About global settings

Global settings are system-wide configuration options that affect the entire Pexip Infinity platform. Some of the settings may be overridden at the location, Conferencing Node or VMR level — this is indicated in the table below where applicable.

To configure the global settings, go to Platform > Global settings. The settings are grouped into the following categories:

You should wait at least 90 seconds for any changes in configuration to be synchronized to all Conferencing Nodes; this may take longer in large deployments. You can go to Status > Conferencing Nodes to check when configuration was last updated.

Setting Description More information
Service configuration
Guests-only timeout

The length of time (in seconds) for which a conference will continue with only Guest participants, after all Host participants have left.

Default: 60 seconds

Using PINs to differentiate between Hosts and Guests
Last participant backstop timeout

The length of time (in seconds) for which a conference will continue with only one participant remaining. The type of participant (Host, Guest, automatically dialed, streaming etc) is irrelevant.

The time can be configured to values between 60 seconds and 86400 (1 day), or to 0 (never eject).

Default: 0 (never eject)

Automatically ending a conference
PIN entry timeout

The length of time (in seconds) for which a participant is allowed to remain at the PIN entry screen before being disconnected.

Default: 120 seconds

Limiting the time a participant can spend at the PIN entry screen
Waiting for Host timeout

The length of time (in seconds) for which a Guest participant can remain at the waiting screen if a Host does not join, before being disconnected.

Default: 900 seconds

Limiting how long Guests can wait for a Host
Default theme The theme to use for services that have no specific theme selected. Customizing conference images and voice prompts using themes
Maximum inbound call bandwidth (kbps) Limits the bandwidth of media being received by Pexip Infinity from individual participants, for calls where bandwidth limits have not otherwise been specified. Managing and restricting call bandwidth
Maximum outbound call bandwidth (kbps) Limits the bandwidth of media being sent by Pexip Infinity to individual participants, for calls where bandwidth limits have not otherwise been specified. Managing and restricting call bandwidth
Maximum call quality

Controls the maximum call quality for participants connecting to Pexip Infinity services.

You can override this global setting for each individual service (VMR, Call Routing Rule etc). For example, you could use the default option of "HD" for most of your services by default, but enable Full HD on some specific services. The options are:

  • SD: each participant is limited to SD quality.
  • HD: each participant is limited to HD (720p) quality.
  • Full HD (1080p): allows any endpoint capable of Full HD to send and receive its main video at 1080p.

Default: HD

See Setting and limiting call quality for more information.

Setting and limiting call quality
Maximum presentation bandwidth ratio

When sending main video and presentation to a standards-based (SIP or H.323) endpoint, this defines the maximum percentage of the call bandwidth to allocate to the presentation content (with the remainder allocated to main video). It must be in the range 25% to 75%.

Default: 75%

Managing and restricting call bandwidth
External participant avatar lookup

Determines whether or not avatars for external participants are retrieved using a method appropriate for the external meeting type. Currently this only applies to Microsoft Teams conferences. For all other conference types, and for when this option is not selected, avatars may be retrieved via external policy or user records as per standard behavior. You can also configure this setting on individual Call Routing Rules for Microsoft Teams conferences.

Default: enabled.

Configuring Pexip Infinity as a Microsoft Teams gateway
Connectivity
Enable SIP *

Controls support for the SIP protocol over TCP and TLS across all Conferencing Nodes in your Pexip Infinity deployment.

Note that disabling SIP will disable support for Skype for Business / Lync (MS-SIP).

Default: enabled.

Enabling and disabling SIP, H.323, WebRTC and RTMP
Enable SIP UDP

Allows or prevents incoming calls over SIP UDP.

Default: disabled.

Enable H.323 *

Enable WebRTC

Enable RTMP *

These boxes control support for the selected protocols across all Conferencing Nodes in your Pexip Infinity deployment.

Default: all of these settings are enabled by default.

Enable support for Pexip Infinity Connect clients and Client API

Enables support for the Pexip Infinity client API. This is required for integration with the Infinity Connect browser-based, desktop and mobile clients, and any other third-party applications that use the client API, as well as for integration with Microsoft Teams.

This setting must be enabled if you want to Enable WebRTC or Enable RTMP.

