Dear all,

I’m facing a problem on a Asterisk based box (Pika Warp 2) with one of our clients.

We are trying to setup a remote extension, using a openvpn connection on a hardphone (YealinkT28 equivalent).
The VPN is up, I can ping the phone from the asterisk box, I can manage the phone from the openVPN server, the phone is registering, we can call the extension, the extension can make calls, however we only get one way audio.
The party on the other end can hear the remote extension, but not the other way around. We have tried both ways to internal extensions, inbound and outbound calls, all the same one way audio. Even when we try the echo test, we cannot hear the announcement.

As per icmp and management, and signaling I am sure the routing is correct.
We ae not using nat when calling internal extensions as we are using routing on the openvpn server.
So I’m thinking in the RTP part, but am not sure how to troubleshoot this on a normal routed extension.

I have tried to simulate the problem on a test setup with another pika warp, and 2 other asterisk based installs, but couldn’t reproduce the problem. On these setups everything is working just as expected.

I hope someone over here you can help me out.

Thanks,

Leon

This sounds like NAT issue, set directmedia=no in the configuration for the remote phone.

Hi,

I know it sounds like a NAT issue. But as told we are only using routing. Directmedia=no was already set.
NAT issues are only appearing in a NAT setup, and we do not have a NAT setup.
All IP traffic is routed directly on the VPN server.

So, no NAT issue, and directmedia=no was already tried.

Does anyone else has ideas?

Check this viewtopic.php?f=1&t=87747

Thanks, now i’m a bit closes I think.

When checking the RTP debug, I can see all the ‘returning’ RTP data is being sent to the IP address used to register to the public trunk the Asterisk is connected to.

I have set both the LAN and the IP range of the VPN clients to to local networks for the asterisk.

Somehow Asterisk is not seeing that the RTP should be send to the ‘local networks’ and is sending it to the SIP trunk instead.

Here is some output from the 'rtp set debug on’
Got RTP packet from 185.2.148.130:14654 (type 00, seq 003240, ts 4275950480, len 000160)
Sent RTP packet to 10.8.0.2:11780 (type 00, seq 016612, ts 4275950480, len 000160)

Hope someone recognizes this.

Thanks,

Leon

You need to provide copies of the SDP exchange.

Asterisk only handles non-fully routable networks on a best effort basis, e.g. by doing trial binds to the address to try and work out what the correct local address should be.

Hi David,

what exactly do you mean by ‘SDP exchange’.
we are talking about a fully routable network here, the network in question (10.8.0.X) is in the local routing table.

Cheers,

Leon

If you have a fully routable network, it will not matter which interface on a multi-homed machine is specified in the destination address.

SDP.

When a SIP session is set up, both sides send session description protocol. The SDP tells the other side which address should be used for media. You need to use sip set debug on, and find the INVITE, 200 OK and ACK for both legs of the call setup. The SDP will be present as the payload on the 200 OK and either the INVITE or the ACK.

Read this document here you have the solution to your problem and answers to your questions

