Incoming calls will intermittently fail. I turned on SIP debugging, and every call is coming into the PBX, but the calls that fail, are sending a 401 rejected back to Flowroute. The signaling traffic is coming from one of the IPs in the whitelisted ranges.
Do I need to setup a trunk for each and every Flowroute IP? I would not think (hope) I would need to do that since there are about 64 IPs that the signaling traffic could come from.
It depends. From what I understand, I PJ-SIP will allow you to set a range of IPs for your signaling source. I’ve never used it for that, so that’s second-hand. If you can use PJ-SIP for that, you might be able to get that working.
With Chan-SIP, however, you have to specify an inbound trunk for every IP address you are expecting traffic from.
The “workaround:” is to allow anonymous calling, which (unless you have a very tightly managed firewall) is almost always an invitation for people to steal toll services from you and is generally considered to be outside the scope of “best practice”.
In the chan PJSIP tab, I have the following on my wildcard transport for UDP:
Insure that you have configured an inbound route on flowroute correctly. This is key depending on what type of authentication you are using and method of routing strategy NAPTR/A record, etc.
Make sure you have routed the DID/s to the inbound route you created.
Under the Reports Tab for PJSIP you should see something like this:
As you can see, all of the Flow Route POP’s are matched.