Update deploying-self-hosted-VoIP-services-for-hybrid-users.mdx (#17892)

src/content/docs/reference-architecture/diagrams/sase/deploying-self-hosted-VoIP-services-for-hybrid-users.mdx

@@ -18,13 +18,13 @@ Traditional VPN solutions create several problems for VoIP deployments, primaril
 
 Cloudflare improves over traditional VPN solutions by leveraging its [global network](https://www.cloudflare.com/network/) of data centers in over 300 cities to significantly reduce latency for remote users. When using our device agent, remote users are automatically connected to the nearest Cloudflare data center, thus reducing latency. 
 
-This document explains how Cloudflare can be architected with a self-hosted VoIP service. Note the solution below uses our [WARP Connector](/cloudflare-one/connections/connect-networks/private-net/warp-connector/), a small piece of software deployed on a server in the same subnet as the VoIP servers and creates bi-directional traffic flow through Cloudflare to users.
+This document explains how to architect access to a self-hosted VoIP service using Cloudflare. Note the solution below uses our [WARP Connector](/cloudflare-one/connections/connect-networks/private-net/warp-connector/), a small piece of software deployed on a server in the same subnet as the VoIP servers and creates bi-directional traffic flow through Cloudflare to users.
 
 ## Bi-directional VoIP traffic flow
 
 ![Figure 1: Cloudflare facilitates secure connectivity from user devices to the network where the SIP server is running.](~/assets/images/reference-architecture/deploying-self-hosted-voip-services-for-hybrid-users/figure1.svg "Figure 1: Cloudflare facilitates secure connectivity from user devices to the network where the SIP server is running.")
 
-The diagram above shows the WARP Connector and our device agent deployed to create a highly performant, reliable connectivity for private VoIP services. Note that Cloudflare will assign remote users an address from the <GlossaryTooltip term="CGNAT IP">CGNAT range</GlossaryTooltip>, which is used for the private network created between device agents. The WARP Connector ensures secure, bidirectional communication between remote users and the on-premise SIP server, without exposing the server to the public Internet. This shields the VoIP infrastructure from potential attacks while maintaining a seamless, encrypted connection for real-time communications.
+The diagram above shows the WARP Connector and our device agent deployed to establish highly performant, reliable connectivity for private VoIP services. Note that Cloudflare will assign remote users an address from the <GlossaryTooltip term="CGNAT IP">CGNAT range</GlossaryTooltip>, which is used for the private network created between device agents. The WARP Connector ensures secure, bidirectional communication between remote users and the on-premise SIP server, without exposing the server to the public Internet. This shields the VoIP infrastructure from potential attacks while maintaining a seamless, encrypted connection for real-time communications.
 
 1. VoIP server resides on a private network with no public IP.
 2. WARP Connector creates a secure tunnel to Cloudflare and is configured as a virtual router in the private network.
@@ -34,17 +34,17 @@ The diagram above shows the WARP Connector and our device agent deployed to crea
 
 ## Call flow examples
 
-VoIP software running on the remote user's device registers with the VoIP server using SIP. The Cloudflare device agent will be assigned an address from the CGNAT IP range, `100.96.0.0/12`. As routing has been established to Cloudflare for `100.96.0.0/12` and to the on-prem network of `10.0.50.0/24`, call flows will work as normal – both direct and indirect media are supported.
+VoIP software running on the remote user's device registers with the VoIP server using SIP. The Cloudflare device agent will be assigned an address from the CGNAT IP range, `100.96.0.0/12`. As routing has been established to Cloudflare for `100.96.0.0/12` and to the on-premise network of `10.0.50.0/24`, call flows will work as normal – both direct and indirect media are supported.
 
 ### Remote user calling another remote user
 
-When calls are made from user to user, some traffic flows from user devices through Cloudflare to the on-premises server, while other traffic flows through Cloudflare directly to the other user. Note that the device agent is creating a secure tunnel through which the CGNAT addresses are routed. Both users in this flow have registered their SIP clients with the server.
+When calls are made from user to user, some traffic flows from user devices through Cloudflare to the on-premise server, while other traffic flows through Cloudflare directly to the other user. Note that the device agent is creating a secure tunnel through which the CGNAT addresses are routed. Both users in this flow have registered their SIP clients with the server.
 