svn.digium.com/svn/asterisk/trun … onf.sample

;----------------------------------------- NAT SUPPORT ------------------------

When Asterisk is behind a NAT device, the “local” address (and port) that
; a socket is bound to has different values when seen from the inside or
; from the outside of the NATted network. Unfortunately this address must
; be communicated to the outside (e.g. in SIP and SDP messages), and in
; order to determine the correct value Asterisk needs to know:
;
; + whether it is talking to someone “inside” or “outside” of the NATted network.
; This is configured by assigning the “localnet” parameter with a list
; of network addresses that are considered “inside” of the NATted network.
; IF LOCALNET IS NOT SET, THE EXTERNAL ADDRESS WILL NOT BE SET CORRECTLY.
; Multiple entries are allowed, e.g. a reasonable set is the following:
;
; localnet=192.168.0.0/255.255.0.0 ; RFC 1918 addresses
; localnet=10.0.0.0/255.0.0.0 ; Also RFC1918
; localnet=172.16.0.0/12 ; Another RFC1918 with CIDR notation
; localnet=169.254.0.0/255.255.0.0 ; Zero conf local network
;
; + the “externally visible” address and port number to be used when talking
; to a host outside the NAT. This information is derived by one of the
; following (mutually exclusive) config file parameters:
;
; a. “externaddr = hostname[:port]” specifies a static address[:port] to
; be used in SIP and SDP messages.
; The hostname is looked up only once, when [re]loading sip.conf .
; If a port number is not present, use the port specified in the “udpbindaddr”
; (which is not guaranteed to work correctly, because a NAT box might remap the
; port number as well as the address).
; This approach can be useful if you have a NAT device where you can
; configure the mapping statically. Examples:
;
; externaddr = 12.34.56.78 ; use this address.
; externaddr = 12.34.56.78:9900 ; use this address and port.
; externaddr = mynat.my.org:12600 ; Public address of my nat box.
; externtcpport = 9900 ; The externally mapped tcp port, when Asterisk is behind a static NAT or PAT.
; ; externtcpport will default to the externaddr or externhost port if either one is set.
; externtlsport = 12600 ; The externally mapped tls port, when Asterisk is behind a static NAT or PAT.
; ; externtlsport port will default to the RFC designated port of 5061.
;
; b. “externhost = hostname[:port]” is similar to “externaddr” except
; that the hostname is looked up every “externrefresh” seconds
; (default 10s). This can be useful when your NAT device lets you choose
; the port mapping, but the IP address is dynamic.
; Beware, you might suffer from service disruption when the name server
; resolution fails. Examples:
;
; externhost=foo.dyndns.net ; refreshed periodically
; externrefresh=180 ; change the refresh interval
;
; Note that at the moment all these mechanism work only for the SIP socket.
; The IP address discovered with externaddr/externhost is reused for
; media sessions as well, but the port numbers are not remapped so you
; may still experience problems.
;

; In addition to the above, Asterisk has an additional “nat” parameter to
; address NAT-related issues in incoming SIP or media sessions.
; In particular, depending on the 'nat= ’ settings described below, Asterisk
; may override the address/port information specified in the SIP/SDP messages,
; and use the information (sender address) supplied by the network stack instead.
; However, this is only useful if the external traffic can reach us.
; The following settings are allowed (both globally and in individual sections):
;
; nat = no ; Do no special NAT handling other than RFC3581
; nat = force_rport ; Pretend there was an rport parameter even if there wasn’t
; nat = comedia ; Send media to the port Asterisk received it from regardless
; ; of where the SDP says to send it.
; nat = auto_force_rport ; Set the force_rport option if Asterisk detects NAT (default)
; nat = auto_comedia ; Set the comedia option if Asterisk detects NAT

Hi Ambiorixg12, as told I’m not using NAT for the phone in question. and the subnets that are routed are in the localnet config. So the text won’t help me a bit.

I will look into the SIP messages, before the RTP stream starts running on monday.
Currently I’m out of office.

Thanks again!

Hi David,

just got the output of the sip debug.
Looks like Asterisk is seeing the extension as a NAT device, and therefore probably sending the packets to the public ip address. See output below.
Now I don’t know how to find out why Asterisk is doing this.
I’ve included the output of the sip debug, core settings extension and config settings.
I hope this will provide all the input needed to find a solution.

Thanks,
Leon

[quote]=
== Parsing ‘/etc/asterisk/extconfig.conf’: == Found
Connected to Asterisk 1.8.9.0 currently running on openwarp (pid = 6303)
openwarp*CLI>
Verbosity is at least 3

openwarp*CLI>

<— SIP read from UDP:10.8.0.2:5062 —>
INVITE sip:*43@192.168.25.4:5060 SIP/2.0
Via: SIP/2.0/UDP 10.8.0.2:5062;branch=z9hG4bK880733693
From: “150” sip:150@192.168.25.4;tag=1262322055
To: sip:*43@192.168.25.4
Call-ID: 1504691444
CSeq: 1 INVITE
Contact: sip:150@10.8.0.2:5062
Content-Type: application/sdp
Allow: INVITE, INFO, PRACK, ACK, BYE, CANCEL, OPTIONS, NOTIFY, REGISTER, SUBSCRIBE, REFER, PUBLISH, UPDATE, MESSAGE
Max-Forwards: 70
User-Agent: Tiptel IP 286 2.70.13.16 001565489647
Supported: replaces
Allow-Events: talk,hold,conference,refer,check-sync
Content-Length: 353

v=0
o=- 20011 20011 IN IP4 10.8.0.2
s=SDP data
c=IN IP4 10.8.0.2
t=0 0
m=audio 11780 RTP/AVP 9 8 18 4 112 0 101
a=rtpmap:9 G722/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:4 G723/8000
a=rtpmap:112 G726-16/8000
a=rtpmap:0 PCMU/8000
a=fmtp:101 0-15
a=rtpmap:101 telephone-event/8000
a=ptime:20
a=sendrecv
<------------->
— (14 headers 17 lines) —
Sending to 10.8.0.2:5062 (NAT)
Using INVITE request as basis request - 1504691444
Found peer ‘150’ for ‘150’ from 10.8.0.2:5062

