Azure Connection to Asterisk

So in Microsoft Azure we have Communication Services which allow to connect direct routing VIA SBC. almost same as MS TEAMS.

So i tried to connect Asterisk with ACS and after alot of search i am not able to find anyone who did it before but i found TEAMS so i followed same method.

i installed latest asterisk on ubuntu 24. and did everything but i am facing option that my INCOMING route is unreachable yet..

this is error its giving

<— Transmitting SIP request (480 bytes) to TLS:52.114.132.46:5061 —>
OPTIONS sip:sip.pstnhub.microsoft.com:5061 SIP/2.0
Via: SIP/2.0/TLS sbc.voippro.online:5061;rport;branch=z9hG4bKPj74434848-b82d-4f48-a158-337842a96c76;alias
From: sip:acs-out@sbc.voippro.online;tag=b23dcc67-7743-4e49-8854-a1855c4d0237
To: sip:sip.pstnhub.microsoft.com
Contact: sip:acs-out@sbc.voippro.online:5061;transport=TLS
Call-ID: aa6493d1-6ea9-4a61-9ccf-5bc6a2bd3879
CSeq: 52920 OPTIONS
Max-Forwards: 70
User-Agent: Asterisk PBX 22.3.0
Content-Length: 0

<— Received SIP response (429 bytes) from TLS:52.114.132.46:5061 —>
SIP/2.0 200 OK
FROM: sip:acs-out@sbc.voippro.online;tag=b23dcc67-7743-4e49-8854-a1855c4d0237
TO: sip:sip.pstnhub.microsoft.com
CSEQ: 52920 OPTIONS
CALL-ID: aa6493d1-6ea9-4a61-9ccf-5bc6a2bd3879
VIA: SIP/2.0/TLS sbc.voippro.online:5061;branch=z9hG4bKPj74434848-b82d-4f48-a158-337842a96c76;rport
CONTENT-LENGTH: 0
ALLOW: INVITE,ACK,OPTIONS,CANCEL,BYE,NOTIFY
SERVER: Microsoft.PSTNHub.SIPProxy v.2025.3.31.2 i.USEA.12

<— Received SIP request (525 bytes) from TLS:52.114.132.46:18630 —>
OPTIONS sip:acs-out@sbc.voippro.online:5061;transport=TLS SIP/2.0
FROM: sip:sip-du-a-us.pstnhub.microsoft.com:5061;tag=75c18da6-4b90-4639-9bfc-860cf8ffb0c8
TO: sip:acs-out@sbc.voippro.online
CSEQ: 1 OPTIONS
CALL-ID: 188496e9-7178-49d3-adee-aa92bf45b9b1
MAX-FORWARDS: 70
VIA: SIP/2.0/TLS 52.114.132.46:5061;branch=z9hG4bKbf94e71b
CONTACT: sip:sip-du-a-us.pstnhub.microsoft.com:5061
CONTENT-LENGTH: 0
USER-AGENT: Microsoft.PSTNHub.SIPProxy v.2025.3.31.2 i.USEA.12
ALLOW: INVITE,ACK,OPTIONS,CANCEL,BYE,NOTIFY

<— Transmitting SIP response (870 bytes) to TLS:52.114.132.46:18630 —>
SIP/2.0 404 Not Found
Via: SIP/2.0/TLS 52.114.132.46:5061;rport=18630;received=52.114.132.46;branch=z9hG4bKbf94e71b
Call-ID: 188496e9-7178-49d3-adee-aa92bf45b9b1
From: sip:sip-du-a-us.pstnhub.microsoft.com;tag=75c18da6-4b90-4639-9bfc-860cf8ffb0c8
To: sip:acs-out@sbc.voippro.online;tag=z9hG4bKbf94e71b
CSeq: 1 OPTIONS
Accept: application/xpidf+xml, application/cpim-pidf+xml, application/dialog-info+xml, application/simple-message-summary, application/pidf+xml, application/pidf+xml, application/dialog-info+xml, application/simple-message-summary, application/sdp, message/sipfrag;version=2.0
Allow: OPTIONS, REGISTER, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, INFO, MESSAGE, REFER
Supported: 100rel, timer, replaces, norefersub
Accept-Encoding: identity
Accept-Language: en
Server: Asterisk PBX 22.3.0
Content-Length: 0

As you see acs-out is reachable but when we get request from ACS my asterisk giving 404 not found. ACS should send request as “acs-in” cuz thats what my endpoint in pjsip but i dont know what went wrong and its sending as acs-out

HERE IS MY PJSIP.CONF
[global]
user_agent=Asterisk PBX
tlslog=yes
; UDP Transport (for Eyebeam)
[transport-udp]
type=transport
protocol=udp
bind=0.0.0.0:5061

