Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1265
  • Last Modified:

Asterisk IAX linking issue

Hello Experts,
I have setup about 10 Asterisk servers in different locations. Everything is going well, except linking servers to each other through IAX2 protocol. I can't use SIP due to some firewall problems.

I will give an example of what I am doing in general. Both servers are behind Linksys (or other brand) ADSL router, and the external IP address is dynamic. Both ports TCP22 and UDP4569 are forwarded to the Asterisk IP.

Jeddah Server iax.conf:
register=jedkwi:secret@kuwait.dyndns.org
[jedkwi]
host=dynamic
callerid = "Jeddah" <400>
secret=secret
type=friend
context=inter
Insecure=very
username=jedkwi
fromuser=jedkwi
disallow=all
allow=g729,gsm
qualify=yes
trunk=yes
requirecalltoken=no
port=4569
trunk = yes
transfer = yes

Kuwait server iax.conf:
register=jedkwi:secret@jeddah.dyndns.org
[jedkwi]
host=dynamic
callerid = "Kuwait" <300>
secret=secret
type=friend
context=inter
Insecure=very
username=jedkwi
fromuser=jedkwi
disallow=all
allow=g729,gsm
qualify=yes
trunk=yes
requirecalltoken=no
port=4569
trunk = yes
transfer = yes

I have tried so many times with changing many things, but never succeeded. Always I am getting (Timedout) when checking (iax2 show registry) and UNREACHABLE when checking (iax2 show peers) in both ends.

I hope I can get a solution in Experts Exchange.
0
Muhajreen
Asked:
Muhajreen
  • 4
  • 2
1 Solution
 
DrDamnitCommented:
First thing I would like to know: have you tried it using IP addresses? I see that you're using dyndns.org as the server address. Just to remove DNS issues from the mix, can you try with just the current IP address?

Secondly, can you put the boxes (one at a time) on a public IP address? This would show us whether or not there is an issue with the firewall.  Your choice for IAX2 is a good one because IAX2 is so NAT friendly; however, it is diagnostically siginificant to remove the firewall to see if we are dealing with a network issue or an Asterisk one.

Also, while I am not sure about this off the top of my head (I have to look it up), I am not sure using dynamic IPs for all the asterisk boxes in the network is going to work. Maybe another expert has done this before, but I haven't. As a best practice, I always required clients to get static IPs.

Let me know if these two isloation techniques are viable, and if they are, please post the results.
0
 
MuhajreenAuthor Commented:
Hello DrDamnit,

I have setup all my servers myself, except one server in Dubai which I bought it ready with FreePBX, then I made an extension (499) on it. Now all my servers are able to register to Dubai server using the 499 account.

As your advice, I tried with just the IP address instead of the DynamicDNS name, also I got the same problem.

For removing the firewall, how may I do so while I am using on Dynamic IP address on Linksys ADSL router?
0
 
MuhajreenAuthor Commented:
Thank you DrDamnit, after rebooting both Jeddah and Kuwait servers, they are working well with static IPs instead of DNS names. But the connection will not stay a lot due to IP change. So what is the next step now? In each site I am using a good working DNS server, and I am getting the correct IP address when pinging from each server to the other.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
feptiasCommented:
You IAX setup looks over-complex and has mistakes like you've used the same name for both peers. Registration seems unnecessary because you can simply set "host=jeddah.dyndns.org" in the peer definition. In my opinion, IAX works best if you set it up with peers and users - I've never used type=friend in IAX. The IAX peer is the remote peer. The IAX user defines the credentials that remote peers must use when they connect to you. This earlier question contains an example:
http://www.experts-exchange.com/Networking/Telecommunications/IP_Telephony/Asterisk_/Q_23409412.html
0
 
MuhajreenAuthor Commented:
Thank you Feptias, now I have three servers: Jeddah (Static), Kuwait (Dynamic) and Dubai (Dynamic).

Now each Dubai and Kuwait are connected to Jeddah in both directions. But there is a problem with the connection between Dubai and Kuwait (both are dynamic).

Now between Jeddah and Kuwait I am using type=friend as mentioned before.
Between Dubai and Kuwait I wrote the following:

Dubai iax.conf:

[dubkwi]
host=kuwait.dyndns.org
secret=mysecret
type=peer
username=dubkwi
disallow=all
allow=gsm
qualify=yes
trunk=yes
nat=yes

[kwidub]
host=dynamic
type=user
secret=mysecret
context=kuwait
disallow=all
allow=gsm
requirecalltoken=no
nat=yes

In Kuwait server iax.conf:

[kwidub]
host=dubai.dyndns.org
secret=mysecret
type=peer
username=kwidub
disallow=all
allow=gsm
qualify=yes
trunk=yes
nat=yes

[dubkwi]
host=dynamic
secret=mysecret
type=user
context=dubai
disallow=all
allow=gsm
requirecalltoken=no
nat=yes

So there seems to be a problem in connecting two dynamic addresses. Do you agree with that? If so, do you have a work arround way?

Muhajreen
0
 
feptiasCommented:
"host=dynamic" is what you use when a peer is going to register - it is not appropriate for your IAX user definitions. I suggest you remove the line "host=dynamic" from the two sections that have type=user. See if that makes a difference.
0
 
MuhajreenAuthor Commented:
Thank you fepitas, thank you DrDamnit,

Finally everything is working well in Jeddah, Dubai and Kuwait. All of them are using the configuration which DrDamnit adviced to. And regarding the Dubai DNS issue, it was solved implicitly.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now