Problem registering SIP trunks from behind a NAT firewall

General Help
1

Hi
I have an account with voipfone and I want to connect my home FreePBX to it. I’m actually connecting to an extension on their Virtual PBX. I’ve configured the trunk and an outbound route and I can make outbound calls OK. Unfortunately I cannot receive calls.

After a lot of research and debugging I’ve tracked the problem down to the REGISTER packet that is being sent from Asterisk. The Call-ID field has the internal IP address of the server rather than the external IP of the firewall. The initial 401 response from voipfone has the external IP address in the Call-ID field. Asterisk therefore fails to match the two and reports a timeout.

Like I said, I can make outbound calls OK and the OPTIONS packets do have the external IP address in them.

FreePBX has been told it’s behind a NAT firewall on a dynamic external address and has the dynamic hostname configured. It also detects the internal network OK.

Any ideas?
The PEER field in the trunk has the following:

username=id200 (note: the 200 is to connect to extension 200)
type=friend
secret=****
qualify=yes
insecure=invite,port
host=sip.voipfone.net
fromuser=id200
fromdomain=sip.voipfone.net
dtmfmode=rfc2833
authuser=id*200
nat=yes

The register field has

id200:*****@sip.voipfone.net/id200

2

You said:

Clearly it hasn’t or it would be working.

There are only two items in play the externip (externhost) and the localnet that control this behavior. You have one or both wrong.

Post the output of ‘sip show settings’ and we can get you pointed in the right direction.

3

I take your point, Scott, however, OPTIONS does work correctly, it’s only REGISTER. Anyway, here’s the info.

asterisk*CLI> sip show settings

Global Settings:

UDP Bindaddress: 0.0.0.0:5060
TCP SIP Bindaddress: Disabled
TLS SIP Bindaddress: Disabled
Videosupport: No
Textsupport: No
Ignore SDP sess. ver.: No
AutoCreate Peer: No
Match Auth Username: No
Allow unknown access: Yes
Allow subscriptions: Yes
Allow overlap dialing: Yes
Allow promisc. redir: No
Enable call counters: No
SIP domain support: No
Realm. auth: No
Our auth realm asterisk
Use domains as realms: No
Call to non-local dom.: Yes
URI user is phone no: No
Always auth rejects: Yes
Direct RTP setup: No
User Agent: FPBX-2.10.1(1.8.9.3)
SDP Session Name: Asterisk PBX 1.8.9.3
SDP Owner Name: root
Reg. context: (not set)
Regexten on Qualify: No
Legacy userfield parse: No
Caller ID: Unknown
From: Domain:
Record SIP history: Off
Call Events: Off
Auth. Failure Events: Off
T.38 support: No
T.38 EC mode: Unknown
T.38 MaxDtgrm: -1
SIP realtime: Disabled
Qualify Freq : 60000 ms
Q.850 Reason header: No
Store SIP_CAUSE: No

Network QoS Settings:

IP ToS SIP: CS3
IP ToS RTP audio: EF
IP ToS RTP video: AF41
IP ToS RTP text: CS0
802.1p CoS SIP: 4
802.1p CoS RTP audio: 5
802.1p CoS RTP video: 6
802.1p CoS RTP text: 5
Jitterbuffer enabled: No

Network Settings:

SIP address remapping: Enabled using externhost
Externhost: astrium.homedns.org
Externaddr: 86.27.187.208:0
Externrefresh: 120
Localnet: 172.29.12.0/255.255.255.0

Global Signalling Settings:

Codecs: 0xe (gsm|ulaw|alaw)
Codec Order: ulaw:20,alaw:20,gsm:20
Relax DTMF: No
RFC2833 Compensation: No
Symmetric RTP: Yes
Compact SIP headers: No
RTP Keepalive: 0 (Disabled)
RTP Timeout: 30
RTP Hold Timeout: 300
MWI NOTIFY mime type: application/simple-message-summary
DNS SRV lookup: No
Pedantic SIP support: Yes
Reg. min duration 60 secs
Reg. max duration: 3600 secs
Reg. default duration: 60 secs
Outbound reg. timeout: 20 secs
Outbound reg. attempts: 10
Notify ringing state: Yes
Include CID: No
Notify hold state: Yes
SIP Transfer mode: open
Max Call Bitrate: 384 kbps
Auto-Framing: No
Outb. proxy:
Session Timers: Accept
Session Refresher: uas
Session Expires: 1800 secs
Session Min-SE: 90 secs
Timer T1: 500
Timer T1 minimum: 100
Timer B: 32000
No premature media: Yes
Max forwards: 70

Default Settings:

Allowed transports: UDP
Outbound transport: UDP
Context: from-sip-external
Force rport: Yes
DTMF: rfc2833
Qualify: 0
Use ClientCode: No
Progress inband: Never
Language:
MOH Interpret: default
MOH Suggest:
Voice Mail Extension: *97

asterisk*CLI>

4

A couple of comments, do you have externip and exteraddr filled in? You only need one.

If you do an ipchicken on the same gateway as the phone system uses does it show your IP as 86.27.187.208:0 ??

Is 172.19.12.0/24 your local LAN that the phone experiencing the problem is in?

5

Scott
re externip and externaddr: all I’ve done is fill in the relevant fields in FreePBX. I’ve not edited any settings files directly. sip_nat.conf is empty.

Doing a grep for these strings in /etc/asterisk only shows

sip.conf:; nat=yes , externip= , localhost= , and optionally fromdomain= .

Actually, that might be it. The fields are set correctly in SIP Settings.
I’ll try editing sip.conf manually as a test

As to the external IP, yes it is as stated.

Gareth

6

In which file should FreePBX be dropping nat= externip= etc.?

7

Sorry, found the following in sip_general_additional.conf

nat=yes
externhost=astrium.homedns.org
externrefresh=120
localnet=172.29.12.0/255.255.255.0