Setting the INVITE address to the outgoing IP address on dual NIC installation


(Jeremiah Kioko) #1

Hello.

I am relatively new to FreePBX. I have recently installed a FreePBX instance with two NICs. One interface (eth1) has the default gateway and is facing my local network. This is where I expect SIP registrations for my softphones to occur. The other interface (eth0) faces my SIP provider. I have configured static routes on CLI to route the needed prefixes towards eth0 and tested that their working.

At the moment I am able to make incoming calls perfectly. My issue is outgoing calls towards my SIP provider. I notice that the INVITE ip address that it uses is the one on eth1, even though said request is going out of eth0. How can I ensure that this address is set to the one on eth0? My provider has security settings that will only allow the eth0 IP on the SIP packets and I believe that is why outgoing calls are not working.


(Lorne Gaetz) #2

Assuming you have a standard setup for NAT, then adding the provider’s signalling hosts to the local networks in Asterisk SIP Settings should resolve.


(Jeremiah Kioko) #3

Hi, thanks for your response.

I am not sure what you mean by “standard”. I am not behind NAT.

I already added all the provider signaling hosts to local networks. I had issues with inbound calls before I added them. This however did not fix outbound calls.


(Lorne Gaetz) #4

Not sure how to reconcile those two statements. If your pbx is not behind NAT, then you should be able to set the chan_sip nat=no and interface = public.


(Jeremiah Kioko) #5

You are very right. Oversight on my part.

I have set chain_sip nat to no and interface=public. I still have the same problem though.


(Jeremiah Kioko) #6

Maybe my outbound route is not being matched. Is there a way to verify this?


(Tom Ray) #7

This has nothing to do with the FreePBX settings and it has to do with the routes in your system. What is the output of ip route?


(Jeremiah Kioko) #8

root@hostname ~# ip route
default via 172.32.160.30 dev eth1
10.65.83.99 via 10.221.11.9 dev eth0
10.66.57.75 via 10.221.11.9 dev eth0
10.221.11.8/30 dev eth0 proto kernel scope link src 10.221.11.10
172.32.160.0/24 dev eth1 proto kernel scope link src 172.32.160.82
169.254.0.0/16 dev eth0 scope link metric 1002
169.254.0.0/16 dev eth1 scope link metric 1003

I have changed public IPs for privacy reasons.


(Tom Ray) #9

What’s the IP of the PBX on eth0? What’s the IP details of the provider? I think you have a routing issue here.


(Jeremiah Kioko) #10

The IP on eth0 is 10.221.11.10/30. SIP and media signalling IPs are 10.66.57.75 and 10.65.83.99.

All these IPs (including 10.221.11.9 on the provider side are reachable from my host.


(Tom Ray) #11

This is a very common setup. The ISP is providing both Internet and voice so they drop things into the premises so the voice side is a 100% on a LAN between the premise and them since it has zero need to traverse the public Internet.

Also, I can in no way find this “interface” setting as an acceptable Chan_SIP setting. So I doubt it will do anything.


(Tom Ray) #12

OK so here what is happening, from what I can tell. Your PBX is listing on the 172.32.160.x network for your internal LAN. That probably means the phones are connecting to the PBX over that IP. The other IP for the ISP is used for incoming and should be used for outgoing.

You need to tell the PBX that requests SOURCING from the 172.32.160.x network destined for the ISP voice IPs to route over the eth0 interface. Otherwise, your default route will also win since it’s sourcing over eth1 from the PBX. You might need something like this:

10.65.83.99 via 10.221.11.9 dev eth0 proto dhcp src 172.32.160.82 metric 100
10.66.57.75 via 10.221.11.9 dev eth0 proto dhcp src 172.32.160.82 metric 100

That basically says route those IPs via the eth0 gateway over eth0 that source from the PBX’s IP from the other LAN. That might help.


(Jeremiah Kioko) #13

Not sure why I need to specify “proto dhcp”. Also, the source address should be 10.221.11.10, not 172.32.160.82. Not only does the system not take the configs, but that is exactly what I am trying to fix. I need my source IP to be 10.221.11.10 whenever I send traffic to the signalling IPs.

That being said, I have made modifications as per below. I still have the same problem.

[root@hostname ~]# ip route
default via 172.32.160.30 dev eth1
10.65.83.99 via 10.221.11.9 dev eth0 proto dhcp src 10.221.11.10 metric 100
10.66.57.75 via 10.221.11.9 dev eth0 proto dhcp src 10.221.11.10 metric 100
10.221.11.8/30 dev eth0 proto kernel scope link src 10.221.11.10
172.32.160.0/24 dev eth1 proto kernel scope link src 172.32.160.82
169.254.0.0/16 dev eth0 scope link metric 1002
169.254.0.0/16 dev eth1 scope link metric 1003


(Jeremiah Kioko) #14

I also do not understand this:

You need to tell the PBX that requests SOURCING from the 172.32.160.x network destined for the ISP voice IPs to route over the eth0 interface. Otherwise, your default route will also win since it’s sourcing over eth1 from the PBX.