Default: enabled.

Enable Far End Camera Control

Allows endpoints that support FECC to be controlled by a Host participant using an Infinity Connect client.

Default: enabled.

Control another participant's camera

Enable chat

Enables relay of chat messages between conference participants using Skype for Business / Lync and Infinity Connect clients.

You can override this setting on a per conference basis (for a Virtual Meeting Room or Virtual Auditorium).

Default: enabled.

Enabling and disabling chat messages
Enable outbound calls

Controls whether any calls can be made via the Infinity Gateway, and allows dial-out from a conference (via the Infinity Connect clients and the Administrator interface).

Default: enabled.

Placing calls via the Pexip Infinity Distributed Gateway

Manually dialing out to a participant from a conference

Enable legacy dialout API

This setting controls the system behavior when dialing out via an Infinity Connect client or the client API to a participant from an ongoing conference.

When selected (enabled), calls placed via the:

  • Infinity Connect client always use automatic routing and thus must match an appropriate Call Routing Rule.
  • Client API or the legacy (webapp1) client can either use automatic routing or they can specify a dial-out protocol without any need for a Call Routing Rule i.e. it allows end-users to perform arbitrary dial outs (and thus circumvent any administrator-set rules).

When not selected (disabled), calls that are placed via:

  • Any Infinity Connect client or via the client API always use automatic routing and thus must match an appropriate Call Routing Rule.

Note that dial out via the Administrator interface, management API or Automatically Dialed Participants (ADPs) is unaffected by this setting.

Default: disabled.

Manually dialing out to a participant from a conference
Do not default to the legacy Web App

When selected, Pexip Infinity does not default to the legacy version of the Infinity Connect web app. However, unsupported browsers will be redirected to the legacy web app.

Default: enabled.

Switching to the legacy Infinity Connect web app
Pexip Infinity domain (for Lync / Skype for Business integration)

The name of the SIP domain that is routed from Skype for Business / Lync to Pexip Infinity, either as a static route or via federation.

You can also configure the Pexip Infinity domain on a per-location basis, which would override this global setting for Conferencing Nodes in that location.

Microsoft Skype for Business / Lync with Pexip Infinity

Enable Skype for Business / Lync auto-escalation

When selected, this automatically escalates a Skype for Business / Lync audio call so that it receives video from a conference.

Default: disabled.

Automatically escalating Skype for Business / Lync audio calls
Enable VbSS for Skype for Business

Controls support for Skype for Business Video-based Screen Sharing (VbSS).

Note that VbSS is always enabled for Microsoft Teams calls, regardless of this setting.

Default: disabled.

For information about enabling VbSS on your Skype for Business infrastructure see https://technet.microsoft.com/en-us/library/mt756736.aspx.

DSCP value for management traffic The DSCP value for SSH, HTTPS and SNMP management traffic sent from the Management Node and from Conferencing Nodes. This is an optional Quality of Service (QoS) setting used to prioritize different types of traffic in large, complex networks. Also see Configuring system locations.  
Enable SSH

Allows an administrator to log in to the Management Node and all Conferencing Nodes over SSH.

This setting can be overridden on individual nodes.

Default: enabled.

 
Enable directory

When disabled, Infinity Connect clients display aliases from their own call history only.

When enabled, registered Infinity Connect clients additionally display the aliases of Virtual Meeting Rooms, Virtual Auditoriums, Virtual Receptions, and devices registered to the Pexip Infinity platform.

Default: enabled.

Directory (phone book) of devices and VMRs for registered Infinity Connect clients
Enable restricted routing for Proxying Edge Nodes

When enabled, if a location only contains Proxying Edge Nodes, then those nodes only require IPsec connectivity with other nodes in that location, the transcoding location, the primary and secondary overflow locations, and with the Management Node. When disabled, a full connectivity mesh is required between all nodes in the deployment.

Default: enabled.

Deployment guidelines for Proxying Edge Nodes
Media encryption

Controls the media encryption requirements for participants connecting to Pexip Infinity services.

You can override this global setting for each individual service (VMR, Call Routing Rule etc). For example, you could use the default option of "best effort" for most of your services, but enforce encryption on some specific services.