<— Reliably Transmitting (NAT) to 10.8.0.2:5062 —>
SIP/2.0 401 Unauthorized

Via: SIP/2.0/UDP 10.8.0.2:5062;branch=z9hG4bK880733693;received=10.8.0.2;rport=5062

From: “150” sip:150@192.168.25.4;tag=1262322055

To: sip:*43@192.168.25.4;tag=as7f93a2ab

Call-ID: 1504691444

CSeq: 1 INVITE

Server: tekenplus-pbx

Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH

Supported: replaces, timer

WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce=“42d9e2a6”

Content-Length: 0

<------------>
Scheduling destruction of SIP dialog ‘1504691444’ in 6400 ms (Method: INVITE)

openwarp*CLI>

<— SIP read from UDP:10.8.0.2:5062 —>
ACK sip:*43@192.168.25.4:5060 SIP/2.0
Via: SIP/2.0/UDP 10.8.0.2:5062;branch=z9hG4bK880733693
From: “150” sip:150@192.168.25.4;tag=1262322055
To: sip:*43@192.168.25.4;tag=as7f93a2ab
Call-ID: 1504691444
CSeq: 1 ACK
Content-Length: 0

<------------->
— (7 headers 0 lines) —

openwarp*CLI>

<— SIP read from UDP:10.8.0.2:5062 —>
INVITE sip:*43@192.168.25.4:5060 SIP/2.0
Via: SIP/2.0/UDP 10.8.0.2:5062;branch=z9hG4bK1643847847
From: “150” sip:150@192.168.25.4;tag=1262322055
To: sip:*43@192.168.25.4
Call-ID: 1504691444
CSeq: 2 INVITE
Contact: sip:150@10.8.0.2:5062
Authorization: Digest username=“150”, realm=“asterisk”, nonce=“42d9e2a6”, uri=“sip:*43@192.168.25.4:5060”, response=“903a893a4d83dc68f620979aafc8bd34”, algorithm=MD5
Content-Type: application/sdp
Allow: INVITE, INFO, PRACK, ACK, BYE, CANCEL, OPTIONS, NOTIFY, REGISTER, SUBSCRIBE, REFER, PUBLISH, UPDATE, MESSAGE
Max-Forwards: 70
User-Agent: Tiptel IP 286 2.70.13.16 001565489647
Supported: replaces
Allow-Events: talk,hold,conference,refer,check-sync
Content-Length: 353

v=0
o=- 20011 20011 IN IP4 10.8.0.2
s=SDP data
c=IN IP4 10.8.0.2
t=0 0
m=audio 11780 RTP/AVP 9 8 18 4 112 0 101
a=rtpmap:9 G722/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:4 G723/8000
a=rtpmap:112 G726-16/8000
a=rtpmap:0 PCMU/8000
a=fmtp:101 0-15
a=rtpmap:101 telephone-event/8000
a=ptime:20
a=sendrecv
<------------->
— (15 headers 17 lines) —
Sending to 10.8.0.2:5062 (NAT)
Using INVITE request as basis request - 1504691444
Found peer ‘150’ for ‘150’ from 10.8.0.2:5062
== Using SIP RTP TOS bits 184
== Using SIP RTP CoS mark 5
Found RTP audio format 9
Found RTP audio format 8
Found RTP audio format 18
Found RTP audio format 4
Found RTP audio format 112
Found RTP audio format 0
Found RTP audio format 101
Found audio description format G722 for ID 9
Found audio description format PCMA for ID 8
Found audio description format G729 for ID 18
Found audio description format G723 for ID 4
Found unknown media description format G726-16 for ID 112
Found audio description format PCMU for ID 0
Found audio description format telephone-event for ID 101
Capabilities: us - 0xe (gsm|ulaw|alaw), peer - audio=0x110d (g723|ulaw|alaw|g729|g722)/video=0x0 (nothing)/text=0x0 (nothing), combined - 0xc (ulaw|alaw)
Non-codec capabilities (dtmf): us - 0x1 (telephone-event|), peer - 0x1 (telephone-event|), combined - 0x1 (telephone-event|)
Peer audio RTP is at port 10.8.0.2:11780
Looking for *43 in from-internal (domain 192.168.25.4)
list_route: hop: sip:150@10.8.0.2:5062

