BT Cloud Phone. Your Guide to LAN Best Configuration Practices

BT Cloud Phone. Your guide to LAN best configuration practices.

A guide to using BT Cloud Phone with your local area network (LAN). 2 What’s in this guide.

1 Overview. 3 2 Requirements. 4 2.1 Ports. 4 2.2 Port forwarding. 4 2.3 Port triggering. 4 3 LAN hardware notes. 5 3.1 SIP ALG and SPI/DPI. 5 3.2 NAT. 5 3.3 Bandwidth. 5 3.4 VLANS. 5 3.5 Quality of service. 5 3.6 Disable energy effecient ethernet. 5 4 Design. 6 Appendix A : Port details. 7 Appendix B : Access control lists (ACLs) for Cisco devices and similar. 9

Need help? Emergency calls. If you have any problems setting up or 999 or 112 emergency calls. using your service, contact BT Cloud Phone support on 08003890598 or Each BT Cloud Phone number is registered to a specific address, so when you make email [email protected] a 999 or 112 call from this number, that’s the address the emergency services will see. Make sure your users add their emergency services address based on their current work location and also let you know if this changes so that you can update their address details on the portal. With any groups that you set up, please note that emergency services are only provided with a single address for 999 or 112 calls from any of the phones in the group. So, it’s important that phones in a group are all at the same physical address. You might not be able to make 999 or 112 calls when there’s a power or network failure or if using the service through an app on a mobile device. 3

1. Overview.

To run a Voice over Internet Protocol (VoIP) phone system, you’ll need a high- performance network that supports your voice traffic and other data demands. So you’ll be able to make and receive high-quality calls, surf the internet, send and receive emails and even stream videos – all at the same time. Without a high-performance network, your VoIP phone system may not deliver the call quality that you want.

Please note: To make sure you experience the quality of calls you’d expect, only IP Phones supplied from the BT Cloud Phone portfolio can be connected to the service – we have a range to choose from, so you can pick the one that best suits your business needs. 4

2. Requirements.

There are a number of things you need to think about when introducing VoIP to your Local Area Network (LAN). In this section, we’ll summarise the ‘best configuration practices’ you should follow to make sure that your LAN is ready for BT Cloud Phone and will deliver the best quality calls possible. You’re responsible for making sure that your data network and equipment meet and support the specifications required for acceptable VoIP quality. This includes any data network reconfiguration and/or upgrades (including LAN hardware/software). Before using BT Cloud Phone, you’ll need to test your broadband connection for quality and capacity at each site where you plan to use it. To make sure you get the best voice quality possible, we recommend that you use a high-speed connection - DSL, cable or fibre optic - with dedicated upload and download bandwidth for voice of 100kbps, or higher, for each voice line you plan to run. Please use the bandwidth test tool to check your broadband connections.

2.1 Ports. Specific ports must be open throughout your LAN for BT Cloud Phone to work properly with desk phones and ‘softphones’ (apps loaded onto a mobile, tablet or PC). Not setting up your ports correctly could adversely affect the performance of your service. For example, your phones could fail to register or you might have serious audio quality issues.

For port details on all device types, please see appendix A below. In appendix B, we provide details for ‘access control lists’ (ACLs). It may be better to ‘port forward’ or ‘port trigger’ instead of simply opening ports. You’ll find descriptions for these port methods below.

2.2 Port forwarding. Port forwarding is a function relating to the network address translation (NAT)/or firewall. Computers and other devices behind your network’s firewall, or your router, are invisible to others on the internet. They communicate through private IP addresses and an associated, unique port number. When port forwarding is configured and switched on, it allows remote computers (this means computers outside your network) to connect to a specific computer or service on your network. The router forwards incoming traffic to the associated device on your LAN as you’ve configured.

2.3 Port triggering. Port triggering is also a function relating to the NAT/firewall. By activating it you can control how inbound traffic, from outside your network, is allowed into your LAN. A computer/device on your network needs to open or trigger the communications path with a device/service from outside your network first, in order to allow traffic from that external device/service into your LAN.

Advantages: This method offers more flexibility than static port forwarding because you don’t need to set it up for a specific IP address on your network. It also improves security as the inbound port isn’t left open when it’s not being used. Return to Contents 5

3. LAN hardware notes.

For successful VoIP implementation we recommend that all the following are in place in your network: • Switched media (no hubs). • Minimum 2MB Ethernet LAN (no token ring). • Category 5 or better cabling for all phones.

3.1 SIP ALG and SPI/DPL. If your firewall or modem supports SIP ALG (session initiation protocol application layer gateway) or SPI/DPI (stateful packet inspection/deep packet inspection), please switch off these functions. You’ll find them in the NAT (network address translation) options on your device.

3.2 NAT. If the firewall supports this option, please set NAT to ‘open’.

3.3 Bandwidth. You’ll need enough bandwidth to support the amount of voice, video and data traffic you’ll run over the network. If your router supports bandwidth reservations, you’ll need to reserve bandwidth for these ranges as well ensuring that bandwidth is available for the VoIP traffic. It’s worth remembering that each VoIP call can use approximately 100Kbps of bandwidth on upload AND download.

3.4 VLANS. For optimal quality of service (QoS), a separate virtual LAN (VLAN) for voice traffic is recommended, but it’s not essential.

