I have a FreePBX with a couple of commercial modules hosted in the cloud, with a public IP Address + Firewall.
On the other end, I have a private network with dynamic IP Address (which changes about once or twice a year), and a dummy firewall which we can’t touch.
The private network has 10 phones and a GrandStream GXW4101 connected to 4 pot lines, which the customer won’t get ride of.
I created a psSip Trunk with the following specifications:
- username = callerID of the analog trunk
- Authentication: outbound
- Registration: receive
In the GrandStream, this is what I have so far for outgoing calls to work:
Settings / General / Use NAT IP: public_ip_address_of_this_site
Settings / Channel settings / Unconditional call fw / userID: ch1-4: callerID_of_ the_pot_line
Settings / Channel settings / SIP Server: ch1-4:p1;
Settings / Channel settings / SIP Destination port: ch1-4:44556; (which is what I have in FreePBX)
Accounts / Gen settings / Sip Server: IP Address of FreePBX
Accounts / Net settings / NAT(STUN): NO but send keep alive
Accounts / User account / Channel 1: Username + Password as I have in the trunk
I understand that I’ll have to change the NAT IP if the site ever gets a new IP Address, but that’s the only way I was able to place outgoing calls. Without this option, Asterisk console shows the endpoint as Unreachable.
At this point, I can make outgoing calls.
But any incoming call on the POT line, I see this on the Asterisk console:
[2023-08-03 11:43:37] NOTICE: res_pjsip/pjsip_distributor.c:676 log_failed_request: Request ‘INVITE’ from ‘“WIRELESS CALLER” sip:[email protected]’ failed for ‘10.20.30.40:5060’ (callid: [email protected]) - Failed to authenticate
The 10.20.30.40 is the public IP Address of the site with the Grandstream
The 192.168.90.119 is the IP Address of the GrandStream on the private network.
Any help appreciated…