<— Transmitting (NAT) to 10.8.0.2:5062 —>
SIP/2.0 100 Trying

Via: SIP/2.0/UDP 10.8.0.2:5062;branch=z9hG4bK1643847847;received=10.8.0.2;rport=5062

From: “150” sip:150@192.168.25.4;tag=1262322055

To: sip:*43@192.168.25.4

Call-ID: 1504691444

CSeq: 2 INVITE

Server: tekenplus-pbx

Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH

Supported: replaces, timer

Contact: sip:*43@192.168.25.4:5060

Content-Length: 0

<------------>
– Executing [*43@from-internal:1] Answer(“SIP/150-00000105”, “”) in new stack
Audio is at 16406
Adding codec 0x4 (ulaw) to SDP
Adding codec 0x8 (alaw) to SDP
Adding non-codec 0x1 (telephone-event) to SDP

<— Reliably Transmitting (NAT) to 10.8.0.2:5062 —>
SIP/2.0 200 OK

Via: SIP/2.0/UDP 10.8.0.2:5062;branch=z9hG4bK1643847847;received=10.8.0.2;rport=5062

From: “150” sip:150@192.168.25.4;tag=1262322055

To: sip:*43@192.168.25.4;tag=as0d66774f

Call-ID: 1504691444

CSeq: 2 INVITE

Server: tekenplus-pbx

Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH

Supported: replaces, timer

Contact: sip:*43@192.168.25.4:5060

Content-Type: application/sdp

Content-Length: 260

v=0

o=root 1520940866 1520940866 IN IP4 192.168.25.4

s=Asterisk PBX 1.8.9.0

c=IN IP4 192.168.25.4

t=0 0

m=audio 16406 RTP/AVP 0 8 101

a=rtpmap:0 PCMU/8000

a=rtpmap:8 PCMA/8000

a=rtpmap:101 telephone-event/8000

a=fmtp:101 0-16

a=ptime:20

a=sendrecv

<------------>

openwarp*CLI>

<— SIP read from UDP:10.8.0.2:5062 —>
ACK sip:*43@192.168.25.4:5060 SIP/2.0
Via: SIP/2.0/UDP 10.8.0.2:5062;branch=z9hG4bK1806694650
From: “150” sip:150@192.168.25.4;tag=1262322055
To: sip:*43@192.168.25.4;tag=as0d66774f
Call-ID: 1504691444
CSeq: 2 ACK
Contact: sip:150@10.8.0.2:5062
Max-Forwards: 70
User-Agent: Tiptel IP 286 2.70.13.16 001565489647
Content-Length: 0

<------------->
— (10 headers 0 lines) —

openwarp*CLI>
– Executing [*43@from-internal:2] Wait(“SIP/150-00000105”, “1”) in new stack

openwarp*CLI>
– Executing [*43@from-internal:3] Playback(“SIP/150-00000105”, “demo-echotest”) in new stack
– <SIP/150-00000105> Playing ‘demo-echotest.ulaw’ (language ‘en’)

openwarp*CLI>

<— SIP read from UDP:10.8.0.2:5062 —>
BYE sip:*43@192.168.25.4:5060 SIP/2.0
Via: SIP/2.0/UDP 10.8.0.2:5062;branch=z9hG4bK2129145429
From: “150” sip:150@192.168.25.4;tag=1262322055
To: sip:*43@192.168.25.4;tag=as0d66774f
Call-ID: 1504691444
CSeq: 3 BYE
Contact: sip:150@10.8.0.2:5062
Authorization: Digest username=“150”, realm=“asterisk”, nonce=“42d9e2a6”, uri=“sip:*43@192.168.25.4:5060”, response=“f5b477e634eeb7741b0c218f111034bf”, algorithm=MD5
Max-Forwards: 70
User-Agent: Tiptel IP 286 2.70.13.16 001565489647
Content-Length: 0

<------------->
— (11 headers 0 lines) —
Sending to 10.8.0.2:5062 (NAT)
Scheduling destruction of SIP dialog ‘1504691444’ in 6400 ms (Method: BYE)

