Connect to SIP Server with local/private IP

Am trying to connect my Linux cloud server with a public IP to my SIP provider who has a public IP and their SIP Server is on a local IP 10.20.xxxxx
The VPN connection is successful but the call out is failing as you can see in the log below. Firewall settings is fine with all required ports open.
Is my PJSIP config for the IP authentication correct?

pjsip.conf

[general]
transport = udp


[transudp]
type = transport
protocol = udp
bind = 0.0.0.0:5060

[providersip]
type=aor
contact=sip:10.20.xxxxx:5060
qualify_frequency=15

[providersip]
type=endpoint
context=providerio
disallow=all
allow=ulaw
allow=alaw
aors=providersip
direct_media=yes
rtp_symmetric=yes
force_rport=yes
rewrite_contact=yes
trust_id_inbound=yes
send_rpid=yes
transport=transudp
from_domain=myServerPublicIP

[providersip]
type=identify
endpoint=providersip
match=10.20.xxxx

outgoing call log:

<--- Transmitting SIP request (955 bytes) to UDP:10.20.xxxx:5060 --->
INVITE sip:+22xxxxxx@10.20.xxxx:5060 SIP/2.0
Via: SIP/2.0/UDP 197.xxxxxx:5060;rport;branch=z9hG4bKPjb7e5a385-e06c-4ac9-8807-c4154f6f46a1
From: "Anonymous" <sip:anonymous@10.20.xxxx>;tag=4b8318e5-4f07-4710-8208-cd987e09376d
To: <sip:+22xxxxxx@10.20.xxxx>
Contact: <sip:asterisk@197.xxxxxx:5060>
Call-ID: 79d0b99f-8a63-41d1-a3cb-bc40f3c05dfb
CSeq: 1631 INVITE
Allow: OPTIONS, REGISTER, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, MESSAGE, REFER
Supported: 100rel, timer, replaces, norefersub, histinfo
Session-Expires: 1800
Min-SE: 90
Max-Forwards: 70
User-Agent: Asterisk PBX 20.5.2
Content-Type: application/sdp
Content-Length:   265

v=0
o=- 1360658842 1360658842 IN IP4 197.xxxxxx
s=Asterisk
c=IN IP4 197.xxxxxx
t=0 0
m=audio 29230 RTP/AVP 0 8 101
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=ptime:20
a=maxptime:150
a=sendrecv

<--- Transmitting SIP request (955 bytes) to UDP:10.20.xxxx:5060 --->
INVITE sip:+22xxxxxx@10.20.xxxx:5060 SIP/2.0
Via: SIP/2.0/UDP 197.xxxxxx:5060;rport;branch=z9hG4bKPjb7e5a385-e06c-4ac9-8807-c4154f6f46a1
From: "Anonymous" <sip:anonymous@10.20.xxxx>;tag=4b8318e5-4f07-4710-8208-cd987e09376d
To: <sip:+22xxxxxx@10.20.xxxx>
Contact: <sip:asterisk@197.xxxxxx:5060>
Call-ID: 79d0b99f-8a63-41d1-a3cb-bc40f3c05dfb
CSeq: 1631 INVITE
Allow: OPTIONS, REGISTER, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, MESSAGE, REFER
Supported: 100rel, timer, replaces, norefersub, histinfo
Session-Expires: 1800
Min-SE: 90
Max-Forwards: 70
User-Agent: Asterisk PBX 20.5.2
Content-Type: application/sdp
Content-Length:   265

v=0
o=- 1360658842 1360658842 IN IP4 197.xxxxxx
s=Asterisk
c=IN IP4 197.xxxxxx
t=0 0
m=audio 29230 RTP/AVP 0 8 101
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=ptime:20
a=maxptime:150
a=sendrecv

To solve this issue, you need to make sure your SIP provider’s server is reachable from your cloud server. Since you mentioned that you have established a VPN connection successfully, you should configure Asterisk to use the VPN connection for communication with the SIP provider’s server.

  1. Update your PJSIP configuration to use the VPN interface for communication with the SIP provider’s server. Assuming your VPN interface is named tun0, you can specify the bind address as follows:
[transudp]
type = transport
protocol = udp
bind = 0.0.0.0:5060
local_net = 10.8.0.0/24  ; Update with your VPN subnet
external_media_address = <Your Cloud Server Public IP>
external_signaling_address = <Your Cloud Server Public IP>

Modify your providersip endpoint to use the VPN transport:

[providersip]
type=endpoint
context=providerio
disallow=all
allow=ulaw
allow=alaw
aors=providersip
direct_media=yes
rtp_symmetric=yes
force_rport=yes
rewrite_contact=yes
trust_id_inbound=yes
send_rpid=yes
transport=transudp
from_domain=<Your Cloud Server Public IP>
Replace <Your Cloud Server Public IP> with the public IP address of your cloud server.

Restart Asterisk to apply the changes.
After making these changes, Asterisk should use the VPN connection to communicate with the SIP provider's server, and your outgoing calls should work properly.

The VPN tunnel don’t seem to have an interface. when i run ip add or ifconfig I only see two interfaces : lo: and eth0. Am using Ubuntu 22.04 with ipsec

I did add tun0 interface using VTI. My cloud server is not behind nat, so i believe my transport section should look like below without local_net, external_media_address and external_signaling_address?

[transudp]
type = transport
protocol = udp
bind = 0.0.0.0:5060

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.