Registering two asterisk servers with PJSIP; makings cross calls

Asterisk Asterisk SIP
1

Hello friends,

I am trying to make calls from an IP soft-phone registered to Asterisk server A to another soft-phone registered to Asterisk server B. I managed to make it work using chan_sip, but after migrating my configurations to PJSIP, I have been struggling to figure it out.

I am registering each server to the other, and assign endpoints for each one respectively. I have also configured the dial plans on each server to PJSIP/otherserver for a specific exten.

  • Server1 (code name Toronto) - IP: 192.168.56.103 - local extensions 7XXX
  • Server2 (code name Osaka) - IP: 192.168.56.107 - local extensions 9XXX

Please note that there are entries in each server’s /etc/hosts for the other one.

Toronto’s pjsip.conf

[transport-udp]
type = transport
protocol = udp
bind = 0.0.0.0:5060
;external_media_address = 18.188.229.244
;external_signaling_address = 18.188.229.244
local_net = 192.168.56.0/24

[reg_192.168.56.107]
type = registration
retry_interval = 20
max_retries = 10
contact_user = osaka
expiration = 120
transport = transport-udp
outbound_auth = auth_reg_192.168.56.107
client_uri = sip:toronto@192.168.56.107
server_uri = sip:192.168.56.107

[auth_reg_192.168.56.107]
type = auth
password = welcome
username = toronto

[osaka]
type = aor
max_contacts = 1
[osaka]
type = auth
username = osaka
password = welcome

[osaka]
type = endpoint
context = osaka-incoming
disallow = all
allow = ulaw
rtp_symmetric = yes
rewrite_contact = yes
timers = no
direct_media = no
auth = osaka
outbound_auth = osaka
aors = osaka

[osaka]
type=identify
match=192.168.56.103
endpoint=osaka

[7001]
type = aor
max_contacts = 1
[7001]
type = auth
username = 7001
password = 123

[7001]
type = endpoint
context = phones
disallow = all
allow = ulaw
rtp_symmetric = yes
rewrite_contact = yes
timers = no
direct_media = no
auth = 7001
outbound_auth = 7001
aors = 7001

[7002]
type = aor
max_contacts = 1

[7002]
type = auth
username = 7002
password = 456

[7002]
[7002]
type = endpoint
context = phones
disallow = all
allow = ulaw
rtp_symmetric = yes
rewrite_contact = yes
timers = no
direct_media = no
auth = 7002
outbound_auth = 7002
aors = 7002

[7999]
type = aor
max_contacts = 1

[7999]
type = endpoint
context = phones
disallow = all
allow = ulaw
rtp_symmetric = yes
rewrite_contact = yes
timers = no
direct_media = no
aors = 7999

Toronto’s extensions.conf

[general]
autofallthrough=yes

[phones]
include => internal
include => remote

[internal]
exten => _7XXX,1,Answer()
exten => _7XXX,n,Dial(PJSIP/${EXTEN},30)
exten => _7XXX,n,Playback(vm-nobodyavail)
exten => _7XXX,n,Hangup()

[remote]
exten => _9XX9,1,NoOp()
exten => _9XX9,n,Dial(PJSIP/osaka,10)
exten => _9XX9,n,Hangup()

[osaka_incoming]
include => internal

Osaka’s pjsip.conf

[transport-udp]
type = transport
protocol = udp
bind = 0.0.0.0:5060
;external_media_address = 18.188.229.244
;external_signaling_address = 18.188.229.244
local_net = 192.168.56.0/24

[reg_192.168.56.103]
type = registration
retry_interval = 20
max_retries = 10
contact_user = toronto
expiration = 120
transport = transport-udp
outbound_auth = auth_reg_192.168.56.103
client_uri = sip:osaka@192.168.56.103
server_uri = sip:192.168.56.103

[auth_reg_192.168.56.103]
type = auth
password = welcome
username = osaka

[toronto]
type = aor
max_contacts = 1

[toronto]
type = auth
username = toronto
password = welcome

[toronto]
type = endpoint
context = toronto-incoming
disallow = all
allow = ulaw
rtp_symmetric = yes
rewrite_contact = yes
timers = no
direct_media = no
auth = toronto
outbound_auth = toronto
aors = toronto