<— Transmitting (NAT) to 10.8.0.2:5062 —>
SIP/2.0 200 OK

Via: SIP/2.0/UDP 10.8.0.2:5062;branch=z9hG4bK2129145429;received=10.8.0.2;rport=5062

From: “150” sip:150@192.168.25.4;tag=1262322055

To: sip:*43@192.168.25.4;tag=as0d66774f

Call-ID: 1504691444

CSeq: 3 BYE

Server: tekenplus-pbx

Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH

Supported: replaces, timer

Content-Length: 0

<------------>
== Spawn extension (from-internal, *43, 3) exited non-zero on ‘SIP/150-00000105’
– Executing [h@from-internal:1] Hangup(“SIP/150-00000105”, “”) in new stack
== Spawn extension (from-internal, h, 1) exited non-zero on ‘SIP/150-00000105’

openwarp*CLI>
Reliably Transmitting (no NAT) to 192.168.25.5:5060:
OPTIONS sip:101@192.168.25.5:5060 SIP/2.0

Via: SIP/2.0/UDP 192.168.25.4:5060;branch=z9hG4bK721b2909

Max-Forwards: 70

From: “Unknown” sip:Unknown@192.168.25.4;tag=as5613a0e5

To: sip:101@192.168.25.5:5060

Contact: sip:Unknown@192.168.25.4:5060

Call-ID: 2015caa349aa9c2070eec9691ccbb1ae@192.168.25.4:5060

CSeq: 102 OPTIONS

User-Agent: tekenplus-pbx

Date: Mon, 04 Nov 2013 09:51:44 GMT

Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH

Supported: replaces, timer

Content-Length: 0

openwarp*CLI>

<— SIP read from UDP:192.168.25.5:5060 —>
SIP/2.0 200 OK
Via: SIP/2.0/UDP 192.168.25.4:5060;branch=z9hG4bK721b2909
From: “Unknown” sip:Unknown@192.168.25.4;tag=as5613a0e5
To: sip:101@192.168.25.5:5060;tag=ar4702a1d4
Call-ID: 2015caa349aa9c2070eec9691ccbb1ae@192.168.25.4:5060
CSeq: 102 OPTIONS
Supported: replaces
User-Agent: N510 IP PRO/42.073.00.000.000
Allow: INVITE, ACK, CANCEL, BYE, OPTIONS, INFO, REFER, SUBSCRIBE, NOTIFY
Accept: application/sdp,application/dtmf-relay,application/simple-message-summary,message/sipfrag
Accept-Encoding: identity
Accept-Language: en
Content-Length: 0

<------------->
— (13 headers 0 lines) —
Really destroying SIP dialog ‘2015caa349aa9c2070eec9691ccbb1ae@192.168.25.4:5060’ Method: OPTIONS

openwarp*CLI>
Disconnected from Asterisk server
Executing last minute cleanups
root@openwarp:~# asterisk -rvvv
Asterisk 1.8.9.0, Copyright © 1999 - 2011 Digium, Inc. and others.
Created by Mark Spencer markster@digium.com
Asterisk comes with ABSOLUTELY NO WARRANTY; type ‘core show warranty’ for details.
This is free software, with components licensed under the GNU General Public
License version 2 and other licenses; you are welcome to redistribute it under
certain conditions. Type ‘core show license’ for details.

== Parsing ‘/etc/asterisk/asterisk.conf’: == Found
== Parsing ‘/etc/asterisk/extconfig.conf’: == Found
Connected to Asterisk 1.8.9.0 currently running on openwarp (pid = 6303)
openwarp*CLI>
Verbosity is at least 3

openwarp*CLI>

<— SIP read from UDP:10.8.0.2:5062 —>

<------------->

openwarp*CLI> sip
Reliably Transmitting (no NAT) to 192.168.25.5:5060:
OPTIONS sip:102@192.168.25.5:5060 SIP/2.0

