This document explains the relevant setup options.
You can send your INVITE requests to the Vonage SIP endpoint:
Every INVITE request is authenticated with Digest authentication:
username- your Vonage key
password- your Vonage secret
If your system is not enabled for Service records (SRV records), you should load balance between the two closest endpoints and set the remaining ones as backup. The Vonage SIP endpoints are:
Recipient numbers must be in E.164 format.
Set the Caller Line Identity (CLI) in the From header using E.164. For example:
The following codecs are supported:
- PCMA (G711a)
- PCMU (G711u)
- g729 (without annexdb)
Visit the Vonage Knowledge Base to obtain a list of the IP ranges to open traffic for on all ports.
Vonage supports out-of-band DTMF. For more information, see RFC4733.
Use the OPTIONS method to run a health check on our SIP trunks.
You can use the following protocols:
- UDP on port 5060
- TCP on port 5060
- TLS on port 5061
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security to your SIP connection. You can use self-signed certificates on your user agent, Vonage does not validate the client certificate.
Connections using TLS 1.2 are accepted. Older protocols are disabled as they are considered insecure.
You can use either Real-time Transport Protocol (RTP) or Secure Real-time Transport Protocol (SRTP) for the media exchange with Vonage. If there are security and privacy concerns, we highly recommend the use of SIP over TLS, so that the entire communication can be secured.
For outbound calls, your SIP endpoint must negotiate SRTP automatically in the standard way. For inbound calls, see configuration details below.
Note: Vonage supports a single crypto suite AES_CM_128_HMAC_SHA1_80
Vonage supports Session Timers RFC 4028; SIP customers that require Session Timers can negotiate them at the moment of establishing a session (INVITE).
Calls to Vonage numbers can be forwarded to SIP endpoints.
This section tells you how to:
To configure for SIP forwarding:
- Sign into Dashboard.
- In Dashboard, click Products > Numbers.
- Scroll to the number to forward from, then select Forward to SIP.
- Type a valid SIP URI and click Update. For example
sip:firstname.lastname@example.org. This field supports comma-separated entries for failover capabilities. For example:
sip:email@example.com,sip:firstname.lastname@example.org,sip:email@example.com. If you set more than one endpoint in Forward to SIP the call is initially forwarded to the first endpoint in the list. If this fails, the call is forwarded to the second endpoint in the list, and so on. Calls failover for the whole 5xx class of HTTP errors. The timeout is 486.
- You can set up the following URI parameters to configure behavior you wish to see from Vonage's platform. Namely:
TLS - Vonage supports TLS for forwarded calls. To enable this, enter a valid URI in the format
sip:user@(IP|domain);transport=tls. For example,
sip:firstname.lastname@example.org;transport=tls. By default, traffic is sent to port
5061. To use a different port, add it at the end of your domain or IP address:
SRTP [Developer Preview] - Vonage will also encrypt media using SRTP if necessary. To do that please add the following parameter to the URI:
media=srtp. For example:
Timeouts - Vonage will attempt to contact your SIP endpoints sequentially for a given time before attempting the next URI in the list. This is achieved with the
;timeout=xxxxxparameter. For example:
sip:email@example.com;timeout=2000,sip:firstname.lastname@example.org attempt to forward to the first URI, and in case of no response within 2 seconds it will try the second one. Timeouts are expressed in milliseconds and can range from
20000. This is useful to quickly fail over when an endpoint is temporarily unavailable. The default value is
- TLS - Vonage supports TLS for forwarded calls. To enable this, enter a valid URI in the format
- Ensure that the traffic generated from Vonage IP addresses can pass your firewall. Visit the Vonage Knowledge Base to obtain the current list of IP addresses.
We have provided examples for a number of different SIP capable systems: