[thirdparty/freeswitch.git] / conf / testing / sip_profiles / external-ipv6.xml

<profile name="external-ipv6">
  <gateways>
    <NO-PRE-PROCESS cmd="include" data="external-ipv6/*.xml"/>
  </gateways>

  <aliases>
  </aliases>

  <domains>
    <domain name="all" alias="false" parse="true"/>
  </domains>

  <settings>
    <param name="debug" value="0"/>
    <!-- If you want FreeSWITCH to shutdown if this profile fails to load, uncomment the next line. -->
    <!-- <param name="shutdown-on-fail" value="true"/> -->
    <param name="sip-trace" value="no"/>
    <param name="sip-capture" value="no"/>
    <param name="rfc2833-pt" value="101"/>
    <!-- RFC 5626 : Send reg-id and sip.instance -->
    <!--<param name="enable-rfc-5626" value="true"/> -->
    <param name="sip-port" value="$${external_sip_port}"/>
    <param name="dialplan" value="XML"/>
    <param name="context" value="public"/>
    <param name="dtmf-duration" value="2000"/>
    <param name="inbound-codec-prefs" value="$${global_codec_prefs}"/>
    <param name="outbound-codec-prefs" value="$${outbound_codec_prefs}"/>
    <param name="hold-music" value="$${hold_music}"/>
    <param name="rtp-timer-name" value="soft"/>
    <!--<param name="enable-100rel" value="true"/>-->
    <!--<param name="disable-srv503" value="true"/>-->
    <!-- This could be set to "passive" -->
    <param name="local-network-acl" value="localnet.auto"/>
    <param name="manage-presence" value="false"/>

    <!-- used to share presence info across sofia profiles
         manage-presence needs to be set to passive on this profile
         if you want it to behave as if it were the internal profile
         for presence.
    -->
    <!-- Name of the db to use for this profile -->
    <!--<param name="dbname" value="share_presence"/>-->
    <!--<param name="presence-hosts" value="$${domain}"/>-->
    <!--<param name="force-register-domain" value="$${domain}"/>-->
    <!--all inbound reg will stored in the db using this domain -->
    <!--<param name="force-register-db-domain" value="$${domain}"/>-->
    <!-- ************************************************* -->

    <!--<param name="aggressive-nat-detection" value="true"/>-->
    <param name="inbound-codec-negotiation" value="generous"/>
    <param name="nonce-ttl" value="60"/>
    <param name="auth-calls" value="false"/>
    <param name="inbound-late-negotiation" value="true"/>
    <!--
        DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
    -->
    <param name="rtp-ip" value="$${local_ip_v6}"/>
    <param name="sip-ip" value="$${local_ip_v6}"/>
    <param name="ext-rtp-ip" value="auto-nat"/>
    <param name="ext-sip-ip" value="auto-nat"/>
    <param name="rtp-timeout-sec" value="300"/>
    <param name="rtp-hold-timeout-sec" value="1800"/>
    <!--<param name="enable-3pcc" value="true"/>-->

