D. App Suite
Jump to:
Internet connection requirements
- The bandwidth requirements at the location are:
– audio: 100 kbit/s per simultaneous call
– video: up to 2 Mbit/s per direction (send/receive) - The internet connection must also have a continuous latency of less than 100 ms (measured from DE-CIX to device) and a packet loss well below 1 %.
- When using a firewall, the customer must configure and change it for the VoIP data stream to allow communication between the phones and the NFON platform.
HD video (1080p) usually requires only 1 Mbit/s per direction.
Customer network requirements
- Professionally installed local network infrastructure based on at a minimum full duplex 100 Mbit/s switches and of type CAT5e or better.
- Even during peak times, the network must not run at full capacity and must have adequate capacity available for the anticipated voice traffic. Separating and prioritizing the telephony data, e.g. via VLAN, is an ideal type of option.
- For high volume data exchange over the local network, using separate switches for IP phones and desktop PCs is recommended.
- The customer must run a DHCP server which assigns IP phones a valid IP configuration including internet gateway designated for voice traffic. This DHCP server may not use Option 66 (BOOTP server).
E-mail infrastructure
If the customer would like to have inbound faxes or voicemail messages sent, the customer must have a functional email infrastructure (server and clients) to sent voicemails and faxes to the users.
Ports
In order to communicate with the telephone system, the devices must have the capacity for outbound communication via the following ports:
Protocol | Target port | Purpose | Destinations |
TCP | 80, 83, 443, 18443 | Provisioning | all networks |
UDP | 123 | NTP | all networks |
UDP | 53 | DNS | Customer DNS server |
UDP | all ports | SIP, RTP, T-38, FMC, etc. | 109.68.96.0/21 |
TCP | all ports | SIP/TLS, SIP, FMC | 109.68.96.0/21 |
Under no circumstances should type 3 ICMP packets (Destination unreachable) be blocked, or the dynamic determination of the necessary transmission parameters will fail at network level.
Be extremely careful when filtering and block ICMP packets, since this could interfere with basic networking functions.
Using DNS / FQDN-based filter rules is explicitly not recommended; use these at your own risk!
UDP fragmenting
In some cases the size of the UDP packets transmitted between NFON and customer devices exceed the standard 1500 byte payload. In this case the packet will need to be fragmented. The customer is responsible for ensuring the internet connection and the network topology behind it support UDP fragmenting. We further recommend checking if other functions of the customer’s router interfere with fragmenting UDP packets.
If UDP fragmenting is not allowed, the following functions may not work properly:
- BLF (busy lamp field)
- Functions such as Do not Disturb (DND), call forwarding
- Inbound calls to phones following a series of internal call forwarding
Many routers have proven successful when configured correctly, we therefore do not have a special router which we recommend.
Tips for correct router configuration:
- UDP-NAT timeout between 120 and 130 seconds
- Disabling SIP-ALG, if applicable
- Enabling the “consistent nat” feature (if applicable – e.g. Sonicwall)
- Disabling Store&Forward for connections from / to the telephone system
We highly recommend disabling SIP ALG (SIP Helper) in the firewall for this purpose!
Due to the to some extent extreme complexity we are unable to provide support for telephone system function with SonicWall routers / firewalls!
Switch settings
- We generally recommend using Spanning Tree Protocol (see Wikipedia) with your switches. With Spanning Tree enabled, however, you should make sure the ports you are connecting phones or similar devices to are configured appropriately. Depending on the switch manufacturer and firmware, the recommended option is known as "PortFast" or "Edge Mode". The option ensures that a connected device is connected immediately and not initially blocked for 30 seconds, etc., as usual with spanning tree. Payload-based Spanning Tree on Cisco switches (PVST+ Mode) must be disabled!
- Disabling Proxy-ARP mechanisms, we further recommend protecting against MAC-Spoofing.
- Most phones are compatible with VLANs. The VLAN-IDs used are either configured in the customer’s location options in the administration portal or need to be provided by the local switch infrastructure using LLDP. We recommend the LLDP-MED protocol. On most phones sold by NFON the LLDP-MED protocol (Link Layer Discover Protocol - Media Endpoint Devices) is enabled by default. This protocol is a Layer2 protocol to support interoperability of VoIP devices and other devices on the network and to e.g. show identities and capabilities and to manage the local network environment, especially VLAN segmentation. To use one of these functions for VLAN configuration on the customer’s LAN, you should enable the respective function on the customer’s network devices. When using LLDP, NFON phones support and use all VLAN-IDs configured for the customer switch in the infrastructure (as part of the LLDP) for both voice and data. If the customer wants to connect laptops or PCs in series which use the switch port of the phones, any data traffic from this port will be routed to the data VLAN.
