PJSIP setup problem

Asterisk Asterisk Support
1

Hello,
I try to setup static PJSIP endpoint. I have CentOS 6.2 and Asterisk 13.1.0

sorcery.conf
[res_pjsip]
endpoint=config,pjsip.conf,criteria=type=endpoint

pjsip.conf
[transport-udp]
type=transport
protocol=udp
bind=0.0.0.0

[cdtpbx]
type=endpoint
context=cdtpbx_in
disallow=all
allow=alaw
transport=transport-udp
aors=cdtpbxaor

[cdtpbxaor]
type=aor
contact=192.168.0.202:5060

[cdtpbxiden]
type=identify
endpoint=cdtpbx
match=192.169.3.202

After asterisk -vvvc I can see an ERROR:
[2015-04-14 13:59:45] ERROR[4710]: res_sorcery_config.c:277 sorcery_config_internal_load: Could not create an object of type ‘endpoint’ with id ‘cdtpbx’ from configuration file ‘pjsip.conf’

It looks like configuration isn’t loaded, but I can see endpoint
*CLI> pjsip show endpoints

Endpoint: <Endpoint/CID…> <State…> <Channels.>
I/OAuth: <AuthId/UserName…>
Aor: <Aor…>
Contact: <Aor/ContactUri…> <Status…> <RTT(ms)…>
Transport: <TransportId…> <BindAddress…>
Identify: <Identify/Endpoint…>
Match: <ip/cidr…>
Channel: <ChannelId…> <State…> <Time(sec)>
Exten: <DialedExten…> CLCID: <ConnectedLineCID…>

Endpoint: cdtpbx Not in use 0 of inf
Aor: cdtpbxaor 0
Contact: cdtpbxaor/192.168.0.202:5060 Unknown nan
Transport: transport-udp udp 0 0 0.0.0.0:5060
Identify: cdtpbxiden/cdtpbx
Match: 192.169.0.0/21

There is bad Match IP address 192.168.0.0. Correct is 192.168.0.202. If I setup pbxiden without netmask (match=192.168.0.202) IP address will be correct but netmask will be bad 32 (match=192.168.0.202/32)
I have no idea why?
Although when I try endpoint configuration with auth, it looks very similar. (ERROR and pjsip show endpoints)

Any idea where I am wrong? Many thanks for help.

Anyway is there something like “pjsip reload” please? I tried “module reload res_pjsip.so” without success. Answer was:
[2015-04-14 13:49:55] NOTICE[4468]: sorcery.c:1180 sorcery_wizard_load: Type ‘transport’ is not reloadable, maintaining previous values
[2015-04-14 13:49:55] NOTICE[4468]: sorcery.c:1180 sorcery_wizard_load: Type ‘system’ is not reloadable, maintaining previous values

Regards Lubor

2

Hello,
My idea was to use Asterisk with chan_pjsip configured via text file. I wanted to use authorisation via IP or username and password.
Working configuration for authorisation via IP:

sorcery.conf

[res_pjsip]
endpoint=config,pjsip.conf,criteria=type=endpoint
aor=config,pjsip.conf,criteria=type=aor

[res_pjsip_endpoint_identifier_ip]
identify=config,pjsip.conf,criteria=type=identify

pjsip.conf

[transport-udp]
type=transport
protocol=udp
bind=0.0.0.0

[ctpbxaor]
contact=sip:192.168.0.202:5060 ; in my case format must be sip:ipaddress
type=aor

[ctpbx]
type=endpoint
context=ctpbx_in
disallow=all
allow=alaw
transport=transport-udp
aors=ctpbxaor

[ctpbxiden]
type=identify
endpoint=ctpbx
match=192.168.0.202

modules.conf

res_sorcery_astdb
res_sorcery_memory
res_sorcery_config
res_pjsip_session
res_pjsip
res_pjsip_endpoint_identifier_ip
res_pjsip_logger
res_pjsip_sdp_rtp
res_pjsip_rfc3326

Partially working configuration for authorisation via username and password. Incomming calls are working well, but outgoing calls are working for a while after saving pjsip.conf and core reload. It looks like a bug.
I used configuration from authorisation via IP a add these:
sorcery.conf

auth=config,pjsip.conf,criteria=type=auth

pjsip.conf

[ctpbxauth]
type=auth
auth_type=userpass
password=pass
username=user
nonce_lifetime=60

[ctpbx]
type=endpoint
context=ctpbx_in
disallow=all
allow=alaw
transport=transport-udp
aors=ctpbxaor
auth=ctpbxauth
outbound_auth = ctpbxauth

modules.conf

res_pjsip_outbound_authenticator_digest
res_pjsip_authenticator_digest

It looks that pjsip can’t work successfully with configuration from text file.

