamed with proper SIP configuration.

Folks at RingCentral do not specifically promote their services for use with Asterisk (a popular open source telephony software server running on Linux). Possibly, because their business model suggests them as the core PBX in a cloud with all the whistles and bells that a business may ever need, besides the actual VOIP hardware (firewalls, routers and phones). We do respect that, but our extensive experience with Asterisk made us believe that we would better coexist with RingCentral call origination and termination rather than allowing them to replace our phone server. While online evidence suggested a few cases of successful mutual operation, the world clearly lacked reliable up-to-date setup instructions, or, a RingCentral Asterisk use case. Recently we took on a challenge to fill that void.

For this test we have initialized a brand new AWS instance with Debian Linux version 8 (Jessie). Asterisk was installed from apt-get repository and happened to be of version 11.13.1. We assumed that any recent Asterisk version (developed in the last few years), say, starting from 10.0 and on, should work just fine.

For AWS VPC security group / network firewal setup we opened and forwarded udp port 5060 for the test server to accept incoming calls.

RingCentral account used for this test contained following credentials (for obvious reasons we replaced here the actual account details with bogus information but preserved original format as close as possible):

SIP domain sip.ringcentral.com:5060
Outbound proxy sip12.ringcentral.com:5090
Username 17185553321
Password ARi4uYb2Mz
Authorization ID 332940285773

We needed to define a few proper network parameters for our Asterisk server to function correctly behind AWS NAT firewall (VPC).

Please find below the SIP settings for sip.conf (Asterisk’s SIP configuration file) that worked in our case:

[general]
bindaddr = 0.0.0.0
externip = 192.0.2.15   ; external server IP as seen from the Internet
localnet = 172.31.16.0/255.255.240.0   ; internal network (server's local interface)
nat = force_rport
realm = 192.0.2.15
domain = 192.0.2.15
disallow = all
allow = ulaw,alaw,gsm
srvlookup = yes

Next, under the [general] section of same sip.conf we have initiated SIP registration for RingCentral account to get the incoming calls to go to our server with following settings:

register => 17185553321@sip.ringcentral.com:ARi4uYb2Mz:332940285773@sip12.ringcentral.com:5090/17185553321
; registration parameters that we chose for sanity and proper network etiquette:
registertimeout=200
registerattempts=3
register_retry_403=yes

A separate section of the same sip.conf: defining RingCentral SIP server as a “friend” to accept incoming calls from them to our Asterisk:

[rc]
; route to a proper context to handle incoming calls for extension 17185553321 or other DIDs of the RingCentral account:
context = incoming_RC
type = friend
host = sip12.ringcentral.com
insecure = port,invite
disallow = all
allow = ulaw

Asterisk configuration file extensions.conf needed to contain proper extension mapping rules for outbound calls for the United States (similar rules might be created for international and special dialing patterns or other long distance services, when needed):

[outbound_RC]
exten = _1NXXNXXXXXX,1,Dial(SIP/17185553321/${EXTEN})
exten = _1NXXNXXXXXX,n,Hangup()
exten = _NXXNXXXXXX,1,Dial(SIP/17185553321/1${EXTEN})
exten = _NXXNXXXXXX,n,Hangup()

As the last step we had to configure our trunk definition to handle outbound calls via RingCentral (also a part of sip.conf):

[17185553321]
type = peer
host = sip.ringcentral.com
transport=udp
defaultuser=332940285773       ; Authentication username for outbound proxies
username = 332940285773
fromuser=17185553321           ; Many SIP providers require this
fromdomain=sip.ringcentral.com
secret = ARi4uYb2Mz
canreinvite = no
disallow = all
allow = ulaw
nat = yes
dtmfmode = auto
rfc2833compensate = yes
trustrpid = yes
usereqphone = yes              ; This provider requires ";user=phone" on URI
callcounter = yes              ; Enable call counter for parallel outbound calls
busylevel = 2                  ; Signal busy at 2 or more calls (feel free to adjust)
outboundproxy=sip12.ringcentral.com:5090

RingCentral web admin console part
Once you created a direct line and configured that as “Other” or “Existing Phone” (RC’s nickname for a 3rd party SIP phone that they do not support) you need to do the following:
Under the assigned user details for that DID (phone number) click on tab “Call Handling & Forwarding” and make sure that under the section “Then forward calls to:” you have your new phone line (most probably with the default name “Existing Phone”) and its toggle button “Active” switched to On position. Otherwise your new direct line would not ring and you would scratch your head for quite some time like we did.

Notes and afterthoughts
Just the essential working recipe, as usual. Your mileage may vary, depending mostly on your firewall and ISP connection, or, the Asterisk version. Please do let us know if you stumble upon a problem using similar setup (especially if you find a solution that worked, please share your recipe).

Warning and disclaimer: This article was published for educational purposes only. The SIP network settings and NAT parameters worked in a test setup and were not necessarily assessed as robust for production environment. Again, this setup may not be considered as completely secure. VOIP systems open to random connections from the Internet may be vulnerable for brute force password attacks or other hacking methods. Additional security measures need to be implemented for real life business use.  Please use it at your own risk. Study the latest Asterisk documentation for all the configuration settings mentioned in this article or seek help of an experienced consultant.

Leave a Reply

Your email address will not be published.

WordPress spam blocked by CleanTalk.