  • Best effort: each participant will use media encryption if their device supports it, otherwise the connection will be unencrypted.
  • Required: all participants (including RTMP participants) must use media encryption.
  • No encryption: all H.323, SIP and MS-SIP participants must use unencrypted media. (RTMP participants will use encryption if their device supports it, otherwise the connection will be unencrypted.)

Default: Best effort

 
Port ranges
Signaling port range start and end *

The start and end values for the range of ports (UDP and TCP) that all Conferencing Nodes use to send signaling (for H.323, H.245 and SIP).

Default: 33000–39999.

 
Media port range start and end *

The start and end values for the range of ports (UDP and TCP) that all Conferencing Nodes use to send media for H.323, SIP, Skype for Business / Lync, WebRTC and RTMP (note that RTMP uses TCP only).

Default: 40000–49999.

 
Codecs
Codecs

Controls which codecs to offer in audio/video negotiation (SDPs).

Some third-party systems can experience issues if they are sent a large SDP from Pexip Infinity. You can reduce the size of the SDP by disabling specific, unwanted codecs.

Default: all codecs are selected except AAC-LD128, H.264 High (mode 0) and H.264 High (mode 1).

To enable the H.264 High Profile codec, move H.264 High (mode 1) into the list of Chosen Codecs. For optimal interoperability results, only enable H.264 High (mode 1) — leave H.264 High (mode 0) in the Available Codecs list.

 
Security
OCSP state

Determines whether OCSP is used to check the status of TLS certificates.

Off: OCSP is not used.

On: OCSP is used, and the request is sent to the URL specified in the TLS certificate. If no URL is specified in the TLS certificate, the OCSP responder URL configured below is used.

Override: OCSP is used, and the request is sent to the OCSP responder URL specified in the OCSP responder URL field, regardless of any URL encoded in the TLS certificate.

Default: Off.

Using OCSP to check the status of certificates
OCSP responder URL

The URL to which OCSP requests are sent if either:

  • the OCSP state is set to On but no URL is present in the TLS certificate, or
  • the OCSP state is set to Override (in which case any URL present in the certificate is ignored).
Using OCSP to check the status of certificates
SIP TLS certificate verification mode

Determines whether to verify the peer certificate for connections over SIP TLS.

Off: the peer certificate is not verified; all connections are allowed.

On: the peer certificate is verified, and the peer's remote identities (according to RFC5922) are compared against the Application Unique String (AUS) identified by Pexip Infinity — the SIP URI — before the connection is allowed.

Default: Off.

Verifying SIP TLS connections with peer systems
Maximum log age (days)

The maximum number of days of logs and call history to retain on Pexip nodes. On busy systems, logs may still be rotated before this time due to limited disk space.

Enter 0 to have no set limit.

Default: 0.

 
HTTP Content Security Policy

Determines whether or not HTTP Content-Security-Policy (CSP) headers for Conferencing Nodes are enabled.

Default: enabled.

 
HTTP Content Security Policy Header

Defines the contents of the HTTP Content-Security-Policy headers for Conferencing Nodes when CSP is enabled.

Default: upgrade-insecure-requests; default-src 'self'; frame-src 'self' https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html https://*.microsoft.com https://*.office.com; style-src 'self' 'unsafe-inline' https://*.microsoft.com https://*.office.com; object-src 'self'; font-src 'self' https://*.microsoft.com https://*.office.com; img-src 'self' https://www.adobe.com data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.microsoft.com https://*.office.com https://ajax.aspnetcdn.com https://api.keen.io; media-src 'self' blob:; connect-src 'self' https://*.microsoft.com https://*.office.com https://example.com;

Note that these defaults are appropriate for typical usage of Pexip Infinity. For example, the Microsoft addresses are required for Outlook add-ins. The reserved domain example.com is included to support a third-party JavaScript library that is used by the Infinity Connect web app for PDF content sharing. You may need to add extra headers if you use custom plugins with the Infinity Connect web app.

 
Break-in resistance
Enable PIN brute force resistance

Select this option to instruct Pexip Infinity to temporarily block all access to a VMR that receives a significant number of incorrect PIN entry attempts.

You can override this setting on a per location basis.

Default: enabled.