I tried also configuration from database which is prefered for pjsip and it works well.
Working configuration for authorisation via IP:
sorcery.conf

[res_pjsip]
endpoint=realtime,ps_endpoints
aor=realtime,ps_aors

[res_pjsip_endpoint_identifier_ip]
identify=realtime,ps_endpoint_id_ips

extconfig.conf

ps_endpoints => odbc,asterisk
ps_aors => odbc,asterisk
ps_endpoint_id_ips => odbc,asterisk

modules.conf

res_sorcery_astdb
res_sorcery_realtime
res_sorcery_memory
res_sorcery_config
res_pjsip_session
res_pjsip
res_pjsip_endpoint_identifier_ip
res_config_odbc
res_odbc
res_pjsip_logger
res_pjsip_sdp_rtp
res_pjsip_rfc3326

MySQL databases
table ps_aors
±----------±-----------------------+
| id | contact |
±----------±-----------------------+
| ctpbxaor | sip:192.168.0.202:5060 |
±----------±-----------------------+

table ps_endpoint_id_ips
±-----------±---------±--------------+
| id | endpoint | match |
±-----------±---------±--------------+
| ctpbxiden | ctpbx | 192.168.0.202 |
±-----------±---------±--------------+

table ps_endpoints
±-------±--------------±----------±-----±----------±---------±------±-------------+
| id | transport | aors | auth | context | disallow | allow | direct_media |
—±----------±-----------------------------±------------±----------------------------+
| ctpbx | transport-udp | ctpbxaor | NULL | ctpbx_in | all | alaw | no |
±-------±--------------±----------±-----±----------±---------±------±-------------+

Working configuration for authorisation via username and password:
I use configuration from authorisation via IP a add these:
sorcery.conf

[res_pjsip]
auth=realtime,ps_auths

extconfig.conf

ps_auths => odbc,asterisk

modules.conf

res_pjsip_outbound_authenticator_digest
res_pjsip_authenticator_digest

MySQL databases
table ps_auths
±-----------±----------±---------------±---------±-----------±------±---------+
| id | auth_type | nonce_lifetime | md5_cred | password | realm | username |
±-----------±----------±---------------±---------±-----------±------±---------+
| ctpbxauth | userpass | NULL | NULL | passw | NULL | user |
±-----------±----------±---------------±---------±-----------±------±---------+

table ps_endpoints
±-------±--------------±----------±----------±----------±---------±------±-------------±---------------+
| id | transport | aors | auth | context | disallow | allow | direct_media | outbound_auth |
±-------±--------------±----------±-----±----------±---------±------±-------------±--------------------+
| ctpbx | transport-udp | ctpbxaor | ctpbxauth | ctpbx_in | all | alaw | no | ctpbxauth |
±-------±--------------±----------±----------±----------±---------±------±-------------±---------------+

By the way “pjsip reload” is possible through command “core reload” from CLI.

Best regards
Lubor

3

Thank you for sharing this, I am using Asterisk Realtime 13.3.2 and had the exact same problem.
All my endpoints were in a db and working fine expect for a sip trunk declared in a static file and the trunk would only work correctly after putting it in the database…

4

Any configuration in sorcery.conf overrides the default. An object can be defined as having multiple sources though, and the order specified is the order they are queried.

Given the following:

[res_pjsip]
endpoint=config,pjsip.conf,criteria=type=endpoint
endpoint=realtime,ps_endpoints

Any endpoints from the configuration file would be queried first followed by realtime.

5

In that case , why would my endpoint not recognized correctly in my configuration file?
(I have intentionally replaced my IP address)

I get the Could not identify endpoint by username message from asterisk on inbound calls even though the endpoint identifiers is matched by ip address .

Here is the content of my sorcery.conf and pjsip.conf.

sorcery.conf:

[res_pjsip] ; Realtime PJSIP configuration wizard
endpoint=config,pjsip.conf,criteria=type=endpoint
endpoint=realtime,ps_endpoints
auth=realtime,ps_auths
aor=realtime,ps_aors
domain_alias=realtime,ps_domain_aliases
contact=realtime,ps_contacts

[res_pjsip_endpoint_identifier_ip]
identify=realtime,ps_endpoint_id_ips

pjsip.conf :

[transport-udp]
type = transport
protocol = udp
bind = xxx.xxx.xxx.xx

[PBXTrunk]
type = aor
contact = sip:xxx.xxx.xxx.xx:5060
qualify_frequency = 60

[PBXTrunk]
type = identify
endpoint = PBXTrunk
match = xxx.xxx.xxx.xx

[PBXTrunk]
type = auth
username = PBXTrunk
password = asdkfsd89u320rmfds8fj89m3

[PBXTrunk]
type = endpoint
context = TO_PRI_2
dtmf_mode = info
disallow = all
allow = ulaw
ice_support = no
direct_media = no
send_pai = yes
use_avpf = no
tos_audio = 0xB8
cos_audio = 6
language = fr
allow_subscribe = yes
auth = PBXTrunk
outbound_auth = PBXTrunk
aors = PBXTrunk

6

That “Could not identify endpoint by username” is a debug message from the res_pjsip_endpoint_identifier_user module. That module matches endpoints based on the user portion of the From header. In the case of matching by IP address it’s expected for that debug message to occur, since it won’t match using the From header.

7

As well in that configuration you’ve configured the identify section to get pulled from realtime only, so the config file will never get used for it.

8

Could I add a line to pull the configuration from the config file to make it work then? :

[res_pjsip_endpoint_identifier_ip]
identify=config,pjsip.conf,criteria=type=identify
identify=realtime,ps_endpoint_id_ips

9

Yes.

10

Thanks a lot for your help, it is working with the following settings in sorcery.conf:

[res_pjsip] ; Realtime PJSIP configuration wizard
endpoint=config,pjsip.conf,criteria=type=endpoint
endpoint=realtime,ps_endpoints
auth=config,pjsip.conf,criteria=type=auth
auth=realtime,ps_auths
aor=config,pjsip.conf,criteria=type=aor
aor=realtime,ps_aors
domain_alias=realtime,ps_domain_aliases
contact=realtime,ps_contacts

[res_pjsip_endpoint_identifier_ip]
identify=config,pjsip.conf,criteria=type=identify
identify=realtime,ps_endpoint_id_ips