FreePBX & Ubiquiti Edgemax Router Lite

Hello

I realize this question might be more appropriate in a Ubiquiti Forum, however I thought I’d post something here in case someone has had a similar experience.

I’m looking for help is setting up my EdgeRouter Lite to work with FreePBX. Specifically what configuration on the Edge Router Lite will allow username & password authenticated trunk to work / register properly with my SIP provider. I don’t think I require port forwarding however do I need to put the FreePBX into a DMZ and if so how and I prefer to use the GUI to do this? I do have “eth2” available on the router if that helps. Also does anyone know what role the FreePBX firewall will play in the set up? Currently my SIP trunk is showing as registered with my provider, however at their end they keep seeing it register then un-register. Recently I defaulted the Edge Router and used the “Wan2Lan” setup wizard to configure the device.

Any information or links to video’s / documentation would be greatly appreciated. Thanks in advance for your help.

Michael

Update your router firmware to current stable 1.10.8
Default your router again and use the basic setup wizard, it is the current version of the custom ones below it.
Those other configs were community created a long time ago. The Basic Setup Wizard was added in umm 1.9.something.
image

That’s it.
Nothing else needs done.
If, and I mean, if you have an issue with your trunk, you can disable their SIP ALG helper. This is one of the only routers that I never have any problems with.

Open SSH to your router

configure
set system conntrack modules sip disable
commit;save;exit

You do not need DMZ, or port forwarding, or anything else withmost SIP trunk providers that use registration. VoIP.ms, Twilio, Flowroute (i believe, been a while) are ones I have used.

1 Like

Unless you have a super compelling reason, you should always turn of SIP-ALG for a server configuration. These helpers are usually a little too helpful, and they cause early baldness.

3 Likes

I do agree with this, and I have it turned off in all EdgeMax devices I have control over. But I have come across multiple sites with these in place and no issues without it being disabled.

certain type of phones love SIP ALG… the cheap ones…and depending on the firmware of some good ones. With my experience Sangoma/Yealink/Polycom phones hate SIP ALG

Just want to clarify something. We’re talking about FreePBX and Asterisk. SIP-ALG causes all sorts of weird, unreproducible errors for just about any phone that connects through a router that uses SIP-ALG to Asterisk.

Now, I don’t disagree that SIP-ALG can be useful for some inexpensive phones with other SIP providers, but for us, it never adds value, and while it doesn’t hurt you occasionally, it will eventually screw up a call when working with Asterisk.

So, unless you have a compelling reason to use SIP-ALG, it should almost always be turned off when working with Asterisk.

1 Like

Hello
I’ve turned off SIP-ALG. I can see my SIP trunk registered with my provider however at his end he see it as registered and then not registered. Whenever I place a call, I get “All Channels Are Busy” message.

I can 100% guarantee that the router, if configured correctly aside from the sip setting, is not the problem.

I have these all over the place and zero issues.

Who is your provider? How is your stuff configured? Etc.

@sorvani , Excellent!!, now all those who have had more than “zero issues” with them, all anticipate your actual solution as to “how to do that 100% thingy”

(Personally, I gave up on them many years ago :wink: )

Hello
Here’s is my registration information; hope this helps and thanks in advance for all your help

type=peer
trustrpid=yes
sendrpid=yes
remotesecret=D5W3N74N
reinvite=no
qualify=yes
permit=IP Address of provider>255.255.255.255
insecure=invite
host=FQDN of provider
fromuser=012109875
disallow=all
directmedia=no
deny=0.0.0.0>0.0.0.0
defaultuser=012109875
allow=ulaw~g729

Registration String = user name:[email protected]

Why are you not using a chan_pjsip based trunk? Have you tried that?

If you are going to stick on the chan_sip trunk:
Remove permit and deny.
Don’t overcomplicate things when things are not working. Also, the FreepBX firewall should handle restricting most connections.

You are behind NAT, assumption because you have a router you are complaining about, but you did not specify that the trunk should use nat.

nat=yes
insecure=port,invite

Hello
I’m still getting an "all circuits are busy now, please try your call again later.

Sip Settings

type=peer
trustrpid=yes
sendrpid=yes
remotesecret=D5W3N74N
reinvite=no
qualify=yes
nat=yes
insecure=port,invite
host=FQDN
fromuser=012109875
disallow=all
directmedia=no
defaultuser=012109875
allow=ulaw~g729

Chan SIP Registry

Host dnsmgr Username Refresh State Reg.Time
FQDN:5060 Y 012109875 105 Registered Tue, 19 Feb 2019 18:19:28
1 SIP registrations.

I found this in the log file:

chan_sip.c: No audio format found to offer. Cancelling call to 7057346363

Well ask your provider what they allow.

Start with just ulaw

Okay. That seemed to work. I’ll have to do further testing to fully confirm. Thanks for the help.

Now that you have your trunk working, you can add more options or features or whatever you want.

Just do it one at a time and test. That will teach you what you broke.

@dicko up totally the router…

  1. I am not familiar with using a tilde ~ character between the two codecs. I use something like allow=ulaw,g729 (comma)
  2. Do you have licenses for g729?
  3. Unless you have limited bandwidth, no reason for g729 anyway.
1 Like

Hello
I’ve got outbound working successfully however inbound isn’t.

As a back up, I can connect to my provider with an Cisco SPA 122. When I look at the log file I see the 10 digit CID and the FreePBX routes successfully on this number.

If I disable the Dahdi trunk and enable the SIP trunk, then the 10 digit CID isn’t found in the log file and the caller gets a rejection message. Is there something in the Sip peer details that could be preventing this?

Outgoing:
type=peer
trustrpid=yes
sendrpid=yes
remotesecret=MIKE
reinvite=no
qualify=yes
permit=35.182.215.189 /255.255.255.255
nat=yes
insecure=port,invite
host=itsp.voiponline.ca
fromuser=202
disallow=all
directmedia=no
defaultuser=202
allow=ulaw

Incoming:
User Context = same as from user above
User details = Blank
Register String = default_user:[email protected]

Hello
Just a quick update. I haven’t been able to get inbound routing working when I connect up my SIP trunk. Inbound calls work fine when I’m connected using an ATA, however when I move the trunk off the ATA and connect it directly to the FreePBX, inbound routing doesn’t work. So there’s a difference in the setup between the ATA and FreePBX when connecting a Chan_SIP trunk. Is it my FreePBX configuration?

Thanks in advance for any help that can be provided.

Outgoing:
type=peer
trustrpid=yes
sendrpid=yes
remotesecret=
reinvite=no
qualify=yes
permit=35.182.215.189 /255.255.255.255
nat=yes
insecure=port,invite
host=itsp.voiponline.ca
fromuser=
disallow=all
directmedia=no
defaultuser=

allow=ulaw

Incoming:
User Context = same as from user above
User details = Blank
Register String = default_user:[email protected]

Remove the incoming information. You are using registration.