Device Management
      Back to home
      1. Help Center
      2. Admin Portal
      3. Device Management

      SIP Intercom

      How to set up SIP and use intercom on supported devices

      Selected Alcatraz Facial Authentication Devices support intercom functionality through SIP, allowing them to interoperate with popular SIP devices and software applications. See your Alcatraz Facial Authentication Device's specification sheet to find out if it supports SIP.
      The device's intercom functionality allows you to receive calls and to place calls to a predefined SIP extension.

      Configuring a Device for SIP


      Before people can use the Alcatraz Facial Authentication Device as an intercom station, you need to enable and set up the device's SIP functionality.
      Work with your SIP server (VoIP server, PBX) administrator to ensure that the settings that you enter here are correct for the server's setup.
      The following Alcatraz Admin Portal roles can configure SIP for a device:
      • Account Administrator
      Take these steps to enable and set up the device's SIP functionality:
      1. Log in to Alcatraz Admin Portal as a supported role.
      2. In the left menu, go to Device Management > Devices.
      3. In the list of devices, click the device to configure.
      4. From the Settings drop-down menu on the right, select Modify.
      5. Expand SIP Configuration.
      6. Toggle SIP on.
      7. Fill in the form as described in SIP Configuration Settings and finally click Submit.

      SIP Configuration Settings

      The following settings allow you to configure SIP on a device.
      • SIP Server—Connection details for the SIP server though which the device will place and receive SIP calls.
        • Domain Name / IP Address—IP address or domain name of the SIP server.
          Example: 10.0.0.333 or sip.example.com
        • Port Number—Port number on which the SIP server accepts connections.
          Usually 5060 for SIP over TCP or UDP or 5061 for SIP over TLS.
        • Polling Interval (seconds)—Number of seconds to wait between attempts to confirm connectivity with the SIP server. Recommended minimum value: 30. Recommended value: 3600.
        • Transport Protocol—Network protocol to use for SIP calls.
          • TLS Certificates—(Only for TLS) Optionally, upload a Certification Authority (CA) certificate to be used for validating the trustworthiness of the certificate presented by the SIP server as part of the TLS negotiation. If you don't provide a CA certificate, only server certificates signed by well-known Internet CAs will be accepted. Supported file formats: .pem, .cer, or .crt.
        • Encryption—Optional setting specifying whether the remote SIP endpoint requires a secure connection. If you leave it unset, the device defaults to initiating an insecure connection.
          • RTP with Optional SRTP (Fallback Mode)—The device initiates a secure connection over SRTP. If the secure connection fails, the device falls back to using an insecure connection over RTP.
          • SRTP-only—Only allows communication if the remote SIP endpoint can make a secure connection over SRTP.
      • Identifying the Station—Settings determining how other SIP endpoints can reach the device over SIP.
        • Authentication Username—Enter the username (usually matches the extension) assigned to the device on the SIP server. Allowed characters: letters and numbers.
        • Authentication Password—If the SIP server requires that endpoints authenticate, enter the password assigned to the device on the SIP server. If not, enter a dummy password.
        • Display Name—Human-friendly name that most remote SIP endpoints can show on their screens as contact names.
          Example: Front Door
        • SIP Extension—Name or number that uniquely identifies the device on the SIP server. Allowed characters: letters and numbers.
          Example: 3401 or frontdoor3401
      • Call number—Specifies a SIP endpoint that the device calls on pressing the intercom button. Use any of the following formats:
        • Short: <extension>
          Example: 3400 or frontdesk3400
        • Full: sip:<extension>@<SIP server IP address>
          Example: sip:3400@10.0.0.333 or sip:frontdesk3400@10.0.0.333

