Hello, I have small raspbx server running on port 5060 but I have 2 external endpoints/extensions that for security reasons I have setup on my router external port 5065 but internally 5060, so for freepbx/asterisk it is all under 5060 but for the endpoint I had to add xxx.xxx.xxx.xxx:5065 to access the router but when I do this the call drop at 31 seconds. I dont know where to whitelist 5060 and 5065 in freepbx, thanks in advance, I am pretty much new on this VoIP world.
Asterisk does not support this. If possible, change pjsip Port to Listen On to 5065, forward 5065 > 5065 in your router, and change your internal extensions to also register to port 5065.
If that’s not feasible, other options include using different protocols for internal and external, or putting e.g. pjsip on 5065 and chan_sip on 5060.
PJSIP does actually provide a configuration option to have a separate port externally alongside IP address, of course I can’t speak for the FreePBX UI.
You can run chan_pjsip on multiple transports, each with a different port. I think you will need to do some hand crafting for this.
Solved! it worked! just thinking I little bit out of the box and problem solved, I did your idea of moving the 2 external extensions to CHAN_SIP and it works just fine. I figure it out that moving out of default port reduce a lot those (mostly Chinese) attempts to access the server. thanks again.
thanksx yeah I don’t feel safe doing hand crafting on this topics yet
To Josh’s point above, the param can be enabled manually by editing the file
[0.0.0.0-udp](+type=transport) external_signaling_port=5065 [0.0.0.0-tcp](+type=transport) external_signaling_port=5065 [0.0.0.0-tls](+type=transport) external_signaling_port=5065
Moving to another port in the 506x range won’t accomplish much. You would get a better result picking a random port in the 40k-60k range.
Good info! thanks!
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.