Asterisk issues after a move

TLDR: Do I need RTP UDP ports 10000-20000 opened to send/receive audio data via Voicepulse?

My customer has an Asterisk instance that they can call into via Voicepulse, but they are no longer hearing any of the pre-saved audio prompts (GSM files) or receiving touchtone input. The Asterisk log samples I’ve received are error free and it plays back the files in realtime in the log as if it’s waiting the appropriate amount of time for the files to finish, but no audio is showing up.

This used to work, but the customer moved from a very old system to a new one, and the new one is behind a VPN.

So at the same time the working system moved:

  1. From Asterisk 1.4 on a Mac Xserve of 10 years ago to a Linux server running Asterisk 11.7.
  2. Behind a firewall. SIP port has been opened and connection to VoicePulse is good to go with Peer Reachable, but RTP is NOT opened yet (for port 10000-20000).

While I think it’s VPN related, in case the Asterisk Syntax changed, in my extensions file, I’m using this to play the file:
exten => START,1,Answer()
exten => START,2,Wait(1)
exten => START,3,Background(intro)
exten => START,4,Goto(User_Id,START,1)

;Please enter your ID.
exten => START,1,Background(AskForUserID)
exten => _XXXX,1,SetVar(User_Id=${EXTEN})
exten => _XXXX,2,Goto(OtherFunction,START,1)
exten => i,1,Goto(User_Id,START,1)
exten => t,1,Goto(User_Id,START,1)

In the console I’m getting:
– <SIP/voicepulse-primary-00000002> Playing ‘intro.gsm’ (language 'en’)
And after the few seconds intro takes, it says it’s waiting for the touch tone keycodes to be entered. But the user doesn’t hear anything and I can’t get it to register any touch tones.

My plan (and I’d really love any other opinions I might be missing):

  1. Open RTP (10000-20000 UDP)
  2. Attempt to turn off the VPN entirely and see if it works then.
  3. Look at the sound files? Is there any reason GSM wouldn’t be by default supported? Do I need to add support to it on the linux system?

Anything else I may be missing?

Some settings you might want to try in sip.conf (or sippeers for realtime)…

allow=gsm ;make sure it’s listed

If the VPN is point-to-point, you’ll need to make sure it’s opened those ports. If it’s nat’d, some of the settings above may help. If you’re going to open the RTP ports, you may want to look into SRTP or TLS encryption if you can use it.

You also may want to make sure that iptables is not blocking anything.

You need to check some of the parameters in sip.conf for NAT
externaddr, localnet,nat

A bit old article but useful when working with NAT

–Satish Barot