FreePBX on VMware Server SIP Trunk connection question


(Joey O) #1

We have a FreePBX installed on a virtual machine in our environment and wanted to utilize the secondary NIC card on the server to connect to the SIP trunk that our ISP has provided us. My question is how do we set this up in the FreePBX so that the system knows which NIC is for management and which NIC is for SIP? The ISP (Conterra) provided us an private IP with gateway that is on their SIP server vlan. What external IP do we need to put in our FreePBX and is this possible to do? Can someone provide examples of the routing?


(Dickson) #2

The gateway address is the address where you want all non-specifically directed traffic to go.

Your ISP will give you an IP scheme which you will apply to that second NIC. But do not apply any Gateway, you leave it blank. When your PBX needs to communicate to that network, it will need to be told, which you do through a route statement. A route statement will direct the PBX to send traffic out the second NIC to the ISP


(Joey O) #3

Dickson,

Thank you for the quick reply. Do I need to do anything special considering it is a VMWare server? Do I need to assign the IP address on the host side of VMWare the IP that the provider gave us? Also, Can I do what you recommended in the GUI or does this have to be done through SSH? I currently have my FreePBX on our local LAN right now with an IP address in that subnet.

This is what I have

FreePBX - Current IP is 192.168.141.254 with GW of 192.168.141.1

An example we were assigned the following for SIP: 10.200.1.21/24 with GW of 10.200.1.1? You said not to add a gateway on the ETH1 that is connected to the SIP trunk, but the provider did provide that information. Their VOIP or SIP server address for example is 10.200.6.12.

Reading the other article you referenced, would this be correct config:

route-eth1
Gateway0=10.200.1.1
NetMask0=255.255.255.0
Address0=10.200.6.12

I could also do

route add -net 10.200.6.12 netmask 255.255.255.255 gw 10.200.1.1 dev eth1


(Dickson) #4

Would it be accurate to assume your VM server has multiple network cards. Set NIC1 (ETH0) would be your 192.168.141.X network and NIC2 (ETH1) would be connected to the 10.200.1.X network or directly to SIP providers hardware.

Only 1 gateway - correct. The gateway address is where your computer will default send all network traffic that it it has NO SPECIFIC rule set for. 192.168.141.1 will get the PBX to your phones and out to the internet etc.

NOW where things get a little complicated, but not really that bad.

Your VoIP provider will have given you a local IP to use and their VOIP server IP somewhere in their network.

Based on your information, you’ve got ETH1 set to 10.200.1.21 /24. The gateway for this IP is 10.200.1.1, but you don’t configure that on the ETH1 interface config. If you did, your system would try and send data intended for your local 192.168.X.X network through that gateway and your VoIP provider is just going to reject it and the traffic will timeout and you have mass hysteria and dogs and cats living together.

Your VOIP provider likely gave you an IP(or host) of their SIP Proxy. Lets say its 173.16.10.50. The only way your machine, as it is at this point of the config, will send traffic out ETH1, is if the traffic is going to the same internal network of 10.200.1.0/24. As it is, if you try and go to the 173.16.10.50 address, its going to go out the default gateway. Instead, what you’ll do is specifically tell the system to send that traffic out ETH1, to the gateway address for that network. (and you had the command pretty much right)

route add -net 173.16.10.50 netmask 255.255.255.255 gw 10.200.1.1 dev eth1

Even though you didn’t tell your computer the gateway address of ETH1, the SIP router connected to ETH1 is listening…and the route will send that traffic to that device and it should respond!

That make sense?

Here’s a pic…


(Joey O) #5

Dickson,

I think we are almost there. I can ping the route. The problem I am having now is no ringing when calling and audio not working. I can see the FreePBX getting the call, but no voice/audio or any sounds. What do I need to do?

Thank you!


(Dickson) #6

Well good to hear you are moving into positive territory!
Make sure your SIP ADVANCED settings in the GUI has that IP programmed.


(Joey O) #7

Dickson,

Any thoughts on why audio is not being received or any ringing when I try to call into the number?


(Dickson) #8

Sounds like a NAT problem. Check your SIP ADVANCED settings to make sure the 10.200.0.0/255.255.0.0 address range is in there


(Joey O) #9

Dickson,

We have a site to site VPN with another location and phones at that location. This is what I currently have on my SIP Advanced Settings for local IP’s.


(Dickson) #10

I’m looking at a PBX now with the same config as you
192.168.100.X internal
10.0.34.26/29 is the SIP providers interface of their local router LAN side at the site
they have a 217.0.0.0 address as their SIP gateway

I have both IP ranges in my SIP ADVANCED settings “local network” (similar to yours)
in the firewall i have ETh1 (sip provider) set to “INTERNET” under the “interfaces” tab
and I have that IP exclusively in the trusted zone

It just sounds like a NAT issue to me that is preventing this from working now. If, from your PBX console, you do a traceroute to the IP of the provider, and its going out ETh1, its likely some sort of firewall or NAT problem blocking it now.


(Joey O) #11

I got it to work.

I had to put this for the route statement

route add -net 10.200.6.0 netmask 255.255.255.0 gw 10.200.1.1 dev eth1

I had the route pointing directly to what I thought they gave me to be there SIP server, but apparently it was incorrect. I just opened all of the 254 hosts by changing the subnet to 255.255.255.0 and it worked. No idea why the \32 didn’t work on the one pointing to the SIP server.

Thank you for all your help Dickson and sticking with me on this!


(Dickson) #12

Oh good!! You are welcome!!
There is another SUPER IMPORTANT step you have to do. You need to make sure that route works if you reboot.

To make this route persistent, add it to /etc/sysconfig/network-scripts/route-eth1

MAKE SURE YOU HAVE THE SYNTAX EXACTLY RIGHT, ELSE IT WILL FAIL
CAPITALS! and the number value after each heading

You can have multiple ones of course, you just increment the value. There is no space, follow the example below.

GATEWAY0=10.200.6.0
NETMASK0=255.255.255.0
ADDRESS0=10.200.1.1

Save and close the file and restart networking


(system) closed #13

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.