About global settings
Global settings are system-wide configuration options that affect the entire Pexip Infinity platform. Some of the settings may be overridden at the location, Conferencing Node or VMR level — this is indicated in the table below where applicable.
To configure the global settings, go to
- Service configuration
- Port ranges
- Break-in resistance
- External system integration
- Management web interface configuration
- Advanced event sink tuning
- Cloud bursting
- Pexip Private Cloud †
- Voice activity features
- Tech preview features
You should wait at least 90 seconds for any changes in configuration to be synchronized to all Conferencing Nodes; this may take longer in large deployments. You can go to to check when configuration was last updated.
The length of time (in seconds) for which a conference will continue with only Guest participants, after all Host participants have left.
Default: 60 seconds
|Using PINs to differentiate between Hosts and Guests|
|Last participant backstop timeout||
The length of time (in seconds) for which a conference will continue with only one participant remaining. The type of participant (Host, Guest, automatically dialed, streaming etc) is irrelevant.
The time can be configured to values between 60 seconds and 86400 (1 day), or to 0 (never eject).
Default: 0 (never eject)
|Automatically ending a conference|
|PIN entry timeout||
The length of time (in seconds) for which a participant is allowed to remain at the PIN entry screen before being disconnected.
Default: 120 seconds
|Limiting the time a participant can spend at the PIN entry screen|
|Waiting for Host timeout||
The length of time (in seconds) for which a Guest participant can remain at the waiting screen if a Host does not join, before being disconnected.
Default: 900 seconds
|Limiting how long Guests can wait for a Host|
|Default theme||The theme to use for services that have no specific theme selected.||Customizing conference images and voice prompts using themes|
|Maximum inbound call bandwidth (kbps)||Limits the bandwidth of media being received by Pexip Infinity from individual participants, for calls where bandwidth limits have not otherwise been specified.||Managing and restricting call bandwidth|
|Maximum outbound call bandwidth (kbps)||Limits the bandwidth of media being sent by Pexip Infinity to individual participants, for calls where bandwidth limits have not otherwise been specified.||Managing and restricting call bandwidth|
|Maximum call quality||
Controls the maximum call quality for participants connecting to Pexip Infinity services.
You can override this global setting for each individual service (VMR, Call Routing Rule etc). For example, you could use the default option of "HD" for most of your services by default, but enable Full HD on some specific services. The options are:
See Setting and limiting call quality for more information.
|Setting and limiting call quality|
|Maximum presentation bandwidth ratio||
When sending main video and presentation to a standards-based (SIP or H.323) or WebRTC endpoint, this defines the maximum percentage of the call bandwidth to allocate to the presentation content (with the remainder allocated to main video). It must be in the range 25% to 75%.
Note that when sending two video streams to a dual-screen endpoint, the call bandwidth is always split 50-50 between video and presentation content (and cannot be changed).
|Managing and restricting call bandwidth|
|External participant avatar lookup||
Determines whether or not avatars for external participants are retrieved using a method appropriate for the external meeting type. Currently this only applies to Microsoft Teams conferences. For all other conference types, and for when this option is not selected, avatars may be retrieved via external policy or user records as per standard behavior. You can also configure this setting on individual Call Routing Rules for Microsoft Teams conferences.
|Configuring Pexip Infinity as a Microsoft Teams gateway|
Controls support for the SIP protocol over TCP and TLS across all Conferencing Nodes in your Pexip Infinity deployment.
Note that disabling SIP will disable support for Skype for Business / Lync (MS-SIP).
|Enabling and disabling SIP, H.323, WebRTC and RTMP|
|Enable SIP UDP||
Allows or prevents incoming calls over SIP UDP.
These boxes control support for the selected protocols across all Conferencing Nodes in your Pexip Infinity deployment.
Default: all of these settings are enabled by default.
|Enable support for Pexip Infinity Connect clients and Client API||
Enables support for the Pexip Infinity client API. This is required for integration with the Connect apps (web, desktop and mobile), and any other third-party applications that use the client API, as well as for integration with Microsoft Teams and Poly OTD endpoints for One-Touch Join.
