SIP Overview

Vonage allows you to forward inbound and send outbound Voice calls using the Session Initiation Protocol.

This document explains the relevant setup options.

Endpoint

You can send your INVITE requests to the Vonage SIP endpoint: sip.nexmo.com.

Authentication

Every INVITE request is authenticated with Digest authentication:

Service records

If your system is not enabled for Service records (SRV records), you should load balance between the two closest endpoints and set the remaining ones as backup. The Vonage SIP endpoints are:

Recipient

Recipient numbers must be in E.164 format.

Caller ID

Set the Caller Line Identity (CLI) in the From header using E.164. For example: From: <sip:447700900000@sip.nexmo.com>.

Codecs

The following codecs are supported:

Media traffic

Visit the Vonage Knowledge Base to obtain a list of the IP ranges to open traffic for on all ports.

DTMF

Vonage supports out-of-band DTMF. For more information, see RFC4733.

Health checks

Use the OPTIONS method to run a health check on our SIP trunks.

Protocols

You can use the following protocols:

Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security to your SIP connection. You can use self-signed certificates on your user agent, Vonage does not validate the client certificate.

Connections using TLS 1.2 are accepted. Older protocols are disabled as they are considered insecure.

Media Protocols

You can use either Real-time Transport Protocol (RTP) or Secure Real-time Transport Protocol (SRTP) for the media exchange with Vonage. If there are security and privacy concerns, we highly recommend the use of SIP over TLS, so that the entire communication can be secured.

For outbound calls, your SIP endpoint must negotiate SRTP automatically in the standard way. For inbound calls, see configuration details below.

Note: Vonage supports a single crypto suite AES_CM_128_HMAC_SHA1_80

Session Timers

Vonage supports Session Timers RFC 4028; SIP customers that require Session Timers can negotiate them at the moment of establishing a session (INVITE).

Inbound configuration

Calls to Vonage numbers can be forwarded to SIP endpoints.

This section tells you how to:

Configuring your system for SIP forwarding

To configure for SIP forwarding:

  1. Sign into Dashboard.
  2. In Dashboard, click Products > Numbers.
  3. Scroll to the number to forward from, then select Forward to SIP.
  4. Type a valid SIP URI and click Update. For example sip:1234@example.com. This field supports comma-separated entries for failover capabilities. For example: sip:1234@example.com,sip:1234@example.net,sip:1234@example.org. If you set more than one endpoint in Forward to SIP the call is initially forwarded to the first endpoint in the list. If this fails, the call is forwarded to the second endpoint in the list, and so on. Calls failover for the whole 5xx class of HTTP errors. The timeout is 486.
  5. You can set up the following URI parameters to configure behavior you wish to see from Vonage's platform. Namely:
    • TLS - Vonage supports TLS for forwarded calls. To enable this, enter a valid URI in the format sip:user@(IP|domain);transport=tls. For example, sip:1234@example.com;transport=tls. By default, traffic is sent to port 5061. To use a different port, add it at the end of your domain or IP address: sip:1234@example.com:5062;transport=tls.
    • SRTP [Developer Preview] - Vonage will also encrypt media using SRTP if necessary. To do that please add the following parameter to the URI: media=srtp. For example: sip:1234@example.com;transport=tls;media=srtp
    • Timeouts - Vonage will attempt to contact your SIP endpoints sequentially for a given time before attempting the next URI in the list. This is achieved with the ;timeout=xxxxx parameter. For example: sip:1234@example.com;timeout=2000,sip:1234@example.net will attempt to forward to the first URI, and in case of no response within 2 seconds it will try the second one. Timeouts are expressed in milliseconds and can range from 2000 to 20000. This is useful to quickly fail over when an endpoint is temporarily unavailable. The default value is 5000 ms.
  6. Ensure that the traffic generated from Vonage IP addresses can pass your firewall. Visit the Vonage Knowledge Base to obtain the current list of IP addresses.

Example configurations

We have provided examples for a number of different SIP capable systems: