Why sometimes it’s showing status online and next its offline and the Ethernet cable had never removed? Also, why I keep getting the message about unknown port conflict? Rebooting causes it to appear, click closes and reload brings all green. Why dashboard takes 3-5minutes to load? The phone will not register and Voip.ms support doesn’t work on the weekends it appears.
Need to get further informations.
At first, try to update you O.S (yum update -y) and FreePBX modules (fwconsole ma updateall and fwconsole r) throught the console SSH and check again.
Next, don’t forget to restart FreePBX fwconsole restart.
Here, we don’t know what the system is used. Is a FreePBX 14, 15, or 16? We don’t know.
However, it could be a DNS issue since I have my router resolving the domain name for SSL/TLS…have not confirm that either. Yet, I cannot register the phone despite setting up Let’s Encrypted certificate and all that’s required by the trunk provider and when I attempted to register the phone I get failed 5060 UDP…highly frustrating and makes me want to give up on the freepbx thing. Then, Voip.ms support doesn’t work on the weekends…this is unbelievable.
Yes, we are indeed. So, the phone doesn’t need to be encrypted only freepbx? I purposely set the phone (Htek) to listen on port 5061 and srtp then saved and the result is registration failed UDP…this has been going all weekend…voipms support sucks it seems also…still haven’t heard from them why registration rejected…(the password is good).
Then on top of that freepbx is on/offline and the Ethernet cable has never been removed as if this firewall has its own mind…then tell it to restart Asterisk, it acts as if it doesn’t know what fwconsole restart is…unbelievable and finicky. This face the Internet yet it’s offline…
That’s not what is being said. What is being said is that the “failed UDP” message is telling you that something that needs to be configured to use encryption either hasn’t been or is incapable of having been.
Although it isn’t a sensible thing to do, it sounds to me as though you have configured the device to use SRTP, but not to use TLS. Without TLS, the encryption keys for SRTP have to be transmitted unencrypted, so are easy to capture.
Setting the port number to 5061 doesn’t invoke encryption; you have to set the transport to TLS, as well.
If the domain is correct, it appears to have no SRV or NAPTR records, although I don’t know why it is referring to UDP and 5060, rather than TLS and 5061 (the port number is truncated in the screen shot, so I can’t be sure it is 5061).
I was following this German site instructions …I will need to locate the sire later
VoIP: SIP-over-TLS and sRTP: Htek
Htek is/was re-labeled and sold by many others like Sangoma Canada and Easybell Germany. If the firmware-upgrade file starts with ‘fw’ and has the file extension ‘rom’, it might be a Htek.
Last tested firmware
188.8.131.52.15 retested in May 2020 with 184.108.40.206.49
Web → Management → Password → User Type: admin
enabled on default
Web → Network → Advanced → Web Server → Type
Web → Management → Upgrade → ROM Firmware Upgrade or
Web → Management → Auto Provisioning → AUTO Upgrade: Yes (default value)
Web → Management → Auto Provisioning → Firmware Server Path: http://fm.htek.com/fm (default value)
Web → Management → Auto Provisioning → Upgrade Check Mode: Always Check For New Firmware (default value)
Web → Management → Trusted CA: Base64
Web → Management → Trusted CA → Only Accept Trusted Certificates: On
Web → Management → Trusted CA → Common Name Validation: On
Web → Management → Trusted CA → Trusted Certificates: Custom Certificates
Bug: The filename may not be longer than 32 characters; otherwise, the certificate file is not imported.
Bug: Trust Anchors without Common Name (CN) are only deletable by resetting the whole phone.
Web → Account → 1 → Profile: 1 → SIP User ID
Web → Account → 1 → Profile: 1 → Authenticate ID
Web → Account → 1 → Profile: 1 → Use Random Port: Yes
Web → Profile → 1 → Primary SIP Server
Web → Profile → 1 → NAT Traversal: No
Web → Profile → 1 → SIP Transport: TLS or
Web → Profile → 1 → DNS Mode: NAPTR/SRV
Web → Profile → Advanced → 1 → SRTP Mode: SRTP enabled but not required
which is RTP/AVP with crypto