Solved

Asterisk (PIAF 1.7.5.5) not Registering with Windstream/Nuvox SIP Server

Posted on 2010-08-19
6
1,805 Views
Last Modified: 2013-12-21
I am having difficulties getting my PBX (PIAF 1.7.5.5 running Asterisk 1.4.33) to talk to the Windstream/Nuvox SIP server.  They have given me very little information on how to make it work and so far their tech support (network guys) have been unwilling to escalate me to their SIP people.

Here is all they have given me:

Codec: G711ul, 20ms sampling, silence suppress (19 preferred, 13 supported)
DTMF Relay (RFC 2833): Yes
T.38: Yes
Nuvox's Signaling and Media Ports:
      SIP Signaling port: 74.223.147.141 port 5060
      Media/RTP: 74.223.147.140
DNS Servers (Nuvox): 64.89.70.2/64.89.74.2
NTP Servers (Nuvox): 64.89.70.60/64.89.70.61
Nuvox expects to receive 10 digits from PBX from domestic local calls and 1+10 for long distance.
Nuvox will provide 10 digits back to the PBX for "DNIS" call routing.
No SIP Registration/Authentication is required.
NuVox will re-mark all traffic coming from your PBX with an IP Precedence of 3 for SIP Signaling and 5 for Media/RTP.
Long distance, 911, 411, International will follow normal dialing rules.


I found this forum post with some information on how to configure my trunk settings - I did it and the thing still won't work. http://fonality.com/trixbox/forums/trixbox-forums/open-discussion/sip-signaling-port-74223147141-port-5060-mediartp-74223147140

The trunk settings the above link suggested are this:

host=74.223.147.141
context=from-trunk
disallow=all
allow=ulaw
type=friend
insecure=very
nat=never

I used those (and many variations) with no luck.  

We have confirmed in our edge router logs that we are sending traffic to the SIP server on port 5060 but don't get any traffic back.

The bottom line is this - I need to know what my trunk settings should be.  Especially the Outgoing PEER details and the Incoming USER details sections.  Thanks in advance for the help.
0
Comment
Question by:dmcoop
  • 5
6 Comments
 
LVL 32

Accepted Solution

by:
DrDamnit earned 500 total points
ID: 33483673
Please post your sip.conf file.
0
 
LVL 3

Author Comment

by:dmcoop
ID: 33484602
With PIAF the sip.conf file is apparently a place holder with all lines either ";" or "#" out.  Here are the contents of the files it references though:
sip_general_additional.conf
vmexten=*97
context=from-sip-external
callerid=Unknown
notifyringing=yes
notifyhold=yes
limitonpeers=yes
tos_sip=cs3
tos_audio=ef
tos_video=af41
alwaysauthreject=yes
disallow=all
allow=ulaw
allow=alaw
allow=gsm
jbenable=no
rtptimeout=30
maxexpiry=3600
allowguest=yes
defaultexpiry=120
minexpiry=60
srvlookup=no
registerattempts=0
registertimeout=20
notifyhold=yes
g726nonstandard=no
t38pt_udptl=yes
videosupport=no
maxcallbitrate=384
canreinvite=no
rtpholdtimeout=300
rtpkeepalive=0
checkmwi=10
notifyringing=yes
nat=yes
externip=10.10.10.10
localnet=10.10.10.8/255.255.255.252
 sip_nat.conf
;Nothing in this file.
sip_registrations_custom.conf
;placeholder for future expansion PIAF Dev Team
sip_custom_post.conf
;placeholder for future expansion PIAF Dev Team
 
 
0
 
LVL 3

Author Comment

by:dmcoop
ID: 33484693
Also here is some additional information that I discovered last night.  I can now receive incoming calls to ext 102.  I still cannot dial out successfully.  When I do a "sip show peers" at the Asterisk CLI I get the following:
EdgePBX*CLI> sip show peers
Name/username       Host                       Dyn      Nat       ACL      Port       Status          
Nuvox_In                     74.223.147.141                 N                        5060     OK (17 ms)      
102/102                      10.10.10.100          D         N          A            6566     OK (85 ms)      
2 sip peers [Monitored: 2 online, 0 offline Unmonitored: 0 online, 0 offline]
My Outbound Route looks good as far as I can tell.
 


 
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 3

Author Comment

by:dmcoop
ID: 33487130
Problems solved.  It seems that the PBX does not want to be behind a firewall at all.  We moved it out to be fully internet facing and I started getting incoming calls.  Then I made a change to the outgoing trunk settings and now I can call in and out.
I am documenting my settings now and will post back the trunk configuration in a little while.
 
0
 
LVL 3

Author Comment

by:dmcoop
ID: 33487254
These are my trunk settings to work with Windstream/Nuvox that got me going.  However I want to stress that setting it outside our firewall seems to be what actually fixed it.  I had these settings in (and out) many times before we moved it outside.  After we have completed testing I will be attempting to move it back inside.  I will not document that here since that is outside the scope the the original question ... what should the trunk settings be.

General Settings
         Trunk Description: Nuvox
         Outbound Caller ID: left blank
         Block Foreign CallerIDs: not checked - you may want to research this for yourself
         Maximum Channels: left blank
         Disable Trunk: not checked
         Monitor Trunk Failures: left blank and unchecked
Outgoing Dial Rules
         Actually I am still working on this so you get to figure it out for yourself.
Outgoing Settings
          Trunk Name: Nuvox
          PEER Details:
                    host=74.223.147.141
                    context=from-trunk
                    disallow=all
                    allow=ulaw
                    type=friend
                    insecure=very
                    nat=never
Incoming Settings
          USER Context: Nuvox_In
          USER Details:
                    host=74.223.147.141
                    context=from-trunk
                    disallow=all
                    allow=ulaw
                    type=friend
                    insecure=very
                    qualify=yes
Registration
          Register String: leave blank
0
 
LVL 3

Author Closing Comment

by:dmcoop
ID: 33641281
Although this did not answer my problem it did get me thinking in the right direction.  After much testing we have decided to leave the PBX internet facing.  Putting it behind a Juniper firewall or a Watchguard firewall causes it to fail every time.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

So you think no one can listen in on your VOIP conversations, eh? Well... if you haven't setup Secure Real Time Transport (SRTP), your voice communications can be hacked into by just about anyone! First, let's talk about the intended audience for…
I recently purchased a Bluetooth headset called the Music Jogger (model BSH10). The control buttons on it look like this: One of my goals is to use it as the microphone and speakers for Skype calls. In that respect, it works well. However, I …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now