NAT problems with voice

Hello.

Found a lot of topics with simillar problems,btw no one configuration iv tryed didnt help me.

I have asterisk installed on my home raspberry, its behind NAT. Port forwarding on router is configured.


Firewall on rasp is disabled.
Raspberry has a dongle connected. Idea is to connect via internet to asterisk from smartphone and make/accept calls from sim card,installed in dongle.
Everything works,when im connected from internal network, but when i connect from outside, i can make/accept calls, but without any voice.

sip.conf

#include sip_custom_post.conf
bindaddr=0.0.0.0;
externhost:5060=maunet.no-ip.org;
externrefresh=30;
localnet=192.168.1.0/255.255.255.0;
nat=yes;
;nat=force_rport,comedia;
context=publichaha;
allowguest=no;
;icesupport = yes;
directmedia=no;
alwaysauthreject = yes;

[Denas]
;directmedia=no
type=friend
host=dynamic
secret=pass
context=default
canreinvite=no
dtmfmode=rfc2833
permit=0.0.0.0/0.0.0.0
qualify=yes

[local]
directmedia=yes
type=friend
nat=no
host=dynamic
secret=pass
context=default
canreinvite=no
dtmfmode=rfc2833
permit=0.0.0.0/0.0.0.0
qualify=yes

rtp.conf

rtpstart=10000
rtpend=10100
stunaddr=sip.stun.tld

call log here
https://www.dropbox.com/s/fmktwekrplpr6kh/asterisk.log?dl=0

Requesting for help to solve voice problem)

P.S. there ine more problem
If ill cancel call before its connected to abonent(i can hear ring), i cant call anymore dongle is bisy. Reboot of the asterisk helps, but i dont think is a nice decision)

The problem appears to be that Asterisk is not receiving media. It is correctly putting the external IP address in though, so it appears to be configured correctly. I’d suggest seeing if traffic is being stopped on your firewall despite the rules and also check the client side.

cant use external ip in config,coz its dynamical.
btw, i tryed to use all port forwarding to rasb, so it was possible for me to hear the one im calling, but it coudnt hear me.
And if i try to forward only 10000-10100 and 5060-5061 tcp/udp nothing works.
on raspberry iptables is flushed.

and its ok,that i cant find asterisk listening my rtp port range?
lsof -Pan -p 2064 -i
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
asterisk 2064 asterisk 8u IPv4 351751 0t0 TCP 127.0.0.1:5038 (LISTEN)
asterisk 2064 asterisk 14u IPv4 351757 0t0 UDP *:4569
asterisk 2064 asterisk 15u IPv4 351762 0t0 UDP *:5060

You are using externhost so it is putting that resolved IP address in it. As for lsof not showing that port, 2 ports from the range are only opened when a call is in progress. Without more information or investigation I can’t say why it continues to not work right.

which info may be usefull?

Please provide an updated log with the port forwarding enabled. As well - is Asterisk connecting to the internet through this cellular dongle? If so you may not be able to have this work reliably… depending on the network conditions.

In my log, which i showed, port forward ranges are enabled(screensot). Asterisk connected to the internet through ehternet and zyxel router (screen from his interface). Dongle only for calls and sms.

Can make another one,while all ports are forwarded. But its not good as final work decision)

made a new log with all ports forwarded

https://www.dropbox.com/s/481pdpi01qeoiew/asterisk_log2.txt?dl=0

i can hear the one,who im calling,but he cant hear me, while calling from local network all the same

From the Asterisk side we are sending media to the IP address and port we received it from. The problem appears to be on the network side or the client, nothing more comes to mind that you can do on the Asterisk side to make it work. You’d need to figure out where the traffic is getting lost or if it is blocked.

Hm.
Again. Im connected to asterisk with phonerlite from my pc(or client on smartphone) outside of intranet. And asterisk is behind NAT and transmits my call(or recieve and tranmit to soft phone) through dongle to sim card of mobile provider. While all port forwarded to rasp, i can hear the one im calling,but he cant hear me. While im forwarding only the ports of rtp and 5060, i can establish call,but no sound in both directions.
So if we are looking to the situation while all ports forwarded, and asterisk get and send all data, problem not between him and client. but there is no net between him and usb dongle

Do you have any more ideas?

No, the log you’ve provided shows that media is flowing in both directions on the SIP and RTP side of Asterisk.

How is the dongle connected to Asterisk? If it’s using another channel driver such as chan_mobile or something else I have no experience in that area.

chan_dongle.
dongle.conf
[dongle0]
imei=863115010306878
imsi=250991435667032
context=zvonilka-incoming;
group=0
rxgain=3;
txgain=3;
resetdongle=yes;
u2diag=-1
usecallingpres=yes
callingpres=allowed_passed_screen

And I cant use all port range forwarding as normal configuration.

You should eliminate the use of chan_dongle for testing to make sure that the media for the SIP side is working correctly. For example send a call to Echo(). If you get two way flowing audio then you know it is fine and the problem is in chan_dongle somehow.

echo worked fine from intranet and from outside with all ports forward.

So, i found a problem with firewall. Asterisk somewhy was opening rtp ports not from range, given in rtp.conf,so on my firewall they are not opened too. I though,that problem was in some junk configuration in freepbx, which is preinstalled too,but im not using it. So i disabled it and added init script for asterisk (as recommended here http://www.raspberry-asterisk.org/faq/#asteriskonly).

Its starting,but not its not opening connection port (5060/1). :disappointed_relieved: where i was wrong?
and its not in safe_mode anymore,there are some starting scripts in safe,or its not needed? and looks like ive lost freepbx init=D

I don’t know how to answer your current questions. I don’t know what you mean by opening connection port - is it no longer listening on 5060 in chan_sip?

Yes,sorry, i told not enouth correctly.its about not listening port

i fixed a problem with 5060 port,looks like it was in some config file,which was included,but not presented.

Returning to previous question, why asterisk could not use rtp range, described in rtp.conf(10000-10100)?

Coz now its opening as rtp all what he wants

~# lsof -Pan -p 1868 -i
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
asterisk 1868 asterisk 13u IPv4 13129 0t0 TCP 127.0.0.1:5038 (LISTEN)
asterisk 1868 asterisk 19u IPv4 10822 0t0 UDP *:4569
asterisk 1868 asterisk 20u IPv4 10826 0t0 UDP *:5060
asterisk 1868 asterisk 28u IPv4 13382 0t0 UDP *:6624
asterisk 1868 asterisk 29u IPv4 13384 0t0 UDP *:6625
asterisk 1868 asterisk 30u IPv4 13427 0t0 UDP *:11030
asterisk 1868 asterisk 31u IPv4 13429 0t0 UDP *:11031
asterisk 1868 asterisk 32u IPv4 13437 0t0 UDP *:23760
asterisk 1868 asterisk 33u IPv4 13439 0t0 UDP *:23761
asterisk 1868 asterisk 38u IPv4 11991 0t0 TCP 127.0.0.1:5038->127.0.0.1:52400 (ESTABLISHED)

its 3 echo calls one by one and 3 udp port pairs.

so,do u have any ideas?