IAX through VPN unpredictable interruptions problem


I have a big problem using Asterisk (IAX) over VPN in a company i work with.

We have a server, located in a server room, running Asterisk and an OpenVPN. this is a Ubuntu 8.04 server, with Asterisk 1.4.17
We have a server at one of the offices, connected to the VPN, this runs Asterisk as well and several hardphones are connected to it, using SIP. The server is a FreeBSD machine, with Asterisk

The two asterisk servers are connected through the VPN, using IAX.

Config information:
Ubuntu server Asterisk IAX entry:

FreeBSD Asterisk IAX config entries:

The OpenVPN is configured for being a tun device, over UDP, and is not allowed for any communication except for server<>client.

The firewall is open for all traffic through the VPN.

Now the strange thing:

  1. When we have a conversation between a person connected (using SIP) to the Ubuntu machine and another person connected to the Ubuntu machine: It works perfect, no gibberish, no interuptions

  2. When we have a conversation between a person connected (using SIP) to the Ubuntu machine and another person connected to the FreeBSD machine: It works, the call goes through, but at random moments the sound from the FreeBSD machine cuts of for a few seconds, then comes back, cuts off again, comes back. While this is going on, the sound from the ubuntu machine TO the freebsd machine is not interrupted whatsoever, it works perfect. The strange thing is that it is unpredictable… at one moment, i had a call for about 15 min. straight with no interruptions of the sound, but then suddenly, it interrupted every 5 seconds. After ending the call and trying again, it got interrupted every 5 seconds immediately. A call a few hours later (without any changes to the config) worked perfect for 10 min. then the interruptions started again. Aborting the call, trying again, it worked perfect for 30 min. Doing a call 15 min. later, again interruptions, and in the middle, it started working perfectly…

I can not see any pattern in this, whatsoever… I have no clue what is going on.

Ooh, and i used the demo on the freebsd machine to check if it is the connection phones <> freebsd machine or freebsd <> ubuntu. It is the latter.

One last test i did:
I called the demo on the freebsd machine from a phone connected to the ubuntu machine, while pinging the freebsd machine from the ubuntu machine, over the VPN, The ping worked perfectly, the connection got interrupted. So it seems the VPN works.

Some output:

I am not an experienced Asterisk admin, i got this setup thrown in my lap, so any help would be GREATLY appreciated :smile:.

For me this looks more problem in VPN.
We had to implement secure calls.
Instead of OpenVPN we used PPP over SSH.
This worked perfectly well on 2 ARM devices - with embeded Linux and Asterisk connected at 115KBits.
As I remember we “told” PPP with options like:
noauth mp nobsdcomp noccp nodeflate
Although we used slow connection - 115 KBits - we had no problems in both directions.
Our goal was to eliminate some optimisations - normally voice packets are small, and if there is no explicit instructions - drivers wait to send more data per packet.
Asterisk set what should be set, but I am not sure about OpenVPN - whether you can set to send packets without optimisation.

doesn’t IAX support SSL ecryption?