Outgoing calls through IAX2 trunk don't work but incoming do

fizgig10 · April 26, 2015, 9:14pm

I have two asterisk servers behind two different firewalls with port forwarding of 4569 to them. They’re in different cities. Asterisk#1 has the SIP trunk to get out to regular phone numbers. Asterisk#2 has to go through an IAX2 trunk to Asterisk#1 in order to dial out.

This all worked fine until I replaced the router in front of Asterisk#2 with a linux server. I’m using iptables for the firewall. Here’s the thing, incoming calls to anyone attached to Asterisk#2 work fine. That would seem to imply to me that the new gateway ahead of Asterisk#2 is forwarding the IAX2 port fine.

What’s odd is nobody attached to Asterisk#2 can dial out. We get an all-circuits-busy message. All computers behind this new linux gateway can surf anywhere they like. The asterisk#2 machine should be just as free as they are but it appears not to be. Can anyone see anything in the log below? (I’ve replaced the telephone number I’m calling with (POTS_TEST_PHONE_NUMBER):

 == Using SIP RTP TOS bits 184
  == Using SIP RTP CoS mark 5
    -- Executing [(POTS_TEST_PHONE_NUMBER)@from-internal:1] Macro("SIP/503-0000000a", "user-callerid,LIMIT,EXTERNAL,") in new stack
    -- Executing [s@macro-user-callerid:1] Set("SIP/503-0000000a", "TOUCH_MONITOR=1430075999.21") in new stack
    -- Executing [s@macro-user-callerid:2] Set("SIP/503-0000000a", "AMPUSER=503") in new stack
    -- Executing [s@macro-user-callerid:3] GotoIf("SIP/503-0000000a", "0?report") in new stack
    -- Executing [s@macro-user-callerid:4] ExecIf("SIP/503-0000000a", "1?Set(REALCALLERIDNUM=503)") in new stack
    -- Executing [s@macro-user-callerid:5] Set("SIP/503-0000000a", "AMPUSER=503") in new stack
    -- Executing [s@macro-user-callerid:6] GotoIf("SIP/503-0000000a", "0?limit") in new stack
    -- Executing [s@macro-user-callerid:7] Set("SIP/503-0000000a", "AMPUSERCIDNAME=Matt Wireless Grandstream") in new stack
    -- Executing [s@macro-user-callerid:8] GotoIf("SIP/503-0000000a", "0?report") in new stack
    -- Executing [s@macro-user-callerid:9] Set("SIP/503-0000000a", "AMPUSERCID=503") in new stack
    -- Executing [s@macro-user-callerid:10] Set("SIP/503-0000000a", "__DIAL_OPTIONS=Ttr") in new stack
    -- Executing [s@macro-user-callerid:11] Set("SIP/503-0000000a", "CALLERID(all)="Matt Wireless Grandstream" <503>") in new stack
    -- Executing [s@macro-user-callerid:12] GotoIf("SIP/503-0000000a", "0?limit") in new stack
    -- Executing [s@macro-user-callerid:13] ExecIf("SIP/503-0000000a", "1?Set(GROUP(concurrency_limit)=503)") in new stack
    -- Executing [s@macro-user-callerid:14] GosubIf("SIP/503-0000000a", "7?sub-ccss,s,1(from-internal,(POTS_TEST_PHONE_NUMBER))") in new stack
    -- Executing [s@sub-ccss:1] ExecIf("SIP/503-0000000a", "0?Return()") in new stack
    -- Executing [s@sub-ccss:2] Set("SIP/503-0000000a", "CCSS_SETUP=TRUE") in new stack
    -- Executing [s@sub-ccss:3] GosubIf("SIP/503-0000000a", "0?monitor_config,1(from-internal,(POTS_TEST_PHONE_NUMBER)):monitor_default,1(from-internal,(POTS_TEST_PHONE_NUMBER))") in new stack
    -- Executing [monitor_default@sub-ccss:1] GotoIf("SIP/503-0000000a", "0?is_exten") in new stack
    -- Executing [monitor_default@sub-ccss:2] StackPop("SIP/503-0000000a", "") in new stack
    -- Executing [monitor_default@sub-ccss:3] Return("SIP/503-0000000a", "FALSE") in new stack
    -- Executing [s@macro-user-callerid:15] ExecIf("SIP/503-0000000a", "0?Set(CHANNEL(language)=)") in new stack
