Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Remote SIP Extension

Posted on 2010-09-16
3
Medium Priority
?
958 Views
Last Modified: 2013-12-21
I am attempting to setup a remote extension to Asterisk 1.6 PBX.  Here is what I have so far:

My Asterisk Server is behind a Fortigate50B.  The 50B is giving Asterisk an IP of 10.1.1.7 on the LAN side.  Asterisk has a Virtual IP of 65.255.160.7 on the WAN. (1 to 1 NAT)  Ports 5060 and 10001-20000 forwarding  to all the right places.  In my sip.conf I have:

externip=65.255.160.7
localnet=10.1.1.0/255.255.255.0

[3007]
deny=0.0.0.0/0.0.0.0
secret=#####
dtmfmode=rfc2833
canreinvite=no
context=from-internal
host=dynamic
type=friend
nat=yes
port=5060
qualify=yes
callgroup=
pickupgroup=
dial=SIP/3007
mailbox=3007@default
permit=0.0.0.0/0.0.0.0
callerid=device <3007>
callcounter=yes
faxdetect=no

At my remote site I'm using x-lite to test.  I have a LinksysE3000 with ports 5060 and 10001-20000 forwarding  to my computer with x-lite.  I also have SIP ALG enabled.  x-lite settings:

User ID:3007
Domain:65.255.160.7
Authorization name:3007
Register with Domain is Checked

I can ping 65.255.160.7 and telnet in on port 5060.

My x-lite softphone will not register, so what have I missed?
0
Comment
Question by:Marinertek
3 Comments
 
LVL 7

Accepted Solution

by:
nauliv earned 1000 total points
ID: 33698122
Let's troubleshoot from different angles:

* Do you get any feedback on the asterisk console ? At the shell prompt, type:
~> asterisk -cvvvvv
and check what's going on when launching x-lite

* Did you forward port TCP or UDP ? You want UDP in there.

* On your asterisk box, iptables firewall might be enabled.
Try this at the shell prompt, and let's see what we got.
~> iptables -L -n

* Let's see if the packets make it to the asterisk box. at the shell prompt type:
~> tcpdump -i eth0 -nn port 5060
(assuming your ethernet card is on eth0; check with ifconfig command)
then start your xlite client. you should see the packets coming in.

* Assuming everything looks good, let's try a simpler user config:

[3007]
type=friend
secret=********
nat=yes
context=from-internal

Good Luck!
0
 
LVL 17

Assisted Solution

by:ccomley
ccomley earned 1000 total points
ID: 33698841
SIP and NAT are natural enemies.

I see you have a SIP ALG active. Are you sure the ALG in question works? (Some of them don't, sadly!!)

If you have the option, try turning the ALG off and using a STUN server instead!

What do the session log files show on (a) the phone (b) the PBX when the phone triesto register?

If you have Wireshark or similar, try "sniffing" the packets that pass during the attempt to register. You should be able to see if the ALG has correctly translated the IP addresses in the SIP payload or not.

The bad news is,. if you're having troulbe registering you're probably going to have trouble making calls even when you are registered. :(
0
 
LVL 5

Author Comment

by:Marinertek
ID: 33719619
I'm going to accept Multiple solutions on this one.  Thank you all for the help and it turns out everything I did was correct.  The Fortigate50B needed a graceful reboot, and then everything work and it should.  This was very strange because Fortigate devices use a running config.  Its new firmware so you never know.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you think no one can listen in on your VOIP conversations, eh? Well... if you haven't setup Secure Real Time Transport (SRTP), your voice communications can be hacked into by just about anyone! First, let's talk about the intended audience for…
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question