Next, we have Device Profiles. Device profiles allow you to configure advanced settings for the different technologies available. Once again, we aren’t going through every single option as these are specific to each technology and we recommend you reach out to the Asterisk documentation for the specifics of each option. You will find the description of each field in the appendix of this manual.
The Device Profiles can be created for PJSIP and IAX2 devices and trunks. Default Profiles for SIP, PJSIP, IAX2, and WebRTC have already been created. These are the ones used by default for these technologies. You can modify these default profiles if needed, but this is uncommon.
To create a profile you only need to select the Profile Type, add a Name, and a Description. You will then find additional configuration parameters to configure the specific profile. If the option you are looking to configure is not available in the UI options, you can go to the Advanced Tab to add the specific header with its value. Afterward, you can Save and Apply Changes.
For PJSIP Device Profiles we find the following options.
Network
- Transport – desired transport configuration.
- Qualify Frequency – the interval between attempts to rate the contact to reach it. If 0
never qualify. Time in seconds. - Qualify Timeout – If the contact does not respond to the OPTIONS request before the
time out, the contact is marked as unavailable. If the value is 0 there is no timeout. - Force rport – force use of the return port.
- ICE support – enable the ICE mechanism to help traverse NAT.
- Rewrite Contact – this allows the contact header to be rewritten with the source IP
address port. - Remove Existing – this allows registration to succeed by displacing any existing
contacts that now exceed the “Max Contacts” count. Any removed contacts are the
next to expire. The behavior is beneficial when “Rewrite Contact” is enabled and “Max
Contacts” is greater than one. The removed contact is likely the old contact created
by “Rewrite Contact” that the device is refreshing. - Use AVPF – determine if res_pjsip will use and enforce the use of AVPF for this
endpoint. - RTP Symmetric – enforce that RTP must be symmetric.
- RTCP Mux – with this option enabled, Asterisk will try to negotiate the use of the
rtcp-mux attribute on all media streams. This will result in RTP and RTCP being sent
and received on the same port. This switches the demultiplexing logic to the
application rather than the transport layer. This option is useful when interoperating
with WebRTC endpoints as they enforce the use of this option. - Asymmetric RTP Codec – allows the send and receive RTP codec to differ.
- Send Diversion Header – send the forward header, transmitting the forwarding
information to the called user agent. - Send P-Asserted Identity – send the Header P-Asserted Identity.
- Send Remote-Party-ID – send the Header Remote-Party-ID.
- WebRTC – when set to Yes, this also enables the following settings required for basic
WebRTC support to work: rtcp_mux, use_avpf, ice_support, and
use_received_transport.
Media - Media Encryption – this determines if res_pjsip will use and enforce the use of media
encryption for this endpoint. - Direct Media – this determines if media can flow directly between endpoints.
- Received Media Transport – this determines if res_pjsip will use the media transport
received in the offer SDP in the corresponding response SDP. - Optimistic Media Encryption – this determines whether encryption should be used if
possible, but does not terminate the session if not achieved. - Disable NAT Direct Media – direct media session disable is updated when NAT
obstructs the media session.
DTLS - DTLS certificate – certificate to use with DTLS connections.
- DTLS Setup – if we are willing to accept connections, connect with the other party, or
both. Valid options are: - Active – we want to connect with the other party.
- Passive – we only want to accept connections.
- Actpass – we will do both. This value will be used in outbound SDP when offered and
for inbound SDP offers when a remote party sends actpass. - DTLS Verify – verify that the provided peer certificate is valid.
- DTLS Fingerprint Hash – the hash to use for the fingerprint in SDP.
- DTLS Rekey interval – interval in which to renegotiate the TLS session and reactivate
the SRTP session. If this is not configured or the provided value is 0, reordering will be
disabled.
For IAX2 Device Profiles, we have the following options.
Network - Host – hostname, or device address.
- Type – this defines the type of device.
- User – this option is a device that makes calls, and requires authentication.
- Peer – this option is a trunk device, accompanied by the Host.
- Friend – this option is a combination of “User” and “Peer”.
- Call Token – this uses requirecalltoken for authentication.
- Qualifier Frequency – this defines the interval of qualifying in seconds. A value of
zero will disable this feature. - Qualifier Timeout – this defines the maximum response time in milliseconds before a
device is considered unreachable. A value of zero will disable this feature. - Transfer – allow transfers from this device