Remote client support?

I am a user coming from using YATE, which worked well enough, but was not as feature-rich as Asterisk. I got Asterisk up yesterday and it has apparently registered with our trunk line, but my issue is that our clients (Grandstream GXP1405 and cellular phones using Linphone) cannot register to our server. I believe the issue is related to NAT, but I may be mistaken. Linphone on my Linux laptop can register to the server, but Linphone on two Android cellphones fails to register, as does the Grandstream.

Now, I spent yesterday reading FAQs, trying various configurations, and all kinds of things. I currently have TCP and UDP 5060-5082 forwarded to the server, as well as UDP 10000-20000. The server is a PowerEdge 2900 running XenServer 6.5. The Asterisk server is a Debian 7.8 box (64bit) running inside Xen. My router is a Watchguard XTM21-W.

There are no errors in the log. If I try the accounts from my laptop using Linphone (Laptop runs Gentoo 64bit) they register, but will not not send or receive audio during calls. Again, no issues as far as Asterisk’s log is concerned. So what should I try next? If you need any more information, please ask!

UPDATE

I just set “externip” and “localnet”, and it improved, somewhat. If I call from my cellphone (using my cell, not Linphone) my laptop (extension 201) will ring. I do not hear rinign on my cell and instead get a message about the number being disconnected or changed. However, if I call from my laptop to my cellphone, it works and I can talk both ways. My laptop is in a remote location. The server is in our main office and I am in a remote office with my laptop, the GXP1405, and my cellphone.

So is this impossible? The goal was to have Linphone running on Android devices for our mobile people and Grandstream GXP1405 phones in the office. Is this impossible?

It’s not impossible but without information such as the network layout, how stuff is configured, console output, and packet traces it’s extremely hard to know what is going on. It’s most likely a configuration issue.

Alright, my network layout changed yesterday. In an attempt to fix this, we bought static addresses and the box is now sitting on the Internet itself, no NAT. My setup is as follows.

Asterisk Server: On the net, no firewall, no NAT
Main Office: All clients are behind NAT, but the router has a static IP also
Remote Office: The two IP phones are behind NAT, router has a dynamic IP
Cellular Phones: All of these have dynamic IPs, but should not be behind NAT

Main Office: 10.0.0.0/22
Remote Office: 10.0.4.0/24

Asterisk sip.conf

[general]
context=incoming
allow=ulaw
allow=alaw
allow=gsm
tcpenable=yes
register => Number:Password:AuthName@bt.voipdnsservers.com:5060

[nextiva]
type=friend
secret=HiddenForPost
username=HiddenForPost
host=bt.voipdnsservers.com
dtmfmode=rfc2833
canreinvite=no
disallow=all
allow=ulaw
allow=alaw
allow=gsm
insecure=port,invite
fromuser=HiddenFromPost
fromdomain=bt.voipdnsservers.com
context=incoming

[101]
type=friend
secret=101
dtmfmode=rfc2833
callerid="Front Desk" <101>
host=dynamic
canreinvite=no
context=mainphones

[102]
type=friend
secret=201
dtmfmode=rfc2833
callerid="Name Hidden Mobile" <102>
host=dynamic
transport=tcp
canreinvite=no
context=mainphones

[116]
type=friend
secret=611
dtmfmode=rfc2833
callerid="Name Hidden Desk" <116>
host=dynamic
canreinvite=no
context=mainphones

[117]
type=friend
secret=711
dtmfmode=rfc2833
callerid="Name Hidden Mobile" <117>
host=dynamic
canreinvite=no
context=mainphones

[201]
type=friend
secret=102
dtmfmode=rfc2833
callerid="Name Hidden Desk" <201>
host=dynamic
allowguest=no
canreinvite=no
context=mainphones

[202]
type=friend
secret=202
dtmfmode=rfc2833
callerid="Name Hidden Mobile" <202>
host=dynamic
allowguest=no
canreinvite=no
context=mainphones

[203]
type=friend
secret=302
dtmfmode=rfc2833
callerid="Name Hidden Desk" <203>
host=dynamic
allowguest=no
canreinvite=no
context=mainphones

[204]
type=friend
secret=402
dtmfmode=rfc2833
callerid="Name Hidden Mobile" <204>
host=dynamic
allowguest=no
canreinvite=no
context=mainphones

As for exensions:

[general]
static=yes
writeprotect=no
clearglobalvars=no

[incoming]
exten => s,1,Log(NOTICE, Incoming call from ${CALLERID(all)})
exten => s,n,Dial(SIP/101&SIP/102&SIP/117&SIP/201&SIP/202&SIP/203&SIP/204)
exten => s,n,Hangup()

[mainphones]
exten => 101,1,Dial(SIP/101,60)
exten => 101,n,Hangup()
exten => 102,1,Dial(SIP/102,60)
exten => 102,n,Hangup()
exten => 116,1,Dial(SIP/116,60)
exten => 116,n,Hangup()
exten => 117,1,Dial(SIP/117,60)
exten => 117,n,Hangup()
exten => 201,1,Dial(SIP/201,60)
exten => 201,n,Hangup()
exten => 202,1,Dial(SIP/202,60)
exten => 202,n,Hangup()
exten => 203,1,Dial(SIP/203,60)
exten => 203,n,Hangup()
exten => 204,1,Dial(SIP/204,60)
exten => 204,n,Hangup()
exten => 9991,1,Answer()
exten => 9991,n,Playback(tt-monty-knights)
exten => 9991,n,Hangup()
exten => 9992,1,Answer()
exten => 9992,n,Playback(welcome)
exten => 9992,n,Playback(demo-echotest)
exten => 9992,n,Echo()
exten => 9992,n,Playback(demo-echodone)
exten => 9992,n,Playback(vm-goodbye)
exten => 9992,n,Hangup()
exten => _9XXXX.,1,Log(NOTICE, Dialing out from ${CALLERID(all)} to ${EXTEN:1} through Nextiva)
exten => _9XXXX.,n,Dial(SIP/nextiva/${EXTEN:1},120)
exten => _9XXXX.,n,Playtones(congestion)
exten => _9XXXX.,n,Hangup()

I believe that is it. So what could be causing this issue? Yes, I changed my number, password, and authname to protect them on the forum. They are correct and the trunk is connected.

I don’t see any console output or packet traces!

Really? Is this software so unstable that basic network and configuration information cannot solve the issue? The server runs as a daemon. How do I get console output? I can post the log if that is what is needed.

Are packet-captures really necessary with all of the other information? That seems crazy. I would have to drive to both locations to do that. I would like to avoid that if possible.

Look, I have an Asterisk server on the Internet. I just need to know how to make clients talk to it. If SIP is this badly designed (H.323 seems much better) we can change to H.323 or go back to a phone line.

It works. When we placed the server onto a public IP address we changed everything over… except the DNS servers. It could not resolve our trunk host, so it would refuse to work. I discovered it just now, and now calling out works. Incoming does as well.

If I may be so bold as to make a suggestion. If, when Asterisk starts, it cannot resolve a hostname, it could output to the terminal/shell of whomever started it, like Apache does. This would have clued me in last week. Guess I need to cover DNS in Linux without our Linux guys. A simple change to /etc/resolv.conf fixed it. Thanks for listening and helping.