[toronto]
type=identify
endpoint=toronto
match=192.168.56.103

[9001]
type = aor
max_contacts = 1

[9001]
type = auth
username = 9001
password = 123

[9001]
type = endpoint
context = phones
disallow = all
allow = ulaw
rtp_symmetric = yes
rewrite_contact = yes
timers = no
direct_media = no
auth = 9001
outbound_auth = 9001
aors = 9001

[9002]
type = aor
max_contacts = 1

[9002]
type = auth
username = 9002
password = 456

[9002]
type = endpoint
context = phones
disallow = all
allow = ulaw
rtp_symmetric = yes
rewrite_contact = yes
timers = no
direct_media = no
auth = 9002
outbound_auth = 9002
aors = 9002

So an example with logs:
Trying to call from 7001 (Toronto), 9999 (Osaka). What I want to happen is to reach 9002 as described in Osaka’s dial plan. Instead, I am getting authentication errors as such:

Toronto side:

[Jan 21 16:25:43] WARNING[3394]: res_pjsip_outbound_registration.c:1160 handle_registration_response: reg_192.168.56.107: Fatal response '401' received from 'sip:192.168.56.107' on registration attempt to 'sip:toronto@192.168.56.107', stopping outbound registration
  == Setting global variable 'SIPDOMAIN' to '192.168.56.103'
    -- Executing [9999@phones:1] NoOp("PJSIP/7001-0000001a", "") in new stack
    -- Executing [9999@phones:2] Dial("PJSIP/7001-0000001a", "PJSIP/osaka,10") in new stack
    -- Called PJSIP/osaka
[Jan 21 16:25:57] WARNING[3394]: res_pjsip_outbound_authenticator_digest.c:193 digest_create_request_with_auth: Endpoint: 'osaka': Authentication credentials not accepted by server.
  == Everyone is busy/congested at this time (1:0/0/1)
    -- Executing [9999@phones:3] Hangup("PJSIP/7001-0000001a", "") in new stack
  == Spawn extension (phones, 9999, 3) exited non-zero on 'PJSIP/7001-0000001a'

Osaka side:

[Jan 21 16:25:57] NOTICE[2647]: res_pjsip/pjsip_distributor.c:676 log_failed_request: Request 'INVITE' from '<sip:7001@10.0.2.15>' failed for '192.168.56.103:5060' (callid: b9c1bbf6-2467-4938-9be7-8ece3bfd7770) - Failed to authenticate

I would appreciate every little bit, thank you very much!

P.S.: just in case someone wants to take a look at sip.conf

Toronto’s

[general]
context=internal
allowguest=no
allowoverlap=no
bindport=5060
bindaddr=0.0.0.0
srvlookup=no
disallow=all
allow=ulaw
alwaysauthreject=yes
canreinvite=no
nat=yes
session-timers=refuse
localnet=192.168.56.0/24
externip=18.188.229.244
register => toronto:welcome@192.168.56.105/osaka

[osaka]
type=friend
host=dynamic
secret=welcome
context=osaka-incoming

[7001]
type=friend
host=dynamic
secret=123
context=phones

[7002]
type=friend
host=dynamic
secret=456
context=phones

[7999]
type=friend
host=dynamic
context=phones

Osaka’s

[general]
context=internal
allowguest=no
allowoverlap=no
bindport=5060
bindaddr=0.0.0.0
srvlookup=no
disallow=all
allow=ulaw
alwaysauthreject=yes
canreinvite=no
nat=yes
session-timers=refuse
localnet=192.168.56.0/24
externip=18.188.229.244
register => osaka:welcome@192.168.56.103/toronto

[toronto]
type=friend
host=dynamic
secret=welcome
context=toronto-incoming

;ip phone configuration
[9001]
type=friend
host=dynamic
secret=123
context=phones


;ip phone configuration
[9002]
type=friend
host=dynamic
secret=456
context=phones
2

You are using the same authentication for both inbound and outbound. You need separate authentication sections, and then to reference them correctly. The easiest option would be to start out simple, adding in each part (such as authentication) until you understand exactly what is going on.

3

If you know both IP addresses, you should not be registering either of them; registration is for finding the value of an IP address that is only known at run time, and is not, primarily, for access control.

