I just got my PBXIF installed and setup yesterday. So far this system totally rocks. What I would like to do though is setup my android phone with sipdroid so that it can connect to the PBX from outside my home. First off I used this guide http://incrediblepbx.com/ for doing the setup so I could use GVoice with my PBX. Then I used this guide here http://www.freepbx.org/support/documentation/howtos/howto-setup-a-remote-sip-extension
I am also running an Astaro Home Firewall. I have forwarded the ports 5060, 10000-20000 to the PBX box. When I initially started this adventure I was using my firewall log to watch for denied packets. I think that I now have the correct holes punched in the firewall for the PBX however I still cannot get any devices to register with the PBX outside of the firewall. Everything from what I can tell is setup as it should be. I thank you all for your help in advance with this and I look forward to getting this all setup and configured. Thank you.
You can’t forward ports in a router like that for SIP or any other protocol that includes bearer information in the protocol itself.
If you look at the text of the SIP invite you will see the port number in the message. Since the SIP stack is above layer 3 it does not know about the translation your router is performing so it instructs the remote host to answer on port that it is listening on.
NAT/PAT and SIP requires true expert level knowledge of SIP, IP etc. It’s not a task for the squeamish.
Ok I turned back on iptables, removed the lines from sip.conf and everything appears to be happy. I don’t know what bit of magic I finally got to work but its happy now and I am happy as well :). The last thing that I need to get going is when I port forward my sip to say 5070 external to 5060 internal the call dies after 10 seconds. So this will just be some firewall trickery I think that I’ll have to work out. When I watch my logs its funny. The PBXIF attempts to send the call to the nated IP of the external extension. So this will just be some config settings I am sure.
Got it figured out, I added an entry to sip.conf as well as sip_nat.conf. I then stopped iptables and fail2ban, then I was able to connect. Started the fail2ban back up and still good, started up iptables and no good. So iptables was no good.
While I don’t have any android phone, I’ve used a free sip phone (called linphone) for an iphone I have access to. The setting were very similar to setting up an extension on an actual IP phone. Do you currently have any IP phones?
If you have a wireless router, I would suggest connecting to the router and using the internal IP address as opposed to dyndns/domain/public IP to see what progress you’re able to make. So if your asterisk server is on the LAN at 192.168.1.5, type that in the configuration of the phone. If you’re able to connect and make phone calls, still looks like a firewall/port issue.
I don’t use incredible PBX but if its like freepbx, there is a method to use an actual SIP nat module and not edit sip_nat.conf
Ok so I have come to the conclusion that this is definitely with asterisk. My firewall is open to the right places but Asterisk just never responds. Any thoughts. I added the entries to sip_nat.conf as well in hopes that this would get me in the right direction but no love. Thanks.
Again, assuming the firewall is correctly setup to forward SIP/RTP packets- what codecs are you allowing/disallowing within the extension settings? And is ‘NAT’ set to ‘yes’, and ‘Transport’ set to ‘UDP only’?
I’d be tempted to briefly (very briefly) DMZ the Asterisk server just to see if that gets it working and narrow it down to a port issue or a Sipdroid issue.
Yeah I have the SIP ALG settings turned off. I punched a series of holes in the firewall but still no love for the audio. I shall continue with trial and error because that is what us troubleshooters do
Excellent so I finally got my sip to work through my firewall. But now I have another issue. I cannot get any audio to work either in or out on any device outside of the network. I have both SIP and RTP setup. Any thoughts?
RTP port forwarding? Apparently tricky.
And forwarding that number of ports from outside makes me nervous.
From outside my network, I use IaxAgent on my android phone. It understands (well, duh) the IAX2 protocol.
I setup an IAX2 extension and have IaxAgent register with it’s credentials.
I just have to forward a single port (4569) from my router to the machine running Asterix/FreePBX.
Works dandy.
Actually from inside my home network (wifi) I use 3CXPhone on Android (SIP) registered as a different extension … so if that extension is active, it’s in the main ringgroup for the main house line. But if the IAX extension is registered, well, I’m not home … so that one isn’t
Sipdroid has become a really solid product over the past year or so on the Android platform. I use it on a Nexus One with a similar setup and very good results most of the time. I’ll go ahead and assume you have things buttoned up on the PBX/firewall side and give you the settings I use on the Sipdroid client.
Settings->SIP Account (line 1):
Authorization Username: 'extension number’
Password: 'extension password’
Server or Proxy: ‘PBX’s external facing WAN IP’ or a dyndns address if you use that service
Port: 5060 (matches the extension port)
Protocol: UDP
Use WLAN, 3G, Edge: Checked
That’s it, nothing else in the SIP settings are touched
For the audio codecs, I emphasize (always try) ULAW & GSM under ‘Audio Settings’, and I also bumped up the mic & earpiece gain found under the Audio/Video option.
You may want to try things locally at first, simply substitue your local PBX IP within the ‘Server or Proxy’ setting. Good luck.
