# Configuring PortSIP SBC for WebRTC After successfully installing the **PortSIP SBC**, you can now configure it to enable the **WebRTC** feature. Choose the appropriate configuration method based on your deployment model. *** ### Configure PortSIP SBC on the Same Server as PortSIP PBX #### Step 1: Prepare the SSL Certificate Prepare the SSL certificate as described in the guide [Certificates for TLS / HTTPS / WebRTC](/portsip-communications-solution/tutorials/certificates-for-tls-https-webrtc.md). You should have the following files available: * `portsip.pem` * `portsip.key` *** #### Step 2: Sign In to the SBC Web Portal 1. Open the following URL in your browser: 2. Log in using the default credentials: * **Username:** `admin` * **Password:** `admin` 3. Ignore the browser SSL warning and continue. *** #### Step 3: Upload the TLS Certificate 1. Navigate to **Settings > TLS Certificates**. 2. Click **Add**. 3. Fill in the fields: * **Description:** `SBC Host Name` (example) * **TLS Domain:** `uc.portsip.cc` 4. Open `portsip.pem` in a text editor and paste its contents into **Certificate Context**. 5. Open `portsip.key` and paste its contents into **Private Key** Context. 6. Enable **This is SBC Web Domain Certificate**. 7. Click **OK** to save. *** #### Step 4: Configure Network Settings 1. Navigate to **Settings > Network**. 2. Configure the following values: * **Web Domain:** `uc.portsip.cc` * **Private IPv4:** `192.168.1.72` * **Public IPv4:** `66.175.221.120` 3. Keep **Create default transports automatically** enabled. The SBC will automatically create the following transports: * **TCP 5069** – Communication with PBX * **TLS 5067** – Microsoft Teams Direct Routing * **WSS 5065** – WebRTC services * **UDP 5066** – Standard SIP services > Disabling automatic transport creation is not recommended unless you are performing a custom configuration. 4. Click **OK**.\ The SBC will restart automatically and log you out. *** #### Step 5: Restart the PBX Execute the command below to restart the SBC: ```bash cd /opt/portsip sudo /bin/sh sbc_ctl.sh restart ``` *** #### Step 6: Generate the SBC Access Token in PBX 1. Sign in to the PBX Web Portal: 2. Navigate to **Servers** > **SBC**. 3. Click **Generate** to create an access token. 4. Click **Copy** to copy the token. *** #### Step 7: Configure PBX Connection in SBC 1. Sign in to the SBC Web Portal: 2. Navigate to **Settings > PBX**. 3. Configure the following: * **PBX Access Token:** Paste the copied token * **PBX IPv4 Address:** `192.168.1.72` * *(If PBX runs in HA mode, enter the PBX Virtual IP)* * **Prefer Transport:** `TCP` * **PBX Port:** `5063` 4. Click **OK** to save. *** #### Step 8: Access the WebRTC Client Open the following URL in your browser: , the WebRTC client will launch.\ Scan the user’s QR code to register with the PBX and place or receive calls. *** ### Configure PortSIP SBC on a Separate Server Follow these steps if the PortSIP SBC is installed on a separate server from the PortSIP PBX. #### Step 1: Prepare the SSL Certificate Prepare the SSL certificate as described in the guide [Certificates for TLS / HTTPS / WebRTC](/portsip-communications-solution/tutorials/certificates-for-tls-https-webrtc.md). You should have the following files ready: * `portsip.pem` * `portsip.key` A **trusted wildcard SSL certificate** (not self-signed) must be installed for the domain: `portsip.cc` *** #### Step 2: Sign In to the SBC Web Portal 1. Open the following URL in your browser: 2. Log in using the default credentials: * **Username:** `admin` * **Password:** `admin` 3. Ignore the browser SSL certificate warning and continue. *** #### Step 3: Upload the TLS Certificate 1. Navigate to **Settings > TLS Certificates**. 2. Click **Add**. 3. Enter the following values: * **Description:** `SBC Host Name` (example) * **TLS Domain:** `sbc.portsip.cc` 4. Open the `portsip.pem` file in a text editor and copy its contents into the **Certificate Context** field. 5. Open the `portsip.key` file and copy its contents into the **Private Key Context** field. 6. Enable **This is SBC Web Domain Certificate**. 7. Click **OK** to save the certificate. *** #### Step 4: Configure Network Settings 1. Navigate to **Settings > Network**. 2. Configure the following fields: * **Web Domain:** `sbc.portsip.cc` * **Private IPv4:** `192.168.1.73` * **Public IPv4:** `66.175.221.120` 3. Ensure **Create default transports automatically** is enabled. When this option is enabled, the SBC automatically creates the following transports: * **TCP 5069** – Communication with the PBX * **TLS 5067** – Microsoft Teams Direct Routing * **WSS 5065** – WebRTC services * **UDP 5066** – Standard SIP services > Turning off automatic transport creation is **not recommended** unless you are performing an advanced custom configuration. 4. Click **OK**. The SBC will **restart automatically** and log you out. *** #### Step 5: Restart the PBX After the SBC restarts, restart the PBX to ensure proper connectivity. ```bash cd /opt/portsip sudo /bin/sh sbc_ctl.sh restart ``` *** #### Step 6: Generate the SBC Access Token in the PBX 1. Sign in to the PBX Web Portal: 2. Navigate to **Servers > SBC**. 3. Click **Generate** to create an SBC access token. 4. Click **Copy** to copy the generated token. *** #### Step 7: Configure PBX Connection in the SBC 1. Sign in to the SBC Web Portal: 2. Navigate to **Settings > PBX**. 3. Configure the following fields: * **PBX Access Token:** Paste the copied token * **PBX IPv4 Address:** `192.168.1.72` * *(If the PBX is deployed in HA mode, enter the PBX **Virtual IP** instead)* * **Prefer Transport:** `TCP` * **PBX Port:** `5063` 4. Click **OK** to save the configuration. *** #### Step 8: Access the WebRTC Client Open the following URL in your browser: , the WebRTC client will launch.\ Scan the user’s QR code to register with the PBX and make or receive calls. *** #### Step 9: Add the SBC IP Address to the PBX Whitelist To prevent the PBX from rate-limiting requests from the SBC, you must whitelist the SBC IP address.
1. Sign in to the **PBX Web Portal** as a **System Administrator**. 2. Navigate to **IP Blacklist**. 3. Click **Add**. 4. Enter the **SBC IP address** (`192.168.1.73` or the public IP if applicable). 5. Set a **long expiration date**. 6. Save the configuration. *** ### Check Open Firewall Ports The following commands can be used to verify which firewall ports are currently open on the server hosting the PortSIP SBC. ```sh sudo firewall-cmd --info-service=portsip-sbc ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://support.portsip.com/portsip-communications-solution/portsip-pbx-administration-guide/9-configuring-portsip-sbc/configuring-sbc-for-webrtc.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.