          Pressing the plus icon allows you to specify multiple endpoints in Call Further Number for no Answer fields. The device will attempt each endpoint in sequence until the call is answered. If no one answers, the device announces that the call has failed.
      • Call Options—Controls various call-related device options.
        • Microphone Volume—Input sound level of the built-in microphone.
        • Speaker Volume—Output sound level of the built-in speaker.
        • Call Timeout—Number of seconds to wait before ending the call if the other side does not answer.
        • Video Calls—Enables video for incoming or outgoing calls.
          • Outgoing—Allows video only for outgoing calls.
          • Incoming—Allows video only for incoming calls.
          • Both—Allows video for incoming and outgoing calls.
      • Allow Incoming Calls—Whether to allow this device to be reached with SIP calls.
      • List of SIP URLs permitted to call the intercom—In URL text boxes, specifies one or more SIP endpoints that are allowed to reach this device. Use any of the following formats:
        • Short: <extension>
          Example: 3400 or frontdesk3400
        • Full: sip:<extension>@<SIP server IP address>
          Example: sip:3400@10.0.0.333 or sip:frontdesk3400@10.0.0.333
      • Proxy Configuration—Connection details for a proxy server if it is required for reaching the SIP server.
        • Authentication Username—Username to authenticate the device against the proxy server.
        • Domain Name / IP Address—IP address or domain name of the proxy server.
          Example: proxy.example.com
        • Authentication Password—Password to authenticate the device against the proxy server.
        • Port Number—The port number on which the proxy server accepts connections.
          Example: 443

      Placing an Outgoing Call

      When at an intercom-enabled Alcatraz Facial Authentication Device, you can place a call to a set intercom extension pre-configured in the Alcatraz Facial Authentication Device. Alcatraz administrators can also configure fallback extensions in addition to the primary intercom extension. In such cases, the device will attempt each extension in sequence until the call is answered. If no one answers, the device announces that the call has failed.
      To call the pre-programmed intercom extension (or extensions), press the intercom button.

      For best results, speak close to the device (less than 3 ft or 1 m away).

      p-intercom--use-button

      Accepting Intercom Calls on a Device

      Each intercom-enabled Alcatraz Facial Authentication Device has its own extension (SIP address, or SPI URI) that other intercom users can call.
      The Alcatraz Facial Authentication Device accepts the call automatically on receiving it and displays Incoming call answered in addition to the following graphic:
      p-intercom-call-accepted

      For best results, speak close to the device (less than 3 ft or 1 m away) .


      Ending a Call on a Device

      To end a call that you have placed or accepted at an Alcatraz Facial Authentication Device, press the intercom button.

      Placing a Call to a Device

      Each intercom-enabled Alcatraz Facial Authentication Device has its own extension (SIP address, or SPI URI) that you can call from other intercom stations.

      The device's configuration might limit which intercom stations are allowed to call it. If your station can't place a call to the device, talk to your Alcatraz administrator.

      How you dial an Alcatraz Facial Authentication Device will depend on your intercom station's brand and model. Consult its user manual for the detailed steps. In most cases, the steps will involve dialing its contact list entry or entering the device's SIP address in the following format:
      • Short: <extension>
        Example: 3400 or frontdoor3400
      • Full: sip:<extension>@<SIP server IP address>
        Example: sip:3400@10.0.0.333 or sip:frontdoor3400@10.0.0.333

      Intercom (SIP) Log Events

      During its operation, the intercom functionality of applicable Alcatraz Facial Authentication Devices can generate the following events. See Security Events Overview to learn how to access device logs.
      Event Screen Name Event Name Description
      Dialing outgoing_call_initiated Logs the start of an attempt to place an outgoing call. The event is generated in response to the intercom button being pressed.
      Call Established
      outgoing_call_established
      Logs the successful establishment of a call: the remote station answered and the audio channels are open.
      Call Failed
      outgoing_call_failure
      Logs the failure to make a single call. The event details indicate the type of failure.
      Hanging Up
      outgoing_remote_hangup
      Logs the end of a single call where the remote side initiated the hangup.
      Call Failed
      outgoing_call_contact_failure
      Logs the exhaustion of the list of contacts with no successful call established. None of the contacts could be reached.
      Call Rejected
      incoming_call_rejected
      Logs the rejection (by the device) of an incoming call. The event details indicate the reason for the rejection—most likely, the caller’s SIP address not being present in the allowed callers list.
      Incoming Call
      incoming_call_received
      Logs the establishment of an incoming call.
      Call Failed
      incoming_call_failure
      Logs the completion of an incoming call that failed after the call was established. The event details indicate the reason.
      Hanging Up
      incoming_call_remote_hangup
      Logs the end of an incoming call where the remote side initiated the hangup.
      Hanging Up
      incoming_call_local_hangup
      Logs the end of an incoming call where the local side initiated the hangup.