Please note, at this time softphone clients, WebRTC clients, ATAs (only Patton SN4xxx) and DECT systems do not support providing VLAN via the portal.
In this case a dedicated VLAN allocation on the switchport can be used with an untagged VLAN port.
Web App
- Latest version of Chrome
- Necessary authorisations for:
– notifications
– microphone
– camera
Mobile App
Recommended for iOS 13.0 and higher
Android 8 and higher (except Huawei EMUI 10.x without PlayStore support on e.g. P40 / P40pro / P40 Lite)
Data connection:
- min. "EDGE" data rate for call list/call through
- min. "LTE" data rate for VoIP telephony
Necessary authorisations for:
- (remote) notifications
- microphone
- contacts
- phone
Tablets are currently not supported by the app.
Desktop App
- Windows 10 or 11 (64 bit only)
- Necessary authorisations for:
– notifications
– microphone
– camera
To use compatible headsets, it is necessary to have the relevant software from the manufacturer installed:
- EPOS HeadSetup (https://www.eposaudio.com/en/us/enterprise/software/epos-connect)
- Poly (formerly Plantronics) Hub Desktop (https://www.poly.com/in/en/support/downloads-apps/hub-desktop)
Optional Software:
- Jabra direct: https://www.jabra.com.de/software-and-services/jabra-direct
It is recommended for adapting device settings and keeping the device up to date. Not necessary for Cloudya call control.
Please make sure you use the latest patches / versions before opening a support-ticket!
Customer obligations
The customer must ensure his network environment meets the requirements specified under item 1. In the case of additional work required by NFON due to non-compliance with these obligations, NFON is entitled to bill these to the customer.
The customer is obligated:
- To ensure, before using call forwarding, that calls will not be forwarded to a line which is also forwarding calls and that the person the line is assigned to agrees to receiving the forwarded calls.
- To take simple measures as instructed by NFON or one a service provider authorized by NFON in line with his cooperation duties.
- Simple measures can be e.g. turning off and on as well as operating the respective components or enabling remote access for NFON. If the customer does not have personnel with adequate technical skills to carry out these measures, processing of trouble reports may be delayed.
- To notify employees that he can review call logs which also include calls to (e.g.) counseling hotlines. The customer further agrees to notify his employees that in the case of mobile or shared use of telephony devices, emergency calls will only be routed to the emergency dispatch center assigned to the telephone number being used.
- Cordless/wireless communication (DECT, WIFI, GSM etc.) is significantly more susceptible to interference from external systems than corded communication. This interference cannot be ruled out. NFON cannot guarantee trouble-free use.
In the event of private use of the telephone system, the employees are to be informed in an appropriate manner about the data processing of private telephone book entries or the individual assignment of favourites / function keys. In various application scenarios, this personal information can be processed within the telephone system use/administration, during technical and operational operation, including troubleshooting or holiday substitution and substitution in case of illness, during the optimisation and during law enforcement scenarios. A distinction between business and private information cannot be made technically, or only to a limited extent.
Limitation of services
NFON can and must clearly define the services to be provided by you.
NFON specifically:
- Cannot provide network support or advise the customer with respect to the network infrastructure he requires or provide support for implementation, operation and fault clearance.
- Cannot provide support related to the internet connection (except NFON access points per the specification of services) or advise the customer with respect to the internet connection he requires or provide support for implementation, operation and fault clearance.
- Cannot provide support for planning and implementation of migration projects to the NFON telephone system unless requested as a paid service.
- Cannot provide support with mapping the specific telephone system logic on the NFON telephone system or provide support with migrating an existing telephone system logic to the NFON telephone system.
- Cannot provide customer training related to the structure, configuration and operation of a telephone system unless requested as a paid service.
- Cannot provide advice with respect to linking applications to the NFON telephone system beyond referencing the existing interface specifications unless requested as a paid service.