    -- Executing [s@macro-user-callerid:16] GotoIf("SIP/503-0000000a", "1?continue") in new stack
    -- Goto (macro-user-callerid,s,30)
    -- Executing [s@macro-user-callerid:30] Set("SIP/503-0000000a", "CALLERID(number)=503") in new stack
    -- Executing [s@macro-user-callerid:31] Set("SIP/503-0000000a", "CALLERID(name)=Matt Wireless Grandstream") in new stack
    -- Executing [s@macro-user-callerid:32] Set("SIP/503-0000000a", "CDR(cnum)=503") in new stack
    -- Executing [s@macro-user-callerid:33] Set("SIP/503-0000000a", "CDR(cnam)=Matt Wireless Grandstream") in new stack
    -- Executing [s@macro-user-callerid:34] Set("SIP/503-0000000a", "CHANNEL(language)=en") in new stack
    -- Executing [(POTS_TEST_PHONE_NUMBER)@from-internal:2] Gosub("SIP/503-0000000a", "sub-record-check,s,1(out,(POTS_TEST_PHONE_NUMBER),dontcare)") in new stack
    -- Executing [s@sub-record-check:1] GotoIf("SIP/503-0000000a", "0?initialized") in new stack
    -- Executing [s@sub-record-check:2] Set("SIP/503-0000000a", "__REC_STATUS=INITIALIZED") in new stack
    -- Executing [s@sub-record-check:3] Set("SIP/503-0000000a", "NOW=1430075999") in new stack
    -- Executing [s@sub-record-check:4] Set("SIP/503-0000000a", "__DAY=26") in new stack
    -- Executing [s@sub-record-check:5] Set("SIP/503-0000000a", "__MONTH=04") in new stack
    -- Executing [s@sub-record-check:6] Set("SIP/503-0000000a", "__YEAR=2015") in new stack
    -- Executing [s@sub-record-check:7] Set("SIP/503-0000000a", "__TIMESTR=20150426-121959") in new stack
    -- Executing [s@sub-record-check:8] Set("SIP/503-0000000a", "__FROMEXTEN=503") in new stack
    -- Executing [s@sub-record-check:9] Set("SIP/503-0000000a", "__MON_FMT=wav") in new stack
    -- Executing [s@sub-record-check:10] NoOp("SIP/503-0000000a", "Recordings initialized") in new stack
    -- Executing [s@sub-record-check:11] ExecIf("SIP/503-0000000a", "0?Set(ARG3=dontcare)") in new stack
    -- Executing [s@sub-record-check:12] Set("SIP/503-0000000a", "REC_POLICY_MODE_SAVE=") in new stack
    -- Executing [s@sub-record-check:13] ExecIf("SIP/503-0000000a", "0?Set(REC_STATUS=NO)") in new stack
    -- Executing [s@sub-record-check:14] GotoIf("SIP/503-0000000a", "3?checkaction") in new stack
    -- Goto (sub-record-check,s,17)
    -- Executing [s@sub-record-check:17] GotoIf("SIP/503-0000000a", "1?sub-record-check,out,1") in new stack
    -- Goto (sub-record-check,out,1)
    -- Executing [out@sub-record-check:1] NoOp("SIP/503-0000000a", "Outbound Recording Check from 503 to (POTS_TEST_PHONE_NUMBER)") in new stack
    -- Executing [out@sub-record-check:2] Set("SIP/503-0000000a", "RECMODE=dontcare") in new stack
    -- Executing [out@sub-record-check:3] ExecIf("SIP/503-0000000a", "1?Goto(routewins)") in new stack
    -- Goto (sub-record-check,out,7)
    -- Executing [out@sub-record-check:7] Gosub("SIP/503-0000000a", "recordcheck,1(dontcare,out,(POTS_TEST_PHONE_NUMBER))") in new stack
    -- Executing [recordcheck@sub-record-check:1] NoOp("SIP/503-0000000a", "Starting recording check against dontcare") in new stack
    -- Executing [recordcheck@sub-record-check:2] Goto("SIP/503-0000000a", "dontcare") in new stack
    -- Goto (sub-record-check,recordcheck,3)
    -- Executing [recordcheck@sub-record-check:3] Return("SIP/503-0000000a", "") in new stack
    -- Executing [out@sub-record-check:8] Return("SIP/503-0000000a", "") in new stack