This setting must be enabled if you want to Enable WebRTC or Enable RTMP.
|Enable media relay on TCP port 443||
This setting enables media relay on TCP port 443 on all Conferencing Nodes. This is intended as a fallback mechanism for use by WebRTC clients that are behind strict firewalls that block RTP media to Pexip's standard ports. This setting should only be enabled when it is impossible to amend the firewall's rules to allow UDP media, as sending media over TCP can result in increased latency and jitter.
Enabling this setting may cause disruption to ongoing WebRTC sessions.
This setting is not compatible with the Connect desktop app for Citrix Workspace app.
|Enable Far End Camera Control||
Allows endpoints that support FECC to be controlled by a Host participant using a Connect app.
Enables relay of chat messages between conference participants using Skype for Business / Lync and Infinity Connect clients.
You can override this setting on a per conference basis (for a Virtual Meeting Room or Virtual Auditorium).
|Enabling and disabling chat messages|
|Enable outbound calls||
Controls whether any calls can be made via the Infinity Gateway, and allows dial-out from a conference (via the Connect apps and the Administrator interface).
|Enable legacy dialout API||
This setting controls the system behavior when dialing out via a Connect app or the client API to a participant from an ongoing conference.
When selected (enabled), calls placed via the:
When not selected (disabled), calls that are placed via:
Note that dial out via the Administrator interface, management API or Automatically Dialed Participants (ADPs) is unaffected by this setting.
|Manually dialing out to a participant from a conference|
|Pexip Infinity domain (for Lync / Skype for Business integration)||
The name of the SIP domain that is routed from Skype for Business / Lync to Pexip Infinity, either as a static route or via federation.
You can also configure the Pexip Infinity domain on a per-location basis, which would override this global setting for Conferencing Nodes in that location.
|Enable Skype for Business / Lync auto-escalation||
When selected, this automatically escalates a Skype for Business / Lync audio call so that it receives video from a conference.
|Automatically escalating Skype for Business / Lync audio calls|
|Enable VbSS for Skype for Business||
Controls support for Skype for Business Video-based Screen Sharing (VbSS).
Note that VbSS is always enabled for Microsoft Teams calls, regardless of this setting.
For information about enabling VbSS on your Skype for Business infrastructure see https://technet.microsoft.com/en-us/library/mt756736.aspx.
|DSCP value for management traffic||The DSCP value for SSH, HTTPS and SNMP management traffic sent from the Management Node and from Conferencing Nodes. This is an optional Quality of Service (QoS) setting used to prioritize different types of traffic in large, complex networks. Also see Configuring system locations.|
Allows an administrator to log in to the Management Node and all Conferencing Nodes over SSH.
This setting can be overridden on individual nodes.
When disabled, Connect apps display aliases from their own call history only.
When enabled, registered Connect apps additionally display the aliases of Virtual Meeting Rooms, Virtual Auditoriums, Virtual Receptions, and devices registered to the Pexip Infinity platform.
|Directory (phone book) of devices and VMRs for registered Connect apps|
|Enable restricted routing for Proxying Edge Nodes||
When enabled, if a location only contains Proxying Edge Nodes, then those nodes only require IPsec connectivity with other nodes in that location, the transcoding location, the primary and secondary overflow locations, and with the Management Node. When disabled, a full connectivity mesh is required between all nodes in the deployment.
|Deployment guidelines for Proxying Edge Nodes|
Controls the media encryption requirements for participants connecting to Pexip Infinity services.
You can override this global setting for each individual service (VMR, Call Routing Rule etc). For example, you could use the default option of "best effort" for most of your services, but enforce encryption on some specific services.
Default: Best effort
|Signaling port range start and end
The start and end values for the range of ports (UDP and TCP) that all Conferencing Nodes use to send signaling (for H.323, H.245 and SIP).
|Media port range start and end
The start and end values for the range of ports (UDP and TCP) that all Conferencing Nodes use to send media for H.323, SIP, Skype for Business / Lync, WebRTC and RTMP (note that RTMP uses TCP only).
Controls which codecs to offer in audio/video negotiation (SDPs).
Some third-party systems can experience issues if they are sent a large SDP from Pexip Infinity. You can reduce the size of the SDP by disabling specific, unwanted codecs.
Default: all codecs are selected except AAC-LD128, H.264 High (mode 0) and H.264 High (mode 1).
