Outbound Proxy

Configure an outbound SIP proxy to route all signaling through an SBC, proxy server, or corporate SIP infrastructure gateway.

An outbound proxy directs all SIP signaling through a designated proxy server before reaching the registrar. This is used when your SIP infrastructure requires traffic to pass through a session border controller (SBC), enterprise proxy, or gateway that sits between the test endpoints and the registrar.

How It Works

When an outbound proxy URI is configured:

The endpoint registers with the registrar as normal
For outbound INVITE requests, a Route header is added pointing to the proxy
The SIP stack sends the INVITE to the proxy address instead of directly to the callee
The proxy forwards the request to the final destination according to its routing rules

The Route header follows RFC 3261 loose routing semantics. The Request-URI still points to the callee — the proxy is an intermediary, not the destination.

Example SIP Headers

Without outbound proxy:

INVITE sip:callee@example.com SIP/2.0

With outbound proxy sip:proxy.example.com:5060:

INVITE sip:callee@example.com SIP/2.0
Route: <sip:proxy.example.com:5060;lr>

The lr parameter indicates loose routing (RFC 3261). The proxy processes the Route header, removes itself from the route set, and forwards the request.

Configuration

In the test creation form, the outbound proxy is configured per group in the registrar section:

Select the registrar for the group
Enter the Outbound Proxy URI in the format sip:host:port or sips:host:port

The proxy URI must include the scheme (sip: or sips:) and may include a port. If no port is specified, the default SIP port is used (5060 for sip:, 5061 for sips:).

Use Cases

Session Border Controller Testing

Route calls through an SBC to test:

Media anchoring and latching behavior
SDP manipulation and codec filtering
Security policy enforcement (TLS/SRTP requirements)
Topology hiding (SBC replaces internal addresses with external ones)

Corporate SIP Proxy

Enterprise networks often mandate that all SIP traffic passes through a central proxy for:

Policy enforcement and access control
Call admission control (CAC)
Centralized logging and compliance recording
NAT traversal assistance

Multi-Hop Routing

Test call routing through multiple proxy hops by configuring the outbound proxy as the first hop. The proxy chain handles subsequent routing.

Outbound proxy applies to INVITE only

The outbound proxy Route header is added to INVITE requests and subsequent in-dialog requests (re-INVITE, BYE, etc.). REGISTER requests are sent directly to the registrar address, not through the proxy. This matches standard SIP deployment patterns where registration and call routing may use different paths.

Proxy Authentication (407)

If the outbound proxy challenges with a 407 Proxy Authentication Required response, CallMeter reuses the SIP credentials configured on the registrar to authenticate. The proxy must accept the same credentials used for registration.

If the proxy requires different credentials than the registrar, contact support — per-proxy credential configuration is planned for a future release.

Troubleshooting

Symptom	Likely Cause	Solution
INVITE timeout (no response)	Proxy not reachable	Verify the proxy URI, port, and firewall rules
403 Forbidden from proxy	Proxy rejecting the endpoint	Check proxy ACLs and authentication configuration
407 loop (repeated challenges)	Credential mismatch	Ensure the registrar credentials are accepted by the proxy
Media not flowing (one-way audio)	Proxy media anchoring issue	Check the SBC's media relay and latching configuration
Call setup delay	Proxy processing overhead	Compare call setup times with and without the proxy to quantify impact

Next Steps

Adding a Registrar — Create a registrar configuration
Transport Protocols — Protocol selection for the proxy path
TLS Certificates — Encrypt signaling to the proxy with TLS

Outbound Proxy

On this page