 ![Figure 2: For remote user to remote user, not all traffic flows over the WARP Connector to the SIP server.](~/assets/images/reference-architecture/deploying-self-hosted-voip-services-for-hybrid-users/figure2.svg "Figure 2: For remote user to remote user, not all traffic flows over the WARP Connector to the SIP server.")
 
 The above diagram shows the high level signaling and media paths.
 
-1. Alice registers directly with the SIP server (`10.0.50.60`) with her Cloudflare assigned CGNAT IP of `100.96.0.12`.
+1. Alice registers directly with the SIP server (`10.0.50.60`) with a Cloudflare assigned CGNAT IP of `100.96.0.12`.
 2. Bob also registers directly with the SIP server (`10.0.50.60`) with their CGNAT IP of `100.96.0.13`.
 3. When Alice calls Bob, the SIP server will send a SIP INVITE message to Bob at `100.96.0.13`.
 4. The default gateway for the SIP server is `10.50.0.1`, but we have defined a static route such that for destination `100.96.0.0/12`, the next hop is the WARP Connector interface (`10.0.50.10`).
@@ -68,17 +68,17 @@ The high-level signaling and media paths are shown below:
 4. The default gateway for the SIP server is `10.50.0.1`, but we have defined a static route such that for destination `100.96.0.0/12`, the next hop is the WARP Connector interface (`10.0.50.10`).
 5. The SIP INVITE message will be sent on the local network to Bob.
 6. Bob accepts and the SIP server will send SIP/SDP messages to both Alice and Bob specifying which parameters to use for the RTP (audio) data.
-7. Bob will send audio to Alice at 100.96.0.12, which will be routed across the WARP Connector to Cloudflare, and Alice will send audio to Bob at 10.0.50.101, which will be sent from Cloudflare across the WARP Connector to the on-premise local network.
+7. Bob will send audio to Alice at `100.96.0.12`, which will be routed across the WARP Connector to Cloudflare, and Alice will send audio to Bob at `10.0.50.101`, which will be sent from Cloudflare across the WARP Connector to the on-premise local network.
 
 ## Summary
 
-Remote users communicating with other remote users or on-premise users via on-premise SIP servers using Cloudflare's WARP Connector, will have a seamless and secure experience for both ends, with key benefits:
+With Cloudflare's WARP Connector, remote users communicating with other remote users or on-premise users via on-premise SIP servers will have a seamless and secure experience for both ends. Key benefits include:
 
-1. **Bidirectional Connectivity**: WARP Connector supports bidirectional traffic, which is crucial for remote users communicating with on-premise users. Both signaling and media traffic (SIP/RTP) flow securely between the two, regardless of where the user is physically located. This is done via Cloudflare's global network, using an encrypted tunnel, ensuring data integrity and encryption​.
+1. **Bidirectional connectivity**: WARP Connector supports bidirectional traffic, which is crucial for remote users communicating with on-premise users. Both signaling and media traffic (SIP/RTP) flow securely between the two, regardless of where the user is physically located. This is done via Cloudflare's global network, using an encrypted tunnel, ensuring data integrity and encryption​.
 
-2. **Private Communication Over CGNAT**: The WARP Connector assigns Carrier-Grade NAT (CGNAT) IPs to devices, which allows remote users to securely communicate with on-premise users over private networks. This ensures that communication remains isolated from the public Internet, enhancing security. The CGNAT functionality means that remote and on-premise users can communicate as though they are on the same network​.
+2. **Private communication over CGNAT**: The WARP Connector assigns Carrier-Grade NAT (CGNAT) IPs to devices, which allows remote users to securely communicate with on-premise users over private networks. This ensures that communication remains isolated from the public Internet, enhancing security. The CGNAT functionality means that remote and on-premise users can communicate as though they are on the same network​.
 
-3. **No NAT Traversal Issues**: NAT traversal often poses a challenge in VoIP scenarios, but because WARP Connector preserves source IP addresses and handles bidirectional traffic without additional NAT boundaries, remote and on-premise users can communicate without issues typically caused by firewalls or NAT devices, improving the overall call setup and quality​.
+3. **No NAT traversal issues**: NAT traversal often poses a challenge in VoIP scenarios, but because WARP Connector preserves source IP addresses and handles bidirectional traffic without additional NAT boundaries, remote and on-premise users can communicate without issues typically caused by firewalls or NAT devices, improving the overall call setup and quality​.
 
 ## Related resources