To enable the H.264 High Profile codec, move H.264 High (mode 1) into the list of Chosen Codecs. For optimal interoperability results, only enable H.264 High (mode 1) — leave H.264 High (mode 0) in the Available Codecs list.
Determines whether OCSP is used to check the status of TLS certificates.
Off: OCSP is not used.
On: OCSP is used, and the request is sent to the URL specified in the TLS certificate. If no URL is specified in the TLS certificate, the OCSP responder URL configured below is used.
Override: OCSP is used, and the request is sent to the OCSP responder URL specified in the OCSP responder URL field, regardless of any URL encoded in the TLS certificate.
|Using OCSP to check the status of certificates|
|OCSP responder URL||
The URL to which OCSP requests are sent if either:
|Using OCSP to check the status of certificates|
|SIP TLS certificate verification mode||
Determines whether to verify the peer certificate for outbound connections over SIP TLS. The options are:
Off: the peer certificate is not verified; all connections are allowed.
On: the peer certificate is verified, and the peer's remote identities (according to RFC5922) are compared against the Application Unique String (AUS) identified by Pexip Infinity — the SIP URI — before the connection is allowed.
|Verifying SIP TLS connections with peer systems|
|Maximum log age (days)||
The maximum number of days of logs and call history to retain on Pexip nodes. On busy systems, logs may still be rotated before this time due to limited disk space.
Enter 0 to have no set limit.
|HTTP Content Security Policy||
Determines whether or not HTTP Content-Security-Policy (CSP) headers for Conferencing Nodes are enabled.
|HTTP Content Security Policy Header||
Defines the contents of the HTTP Content-Security-Policy headers for Conferencing Nodes when CSP is enabled.
The default header string contains multiple directives such as frame-src and script-src, delimited by the ; character.
For more information on CSP, see this MDN article.
Default: upgrade-insecure-requests; default-src 'self'; frame-src 'self' https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html https://*.microsoft.com https://*.office.com; style-src 'self' 'unsafe-inline' https://*.microsoft.com https://*.office.com; object-src 'self'; font-src 'self' https://*.microsoft.com https://*.office.com; img-src 'self' https://www.adobe.com data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.microsoft.com https://*.office.com https://ajax.aspnetcdn.com https://api.keen.io; media-src 'self' blob:; connect-src 'self' https://*.microsoft.com https://*.office.com https://example.com; frame-ancestors 'self';
|Enable PIN brute force resistance||
Select this option to instruct Pexip Infinity to temporarily block all access to a VMR that receives a significant number of incorrect PIN entry attempts.
You can override this setting on a per location basis.
|Break-in resistance settings to mitigate rogue calls|
|Maximum PIN failures||
The maximum number of PIN failures allowed in any 10-minute window before the VMR is blocked.
|Enable VOIP scanner resistance||
Select this option to instruct Pexip Infinity to temporarily block service access attempts from any unknown source IP addresses that dial a significant number of incorrect aliases.
You can override this setting on a per location basis.
|Maximum scanner attempts||
The maximum number of incorrect dial attempts in any 10-minute window before the source IP address is blocked.
|External system integration|
|Enable HTTP access for external systems||
Access for external systems is over HTTPS by default. If this box is selected, access over HTTP is also permitted.
|Integrating with external systems|
|External system username and password||The username and password used by external systems (such as CUCM) when authenticating with Pexip Infinity.||Integrating with external systems|
|Management web interface configuration|
|Login banner text||Any text entered here is displayed in a message box on the login page. This field supports plain text only.|
|Enable management web interface session timeout||
Controls whether inactive users are automatically logged out of the Administrator interface after a period of time.
If enabled, users are logged out after a number of minutes of inactivity as specified in the Management web interface session timeout setting.
If disabled, users of the Administrator interface are never timed out. You may want to use this option if, for example, you have an administrator session that permanently monitors the system live view.
|Management web interface session timeout||
The number of minutes a browser session may remain idle before the user is logged out of the Management Node Administrator interface, if Enable management web interface session timeout is selected.
Default: 30 minutes.
|Show conferences and backplanes in Live View||
Controls whether conferences and backplanes are shown in the Live View graph. If you have a very busy deployment, it may be useful to disable conferences and backplanes from the Live View for an improved viewing experience.
