[Asterisk-Users] Direct SIP connection to Vonage service

Stewart Nelson sn at scgroup.com
Fri Oct 22 14:39:56 MST 2004


I presently have a small VoIP network using H.323 and gnugk,
and would like to upgrade it to an Asterisk-based system,
primarily to take advantage of low cost unlimited calling
plans offered by SIP providers such as Vonage.  However, the
carriers with good reputations for reliability and quality
seem to require that you connect via a "locked" ATA device.

It appears that many other users of these services desire a
direct SIP connection.  Perhaps we can work together to
achieve this.

Some users have said that you can connect the ATA to an FXO
port on your system; the extra conversions to analog and
back to digital only slightly impair quality.

IMHO, that is not true.  Here are my Top Ten reasons why one
shouldn't connect Asterisk to a VoIP service through the
provider's ATA:

10. Increased noise caused by extra D/A and A/D conversion.

 9. Unnecessary extra delay of at least 150 ms in speech
    path, causing problems when both parties try to speak at
    the same time, and making echo suppression difficult.

 8. Extra echo source caused by needlessly converting from
    4-wire to 2-wire and back again.

 7. At least two seconds additional call setup time, because
    destination number must be sent via DTMF on outgoing,
    and you must wait for CLID data on incoming.

 6. If ever need to use compression codecs, one would have
    two such codecs cascaded, resulting in abysmal quality.

 5. Destroys answer supervision and other call progress info.

 4. No ability to REINVITE, resulting in needless delay and
    load on server when external user connects VoIP.

 3. Makes debugging more difficult (need managed switch or
    extra hub to capture SIP traffic from and to ATA).

 2. ATA might stop responding; additional hardware is needed
    to reset it if user is not physically present.

 1. It's not the Right Thing! Reminds me of the days when an
    anti-interface was needed to connect a modem to a DAA.

So, how can one avoid these problems, without violating the
Terms of Service or the law?  It appears that Vonage does
not explicitly prohibit use of other devices, although they
reserve the right to do so.  A sentence taken from
http://www.vonage.com/features_terms_service.php says:

"If you decide to use the Service through an interface
device not provided by Vonage, which Vonage reserves the
right to prohibit in particular cases or generally, you
warrant and represent that you possess all required rights,
including software and/or firmware licenses, to use that
interface device with the Service and you will indemnify and
hold harmless Vonage against any and all liability arising
out of your use of such interface device with the Service."

However, it appears that Vonage will not supply the needed
SIP credentials, and Google searches did not yield a way to
get them.  Here are some ideas on the subject; I'm a newbie
in this area, so please excuse me if they are naive or
simplistic.

Technically, it should not be hard to obtain the SIP
password.  For example, an ATA-186 stores its firmware and
data in a standard 28F040A flash memory.  It is a 32-pin
DIP, conveniently socketed.  Just unplug it and dump its
contents with a standard EPROM programmer.  (Search a
similar dump of an unlocked unit with a known password to
determine where the needed data is stored.)  The password
in flash can't be encrypted, but it might be obfuscated
and/or compressed.  In that case, change the password on the
unlocked box and see how the dump changes.  Of course, this
method would not be very useful if the Vonage password is
changed regularly.

If the carrier will provision an empty (unlocked, reset)
ATA, you could just capture the TFTP traffic to get the
configuration key, and subsequent encrypted configuration
data.  Or, get the key from the flash as above.

However, I'm worried that the above methods may run afoul of
the TOS, or perhaps even the DMCA.  Or, it may simply take
too much effort to get them to work.  So I have been
thinking about ways to get good performance without knowing
the SIP secret.

How about a software proxy that talks to Asterisk, the ATA,
and the outside world?  I believe that incoming calls could
bypass the ATA completely, because no authentication is
needed.  Is that correct?  For outgoing, the proxy would
place the call through the FXO device and the ATA.  But once
connected, it would feed the audio packets from Vonage
directly to Asterisk (and also to the ATA to keep it happy).
Likewise, audio from Asterisk would be sent directly to
Vonage (and also to the FXO device).

A further refinement would eliminate the need for an FXO
interface, and instead would use the ATA as just an
"authentication client".  For example, you would connect the
ATA to that old 14.4k modem.  When making a call, you would
take the ATA off hook and send it the desired number.  You'd
feed it the 407 challenge from Vonage, send back the
resulting response, and hang up the ATA.  The remainder of
the process would be completed by Asterisk.

Does anyone know if the Vonage SIP proxy is stateless?  If
so, it should be possible to record authorization responses
from the ATA in a database, and replay one when calling a
previously called number.  This would eliminate the extra
setup delay, and allow you to call "old" numbers even if the
ATA was not working.

I would appreciate your opinions on the feasibility of these
techniques, and also about any other methods that have been
tried to achieve direct SIP connectivity.

Thanks,

Stewart




More information about the asterisk-users mailing list