I expect the host to use the more specific route over the default route.


(Tom Ray) #15

Your phones are on the 172.32.160.x network, yes? They connect the PBX over that the IP it is assigned on that network, yes?


(Jeremiah Kioko) #16

They are not on the 172.32.160.x network. But yes, they access the PBX on eth1, which is on this network.


(Tom Ray) #17

Alright, one final question before I get to my answer on why this isn’t working. Does the PBX listen on 10.221.11.10? Do you have that bound to Chan_SIP or Chan_PJSIP in anyway?


(Jeremiah Kioko) #18

Yes. It is set to listen on 0.0.0.0, which means it should listen to all interfaces.

Also, my trunks to my provider (both inbound and outbound) are working. So that means it should be listening on 10.221.11.10.


(Tom Ray) #19

Show the output of sip show settings for the PBX from the Asterisk CLI. I want to see what is what here and what is configured. You can mask any external/public IPs.


(Jeremiah Kioko) #20

hostname*CLI> sip show settings

Global Settings:

UDP Bindaddress: 0.0.0.0:5060
TCP SIP Bindaddress: Disabled
TLS SIP Bindaddress: Disabled
RTP Bindaddress: Disabled
Videosupport: No
Textsupport: No
Ignore SDP sess. ver.: No
AutoCreate Peer: Off
Match Auth Username: No
Allow unknown access: Yes
Allow subscriptions: Yes
Allow overlap dialing: Yes
Allow promisc. redir: No
Enable call counters: No
SIP domain support: No
Path support : No
Realm. auth: No
Our auth realm asterisk
Use domains as realms: No
Call to non-local dom.: Yes
URI user is phone no: No
Always auth rejects: Yes
Direct RTP setup: No
User Agent: FPBX-15.0.16.72(16.11.1)
SDP Session Name: Asterisk PBX 16.11.1
SDP Owner Name: root
Reg. context: (not set)
Regexten on Qualify: No
Trust RPID: No
Send RPID: No
Legacy userfield parse: No
Send Diversion: Yes
Caller ID: Unknown
From: Domain:
Record SIP history: Off
Auth. Failure Events: Off
T.38 support: No
T.38 EC mode: Unknown
T.38 MaxDtgrm: 4294967295
SIP realtime: Disabled
Qualify Freq : 60000 ms
Q.850 Reason header: No
Store SIP_CAUSE: No

Network QoS Settings:

IP ToS SIP: CS3
IP ToS RTP audio: EF
IP ToS RTP video: AF41
IP ToS RTP text: CS0
802.1p CoS SIP: 4
802.1p CoS RTP audio: 5
802.1p CoS RTP video: 6
802.1p CoS RTP text: 5
Jitterbuffer enabled: No

Network Settings:

SIP address remapping: Disabled
Externhost:
Externaddr: (null)
Externrefresh: 10
Localnet: 10.221.11.8/255.255.255.252
172.32.160.0/255.255.255.0
10.66.57.75/255.255.255.255
10.65.83.99/255.255.255.255
192.168.2.0/255.255.255.0
172.30.65.236/255.255.255.255

Global Signalling Settings:

Codecs: (ulaw|alaw|gsm|g726|g722)
Relax DTMF: No
RFC2833 Compensation: No
Symmetric RTP: No
Compact SIP headers: No
RTP Keepalive: 0 (Disabled)
RTP Timeout: 30
RTP Hold Timeout: 300
MWI NOTIFY mime type: application/simple-message-summary
DNS SRV lookup: No
Pedantic SIP support: Yes
Reg. min duration 60 secs
Reg. max duration: 3600 secs
Reg. default duration: 120 secs
Sub. min duration 60 secs
Sub. max duration: 3600 secs
Outbound reg. timeout: 20 secs
Outbound reg. attempts: 0
Outbound reg. retry 403:No
Notify ringing state: Yes
Include CID: No
Notify hold state: Yes
SIP Transfer mode: open
Max Call Bitrate: 384 kbps
Auto-Framing: No
Outb. proxy:
Session Timers: Accept
Session Refresher: uas
Session Expires: 1800 secs
Session Min-SE: 90 secs
Timer T1: 500
Timer T1 minimum: 100
Timer B: 32000
No premature media: Yes
Max forwards: 70

Default Settings:

Allowed transports: UDP
Outbound transport: UDP
Context: from-sip-external
Record on feature: automon
Record off feature: automon
Force rport: No
DTMF: rfc2833
Qualify: 0
Keepalive: 0
Use ClientCode: No
Progress inband: No
Language: en
Tone zone:
MOH Interpret: default
MOH Suggest:
Voice Mail Extension: *97
RTCP Multiplexing: No


hostname*CLI>