I have an Asterisk server running on Centos docker image in my office. We use a local IP phone number in Bangladesh for the server. Whenever consumers call in the IP phone number, our agents get a call in the Xlite in the local network.
Now we want to have our agents staying home and receive calls in their Xlite. The person who built the system is no longer with us, but he suggested that I should try to expose the server publicly to get our agents to work remotely.
As I am new in this field I need some guidelines about:
How to expose the asterisk network publicly.
How to configure Xlite for this usage such that users can get access to the calls remotely.
Thanks in advance.
Edit: In our country, we don’t have access to sip packets from outside of the country. So I can’t deploy it to a server like digital ocean, gcloud etc.
If you want to send calls to the X-Lites, Asterisk is a a client.
These questions are mainly basic TCP/IP network management ones, although you may have to consider NAT issues as well. Whilst they are basic, there is too much involved to expect a complete canned solution on a forum like this and such a solution will involve your understanding your networking environment quite well.
Best practice in this sort of case is to use VPNs, so that the phone appear to be on your intranet, as far as Asterisk is concerned. However, as a loss leader for the Bria range, X-Lite may well not support VPNs.
Thanks for your response. I know it’s too much to ask for a complete solution for this type. I just need some sources to look at so that I can figure the rest of the things out.
Best practice in this sort of case is to use VPNs, so that the phone appear to be on your intranet, as far as Asterisk is concerned.
So what I understand is I have to build a VPN originating in my country because the SIP packets from outside are restricted in our country. Then, use the IP for both asterisk and the softphone. Am I right here?
However, as a loss leader for the Bria range, X-Lite may well not support VPNs.
In my case, X-lite isn’t really needed, I can use any other softphones that support VPNs. What are the best options here?
The reasons for using VPNs are to protect your system from attack.
Unfortunately, the term VPN has been hijacked by some companies that use VPN protocols but to connect to their gateways to the internet. The original meaning of VPN is a Virtual Private Network, i.e. a network that is private and only carries your internal traffic, but is implemented over a public network, rather than with, say, dedicated cables.
I have implemented a openVPN in the ubuntu machine where the asterisk server is running on a Centos docker. My other mac laptop can connect the machine with TunnelBlick.
From where I have been learning things, they told us to edit the sip.conf and the extensions.conf file after that.
I can not find the sip.conf file in the asterisk file. However there is a pjsip.conf file. I really don’t know where to change to get the calls in the VPN.
Also the extensions.conf changes are quite unclear.
Can I get some resources from where I can get some context?
You shouldn’t have to make any changes to your dial plan.
You run a VPN server on your network, then you issue VPN client certificates that allow your users to connect to your network.
They will register their x-lite clients to the private IP address of your Asterisk server, just like they would be if they were local.
I am finding some problems with configuring the OpenVPN with my computer. When I run my ifconfig, there is no eth0 available on the list. Although I can see the tunnel tun0 properly configured.
My asterisk server is running at the enx283737011303. When I connect with X-lite, I enter 192.168.1.187 as the domain address when connected in my local wifi. My public IP is 103.4.145.154, which is not shown by any eth0.
the interface enx shows the LAN address of your server
I suppose you have a router to access to the internet with a LAN IP address (192.168.1.x)
the routeur also has a public address. It’s that address that must be configured in your client configuration
you also have to configure a NAT rule on your router to redirect openpnv data toward your server
when the tunnel is on, your remote phone will register on the private address of your server (10.8.0.1)
don’t forget the firewall (iptables for example) configuration to protect your server
if you’re not comfortable with openvpn VPN, it could be risky to activate an openvpn server with asterisk