I am relatively new to FreePBX. I have recently installed a FreePBX instance with two NICs. One interface (eth1) has the default gateway and is facing my local network. This is where I expect SIP registrations for my softphones to occur. The other interface (eth0) faces my SIP provider. I have configured static routes on CLI to route the needed prefixes towards eth0 and tested that their working.
At the moment I am able to make incoming calls perfectly. My issue is outgoing calls towards my SIP provider. I notice that the INVITE ip address that it uses is the one on eth1, even though said request is going out of eth0. How can I ensure that this address is set to the one on eth0? My provider has security settings that will only allow the eth0 IP on the SIP packets and I believe that is why outgoing calls are not working.
Assuming you have a standard setup for NAT, then adding the provider’s signalling hosts to the local networks in Asterisk SIP Settings should resolve.
I am not sure what you mean by “standard”. I am not behind NAT.
I already added all the provider signaling hosts to local networks. I had issues with inbound calls before I added them. This however did not fix outbound calls.
Not sure how to reconcile those two statements. If your pbx is not behind NAT, then you should be able to set the chan_sip nat=no and interface = public.
root@hostname ~# ip route
default via 172.32.160.30 dev eth1
10.65.83.99 via 10.221.11.9 dev eth0
10.66.57.75 via 10.221.11.9 dev eth0
10.221.11.8/30 dev eth0 proto kernel scope link src 10.221.11.10
172.32.160.0/24 dev eth1 proto kernel scope link src 172.32.160.82
169.254.0.0/16 dev eth0 scope link metric 1002
169.254.0.0/16 dev eth1 scope link metric 1003
This is a very common setup. The ISP is providing both Internet and voice so they drop things into the premises so the voice side is a 100% on a LAN between the premise and them since it has zero need to traverse the public Internet.
Also, I can in no way find this “interface” setting as an acceptable Chan_SIP setting. So I doubt it will do anything.
OK so here what is happening, from what I can tell. Your PBX is listing on the 172.32.160.x network for your internal LAN. That probably means the phones are connecting to the PBX over that IP. The other IP for the ISP is used for incoming and should be used for outgoing.
You need to tell the PBX that requests SOURCING from the 172.32.160.x network destined for the ISP voice IPs to route over the eth0 interface. Otherwise, your default route will also win since it’s sourcing over eth1 from the PBX. You might need something like this:
10.65.83.99 via 10.221.11.9 dev eth0 proto dhcp src 172.32.160.82 metric 100
10.66.57.75 via 10.221.11.9 dev eth0 proto dhcp src 172.32.160.82 metric 100
That basically says route those IPs via the eth0 gateway over eth0 that source from the PBX’s IP from the other LAN. That might help.
Not sure why I need to specify “proto dhcp”. Also, the source address should be 10.221.11.10, not 172.32.160.82. Not only does the system not take the configs, but that is exactly what I am trying to fix. I need my source IP to be 10.221.11.10 whenever I send traffic to the signalling IPs.
That being said, I have made modifications as per below. I still have the same problem.
[root@hostname ~]# ip route
default via 172.32.160.30 dev eth1
10.65.83.99 via 10.221.11.9 dev eth0 proto dhcp src 10.221.11.10 metric 100
10.66.57.75 via 10.221.11.9 dev eth0 proto dhcp src 10.221.11.10 metric 100
10.221.11.8/30 dev eth0 proto kernel scope link src 10.221.11.10
172.32.160.0/24 dev eth1 proto kernel scope link src 172.32.160.82
169.254.0.0/16 dev eth0 scope link metric 1002
169.254.0.0/16 dev eth1 scope link metric 1003
You need to tell the PBX that requests SOURCING from the 172.32.160.x network destined for the ISP voice IPs to route over the eth0 interface. Otherwise, your default route will also win since it’s sourcing over eth1 from the PBX.
I expect the host to use the more specific route over the default route.
Alright, one final question before I get to my answer on why this isn’t working. Does the PBX listen on 10.221.11.10? Do you have that bound to Chan_SIP or Chan_PJSIP in anyway?
Show the output of sip show settings for the PBX from the Asterisk CLI. I want to see what is what here and what is configured. You can mask any external/public IPs.
UDP Bindaddress: 0.0.0.0:5060
TCP SIP Bindaddress: Disabled
TLS SIP Bindaddress: Disabled
RTP Bindaddress: Disabled
Videosupport: No
Textsupport: No
Ignore SDP sess. ver.: No
AutoCreate Peer: Off
Match Auth Username: No
Allow unknown access: Yes
Allow subscriptions: Yes
Allow overlap dialing: Yes
Allow promisc. redir: No
Enable call counters: No
SIP domain support: No
Path support : No
Realm. auth: No
Our auth realm asterisk
Use domains as realms: No
Call to non-local dom.: Yes
URI user is phone no: No
Always auth rejects: Yes
Direct RTP setup: No
User Agent: FPBX-15.0.16.72(16.11.1)
SDP Session Name: Asterisk PBX 16.11.1
SDP Owner Name: root
Reg. context: (not set)
Regexten on Qualify: No
Trust RPID: No
Send RPID: No
Legacy userfield parse: No
Send Diversion: Yes
Caller ID: Unknown
From: Domain:
Record SIP history: Off
Auth. Failure Events: Off
T.38 support: No
T.38 EC mode: Unknown
T.38 MaxDtgrm: 4294967295
SIP realtime: Disabled
Qualify Freq : 60000 ms
Q.850 Reason header: No
Store SIP_CAUSE: No
Network QoS Settings:
IP ToS SIP: CS3
IP ToS RTP audio: EF
IP ToS RTP video: AF41
IP ToS RTP text: CS0
802.1p CoS SIP: 4
802.1p CoS RTP audio: 5
802.1p CoS RTP video: 6
802.1p CoS RTP text: 5
Jitterbuffer enabled: No
Codecs: (ulaw|alaw|gsm|g726|g722)
Relax DTMF: No
RFC2833 Compensation: No
Symmetric RTP: No
Compact SIP headers: No
RTP Keepalive: 0 (Disabled)
RTP Timeout: 30
RTP Hold Timeout: 300
MWI NOTIFY mime type: application/simple-message-summary
DNS SRV lookup: No
Pedantic SIP support: Yes
Reg. min duration 60 secs
Reg. max duration: 3600 secs
Reg. default duration: 120 secs
Sub. min duration 60 secs
Sub. max duration: 3600 secs
Outbound reg. timeout: 20 secs
Outbound reg. attempts: 0
Outbound reg. retry 403:No
Notify ringing state: Yes
Include CID: No
Notify hold state: Yes
SIP Transfer mode: open
Max Call Bitrate: 384 kbps
Auto-Framing: No
Outb. proxy:
Session Timers: Accept
Session Refresher: uas
Session Expires: 1800 secs
Session Min-SE: 90 secs
Timer T1: 500
Timer T1 minimum: 100
Timer B: 32000
No premature media: Yes
Max forwards: 70
Default Settings:
Allowed transports: UDP
Outbound transport: UDP
Context: from-sip-external
Record on feature: automon
Record off feature: automon
Force rport: No
DTMF: rfc2833
Qualify: 0
Keepalive: 0
Use ClientCode: No
Progress inband: No
Language: en
Tone zone:
MOH Interpret: default
MOH Suggest:
Voice Mail Extension: *97
RTCP Multiplexing: No