SIp trunk no audio no nat / no firewall

nomad71 · September 23, 2016, 7:28am

Hello, I am trying to set up sip trunk between asterisk servers in two LANs connected by VPN. There is no NAT and all traffic permited.
My configuration looks like:
Server1:

register => MSK-POD:Password@pbx.ariel.loc
 localnet=192.168.0.0/255.255.0.0 ; RFC 1918 addresses
 localnet=172.16.0.0/12    
[MSK-POD]
type=peer
dtmfmode=rfc2833
host=dynamic
disallow=all
allow=g729,alaw,ulaw
directmedia=no
secret=Password
insecure=port,invite
qualify=300
context=from_msk
nat=no

Server2

register => MSK-POD:Password@asterisk.ariel.loc
localnet=192.168.0.0/255.255.0.0 ; RFC 1918 addresses
localnet=172.16.0.0/12
[MSK-POD]
type=peer
dtmfmode=rfc2833
host=dynamic
disallow=all
allow=g729,alaw,ulaw
directmedia=no
secret=Password
insecure=port,invite
qualify=300
nat=no

Any ideas whats wrong?
Thnaks in advance!

david551 · September 23, 2016, 9:36am

Drop the register lines and specify the host name or IP address directly. Although contorted, what you have should work.

I think the delimiter for codecs is &, but I always put them on separate lines, so I could have remembered wrong.

If they both use the same password, insecure=invite is insecure. I’ve never come across a UDP configuration that needs insecure=port. If the passwords are different, use secret and remotesecret.

localnet is of no use without some means of determining the public address.

nomad71 · September 23, 2016, 10:29am

Replace with IP adresses and removed register - still no luck.
If i will remove register - I will get following error
**Failed to authenticate on INVITE to ' <sip:0405@172.17.20.141>;tag=as550a2b25'**
Password are the same, i will adress security concerns later

david551 · September 23, 2016, 11:48am

Please use the </> button to allow people to see text in angle brackets.

david551 · September 23, 2016, 11:50am

If you got failed to authenticate, it means the passwords aren’t the same.

nomad71 · September 23, 2016, 12:04pm

Password are the same, double checked with "search"
What text in angle brackets people can’t see?

david551 · September 23, 2016, 12:24pm

The URI part of the To header that is being quoted in the error message.

Failed to authenticate on INVITE to ’ text in angle brackets missing here;tag=as550a2b25’

nomad71 · September 23, 2016, 12:46pm

Aww, missed that somehow, sorry.

david551 · September 23, 2016, 1:45pm

Is 0405 defined as a friend or user on the destination. If so, change it to a peer.