[asterisk-bugs] [JIRA] (ASTERISK-27024) nat/external_media settings ignored in 14.4.1

Florian Floimair (JIRA) noreply at issues.asterisk.org
Thu Jun 1 09:58:57 CDT 2017 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-27024?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=237240#comment-237240 ] 

Florian Floimair commented on ASTERISK-27024:
---------------------------------------------

No problem, I have already captured a log file as pointed out in your link to your wiki article:

Here is my Configuration:
{code:title=pjsip.conf|borderStyle=solid}
[transport-udp]
type=transport
protocol=udp
bind=0.0.0.0
;symmetric_transport=yes
local_net=172.17.217.0/24
external_media_address=13.94.254.95
external_signaling_address=13.94.254.95
;external_signaling_port=5060

[transport-tcp]
type=transport
protocol=tcp
bind=0.0.0.0
;symmetric_transport=yes
local_net=172.17.217.0/24
external_media_address=13.94.254.95
external_signaling_address=13.94.254.95
;external_signaling_port=5060

[transport-udp-ipv6]
type=transport
protocol=udp
bind=::
;symmetric_transport=yes

[transport-tcp-ipv6]
type=transport
protocol=tcp
bind=::
;symmetric_transport=yes

[transport-ws]
type=transport
protocol=ws
bind=0.0.0.0
;symmetric_transport=yes
local_net=172.17.217.0/24
external_media_address=13.94.254.95
external_signaling_address=13.94.254.95
;external_signaling_port=5060

[transport-ws-ipv6]
type=transport
protocol=ws
bind=::
;symmetric_transport=yes
{code}

{code:title=extensions.conf|borderStyle=solid}
[general]
static=yes
writeprotect=no
clearglobalvars=no

[globals]

[default]
exten => echo,1,Answer
      same => n, Echo
exten => _[1-9,a-z,A-Z]., 1, Progress()
                  same => n, Dial(${PJSIP_DIAL_CONTACTS(${EXTEN})})
{code}

My users are created using ARI as is explained in the wiki. They are all using the default context in the dialplan

Everything is running on a VM in Microsoft Azure with an external IP address not directly visible to the VM, therefore the NAT settings in pjsip.conf.

The log output can be found here: https://pastebin.com/CAJD6v3Y

> nat/external_media settings ignored in 14.4.1
> ---------------------------------------------
>
>                 Key: ASTERISK-27024
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-27024
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_pjsip_session
>    Affects Versions: 14.4.1
>         Environment: Alpine Linux 3.6 (Docker image)
>            Reporter: Christopher van de Sande
>            Assignee: Rusty Newton
>
> Post upgrade from 14.3.1 to 14.4.1 rtp is not received by an enpoint behind a nat. The problem appears to be in the SDP headers sent from Asterisk.
> Rolling back to 14.3.1 solves the issue.
> Asterisk is behind a shorewall firewall on a private natted network. It has a single interface eth0.
> Relevant pjsip.conf:
> {noformat}
> [transport-tls-nat]
> type=transport
> protocol=tls
> method=sslv23 ;sslv23 enables tls1.2 because reasons
> cert_file=XXX ;removed
> priv_key_file=XXX ;removed
> bind=0.0.0.0:5061
> external_media_address=x.x.x.x ;public ip
> external_signaling_address=x.x.x.x ;public ip
> local_net=192.168.0.0/16
> [endpoint-common](!)
> type=endpoint
> context=users
> disallow=all
> allow=g722,ulaw,h264
> dtmf_mode=info
> [endpoint-sdes](!)
> media_encryption=sdes
> [aor-common](!)
> type=aor
> remove_existing=yes
> max_contacts=1
> maximum_expiration=160
> qualify_frequency=60
> [207](endpoint-common,endpoint-sdes)
> ;Linphone
> callerid=Chris <PSTN number>
> auth=207
> aors=207
> mailboxes=201 at default
> use_avpf=yes
> rtp_symmetric=yes
> media_use_received_transport=yes
> force_rport=yes
> [207]
> type=auth
> auth_type=userpass
> password=supersecretpassword
> username=207
> [207](aor-common)
> {noformat}
> See pastbin logs referenced below.
> The SDP headers on 14.4.1 issue the private ip instead of the public ip:
> 14.3.1:
> {noformat}
> v=0
> o=- 3705154152 3705154155 IN IP4 192.168.1.88
> s=Asterisk
> c=IN IP4 198.48.203.62
> t=0 0
> m=audio 13310 RTP/SAVP 9
> a=crypto:1 AES_256_CM_HMAC_SHA1_80 inline:FA++mhDadUmqknBzPIWDUI1RlQc0ZNsMwCx2MevLypTQdxXFB5ATHU+ltRXH7g==
> a
> {noformat}
> 14.4.1:
> {noformat}
> v=0
> o=- 3705154685 3705154688 IN IP4 192.168.1.88
> s=Asterisk
> c=IN IP4 192.168.1.88
> t=0 0
> m=audio 11764 RTP/SAVP 9
> a=crypto:1 AES_256_CM_HMAC_SHA1_80 inline:STqxjT14RMJ19JB3GV0S+wD/mCBB9B4iPCv2yzGnRu894T058Q3zi41w55qK1w==
> a
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list