    -- Executing [(POTS_TEST_PHONE_NUMBER)@from-internal:3] ExecIf("SIP/503-0000000a", "0 ?Set(CDR(accountcode)=)") in new stack
    -- Executing [(POTS_TEST_PHONE_NUMBER)@from-internal:4] Set("SIP/503-0000000a", "MOHCLASS=default") in new stack
    -- Executing [(POTS_TEST_PHONE_NUMBER)@from-internal:5] Set("SIP/503-0000000a", "_NODEST=") in new stack
    -- Executing [(POTS_TEST_PHONE_NUMBER)@from-internal:6] Macro("SIP/503-0000000a", "dialout-trunk,1,(POTS_TEST_PHONE_NUMBER),,off") in new stack
    -- Executing [s@macro-dialout-trunk:1] Set("SIP/503-0000000a", "DIAL_TRUNK=1") in new stack
    -- Executing [s@macro-dialout-trunk:2] GosubIf("SIP/503-0000000a", "0?sub-pincheck,s,1()") in new stack
    -- Executing [s@macro-dialout-trunk:3] GotoIf("SIP/503-0000000a", "0?disabletrunk,1") in new stack
    -- Executing [s@macro-dialout-trunk:4] Set("SIP/503-0000000a", "DIAL_NUMBER=(POTS_TEST_PHONE_NUMBER)") in new stack
    -- Executing [s@macro-dialout-trunk:5] Set("SIP/503-0000000a", "DIAL_TRUNK_OPTIONS=Ttr") in new stack
    -- Executing [s@macro-dialout-trunk:6] Set("SIP/503-0000000a", "OUTBOUND_GROUP=OUT_1") in new stack
    -- Executing [s@macro-dialout-trunk:7] GotoIf("SIP/503-0000000a", "1?nomax") in new stack
    -- Goto (macro-dialout-trunk,s,9)
    -- Executing [s@macro-dialout-trunk:9] GotoIf("SIP/503-0000000a", "0?skipoutcid") in new stack
    -- Executing [s@macro-dialout-trunk:10] Set("SIP/503-0000000a", "DIAL_TRUNK_OPTIONS=Tt") in new stack
    -- Executing [s@macro-dialout-trunk:11] Macro("SIP/503-0000000a", "outbound-callerid,1") in new stack
    -- Executing [s@macro-outbound-callerid:1] ExecIf("SIP/503-0000000a", "0?Set(CALLERPRES()=)") in new stack
    -- Executing [s@macro-outbound-callerid:2] ExecIf("SIP/503-0000000a", "0?Set(REALCALLERIDNUM=503)") in new stack
    -- Executing [s@macro-outbound-callerid:3] GotoIf("SIP/503-0000000a", "1?normcid") in new stack
    -- Goto (macro-outbound-callerid,s,6)
    -- Executing [s@macro-outbound-callerid:6] Set("SIP/503-0000000a", "USEROUTCID=") in new stack
    -- Executing [s@macro-outbound-callerid:7] Set("SIP/503-0000000a", "EMERGENCYCID=") in new stack
    -- Executing [s@macro-outbound-callerid:8] Set("SIP/503-0000000a", "TRUNKOUTCID=5106382000") in new stack
    -- Executing [s@macro-outbound-callerid:9] GotoIf("SIP/503-0000000a", "1?trunkcid") in new stack
    -- Goto (macro-outbound-callerid,s,14)
    -- Executing [s@macro-outbound-callerid:14] ExecIf("SIP/503-0000000a", "1?Set(CALLERID(all)=5106382000)") in new stack
    -- Executing [s@macro-outbound-callerid:15] ExecIf("SIP/503-0000000a", "0?Set(CALLERID(all)=)") in new stack
    -- Executing [s@macro-outbound-callerid:16] ExecIf("SIP/503-0000000a", "0?Set(CALLERID(all)=)") in new stack
    -- Executing [s@macro-outbound-callerid:17] ExecIf("SIP/503-0000000a", "0?Set(CALLERPRES()=prohib_passed_screen)") in new stack
    -- Executing [s@macro-outbound-callerid:18] Set("SIP/503-0000000a", "CDR(outbound_cnum)=5106382000") in new stack
    -- Executing [s@macro-outbound-callerid:19] Set("SIP/503-0000000a", "CDR(outbound_cnam)=") in new stack
    -- Executing [s@macro-dialout-trunk:12] GosubIf("SIP/503-0000000a", "0?sub-flp-1,s,1()") in new stack
    -- Executing [s@macro-dialout-trunk:13] Set("SIP/503-0000000a", "OUTNUM=(POTS_TEST_PHONE_NUMBER)") in new stack
    -- Executing [s@macro-dialout-trunk:14] Set("SIP/503-0000000a", "custom=IAX2/pbxlink") in new stack
    -- Executing [s@macro-dialout-trunk:15] ExecIf("SIP/503-0000000a", "0?Set(DIAL_TRUNK_OPTIONS=M(setmusic^default)Tt)") in new stack