Break-in resistance settings to mitigate rogue calls
Maximum PIN failures

The maximum number of PIN failures allowed in any 10-minute window before the VMR is blocked.

Default: 20.

Enable VOIP scanner resistance

Select this option to instruct Pexip Infinity to temporarily block service access attempts from any unknown source IP addresses that dial a significant number of incorrect aliases.

You can override this setting on a per location basis.

Default: enabled.

Maximum scanner attempts

The maximum number of incorrect dial attempts in any 10-minute window before the source IP address is blocked.

Default 20.

External system integration
Enable HTTP access for external systems

Access for external systems is over HTTPS by default. If this box is selected, access over HTTP is also permitted.

Default: disabled.

Integrating with external systems
External system username and password The username and password used by external systems (such as CUCM) when authenticating with Pexip Infinity. Integrating with external systems
Management web interface configuration
Login banner text Any text entered here is displayed in a message box on the login page. This field supports plain text only.  
Enable management web interface session timeout

Controls whether inactive users are automatically logged out of the Administrator interface after a period of time.

If enabled, users are logged out after a number of minutes of inactivity as specified in the Management web interface session timeout setting.

If disabled, users of the Administrator interface are never timed out. You may want to use this option if, for example, you have an administrator session that permanently monitors the system live view.

Default: enabled.

 
Management web interface session timeout

The number of minutes a browser session may remain idle before the user is logged out of the Management Node Administrator interface, if Enable management web interface session timeout is selected.

Default: 30 minutes.

 
Reporting

Enable incident reporting

Incident reporting URL

Contact email address

If incident reporting is enabled, reports are sent to the specified URL.

This setting is configured during initial installation of the Management Node (when running the installation wizard).

Automatically reporting errors
Automatically send deployment and usage statistics to Pexip

Select this option to allow submission of deployment and usage statistics to Pexip. This will help us improve the product.

This setting is configured during initial installation of the Management Node (when running the installation wizard).

Automatically sending usage statistics
Advanced event sink tuning

Event sink connection timeout

Event sink maximum retry backoff

Initial retry backoff

Internal cache expiration

Time to wait for media streams message

Maximum number of background POSTs

A range of advanced options to tune the event sink processes.

See Using event sinks to monitor conference and participant status for details.

Using event sinks to monitor conference and participant status
Cloud bursting
Enable bursting to the cloud

Bursting threshold

Tag name and value

Minimum lifetime

Cloud provider
These options enable and configure the Pexip Infinity platform for dynamic cloud bursting to either Microsoft Azure, Amazon Web Services (AWS) or Google Cloud Platform (GCP).

Configuring dynamic bursting to the AWS cloud

Configuring dynamic bursting to the Microsoft Azure cloud

Configuring dynamic bursting to the Google Cloud Platform (GCP)

Pexip Private Cloud
Enable Pexip Private Cloud Select this option to enable a connection from your deployment to the Pexip Private Cloud. A connection to the Pexip Private Cloud is required if you wish to deploy a Pexip Smart Scale location.
Gateway URL The URL used by your deployment to connect to the Pexip Private Cloud. This must be in the format https://  
Customer ID The username used to authenticate your connection to the Pexip Private Cloud.  
Authentication token The token used to authenticate your connection to the Pexip Private Cloud.  
Tech preview features
Enable push notifications This setting will support future feature updates to Infinity Connect mobile clients. If enabled, push notifications are sent to the external policy server whenever a registered mobile client receives a call, needs to refresh its session token, or becomes unregistered.  
Enable media relay on TCP port 443

This setting enables media relay on TCP port 443 on all Conferencing Nodes. This is intended as a fallback mechanism for use by WebRTC clients that are behind strict firewalls that block RTP media to Pexip's standard ports. This setting should only be enabled when it is impossible to amend the firewall's rules to allow UDP media, as sending media over TCP can result in increased latency and jitter.

Enabling this setting may cause disruption to ongoing WebRTC sessions.

 
Enable 1 + 33 layout This setting makes the 1 + 33 layout available for use. This layout is suitable for large conferences. It displays 1 small main speaker and up to 33 other participants. Selecting the layout seen by participants

* If you change any of these settings, all existing calls will be disconnected and all Conferencing Nodes will be automatically restarted.