Via: SIP/2.0/UDP 192.168.25.4:5060;branch=z9hG4bK4410e7dc

Max-Forwards: 70

From: “Unknown” sip:Unknown@192.168.25.4;tag=as11de0bbb

To: sip:102@192.168.25.5:5060

Contact: sip:Unknown@192.168.25.4:5060

Call-ID: 1ce846631119776475731ca1202c415b@192.168.25.4:5060

CSeq: 102 OPTIONS

User-Agent: tekenplus-pbx

Date: Mon, 04 Nov 2013 09:57:20 GMT

Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH

Supported: replaces, timer

Content-Length: 0

openwarp*CLI> sip

<— SIP read from UDP:192.168.25.5:5060 —>
SIP/2.0 200 OK
Via: SIP/2.0/UDP 192.168.25.4:5060;branch=z9hG4bK4410e7dc
From: “Unknown” sip:Unknown@192.168.25.4;tag=as11de0bbb
To: sip:102@192.168.25.5:5060;tag=ar00ed1ccc
Call-ID: 1ce846631119776475731ca1202c415b@192.168.25.4:5060
CSeq: 102 OPTIONS
Supported: replaces
User-Agent: N510 IP PRO/42.073.00.000.000
Allow: INVITE, ACK, CANCEL, BYE, OPTIONS, INFO, REFER, SUBSCRIBE, NOTIFY
Accept: application/sdp,application/dtmf-relay,application/simple-message-summary,message/sipfrag
Accept-Encoding: identity
Accept-Language: en
Content-Length: 0

<------------->
— (13 headers 0 lines) —
Really destroying SIP dialog ‘1ce846631119776475731ca1202c415b@192.168.25.4:5060’ Method: OPTIONS

openwarp*CLI> sip set debug off

openwarp*CLI> core show settings

openwarp*CLI>

PBX Core settings

Version: 1.8.9.0
Build Options: LOADABLE_MODULES
Maximum calls: Not set
Maximum open file handles: Not set
Verbosity: 3
Debug level: 0
Maximum load average: 0.000000
Minimum free memory: 0 MB
Startup time: 06:41:35
Last reload time: 10:14:56
System: Linux/2.6.32-5-686 built by root on i686 2012-02-10 09:00:20 UTC
System name:
Entity ID: 00:1e:84:00:0e:58
Default language: en
Language prefix: Enabled
User name and group: /
Executable includes: Disabled
Transcode via SLIN: Enabled
Internal timing: Enabled
Transmit silence during rec: Disabled
Generic PLC: Enabled

• Subsystems

  Manager (AMI): Enabled
  Web Manager (AMI/HTTP): Enabled
  Call data records: Enabled
  Realtime Architecture (ARA): Disabled

• Directories

  Configuration file:
  Configuration directory: /etc/asterisk
  Module directory: /usr/lib/asterisk/modules
  Spool directory: /var/spool/asterisk
  Log directory: /var/log/asterisk
  Run/Sockets directory: /var/run/asterisk
  PID file: /var/run/asterisk/asterisk.pid
  VarLib directory: /var/lib/asterisk
  Data directory: /var/lib/asterisk
  ASTDB: /var/lib/asterisk/astdb
  IAX2 Keys directory: /var/lib/asterisk/keys
  AGI Scripts directory: /var/lib/asterisk/agi-bin

openwarp*CLI> sip show settings

openwarp*CLI>

Global Settings:

UDP Bindaddress: 0.0.0.0:5060
TCP SIP Bindaddress: Disabled
TLS SIP Bindaddress: Disabled
Videosupport: No
Textsupport: No
Ignore SDP sess. ver.: No
AutoCreate Peer: No
Match Auth Username: No
Allow unknown access: Yes
Allow subscriptions: Yes
Allow overlap dialing: Yes
Allow promisc. redir: No
Enable call counters: No
SIP domain support: No
Realm. auth: No
Our auth realm asterisk
Use domains as realms: No
Call to non-local dom.: Yes
URI user is phone no: No
Always auth rejects: Yes
Direct RTP setup: No
User Agent: tekenplus-pbx
SDP Session Name: Asterisk PBX 1.8.9.0
SDP Owner Name: root
Reg. context: (not set)
Regexten on Qualify: No
Legacy userfield parse: No
Caller ID: Unknown
From: Domain:
Record SIP history: Off
Call Events: Off
Auth. Failure Events: Off
T.38 support: No
T.38 EC mode: Unknown
T.38 MaxDtgrm: -1
SIP realtime: Disabled
Qualify Freq : 60000 ms
Q.850 Reason header: No
Store SIP_CAUSE: No

Network QoS Settings:

IP ToS SIP: CS3
IP ToS RTP audio: EF
IP ToS RTP video: AF41
IP ToS RTP text: CS0
802.1p CoS SIP: 4
802.1p CoS RTP audio: 5
802.1p CoS RTP video: 6
802.1p CoS RTP text: 5
Jitterbuffer enabled: No