    -- Executing [s@macro-dialout-trunk:16] ExecIf("SIP/503-0000000a", "0?Set(DIAL_TRUNK_OPTIONS=TtM(confirm))") in new stack
    -- Executing [s@macro-dialout-trunk:17] Macro("SIP/503-0000000a", "dialout-trunk-predial-hook,") in new stack
    -- Executing [s@macro-dialout-trunk-predial-hook:1] MacroExit("SIP/503-0000000a", "") in new stack
    -- Executing [s@macro-dialout-trunk:18] GotoIf("SIP/503-0000000a", "0?bypass,1") in new stack
    -- Executing [s@macro-dialout-trunk:19] ExecIf("SIP/503-0000000a", "1?Set(CONNECTEDLINE(num,i)=(POTS_TEST_PHONE_NUMBER))") in new stack
    -- Executing [s@macro-dialout-trunk:20] ExecIf("SIP/503-0000000a", "1?Set(CONNECTEDLINE(name,i)=CID:5106382000)") in new stack
    -- Executing [s@macro-dialout-trunk:21] GotoIf("SIP/503-0000000a", "0?customtrunk") in new stack
    -- Executing [s@macro-dialout-trunk:22] Dial("SIP/503-0000000a", "IAX2/pbxlink/(POTS_TEST_PHONE_NUMBER),300,Tt") in new stack
    -- Called IAX2/pbxlink/(POTS_TEST_PHONE_NUMBER)
    -- Hungup 'IAX2/pbxlink-19289'
  == Everyone is busy/congested at this time (1:0/0/1)
    -- Executing [s@macro-dialout-trunk:23] NoOp("SIP/503-0000000a", "Dial failed for some reason with DIALSTATUS = CHANUNAVAIL and HANGUPCAUSE = 50") in new stack
    -- Executing [s@macro-dialout-trunk:24] GotoIf("SIP/503-0000000a", "0?continue,1:s-CHANUNAVAIL,1") in new stack
    -- Goto (macro-dialout-trunk,s-CHANUNAVAIL,1)
    -- Executing [s-CHANUNAVAIL@macro-dialout-trunk:1] Set("SIP/503-0000000a", "RC=50") in new stack
    -- Executing [s-CHANUNAVAIL@macro-dialout-trunk:2] Goto("SIP/503-0000000a", "50,1") in new stack
    -- Goto (macro-dialout-trunk,50,1)
    -- Executing [50@macro-dialout-trunk:1] Goto("SIP/503-0000000a", "continue,1") in new stack
    -- Goto (macro-dialout-trunk,continue,1)
    -- Executing [continue@macro-dialout-trunk:1] NoOp("SIP/503-0000000a", "TRUNK Dial failed due to CHANUNAVAIL HANGUPCAUSE: 50 - failing through to other trunks") in new stack
    -- Executing [continue@macro-dialout-trunk:2] Set("SIP/503-0000000a", "CALLERID(number)=503") in new stack
    -- Executing [(POTS_TEST_PHONE_NUMBER)@from-internal:7] Macro("SIP/503-0000000a", "outisbusy,") in new stack
    -- Executing [s@macro-outisbusy:1] Progress("SIP/503-0000000a", "") in new stack
    -- Executing [s@macro-outisbusy:2] GotoIf("SIP/503-0000000a", "0?emergency,1") in new stack
    -- Executing [s@macro-outisbusy:3] GotoIf("SIP/503-0000000a", "0?intracompany,1") in new stack
    -- Executing [s@macro-outisbusy:4] Playback("SIP/503-0000000a", "all-circuits-busy-now&pls-try-call-later, noanswer") in new stack
    -- <SIP/503-0000000a> Playing 'all-circuits-busy-now.ulaw' (language 'en')
       > 0x7fbf840020b0 -- Probation passed - setting RTP source address to 192.168.1.18:5004
    -- <SIP/503-0000000a> Playing 'pls-try-call-later.ulaw' (language 'en')
    -- Executing [s@macro-outisbusy:5] Congestion("SIP/503-0000000a", "20") in new stack
[2015-04-26 12:20:04] WARNING[15469][C-0000000c]: channel.c:4860 ast_prod: Prodding channel 'SIP/503-0000000a' failed
  == Spawn extension (macro-outisbusy, s, 5) exited non-zero on 'SIP/503-0000000a' in macro 'outisbusy'
  == Spawn extension (from-internal, (POTS_TEST_PHONE_NUMBER), 7) exited non-zero on 'SIP/503-0000000a'
    -- Executing [h@from-internal:1] Hangup("SIP/503-0000000a", "") in new stack
  == Spawn extension (from-internal, h, 1) exited non-zero on 'SIP/503-0000000a'

