I am struggling trying to get a SIP trunk from my local telco/ISP working on my FreePBX instance properly. My ISP is handing me a direct private connection to their VOIP network that is not on public IP space, it is using private 172.16.0.0/12 subnets. This is being handed to me as a tagged vlan from their network on the ONT into my switch on my network. I tried two different setups. One creating a second WAN interface on my firewall for this network which gets an IP on their voip network and I have a static route configured to send all traffic to their SIP proxy down that interface and not my public internet WAN, the other setup I tried was passing that tagged VLAN all the way to my FreePBX VM as a second interface and setting the static route in the Debian OS. This second way FreePBX doesn’t seem to like, my web GUI completely locks up and doesn’t respond with 2 NIC’s so I ultimately have to remove it to get access back from my local network. Both seem to work as far as I can get registration and outbound calls to work but no audio or inbound calls. I believe the problem lies with the contact URI that FreePBX is sending with the registration. On my Telco’s switch the registration shows the contact URI as <phone#@MYPUBLICWANIP:5060> so I believe the problem is when my telco is trying to send me calls or audio it’s trying to send to my public WAN IP which will not work as that network does not touch the public internet. If I go into my FreePBX SIP settings and change my external IP field to the 172.16.x.x address I get, the contact URI is then correct with that IP and calls seems to work fine then. I also tried adding the 172.16.0.0/12 as a local network but then it sets the contact URI IP as the PBX’s IP on my private network which is also obviously not accessible from outside. But then that breaks everything for my public WAN connections for endpoints and Twilio trunk. Is there a way I can override the External IP field for just one specific trunk or configure FreePBX to use 2 NIC interfaces without freaking out and send all traffic for just one trunk down a dedicated interface?
Two NICs is the straightforward way to do this.
Please provide more details. VM? Does SSH access continue to work? If not, can you ping it? What does ip link and ip route show? If SSH is ok, what happens with Apache (no response, error response, etc.)? Anything get logged for the attermpt?
Yes I have FreePBX running as a virtual machine on a Proxmox cluster, I added 2 virtual network interfaces, one is my primary network and the other is my ISP’s voip network. Ping and SSH always seemed to stay connected and work fine. It was just the apache side my browser would just spin for minutes and eventually timeout. Sometimes it would respond for a couple seconds but then go right back to endless spinning. I’m assuming it had to do with there being 2 default routes in the OS with both links up and apache was trying to prioritize the VOIP network as it’s default gateway. If I set a static IP with no gateway defined it seemed to behave fine after that. I then just set the static route in the OS for only the proxy IP to go down that second interface.
That all sounds good. So with these settings, what still doesn’t work?
Calls still do not route correctly. FreePBX is setting the IP address in the contact URI to the wrong address. It’s using the IP address set in the external address in NAT settings, I don’t have an option to manually override that for just one trunk. It seems to be all or nothing. FreePBX doesn’t seem to acknowledge the second IP for the secondary interface.
In Asterisk SIP Settings, pjsip tab, transports, turn off “udp - 0.0.0.0 - All” or similar,and turn on separate transports for the two NICs. After Submit and Apply Config, you must restart Asterisk. Then, set Transport for the ISP trunk to use the 172 entry.
I forgot to mention: Confirm that the ISP proxy is included in Local Networks. This and changing transport require Asterisk restart.
Awww, I didn’t have those options but I figured out if I enabled “Show Advanced Settings” it then split out each interface to have the option for it’s own transport. So I did those steps and we’re getting closer. I can now make and receive calls but I only have one way audio to my PBX side from the remote side, the remote party cannot hear me. I’m still digging but in case you have any quick ideas.
Using pjsip logger, look at the provider’s media address in the SDP (in INVITE on incoming or 200 OK on outgoing) and confirm that the OS’s route to that address uses the 172 interface.
If that’s not it, you’ll probably have to troubleshoot from basic principles (is RTP being sent out to the correct address and port, proper codec, contents actually have voice, etc.)
I ran a tcpdump and found the media IP I needed to add, once I added that as a static route also I finally got two way audio working! Thank you so much!! I’ve been battling this for weeks lol. One last question though, since I’m defining a separate transport in FreePBX to send this trunk out a dedicated interface, how come I still need to manually define the static routes at the operating system level? I noticed if I restart the machine those static routes go away and I need to readd them.
Assuming FreePBX 17,
Yes, thank you!!!
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.