[asterisk-users] OpenVPN tunnel and one-way audio - Do I still need a SIP proxy?
bruce bruce
bruceb444 at gmail.com
Wed Sep 22 00:27:07 CDT 2010
Hi Everyone,
I have setup an OpenVPN tunnel between Server A (running Asterisk) and
Server B suppling it's SIP Phones with DHCP pool of IPs.
So, the tunnel is established nicely and everyone can ping others. "sip show
peers" shows the local subnet of the SIP Phones registered (192.168.100.0/24
).
But there is the old bad one-way audio. Calls also drop after few seconds.
In the SIP debug I can see that asterisk uses it's external public IP
address to communicate to endpoints that are known to it as the
192.168.100.0/24 endpoints and the endpoints identify themselves with the
OpenVPN tunnel IP address scheme in one part of the sip handshake. How can
this be fixed? After all, with the OpenVPN this should all look like an
internal network to Asterisk.
I have added my comments followed by # to lines below that are problematic.
<--- SIP read from UDP:192.168.100.5:5060 ---> #This line is good as it
uses the local DHCP supplied network address scheme
INVITE sip:203 at 172.16.0.1:5060 SIP/2.0 #This line is BAD. Why are we
inviting Ext. 203 with it's OpenVPN IP while it's on the same network of
192.168.50.0/24 as 202?
Via: SIP/2.0/UDP
192.168.100.5:5060;branch=z9hG4bK695f8c1cfc7cdee96.1c65dc2eb25a46fc6
Max-Forwards:
70
From: "SIP Phone - Ext. 202" <sip:202 at 172.16.0.1:5060>;tag=6d6f8c4226
#BAD line again. Should be SIP:202 at 192.168.100.6 <SIP%3A202 at 192.168.100.6>
To: "203" <sip:203 at 172.16.0.1:5060> #Bad again....
Call-ID: 43af67a634e06e75
CSeq: 32058 INVITE
Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, OPTIONS, UPDATE, PRACK,
SUBSCRIBE, INFO
Allow-Events: talk, hold, conference, LocalModeStatus
Contact: "SIP Phone - Ext. 202" <sip:202 at 192.168.50.5:5060
;transport=udp>;+sip.instance="<urn:uuid:00000000-0000-1000-8000-00085D25B72F>"
Supported: gruu, path, timer, 100rel, replaces
User-Agent: Aastra 55i/2.5.2.1500
Content-Type: application/sdp
Content-Length: 594
Basically the phones should only send with FROM their local
192.168.100.0/24address and Asterisk should only send ANSWER and ACK
back to
192.168.100.0/24 rather than sending it to 172.16.0.0/24 (which is the
openvpn client ip).
Once above is fixed, I think all the audio and call cut will go away. I hate
to use a sip proxy in this situation since I already have an openvpn
connection.
Any feed back is appreciated.
Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20100922/d77c8271/attachment.htm
More information about the asterisk-users
mailing list