dicko · April 26, 2015, 10:10pm

Post the output of

iptables -L -n

on your Linux router box.

fizgig10 · April 26, 2015, 10:54pm

Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all – 0.0.0.0/0 0.0.0.0/0
DROP all – 127.0.0.0/8 0.0.0.0/0
DROP all – 0.0.0.0/0 0.0.0.0/0 state INVALID
DROP tcp – 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
DROP tcp – 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
DROP tcp – 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
DROP tcp – 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
DROP tcp – 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
DROP tcp – 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:24872
ACCEPT tcp – 0.0.0.0/0 (PUBLICIP1) tcp dpt:1723
ACCEPT all – 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all – 0.0.0.0/0 0.0.0.0/0
ACCEPT all – 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP)
target prot opt source destination
DROP all – 0.0.0.0/0 0.0.0.0/0 state INVALID
ACCEPT all – 0.0.0.0/0 0.0.0.0/0
ACCEPT all – 0.0.0.0/0 0.0.0.0/0
ACCEPT all – 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT udp – (REMOTEIP) 0.0.0.0/0 udp dpt:4569
ACCEPT all – 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all – 0.0.0.0/0 0.0.0.0/0
ACCEPT all – 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all – 0.0.0.0/0 0.0.0.0/0
ACCEPT all – 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all – 0.0.0.0/0 0.0.0.0/0
ACCEPT all – 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all – 0.0.0.0/0 0.0.0.0/0
ACCEPT all – 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all – 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DROP all – 0.0.0.0/0 0.0.0.0/0 state INVALID

dicko · April 27, 2015, 3:33am

You problably would be better off configuring iptables with something better, your tables are really ineffective as a firewall . I would suggest csf.

AdHominem · April 30, 2015, 4:49am

What happens when you open IPTables completely (for testing purposes)? Do the incoming calls work then?

fizgig10 · May 7, 2015, 9:49pm

Rebooting the asterisk server fixed the issue. Not sure what the problem was there but packets are going through and back fine now.