Managing Switchvox on Your Network
These best practices and guidelines help you get started on the right track with Switchvox and a network that is ready for VOIP. Your network doesn't have to be expensive or complex, in fact simplicity is best!
Keep It Simple
The best advice we can give for networking is to keep it simple. The basic routers such as Linksys, Netgear, or D-Link home models do the job just fine. If that's all you were planning on using, congratulations, you've kept it simple.
For those of you who are thinking of getting fancy, we might recommend double checking your requirements to make sure you absolutely need to deploy a complex network. Most issues with VOIP providers can be traced back to your network, not the phones or the PBX. Simple networks, by their very nature of having fewer things that can break, have far fewer problems than complex networks.
Below are some specifics to help ensure your network is in perfect shape for a successful deployment.
Static IP vs. DHCP
We recommend using a static IP address. Because Switchvox is a server, it is important that you assign it an IP address that does not change after it has been configured and users are connecting to it.
If you use Dynamic Host Configuration Protocol (DHCP), we recommend you configure your DHCP server to reserve an IP address just for Switchvox.
You might want to use DHCP to obtain your network address information, then set those numbers as your static IP address, subnet mask (netmask), gateway, and DNS server. Be careful, though, because it is possible that the DHCP server might give away that IP address, if at some later date, you shut down Switchvox and the DHCP server can't find it. If you decide to do this, you can find all of the addressing information the DHCP server has provided by going to your Switchvox Web Admin Setup > Networking > IP Configuration.
PBX and Phone Placement
We recommend placing Switchvox on the same LAN segment as the phones. We recommend that Switchvox, phones, and other networked computers be on the same subnet or private network.
While most of our customers keep their PBX on a private IP, putting it on a public IP in a DMZ works well, too. (Our Switchvox Demo server is on a public IP address.) We recommend you have a firewall in front of your PBX, even if it is on a public IP address. That lets you control which IPs have access to your PBX's services.
We recommend that you stay with a simple LAN setup, but you can use an alternate network or VLAN to segment the PBX and phones from the LAN.
QoS
If you plan on using a VOIP service provider, it's a good idea to use QoS to prioritize your traffic. QoS lets your voice quality be top notch even if your internet connection is saturated with other traffic. It does that by giving higher priority to the traffic going in and out of Switchvox.
Consult your router's documentation for how to set up QoS rules to prioritize VoIP traffic. This can be done by giving priority to your PBX's MAC address or IP address.
If you are using QoS in your network equipment, you can set up Switchvox to send the correct ToS or DSCP field in all VOIP packets. This field can be used by firewalls and switches to distinguish specific types of traffic to apply QoS rules, such as favoring all voice traffic for better quality. To do this, go to your Switchvox Web Admin and select Setup > Networking > IP Configuration. On that page, click on Advanced Options, then select the Audio and Video options you want. The default settings should work fine; however, if you know what you are doing you might want to change these.
In most cases, you do not need a QoS switch. Also, QoS on the switch is not a replacement for QoS on your router. Unless you consume massive amounts of bandwidth transferring large files between computers in your local network, simple unmanaged switches should do just fine.
Access Control
Switchvox's Access Control tool (Setup > Networking > Access Control) lets you allow network access to Switchvox services based on IP address and Netmask. The default action is to deny access, so if you don’t allow a service for a network, then the network is denied access to that service. If you need to use the Switchboard, be sure to enable access to the XMPP services.
Port Forwarding
If you plan on using phones or accessing the PBX from remote locations, you must forward certain ports back to Switchvox. www.portforward.com is a good resource for documentation on how to forward ports on most routers.
Also, you'll need to enable Allow Nat Port Forwarding in Setup > Networking > IP Configuration.
The following ports are used by Switchvox.
| TCP/UDP | Port(s) | Description |
|---|---|---|
| UDP | 5060 | SIP signaling port needed for phones outside your network |
| UDP | 5062 | SIP signaling port needed for phones for configuration communications |
| UDP | 10000-20000 | RTP audio ports needed for phones outside your network |
| SIP UDP | 4000-4999 | UDPTL ports for T.38 faxing over SIP |
| IAX UDP | 4569 | IAX Signalling Port needed for communicating with IAX provider |
| TCP | 80 | HTTP port for remote web admin, API, and phone-firmware access |
| TCP | 443 | HTTPS port for remote web admin and API access |
| TCP | 5222 & 843 | SMB Systems Only - ports for using the Switchboard remotely |
| TCP | 5269 | SMB Systems Only - port for remote XMPP (Jabber/chat) access (Extensible Messaging and Presence Protocol) |
| UDP | 1194 | Must be open to outgoing traffic for Digium / Switchvox technical support vpn. |