I have FreePBX 12 using SIP extensions (not pjsip). I configured a new extension for a Zoiper softphone on an Android device which works fine when not using TLS.
I setup pbx to handle TLS and the phone will register, make calls to feature codes, 7 & 10 digit numbers but WILL NOT call another extension. Zoiper will show that it missed a call from another extension but zoiper never rings.
CLI shows this when I try to dial Zoiper
Executing [[email protected]:44] Dial(“SIP/1600-0000001f”, “SIP/9951560&SIP/51560,TtrI”) in new stack
[2016-02-25 09:10:07] WARNING[22490][C-00000015]: app_dial.c:2437 dial_exec_full: Unable to create channel of type ‘SIP’ (cause 20 - Subscriber absent)
[2016-02-25 09:10:07] WARNING[22490][C-00000015]: app_dial.c:2437 dial_exec_full: Unable to create channel of type ‘SIP’ (cause 20 - Subscriber absent)
== Using SIP RTP TOS bits 184
== Using SIP RTP CoS mark 5
– Called SIP/51560
– Connected line update to SIP/1600-0000001f prevented.
== Everyone is busy/congested at this time (2:0/0/2)
CLI shows NOTHING when dialing from Zoiper but calls work (except for 4 digits)
Why can’t I dial other extensions and how can I see dialplan in cli?
FREEPBX setup…
I added these lines to Other SIP settings in chan sip settings in GUI (and did amportal restart but not sure that I needed to do this thou)
tlsenable=yes
tlsbindaddr=0.0.0.0:5061
tlscertfile=/etc/asterisk/keys/android-51560.pem
tlscafile=/etc/asterisk/keys/android-51560.crt
tlscipher=ALL
tlsclientmethod=tlsv1
In cert manager I had to delete the original default cert and CA and build new ones and created an android cert
In extension I left Media Encryption = no and changed
Transport = TLS only
Enable Encryption = Yes (SRTP only)
Enable DTLS= Yes
Use Certificate = android-51560 (only option)
DTLS Verify = Fingerprint
DTLS Setup = Act/Pass
DTLS Rekey Interval= 0
temporarily disabled fail2ban and iptables to make sure they are not interfering.
Do I have to enable something to see TLS traffic in asterisk?