Alternate ways to register blocked SIP


We have our Asterisk server on cloud and recently the government blocked SIP from non-whitelisted IP’s. We have whitlisted IP’s for our office but now due to Covid19, most of the users are working from home for which we cannot get whitelisted IP’s. Currently we are using VPN but are having issues in that.

I was thinking of configuring another asterisk server in office so that users can get registered on this server and route traffic on cloud server but not sure how exactly that would work.
Another aspect I was looking into was Kamalio server but I’m total noob with Kamalio.
May be adding TLS would work, this should be simple but thats not working for me.

Can anyone suggest best possible alternative?

If the home users have to use a VPN to get to the cloud PBX because SIP ports are blocked then how will they connect to the office PBX? They’ll still need a VPN and if you’re having issues with it, you’re still going to have issues with it until you fix them.

You’re just changing the destination where the users connect not fixing the fact they still have to use a VPN.

I think this needs addressing to the relevant government authority, as it seems to me an attempt to evade a law, which is presumably in place for national security reasons. even though people in Western countries might think such laws to be bad.

1 Like

Well VoIP calling is allowed as long as we have whitelisted the IP’s. The purpose of this Law is to block grey traffic. What we are trying to do here is not to evade law but to route traffic from white listed IP’s which government can track.
We have white listed IP’s for our office but home internet’s are not dedicated and cannot be whitelisted thus routing is required

SIP within the country is not blocked and with white listed IP’s, its not blocked for outside as well. We can register trunks if we have asterisk placed locally but that increases latency to destination as even dedicated internet for long destinations is not stable. This is the only reason we are using cloud server

My point is this, if SIP is allowed but only once your register (whitelist) the IP with the Government then that would mean SIP traffic in general is blocked until allowed. As you pointed out, people are at home and don’t have static IPs.

Your office and cloud server have whitelisted IPs allowing them to use SIP but again, the home users still can’t. So it doesn’t matter if you have a PBX at the office or cloud. It doesn’t matter if you have Kamailio in the office or cloud, you still need to whitelist IPs to allowing them to use SIP and your users still need a VPN. To me you’re looking to add things that really don’t solve the issue.

If they block users by IP your only option is SIP Proxy one side receive block IP, outgoing side present to the word with white IP. Asterisk with 2 trunks is ideal for this job.
If they block user on port manner your resolution is change Asterisk ports for signaling and RTP

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.