I check on fail2ban and i dont ve any ip’s banned
Did you restart the PBX after changing the ports?
Yes i did
Hi antonis77 -
I just started migrating my extensions to PJSIP too. I had a similar issue where as soon as I converted the extension to PJSIP the endpoint wouldn’t register. I banged my head against the wall on this for several hours and found that two things had to be done to resolve the issue for me:
PJSIP in PBXact communicates on a different port than chan_sip by default. I found that the default port PJSIP uses is 5260. As a result, I had to forward that port in my firewall to the PBX.
On the endpoint itself, I needed to change the SIP settings to use 5260 as the port.
In my case, I’m using Grandstream endpoints. In the web UI for the endpoint, I had to update:
Accounts>Account 1>General Settings>SIP Server and Accounts>Account 1>General Settings>Outboud Proxy to use port 5260
Accounts>Account 1>SIP Settings>Basic Settings>Local SIP Port to 5260
In most cases, that took care of the registration issue. In a couple of cases I had to do a Factory Reset on the endpoint and re-provision it.
Not sure if this will work for you, but I thought it might at least spark an idea for you.
Or, preferably (unless you are @dicko) , you should have moved SIP to some other port and pjsip to 5060.
Then all of your devices would have just worked.
(dicko (that’s me) has not had one malign attempt at his listening port and protocol in three years, some apparently find that risable , go figure . . .)
I have a couple of honeypots that average 5000 individual ASN’s a month on upd/5060 and many of those ASN’s cover many bots. You will likely be surprised from where these attacks are originating. And if you are listening on UDP/5060, sooner or later, the bad guys will penetrate your defenses because they are a lot cleverer than you and have a bigger budget , often governmental.
It’s happened before more than once, are you sure it won’t happen again?
I don’t argue the move to be non-standard helps reduce. But for people that have no idea what they are doing it causes more issues.
People like the OP and the person I replied to have no idea how all of this works. Or they would never have the problems posted.
Then help them see them see the light.
Please stop continuing to denigrate (for whatever your reason is) my generally considered ’ good advice’ namely . . .
" PLEASE STOP LISTENING FOR SIP INVITES OR REGISTRATIONS ON UDP/5060 AS IT WILL HURT YOU SOONER OR LATER AND THERE IS ABSOLUTELY NO NEED THAT YOU DO SO, NO MATTER WHO TELLS YOU OTHERWISE"