FreePBX | Register | Issues | Wiki | Portal | Support

Remote extension over OpenVPN only works one way


(Sse450) #1

I have a working FreePBX 14.0.11 with ports 5060 and 10000-20000 forwarded only for IP address of SIP provider.

Now trying to setup a remote softphone on my phone. Created an extension and an Incoming Route directing my second DID to that remote extension as destination.

Following the connect to the local network through OpenVPN (not the integrated one), I can initiate a call using the softphone just fine. However, when my second DID is called, the call is not picked up properly by the softphone. Actually, the softphone tries to pick up the call, but drops the connection immediately. The softphone history shows the calls as missed calls.

I would appreciate any hint about this problem.

Thank you.


(Sse450) #2

I have come across a post from @SkykingOH on a similar issue.

If the server can ping the private IP of the phone at the remote end of the tunnel and it responds with it’s own IP (no NAT) then you have a successful connection.

I think my problem lies here.

sip show peers gives:
Name/username Host Dyn Forcerport Comedia ACL Port Status Description
200/200 10.10.20.34 D No No A 5060 OK (8 ms)
201/201 10.10.20.30 D No No A 5060 OK (5 ms)
202/202 10.10.20.31 D No No A 5060 OK (7 ms)
203/203 10.10.20.35 D No No A 5060 OK (7 ms)
300/300 10.10.1.10 D No No A 59056 OK (53 ms)
ABCTelecom/XXX124000 12.34.227.24 Yes Yes 5060 OK (5 ms)
6 sip peers [Monitored: 6 online, 0 offline Unmonitored: 0 online, 0 offline]

The remote extension is 300. 10.10.1.10 is my server on which OpenVPN runs in a docker. Pinging 10.10.1.10 doesn’t have anything to do with the softphone on the other end of VPN tunnel, let alone responds with phone’s IP. VPN simply doesn’t lead to the phone, as it seems to me.

Does installing OpenVPN server on pfSense solve this problem? Or in other terms, how can I achieve what @SkykingOH described?


(Sse450) #3

My issue is almost solved. I setup OpenVPN server on pfSense and used it. Now, it works OK.

There is only one small issue though. If I connect wifi at home, then OpenVPN to the FreePBX server at office, the audio is one way. I cannot hear the other party, but he can hear me.

However, if I use mobile internet, then OpenVPN to the FreePBX at the office , both parties can hear each other.

What is the difference between home wifi and mobile internet? Must be some configuration issue.


(Kevin Frost) #4

Did you whitelist the IP from home?


#5

The difference is NAT. Also, depending on the client app, the VPN IP on the phone is not always correctly detected: if I use csipsimple with vpn, I have to set the extension to nat=yes on FreePBX, but with Zooper it is not needed.


(Sse450) #6

I added VPN IP subnet to the trusted network of FreePBX firewall.


(Sse450) #7

@arielgrin , you are right. I use Mizudroid. It works with extension nat=yes. So, it is similar to csipsimple. Haven’t tried zoiper yet.

Thank you.


(Kevin Frost) #8

Any extensions I use I always have to force rport and comedia… Have you tried GS Wave?


(system) closed #9

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.