; TLS Transport (for Azure ACS)
[transport-tls]
type=transport
protocol=tls
method=tlsv1_2
bind=0.0.0.0:5061
cert_file=/etc/letsencrypt/live/sbc.vzpro.pro/cert.pem
priv_key_file=/etc/letsencrypt/live/sbc.vzpro.pro/privkey.pem
ca_list_file=/etc/letsencrypt/live/sbc.vzpro.pro/fullchain.pem
;ca_list_file=/etc/asterisk/keys/microsoft_root.pem
;cipher=ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256
local_net=10.0.0.0/8,192.168.0.0/16
external_media_address=MY IP
external_signaling_address=MY IP
verify_server=no

; Azure ACS Outbound
[acs-out]
type=endpoint
transport=transport-tls
context=azure
disallow=all
allow=ulaw
allow=alaw
media_encryption=sdes
from_domain=sbc.vzpro.pro
refer_blind_progress=no
aors=acs-out

[acs-out]
type=aor
contact=sip:sip.pstnhub.microsoft.com:5061
qualify_frequency=30

;Azure ACS Inbound
[acs-in]
type=endpoint
transport=transport-tls
context=azure
disallow=all
allow=g722,alaw,ulaw
media_encryption=sdes
refer_blind_progress=no

[acs-in]
type=identify
endpoint=acs-in
match=sip-all.pstnhub.microsoft.com

SO PLEASE HELP ME FIND OUT WHATS WRONG HERE..

if everything sounds right here then only problem can be my SSL CERTS which i generated by following
certbot certonly
–manual
–preferred-challenges dns
–server “https://api.buypass.com/acme/directory”
-d sbc.vzpro.pro

if this certs wont work please guide me where can i generate free ssl for my domain..

THANK YOU

On Friday 25 April 2025 at 20:26:42, saahil40 via Asterisk Community wrote:

So in Microsoft Azure we have Communication Services which allow to connect
direct routing VIA SBC. almost same as MS TEAMS.

So i tried to connect Asterisk with ACS and after alot of search i am not
able to find anyone who did it before but i found TEAMS so i followed same
method.

Are you saying that you found some online documentation explaining how to
connect Asterisk to MS Teams, and you’re trying to find out whether this also
works for Azure Communication Services?

If that is the case, please point us to the documentation you are following.

Thanks,

Antony.

–
The best time to plant a tree is 20 years ago.
The second best time is now.

yes exactly.

this is documentation i followed

Your log shows nothing wrong.

If Azure is so broken as to require OK from OPTIONS, when using an invalid extension number in the request, you will need to define extension acs-out, in the appropriate context, in your extension.conf. Asterisk is happy with 404, when the roles are reversed.

yes but SBC Status on azure is not becoming ACTIVE and still shows UNKNOWN which i belive is due to this 404 Not Found. 2ndly when i am trying to send a call asterisk to azure its giving me CODEC error while i tried all codec possible

Either Azure is broken, or your response isn’t reaching it. OPTION should produce the same response as an INVITE, so if it sends to an extension (acs-out in this case) which you don’t have, INVITE would return 404, so OPTIONS must return 404. Most systems, like Asterisk, treat any response at all to OPTIONS, as a success, as that means there is a SIP UAS handling the request.

There may be an option, somewhere to ignore the invalid extension, but there would seem to be no reason for that, as you can just define the extnension, but have it do nothing. OPTIONS gives OK as soon as it reaches a valid local destination; it doesn’t attempt an outgoing call, or run an IVR, etc.

[from-eyebeam]
exten => _X.,1,NoOp(Incoming call from ${CALLERID(num)} to ${EXTEN})
same => n,Dial(PJSIP/${EXTEN}@acs-out,30)
same => n,Hangup()

[to-azure]
exten => _X.,1,NoOp(Incoming call from Azure ${CALLERID(num)})
same => n,Dial(PJSIP/1000@eyebeam-user) ; Forward to Eyebeam extension 1000
same => n,Hangup()

this is my extension.conf can you tell me what should i edit in it?

You add the context you intend to use for incoming calls, and then add the extension it is using but have it do nothing, or just hang up. Anyone configuring needs to either understand how to do that or employ someone who does. The forum is not a free service for doing such basic work.

It seems unlikely to me that your to-azure context is ever used, and you reference an azure context, which you don’t seem to define.

I don’t understand how acs-in differs, materially from acs-out.

i sent you a message regarding this if you can do this job i can pay for it. kindly check your message and reply me

Please use the Jobs category.

thanks everyone my issue is solved

On Monday 28 April 2025 at 15:44:32, saahil40 via Asterisk Community wrote:

thanks everyone my issue is solved

Please provide details of what you had to change, in case anyone with the same
problem comes along and finds this thread in future.

Antony.

–
RFC 6890 - Special-Purpose IP Address Registries - providing 16 million IPv4 addresses for
talking to yourself.

module load res_srtp.so i used this command and my codec issue resolved and other thing was my extension problem