I am seeing these errors being reported in /var/log/asterisk/full:
ERROR[29058] tcptls.c: Unable to connect SIP socket to 192.168.2.21:62119: Connection timed out
ERROR[29088] tcptls.c: Unable to connect SIP socket to 192.168.0.10:49236: Connection timed out
The difficulty is that I am unable to find where these two IP addresses are used in the FreePBX configuration. We do not use any IP addresses from 192.168.0 or 192.168.2 anywhere on out LAN that I am aware of. Nonetheless the addresses are in the astdb.sqlite3 database:
I know that the IP addresses I seek are in /var/log/asterisk/full. That is what started the search.
What I am trying to discover is from where they originate in the system. These are not address blocks that we use or have ever used. So why is Asterisk trying to make a connection to them? Is there any other place where Asterisk stores state having to do with endpoints. This looks like a heartbeat but we never had any endpoints as those addresses.
it will print the few lines around the event, turn on sip debugging for that ip if they happen more than once or twice, or sngrepthen filter for a few hours the headers will reveal the apparent sender
Thank for the suggestion. It never occurred to me that Asterisk was replying to a request using those addresses because they do not exist inside our firewall. But that is exactly what is happening.
I must make clear that we user separate users and devices instead of extensions. Each user has a local handset and a remote softphone device configured for their account.
192.168.2.21 is presumably the private LAN address of extension 90016. That is normal – the extension is not NAT aware and doesn’t need to be, because FreePBX will handle the NAT traversal. To do that properly, Rewrite Contact and Force rport for the extension must both be Yes.
I am looking at the device page and the user page in the FreePBX gui for one of the remote users involved and I cannot find anything refering to Rewite or rport.