3.5 Quality of service. We strongly recommend that you choose quality of service (QoS) settings with your network that give priority to voice traffic over less important data traffic, such as large downloads. This can help guarantee good voice quality when network resources are congested, in particular: • Low delay to ensure a good quality voice conversation (< 125ms is recommended). • Minimal packet loss must be 1% or less between endpoints to ensure no part of a conversation is distorted or lost, especially when a lot of data is being sent/received. • Low jitter (less than 20ms) to ensure that the next IP packet can be played at the destination CODEC without requiring large jitter buffers.

3.6 Disable energy efficient If you’re using managed network switches that support ‘energy efficient Ethernet’ (EEE; Ethernet also called green Ethernet), then make sure this feature is switched off as it affects the performance of VoIP phones. If you’re using unmanaged switches, you’ll need to confirm that EEE is NOT part of their default configuration. 6

4. Design.

Only connect a router to the You can use multiple switches modem; do not connect a and ‘daisychain’ them if switch or any other device. necessary. Use a PoE switch if you don’t want to use mains power. 7

Appendix A : Port details.

Desk phones.

Device type. Protocol. Source port Destination port customer side. RingCentral side. Deskphone signalling SIP/UDP 5060-5099 5090 Deskphone signalling SIP/TCP 5060-5099 5090 Deskphone media RTP/UDP 16384-16482 20000-39999 Deskphones signalling Secure SIP/TLS/TCP 5060-5099 5096 Voice Deskphones media Secure Voice SRTP/UDP 16384-16482 40000-49999 Deskphone provisioning HTTP/IP/TCP 80, 443 80, 443 Deskphone clock sync NTP/UDP 123 123 Deskphone BLA/Presence SIP/UDP 5060 5099 Deskphone BLA/Presence SIP/TCP 5060 5090 Deskphone (Polycom only) TCP 636 636 Corporate Directory

BT Cloud Phone mobile app.

Device type. Protocol. Source port Destination port customer side. RingCentral side. Mobile app signalling SIP/TCP random 5090-5091 Mobile app media RTP/UDP 4000-5000,20000-60000 50000-59999 Mobile app signalling Secure Voice SIP/TLS/SRTP random 5097 Mobile app media Secure Voice SRTP/UDP 4000-5000,20000-60000 60000-64999 Mobile app BLA/Presence SIP/TCP N/A 5091 Mobile app BLA/Presence SIP/UDP N/A 5099 Mobile app data sync with BT HTTPS 443 443 Cloud Phone backend 8

Appendix A : Port details.

Softphones (apps loaded onto a mobile, tablet or PC).

Device type. Protocol. Source port Destination port customer side. RingCentral side. Softphone signalling SIP/TCP random 5091 Softphone media RTP/UDP 8000-8200 50000-59999 Softphone signalling Secure Voice SIP/TLS/SRTP random 5097 Softphone media Secure Voice SRTP/UDP 4000-5000,20000-60000 60000-64999 Softphone BLA/Presence SIP/TCP N/A 5091 Softphone BLA/Presence SIP/UDP N/A 5099

BT Cloud Phone meetings.

Device type. Protocol. Source port Destination port customer side. RingCentral side. BTCP meetings signalling Secure SIP/TLS/TCP N/A 443 BTCP meetings media RTP/UDP N/A 8801 BTCP meetings media Secure TLS/TCP N/A 443 9

Appendix B : Access control lists (ACLs) for Cisco devices and similar.

If you’re able to configure ACLs on your router, you can lock down these port ranges to the following server IP subnets: 199.255.120.0/22 199.68.212.0/22

Warning and disclaimer. Your BT Cloud Phone service, together with the right access service, has been designed to support a quality voice service alongside the use of data. In order to maintain the quality, it’s essential that the internal network components suitably support the service for delivery of your voice calls. If your network is not set up correctly, you may experience a poor service. If you report a fault to BT and we find your equipment (this means equipment that’s not part of BT’s network and which is owned or controlled by you) is causing it, then BT may apply a charge. The information in this document is provided for your guidance only. It’s recommended that you discuss anything associated with your communications network including, but not limited to, your LAN infrastructure (wiring and components), and LAN and firewall configuration, with the person who looks after your firewall or IT consultant. This is particularly important in connection with any issues, which may impact on your network security or local IT policies. In addition, any customer data retention/backup policies (for example, the downloading and storage of BT Cloud Phone call recordings) are also your responsibility. Offices Worldwide The services described inin thisthis publicationpublication are are subject subject to to availability availability and and may may be be modified modified from from time time to to time. time. Services Services and and equipment equipment are are provided provided subject subject to toBritish British Telecommunications Telecommunications plc’s plc’s respective respective standard standard conditions ofconditions contract. of Nothing contract. in thisNothing publication in this publicationforms any part forms of any contract.part of any © contract. British Telecommunications © British Telecommunications plc 2015. Registered plc 2015. office: Registered 81 office:Newgate 81 Street, Newgate London Street, EC1A London 7AJ. EC1ARegistered 7AJ. inRegistered England inNo. England 1800000. No. 1800000.

NovemberJanuary 2016 2015 - PHME - PHME 77228 72070