Note that when conferences and backplanes are removed, the conferences and participants counts in Live View are not shown.
|Viewing live and historical platform status|
|Management start page||
Controls the first page you are directed to after logging into the Administrator interface.
Default: Live View
|Using the Pexip Infinity Administrator interface|
Site banner text
Banner background color
Banner text color
These options configure the site banner (across the top of every webpage) for the Pexip Infinity Administrator interface.
You can define the text to display, and use the color pickers to select the text and background colors.
Enable incident reporting
Incident reporting URL
Contact email address
If incident reporting is enabled, reports are sent to the specified URL.
The contact email address will be used by Pexip Support when following up on any incident reports received from your deployment.
These settings are configured during initial installation of the Management Node (when running the installation wizard).
|Automatically reporting errors|
|Automatically send deployment and usage statistics to Pexip||
Select this option to allow submission of deployment and usage statistics to Pexip. This will help us improve the product.
This setting is configured during initial installation of the Management Node (when running the installation wizard).
|Automatically sending usage statistics|
|Advanced event sink tuning|
|Event sink settings||
A range of advanced options to tune the event sink processes.
See Using event sinks to monitor conference and participant status for details.
|Using event sinks to monitor conference and participant status|
|Cloud bursting settings||These options enable and configure the Pexip Infinity platform for dynamic cloud bursting to either Microsoft Azure, Amazon Web Services (AWS) or Google Cloud Platform (GCP).|
|Pexip Private Cloud
|Enable Pexip Private Cloud||Select this option to enable a connection from your deployment to the Pexip Private Cloud.||A connection to the Pexip Private Cloud is required if you wish to deploy a Pexip Smart Scale location.|
|Gateway URL||The URL used by your deployment to connect to the Pexip Private Cloud. This must be in the format https://|
|Customer ID||The username used to authenticate your connection to the Pexip Private Cloud.|
|Authentication token||The token used to authenticate your connection to the Pexip Private Cloud.|
|Live captions (available and required when Live Captions are enabled via Tech preview features)|
|Enable live captions on VMRs and routing rules by default||
This option controls whether live captions are enabled on all VMRs and Call Routing Rules by default.
You can override this global setting for each individual VMR or Call Routing Rule.
|Live captions service API gateway||The API service used by the Conferencing Nodes to handle live captions (such as livecaption-api.pexip.io).|
|Live Captions App-Id||Auto populated when live captions are enabled the first time. This value will not change if you disable and re-enable live captions.|
|Live captions JWT public key||Auto populated when live captions are enabled. This value will not change if you disable and re-enable live captions.|
|Voice activity features|
|Enable Voice Focus||
Voice Focus is a platform-wide setting that improves the way in which voice activity is detected by better distinguishing between actual speech and background noise. This reduces the probability that people who are not speaking but have audible background noise will be switched into the main speaker position. Note that this does not remove any noise from the audio.
When enabled it applies to Virtual Meeting Rooms and Virtual Auditoriums, and it uses additional hardware resources (equivalent to an extra 4 audio connections per participant).
|Tech preview features|
Select this option to enable live captions functionality and to display theconfiguration section on this page (above).
This allows you to configure a VMR or Call Routing Rule so that it can convert the live meeting audio to a readable text (live transcription). This then enables participants using the web app to view those live captions.
Please contact your Pexip authorized support representative or your Pexip Solution Architect for guidance on enabling this feature specific to your environment.
When enabling this feature note that:
Softmute is advanced speech-aware audio gating which helps to minimize noise coming from a participant who has their microphone turned on in a conference, but is not speaking. If non-voice noise is detected, this feature softens the gain from that participant. It does not entirely suppress noise from an audio signal.
When it is enabled here, it can then be individually enabled or disabled at the VMR level ().
It uses additional hardware resources (equivalent to an extra 4 audio connections per participant). However, if Voice Focus is also enabled, then both features use a combined total of an extra 4 audio connections per participant i.e. there is no extra resource use for enabling Softmute when Voice Focus is also enabled.
|Configuring Virtual Meeting Rooms (VMRs)|
|Enable Breakout Rooms||
This feature is currently under development and should not be enabled.