    <!-- TLS: disabled by default, set to "true" to enable -->
    <param name="tls" value="$${external_ssl_enable}"/>
    <!-- Set to true to not bind on the normal sip-port but only on the TLS port -->
    <param name="tls-only" value="false"/>
    <!-- additional bind parameters for TLS -->
    <param name="tls-bind-params" value="transport=tls"/>
    <!-- Port to listen on for TLS requests. (5081 will be used if unspecified) -->
    <param name="tls-sip-port" value="$${external_tls_port}"/>
    <!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
    <!--<param name="tls-cert-dir" value=""/>-->
    <!-- Optionally set the passphrase password used by openSSL to encrypt/decrypt TLS private key files -->
    <param name="tls-passphrase" value=""/>
    <!-- Verify the date on TLS certificates -->
    <param name="tls-verify-date" value="true"/>
    <!-- TLS verify policy, when registering/inviting gateways with other servers (outbound) or handling inbound registration/invite requests how should we verify their certificate -->
    <!-- set to 'in' to only verify incoming connections, 'out' to only verify outgoing connections, 'all' to verify all connections, also 'in_subjects', 'out_subjects' and 'all_subjects' for subject validation. Multiple policies can be split with a '|' pipe -->
    <param name="tls-verify-policy" value="none"/>
    <!-- Certificate max verify depth to use for validating peer TLS certificates when the verify policy is not none -->
    <param name="tls-verify-depth" value="2"/>
    <!-- If the tls-verify-policy is set to subjects_all or subjects_in this sets which subjects are allowed, multiple subjects can be split with a '|' pipe -->
    <param name="tls-verify-in-subjects" value=""/>
    <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
    <param name="tls-version" value="$${sip_tls_version}"/>
  </settings>
</profile>
Commit	Line	Data
3badbbac	1	<profile name="external-ipv6">
3badbbac	2	<gateways>
cf4a5d17	3	<NO-PRE-PROCESS cmd="include" data="external-ipv6/*.xml"/>
3badbbac BW	4	</gateways>
	5
	6	<aliases>
3badbbac BW	7	</aliases>
	8
	9	<domains>
	10	<domain name="all" alias="false" parse="true"/>
	11	</domains>
	12
	13	<settings>
	14	<param name="debug" value="0"/>
	15	<!-- If you want FreeSWITCH to shutdown if this profile fails to load, uncomment the next line. -->
	16	<!-- <param name="shutdown-on-fail" value="true"/> -->
	17	<param name="sip-trace" value="no"/>
	18	<param name="sip-capture" value="no"/>
	19	<param name="rfc2833-pt" value="101"/>
	20	<!-- RFC 5626 : Send reg-id and sip.instance -->
	21	<!--<param name="enable-rfc-5626" value="true"/> -->
	22	<param name="sip-port" value="$${external_sip_port}"/>
	23	<param name="dialplan" value="XML"/>
	24	<param name="context" value="public"/>
	25	<param name="dtmf-duration" value="2000"/>
	26	<param name="inbound-codec-prefs" value="$${global_codec_prefs}"/>
	27	<param name="outbound-codec-prefs" value="$${outbound_codec_prefs}"/>
	28	<param name="hold-music" value="$${hold_music}"/>
	29	<param name="rtp-timer-name" value="soft"/>
	30	<!--<param name="enable-100rel" value="true"/>-->
	31	<!--<param name="disable-srv503" value="true"/>-->
	32	<!-- This could be set to "passive" -->
	33	<param name="local-network-acl" value="localnet.auto"/>
	34	<param name="manage-presence" value="false"/>
	35
	36	<!-- used to share presence info across sofia profiles
	37	manage-presence needs to be set to passive on this profile
	38	if you want it to behave as if it were the internal profile
	39	for presence.
	40	-->
	41	<!-- Name of the db to use for this profile -->
	42	<!--<param name="dbname" value="share_presence"/>-->
	43	<!--<param name="presence-hosts" value="$${domain}"/>-->
	44	<!--<param name="force-register-domain" value="$${domain}"/>-->
	45	<!--all inbound reg will stored in the db using this domain -->
	46	<!--<param name="force-register-db-domain" value="$${domain}"/>-->
	47	<!-- ************************************************* -->
	48
	49	<!--<param name="aggressive-nat-detection" value="true"/>-->
	50	<param name="inbound-codec-negotiation" value="generous"/>
	51	<param name="nonce-ttl" value="60"/>
	52	<param name="auth-calls" value="false"/>
	53	<param name="inbound-late-negotiation" value="true"/>
3badbbac BW	54	<!--
	55	DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
	56	-->
	57	<param name="rtp-ip" value="$${local_ip_v6}"/>
	58	<param name="sip-ip" value="$${local_ip_v6}"/>
	59	<param name="ext-rtp-ip" value="auto-nat"/>
	60	<param name="ext-sip-ip" value="auto-nat"/>
	61	<param name="rtp-timeout-sec" value="300"/>
	62	<param name="rtp-hold-timeout-sec" value="1800"/>
	63	<!--<param name="enable-3pcc" value="true"/>-->
	64
	65	<!-- TLS: disabled by default, set to "true" to enable -->
	66	<param name="tls" value="$${external_ssl_enable}"/>
	67	<!-- Set to true to not bind on the normal sip-port but only on the TLS port -->
	68	<param name="tls-only" value="false"/>
	69	<!-- additional bind parameters for TLS -->
	70	<param name="tls-bind-params" value="transport=tls"/>
	71	<!-- Port to listen on for TLS requests. (5081 will be used if unspecified) -->
	72	<param name="tls-sip-port" value="$${external_tls_port}"/>
	73	<!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
	74	<!--<param name="tls-cert-dir" value=""/>-->
	75	<!-- Optionally set the passphrase password used by openSSL to encrypt/decrypt TLS private key files -->
	76	<param name="tls-passphrase" value=""/>
	77	<!-- Verify the date on TLS certificates -->
	78	<param name="tls-verify-date" value="true"/>
	79	<!-- TLS verify policy, when registering/inviting gateways with other servers (outbound) or handling inbound registration/invite requests how should we verify their certificate -->
	80	<!-- set to 'in' to only verify incoming connections, 'out' to only verify outgoing connections, 'all' to verify all connections, also 'in_subjects', 'out_subjects' and 'all_subjects' for subject validation. Multiple policies can be split with a '\|' pipe -->
	81	<param name="tls-verify-policy" value="none"/>
	82	<!-- Certificate max verify depth to use for validating peer TLS certificates when the verify policy is not none -->
	83	<param name="tls-verify-depth" value="2"/>
	84	<!-- If the tls-verify-policy is set to subjects_all or subjects_in this sets which subjects are allowed, multiple subjects can be split with a '\|' pipe -->
	85	<param name="tls-verify-in-subjects" value=""/>
	86	<!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
	87	<param name="tls-version" value="$${sip_tls_version}"/>
	88	</settings>
	89	</profile>