Using FreePBX 13 with a Mock Cellular Network

Try to register to freepbx and post new tcpdump from both units.

Would you like a link to the pcap, or the packets?

Here is the iPhone registration Attempt:

And here is the LG G3 VS985 registration Attempt:

Let me know if you have any issues accessing these files.


Edit: Any Ideas yet?

Edit 2: Is there any way to disable authentication instead or modify the authentication for this particular extension using the custom_*.config files?

Turn the firewall on and configure it. You won’t be able to get around it.

The firewall was never the issue (I’ve even tried several configurations both with and without the firewall and found that enabling/disabling the firewall changes nothing [if you’re talking about responsive SIP accept, it doesn’t work in this case apparently]).

Instead, what seems to be the issue between the UEs and FreePBX is an authentication header mismatch. Since the UE’s are cellphones which use SIM cards, the authentication header is meant to be static from the phone, which means it can’t adjust to FreePBX’s md5 response like a softclient (software based client) can. This means I either need to find a way to change the SIM card’s authentication parameters (which I don’t think is possible), or change/disable the authentication parameters of FreePBX for the UE extension in which the UE is trying to register on. This is why I was questioning on whether or not it was possible to modify the custom_*.config files to accomodate the static nature of the UE’s authentication header.

My experience with Asterisk over LTE has been very good.

The mobile client is to install Grandstream Wave (with Video) and enter in settings sent to the mobile over text or email. Once setup is done we test audio AND video calls. During the audio tests we measure for any lag, make sure TLS is activated and working plus measure the actual audio quality. During video, we test for lag as well plus make sure the video actually connects. LTE has given us trivial problems that were taken care of by tuning the codecs and bit rates, but nothing major. The biggest problem with regard to LTE on my end has been the constantly changing IP addresses, so I had to tune my intrusion detection.

The next project will be using the OpenVPN over LTE and passing calls (and data) thru that.

I would expect your experience with Asterisk/FreePBX to be very good with that setup. But that is where my setup differs. I am not using a soft client like you are. You are simply using an internet connection over LTE, which relies on a softclient to make internet calls instead of calls from the primary phone app. Instead, I am attempting to using the phones’ default built in VoLTE (and thus SIP) capabilities, which allow you to make calls and browse the internet simultaneously instead of using the usual CS-Fallback setup. Your setup seems to use the CS-fallback method, which is not what we are looking to test. We are looking to test an actual VoLTE connection, so that’s where our setups differ. Thanks for the pointers though.

Our Agilent PXT E6621A takes care of that issue.

I’ve found out that the issue is that our setup & phone(s) only supports AKA or Early IMS registrations, and not standard MD5 (thus no reply). Is it possible to configure Asterisk to use AKA or Early IMS with that user?

No. That’s not a thing Asterisk does. You’re going to need a softswitch or proxy that supports it.

Probably you’ve already been to the site, and maybe it doesn’t help you, but take a look at openbts.org, which is a site that explains how to create a GSM network with a software defined radio that uses asterisk as the call processor, maybe you find useful info regarding the authenticacion process.

May want to prefix this with “It only runs on 32-bit OS systems unless you want to try the new release which really hasn’t been fully tested”.

So in order to make this work, it requires an additional server running an out-of-date, unsupported OS

Hi,
replying on this 5 year old post, but still up to date.
The reason why Asterisk was ignoring your registration from the UE is probably that still to this day only mediasec is supported
[security_negotiation] Custom no false The kind of security agreement negotiation to use. Currently, only mediasec is supported.

you can debug asterisk with asterisk cli:
asterisk -rvvv
pjsip set debug on

Kindest regards,
Julia

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.