Network Settings:

SIP address remapping: Enabled using externaddr
Externhost:
Externaddr: 213.127.133.101:0
Externrefresh: 10
Localnet: 192.168.25.0/255.255.255.0
10.8.0.0/255.255.255.0

Global Signalling Settings:

Codecs: 0xe (gsm|ulaw|alaw)
Codec Order: ulaw:20,alaw:20,gsm:20
Relax DTMF: No
RFC2833 Compensation: No
Symmetric RTP: Yes
Compact SIP headers: No
RTP Keepalive: 0 (Disabled)
RTP Timeout: 30
RTP Hold Timeout: 300
MWI NOTIFY mime type: application/simple-message-summary
DNS SRV lookup: No
Pedantic SIP support: Yes
Reg. min duration 60 secs
Reg. max duration: 3600 secs
Reg. default duration: 120 secs
Outbound reg. timeout: 20 secs
Outbound reg. attempts: 0
Notify ringing state: Yes
Include CID: No
Notify hold state: Yes
SIP Transfer mode: open
Max Call Bitrate: 384 kbps
Auto-Framing: No
Outb. proxy:
Session Timers: Accept
Session Refresher: uas
Session Expires: 1800 secs
Session Min-SE: 90 secs
Timer T1: 500
Timer T1 minimum: 100
Timer B: 32000
No premature media: Yes
Max forwards: 70

Default Settings:

Allowed transports: UDP
Outbound transport: UDP
Context: from-sip-external
Force rport: Yes
DTMF: rfc2833
Qualify: 0
Use ClientCode: No
Progress inband: Never
Language:
MOH Interpret: default
MOH Suggest:
Voice Mail Extension: *97

openwarp*CLI> sip show peer 150

openwarp*CLI>

• Name : 150
  Secret :
  MD5Secret :
  Remote Secret:
  Context : from-internal
  Subscr.Cont. :
  Language :
  AMA flags : Unknown
  Transfer mode: open
  CallingPres : Presentation Allowed, Not Screened
  Callgroup :
  Pickupgroup :
  MOH Suggest :
  Mailbox : 150@device
  VM Extension : *97
  LastMsgsSent : 32767/65535
  Call limit : 2147483647
  Max forwards : 0
  Dynamic : Yes
  Callerid : “Mariska” <150>
  MaxCallBR : 384 kbps
  Expire : 822
  Insecure : no
  Force rport : Yes
  ACL : Yes
  DirectMedACL : No
  T.38 support : No
  T.38 EC mode : Unknown
  T.38 MaxDtgrm: -1
  DirectMedia : No
  PromiscRedir : No
  User=Phone : No
  Video Support: No
  Text Support : No
  Ign SDP ver : No
  Trust RPID : Yes
  Send RPID : No
  Subscriptions: Yes
  Overlap dial : Yes
  DTMFmode : rfc2833
  Timer T1 : 500
  Timer B : 32000
  ToHost :
  Addr->IP : 10.8.0.2:5062
  Defaddr->IP : (null)
  Prim.Transp. : UDP
  Allowed.Trsp : UDP
  Def. Username: 150
  SIP Options : replaces replace
  Codecs : 0xe (gsm|ulaw|alaw)
  Codec Order : (ulaw:20,alaw:20,gsm:20)
  Auto-Framing : No
  Status : OK (57 ms)
  Useragent : Tiptel IP 286 2.70.13.16 001565489647
  Reg. Contact : sip:150@10.8.0.2:5062
  Qualify Freq : 60000 ms
  Sess-Timers : Accept
  Sess-Refresh : uas
  Sess-Expires : 1800 secs
  Min-Sess : 90 secs
  RTP Engine : asterisk
  Parkinglot :
  Use Reason : No
  Encryption : No

openwarp*CLI> [/quote]

Looks like we’re a bit further.

Tweaking some settings seems to send the traffic to the right IP.
However, we are still facing troubles with the RTP data stream.
I can see that on the Asterisk server the RDP packets are being sent to the correct IP (that of the phone) using a tcpdump on the UDP dataports (10000-20000)
On the router however, these packets are never seen.
I’m 100% sure that there is no hardware other than a simple switch is places between the asterisk box and the router/openvpn server.

When examining the traffic on the router, I can see the ICMP traffic correctly running both ways, but the RTP data stream still one way only.

Does anyone has seen this behavior before?

Thanks,
Leon