I’m trying to setup a remote extension on my asterisk 1.8.21 freePbx 2.8 server.I don’t have a static IP but i configured a dyndns.it hostname with dd client.
I have read the HOW-TO which is very well explained,so I did the following:
1)In SIP settings: set nat to yes and in dynamic ip I’ve set my dyndns hostname.In local network I put 192.168.1.0/255.255.255.0 (my gateway is 192.168.1.1)
2)Opened ports UDP 5000-5082 e 10000-20000 on my router.
3)In the remote extension I put nat=yes
The extension registers but I am unable to hear anything , no audio in local calls or outside calls.
Am I missing something?
Thank you for your help!
Resolving audio issues can be difficult. Just a few ideas. Before moving on to configure remote extensions, do local extensions work for internal and external calls with two way audio? Are ports 10000-20000 forwarded from your router to the ip of the asterisk server? Does your asterisk server have a firewall active? What is the value of canreinvite for your extensions?
First of all thank you for response,it is very much appreciated.
Local extensions work fine inbound and outside calls.
And yes those ports ( 10000-20000 ) are forwarded to my server.
My server has iptables with fail2ban.
I don’t recall my careinvite settings.I’ve left the default option…what should it be?
So are the 10000-20000 udp ports open in your server firewall?
Careinvite is set to no since it is the default option.
My server-firewall is iptables and it’s not blocking ports 10000-20000.
I really don’t know what else to check =(
The other thing that comes to mind is whether the remote extension is behind another NAT or a firewall. In order to see if that’s the problem do you have the chance to test with a remote extension that is not behind a NAT or firewall?
Have a look in /etc/sysconfig/iptables and see if there is any config in there to restrict 10000:20000 to local addresses only.
You say you have 10000:20000 forwarded to the internal address of the PBX. Are you sure you have the open AND forwarded. These are two separate functions on many routers.
I don’t think IPtables is the problem,since I’ve left everything default except for adding couple rules with fail2ban , but those are about ssh and asterisk.
About the router here’s how I’ve configured it:
The port forwarding rules may be OK but are there any inbound filter or firewall rules that might affect these or block these. The forwarding rules are telling the router to transpose any access to certain external ports and forward them to the same ports on an internal system. Not sure about this firewall but on many there also needs to be a filter or firewall rule to actually open up the external port.
When confused, then start with, from asterisk CLI:-
rtp debug (your worrisome ip)
and if there are no replies, from bash:-
to see if you are getting them and more importantly, if they are PNAT translated correctly, My guess, it’s your router setup.
since I have asterisk 1.8 I did rtp set debug my_public_ip_of_phone but I don’t know how to check the output? Is it displayed in the CLI?
Both in the Asterisk CLI and by default time-stamped into /var/log/asterisk/full
Interesting fact…after I make a call I get this from the cli:
Retransmission timeout reached on transmission ZjUwMmUyNmFhMGNlODZhNzIzYTY5NWNkMjBlZWE2N2I. for seqno 2 (Critical Response) – See https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions
Packet timed out after 14783ms with no response
Could this be the issue?
Then you still have a network misconfiguration.
That error is typically a NAT or port forwarding issue. Your firewall is probably not configured correctly.
I guess I’ll have to check better…thanks…
Now is the time to pull out tcpdump.
ok I’ll install it right away…can you tell me what I should look for?
packets that are not going to here you want them to
is there a specific command to isolate rtp packets since when i do tcpdump I see all my ssh packets