I am unable to register a soft client over a VPN.
The soft client registers successfully when connected to the same network but Asterisk does not seem to respond to the registration request when connected remotely via a VPN.
I would expect Asterisk to reply with a 401 unauthorized upon receiving the register, triggering the soft phone to re-register with credentials. The server seems to acknowledge (ACK) the request but Asterisk doesn’t respond. The SIP headers look the same and the SIP debug does not display any transactions as though the request has not made it to the Asterisk SIP stack.
I have attached screenshots of the working vs non working registrations and also the Wireshark trace.
Any help would be much appreciated
Does the SIP traffic appear in “pjsip set logger on”?
Hi Jcolp, I am running chan_sip, the log level is enabled for DEBUG. The same behavior is observed on both Asterisk 11 & 20.
Test-PBX*CLI> logger show channels
Channel Type Status Configuration
/var/log/asterisk/full File Enabled - DEBUG NOTICE WARNING ERROR VERBOSE
Console Enabled - DEBUG NOTICE WARNING ERROR VERBOSE
Ah, I’ll bow out then.
VPN’s can really mess with VoIP. For example I have a LAN2LAN OpenVPN and I have no problems registering a Polycom phone over it and sending calls back and forth while a Cisco phone will register but not complete calls. wireshark trace indicates the rtp data is being translated - even though the vpn has the -notranslate option set. Why this does not bother the Polycom phone is unknown.
Anyway, I would guess you are doing UDP registrations and if you were to switch to TCP registration it would work but then calls would not complete. Your VPN is obviously the culprit and it’s messing something up in the SIP traffic. This is more of a networking question - even if you had current Asterisk and pjsip running all that would happen is they would have you make a bunch of traces and then it would show your VPN is messing with the call which you already know.
What is your VPN created with?