4

How do you mean? Instead of registering the servers, in the dial plan I would just do PJSIP/${EXTEN}@iP ?

5

You should delete all references to registration in pjsip.conf and rely entirely on the identify sections.

6

I am trying to start out simple, I really am :confused:

If I got what you said correctly; auth and outbound_auth, from what I tried to test, cannot co-exist using the same auth section. I changed Osaka’s pjsip.conf to only have an outbound_auth, and now I pass the authentication stage and reach Osaka. Another error occurred though, I think with the dial plan now (skip the next part)

Great, I think I get what you are saying, although in the end I am not sure if the IP’s will be static. This is just a mock up after all

This is the new error!

[Jan 21 16:59:48] NOTICE[2872]: res_pjsip_session.c:3996 new_invite:  toronto: Call (UDP:192.168.56.103:5060) to extension '9999' rejected because extension not found in context 'toronto-incoming'.

Shouldn’t this dial plan work?


[toronto_incoming]
exten => 9999,1,Answer()
exten => 9999,n,Dial(PJSIP/9002,30) ;Dial an internal phone
exten => 9999,n,Playback(vm-nobodyavail)
exten => 9999,n,Hangup()
include => internal

[internal]
exten => _9XXX,1,Answer()
exten => _9XXX,n,Dial(PJSIP/${EXTEN},30)
exten => _9XXX,n,Playback(vm-nobodyavail)
exten => _9XXX,n,Hangup()

It matches the extension (9999), and even if it did not, wouldn’t it move to internal and get reg_exed into PJSIP/9999 ?

7

You have specified a context of “toronto-incoming” but in the dialplan it is “toronto_incoming”.

1 Like
8

Jesus… That was it. It now completes the call! Thanks for another set of eyes and the auth advice; will try to read more into it!

9

At least one has to be static; you cannot register with a registrar whose address you do not know.

10

Of course, you are right. Thiswill be a star topology with the main (center) having a static IP and the nodes IPs might change. In case they are not though, what you are proposing is absolutely faster and seriously less hassle.

11

So I tried that but Asterisk now complains since it cannot find the endpoint, which is to be expected, since there is no registration. Altering the dial plan to directly call PJSIP/EXTEN@IP results in another error (Calling ext9999 from ext7001:

[Jan 22 11:49:28] ERROR[3090]: chan_pjsip.c:2727 request: Unable to create PJSIP channel - endpoint '192.168.56.107' was not found
[Jan 22 11:49:28] WARNING[3096][C-00000018]: app_dial.c:2596 dial_exec_full: Unable to create channel of type 'PJSIP' (cause 3 - No route to destination)
    -- No devices or endpoints to dial (technology/resource)
    -- Executing [9999@phones:3] Hangup("PJSIP/7001-00000017", "") in new stack
  == Spawn extension (phones, 9999, 3) exited non-zero on 'PJSIP/7001-00000017'

And here is the dial plan

[general]
autofallthrough=yes

[phones]
include => internal
include => remote

[internal]
exten => _7XXX,1,Answer()
exten => _7XXX,n,Dial(PJSIP/${EXTEN},30)
exten => _7XXX,n,Playback(vm-nobodyavail)
exten => _7XXX,n,Hangup()

[remote]
exten => _9XXX,1,NoOp()
exten => _9XXX,n,Dial(PJSIP/${EXTEN}@192.168.56.107,,10)
;exten => _9XXX,n,Dial(PJSIP/${EXTEN}@osaka,,10)
exten => _9XXX,n,Hangup()

Any ideas?

12

I didn’t say delete the endpoint.

13

I didn’t, the osaka endpoint is still there in pjsip.conf (if I understand what endpoint you are referring to)

[osaka]
type = aor
max_contacts = 1

[osaka]
type = auth
username = osaka
password = welcome

[osaka]
type = endpoint
context = phones
disallow = all
allow = ulaw
transport=transport-udp
rtp_symmetric = yes
rewrite_contact = yes
timers = no
direct_media = no
aors = osaka

[osaka]
type=identify
match=192.168.56.107
endpoint=osaka
14

As per https://github.com/asterisk/asterisk/blob/master/configs/samples/pjsip.conf.sample#L243 you need to provide the contact information that would have been provided by the registration.

1 Like
15

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.