Setting up local provider SIP trunk

Hi everyone,

I’m setting up a phone switchboard and need to run some tests. I ordered a number from a website but the activation is very slow so in the meantime, I’ll be using the SIP Trunk service offered by a local provider (Vodafone)

I’ve installed FreePBX and Asterisk on a cloud VPS and from what I understand (though I’m not sure), it’s only possible to connect via SIP Trunk locally (so in my case only from Vodafone) and not remotely.

Does anyone know if there’s a way to connect remotely as well? For example, through a proxy on port 5060?

Thanks in advance for your help!

Have you tried to connect remotely? If so, what error(s) are you getting? Have you confirmed, e.g., by configuring Zoiper to connect directly toVodafone, that the trunk is working?

What router/firewall do you have on Vodafone? You may be able to set up a VPN server to relay SIP traffic if needed. Otherwise, do you have another always-on system that could perform this function?

I tried to connect to the truck directly from Zoiper using the following credentials:
Username: [email protected]
Password: PSW VOIP parameter

Hostname: ims.vodafone.it

but it doesn’t find any SIP either in TCP or in UDP. I opened port 5060 on my local PC’s IP from the Vodafone router’s panel.

Most (possibly all) IMS-based systems require a proxy domain name or IP address that is different from ims.vodafone.it . Did the document that contains the username and password mention any other domain name or IP address?

This is what vodafone sent to me:
PSW VOIP parameber: Password

END POINT SBC PARAMETER: Voip1.fixed.vodafone.it

VOIP Username: +39 NUMBER

SIP Domain : ims.vodafone.it

SIP Port : 5060

CODEC VOIP SUPPORTED

Voice codec (in order of priority): G.711 A-law,G.711 u-law,G.729

Fax and POS codecs (alternatively): G.711 A-law,T.38”

In Zoiper, try setting Outbound Proxy to
voip1.fixed.vodafone.it
Even if it doesn’t work, you may get further (a meaningful error instead of not finding a server address).

Just guessing here, try checking Use auth. username and entering
[email protected]
(replace xxxxxxxxxx with the remaining digits of your username).

If no luck, can you post a SIP trace?

I’m puzzled. The normal sequence for registration is:

  1. Client sends REGISTER request.
  2. Server sends 401 or 407 reply, requesting authentication.
  3. Client resends REGISTER with Authorization header. This header contains the auth username value.
  4. Server sends 200 OK reply.

The server wouldn’t know to ignore the first REGISTER, which doesn’t contain auth username. And ignoring the second after requesting auth is pretty weird.

I don’t know how often Zoiper retries failed requests or whether it eventually gives up, but I’m guessing that there were too many 403 errors and the server decided to block the IP address. I have no idea whether that will time out or how long it might take. If this theory is wrong, try taking out the auth username parameter and see whether you get the 403 again.

In either case, it would be useful to have a SIP trace to see what the actual communication is. There is some info here Log files :: Zoiper , or just use Wireshark to view the trace.

Oh dear, now it’s connected with the settings you provided. So now I should try adding the SIP trunk directly to FreePBX and see if Vodafone allows external connections. Do you have any idea how I could set it up?




This is my currently setting for FreePBX hosted in Cloud (with Oracle Cloud)

i get this error: [2024-07-08 00:14:40] WARNING[1191] res_pjsip_outbound_registration.c: No response received from ‘sip:ims.vodafone.it’ on registration attempt to ‘sip:[email protected]’, retrying in ‘60’

You might try for Outbound Proxy
sip:voip1.fixed.vodafone.it\;lr\;hide
but I strongly suspect that it’s blocked. I tried a “SIP ping” script (originally written for another purpose) and got no response from here (Las Vegas, Quantum fiber), from my Paris location (SFR) or via my Cyberghost VPN connected to Rome server.

Can you ping 83.224.123.48 or 83.224.127.144 from your Mac? If so, can you ping them from the Oracle server? If not, I would assume it’s blocked. If ping from the Mac gives no response, I’ll post the SIP ping script for you to try.

If blocked, options include:

  1. setting up a VPN between the cloud server and your router or Mac.
  2. running FreePBX locally, e.g. on a VM hosted on the Mac.
  3. getting a different trunk service that you can provision immediately.

Yep, i cannot ping it from my oracle VPS, but i can ping from my Macbook connected to vodafone. So vodafone SIP is blocked from outside network.
Do you know if there is a guide on how I can set up a VPN from my Vodafone (example from my Mac) and connect from the VPS only from port 5060 (I think only this port is needed or also others?) so that I can connect to ssh using the 'ip of the VPS?

Set up a VPN tunnel between the systems (OpenVPN, Wireguard, or whatever else you’re familiar with) and test (for example, ssh from the Mac to the VPS tunnel endpoint). On the Mac end, set it up to access the internet. On the VPS, set a temporary route to a ‘check IP’ service such as 132.226.247.73 via the VPN. With luck, running
curl http://132.226.247.73
should now display your Vodafone public IP. Once that’s working, set routes to 83.224.123.48 and 83.224.127.144 .
You should now be able to ping those addresses from the VPN and your trunk should be registered and be able to make and receive calls. It’s possible that Vodafone has media servers on different IP addresses and those are also blocked from remote – if you get no audio, check the SDP to see the media addresses and also route those. IMO, there is no reason to do anything that depends on port numbers.

Be careful that you don’t lose network access to the VPS. If that happens, Oracle should have console access available, though I know nothing about that.

But bare in mind that if the Provider is blocking one protocol/port, it is quite possible it won’t like OpenVPN or WG ports either, especially if they do DeepPacketInspection which is enforced in some countries. .

I simply wanted to test some inbound rules that apparently I can’t test without SIP Trunk (but at this point I’m waiting for VOIP.ms to activate the SIP Trunk for me). For example, I made a time conditions of the working hours where if they match it puts it in a queue, otherwise it discards the call. But if I try to call the number assigned to the queue it goes straight to the queue and doesn’t check the time conditions. Do you know why?

If (from an internal extension) you call the queue number, it goes to the queue, which is what it’s supposed to do. If you want to simulate an incoming call, create a Misc Application that routes to a Time Condition (or wherever the Inbound Route would go). Then dial the feature code associated with the Misc Application and the call flow should be as desired.

1 Like

Thanks a lot for help <3!