The Fonolo Appliance is a 1U rack-mount Dell server running a mix of open-source and proprietary Fonolo software. They are installed on your premise, and remotely monitored and maintained by Fonolo, as part of the Fonolo call-back license. Fonolo is currently using the Dell PowerEdge R430 server, but reserves the right to change the exact model used, as the Dell product line changes over time.
The Appliances include:
- Quad 1GB copper Ethernet ports.
- Dual redundant power supplies.
- Dual mirrored hard drives. One spare hard drive is included with the Appliances.
- Four-post or two-post (relay rack style) rack-mount rails.
The Appliances include dual redundant 550 W (100-240v, 50/60 Hz, C13) power supplies, and include two standard (C13) power cables.
Both power supplies must be connected to a power source. Fonolo recommends connecting each power supply to a distinct power source, so that in the event of a power failure, the Appliance continues to function.
Before Fonolo can ship your Appliances, you must provide Fonolo with network configuration settings, so they can be pre-configured. The Appliances have four 1GB copper Ethernet ports, which can be set up in a variety of configurations. Fonolo will configure network ports, starting with physical port 1 on the Appliances.
Configurations you can choose from include:
- Single Network Connection: a single IP address is configured on physical port 1.
- Master/Slave Mode: (bond mode=1) using physical ports 1 and 2, a single IP address will be configured. Only one physical port will be active at a time, so it’s safe to plug both interfaces in the same switch, but using two different switches is recommended.
- LACP (802.3ad): (bond mode=4) using physical ports 1 and 2, a single IP address will be configured, and traffic will be balanced across both interfaces. This mode requires a switch that supports 802.3ad link aggregation.
A combination of the above configurations is also possible using the additional physical ports 3 and 4.
Fonolo requires a unique, externally routable IP address per Appliance. The Appliances can be configured with the external IP addresses directly, or can be configured with private network space and placed behind a NAT gateway using 1-to-1 NAT – whichever way best suits your network security requirements.
Fonolo will require:
- IP address / subnet for each network interface
- Gateway IP address
- DNS servers
- NTP servers (if available, otherwise public NTP servers will be used)
Fonolo will require that specific network ports be opened on your firewalls in order to communicate with the Appliance.
Three inbound network ports are required to support the Appliances; inbound, from the Fonolo Cloud (18.104.22.168/26), to the local Appliances, ports:
- TCP/5061 – Secure SIP; the main Fonolo service.
- TCP/443 – HTTPS; for remote management and monitoring.
- TCP/22 –SSH; for remote management.
If the Appliances are to be used behind a NAT gateway, NAT timeout rules will need to be adjusted to make sure that connections aren’t dropped mid-call, as the SIPS connections between the Fonolo Cloud and the Appliances often have long periods with no data transferred. We would suggest a 4-6 hour timeout.
Inside your network, the Appliances will need to communicate directly with your SIP gateway, media gateways, and in most implementations, your agent handsets. The Appliances listen on the follow ports for SIP/RTP:
- UDP/5060 or TCP/5060 – SIP (UDP is recommended)
- UDP/10,000–20,000. This RTP port range is configurable on the appliances, if there is a preferred range.
Your platform will communicate with the Appliances on these ports. Outbound (from the Appliances to your system), the follow ports are used:
- UDP/5060 or TCP/5060 – SIP to your SIP gateway. For example, to Avaya Session Manager. (UDP is recommended)
- A UDP port range (min/max) for RTP data, which matches the media settings on your phone system.
This connection will be between the Appliances and your media gateways and to your agent handsets directly, depending on your platform settings.
The Appliances also make outbound connections to support the service, and for server functionality (e.g. NTP to maintain the system clock, outbound HTTP connections for package management, etc.). If outbound ACLs are in-use, we can provide a list of outbound ports required. The Appliances must also be able to communicate with each other in order to synchronize data used for audio recordings and call attached data. This requires the following port to be open between all Appliances:
- TCP/443 – HTTPS; for synchronization of the Appliances.
NTP and DNS Server Access:
The Appliances will require access to NTP and DNS server. You can use your own, or you can use ours. In either case, the appliances individually require access to these servers through the following ports:
- UDP/123 (NTP)
- TCP/53 AND UDP/53 (DNS)
Any internal firewall between the Appliances and the NTP and/or DNS server require access on the above ports.
In case you would like to use our DNS and/or NTP servers, access must be granted through your external firewall for the above ports to our corresponding servers.
Fonolo supports connecting to companies via a direct site-to-site IPsec VPN. For more details, see Connecting via an IPSec VPN.