Open Federation Configuration
You will require a valid server certificate, a DNS-SRV record with the public DNS server and a network interface for incoming connections in order to use Open Federation. Further information regarding the specification of a certificate can be found under server certificate.
Information about creating a DNS-SRV record can be found under Creating a DNS Service Resource Record for the Federation.
-
Certificate
You will need a server certificate to use Open Federation. This certificate must have been signed by a certificate authority. Click the "Certificate..." button to select a certificate. Select the appropriate certificate and then confirm your selection by clicking the OK button. Additional information about the selected server certificate will then be displayed.
-
With the certificate matching DNS SRV record
Depending on the selected server certificate an IP address and port number is detected by a DNS request. If nothing is displayed after selecting the certificate the DNS-SRV record may not match the certificate or it may not be present.
-
DNS host IP
Returned IP address of the DNS request using a Certificate Subject Name.
-
DNS port
Returned port number of the DNS request using a Certificate Subject Name.
-
Network interface for incoming connections
Select a network interface that you would like to use for incoming interfaces from the Open Federation. After a network interface has been selected and its subsequent configuration, it will automatically be added to the network interfaces for incoming connections.
-
Bind to IP address
From the list of available network interfaces, select the interface through which servers should connect with the SIP proxy service.
-
Port
Please enter the port number to be used for open federation.
-
Public IP address and Network Address Translation (NAT) type automatically determined by the Simple Traversal of User Datagram Protocol (UDP) through NAT (STUN) server. With the help of the STUN server, clients can determine the public IP address and port, which NAT devices shielding the clients use externally and which have been assigned to a certain local port per NAT.
-
Use the public address
Activates, or deactivates, the use of the public IP address. This feature should be activated, when your server has connected with the public Internet through Network Address Translation (NAT) routing.
-
NAT Type
NAT type determined by STUN request
-
Full Cone
Full cone NAT represents all requests from the same internal IP address and port to the same external IP address and port. Furthermore, each external host may send a packet to the internal host, since external addresses are also assigned to internal addresses.
-
Restricted Cone
In contrast to full cone NAT, an external host (using a given IP address) may send a packet only to the internal host, if that internal host has previously sent a packet to that same IP address.
-
Port Restricted Cone
Port restricted cone NAT is similar to restricted cone NAT, however the restriction also includes the port number. In other words, an external host (using a given IP address and given port) may only send a packet to the internal host, if the internal host has previously send a packet to that same combination of IP address and port number.
-
Symmetric NAT
Symmetric NAT is similar to full cone NAT, however different assignments are used when the same host (using the same IP address and port) sends a packet to a different target. Furthermore, only the external host, which has received a packet, may send a UDP packet back to the internal host.
-
Open Internet
NAT will not be used.
-
Firewall blocking UDP
UDP packets have been blocked by a firewall.
-
Symmetric UDP Firewall
A firewall permits the replacement of the transmission of UDP packets without IP addresses.
-
Unknown
An error occurred during the determination of the NAT type.
-
Public IP Address
The public IP address determined by STUN request
To accept the new settings please press the button "OK". Press the button "Cancel" to discard the settings.