WebRTC: RTP packets sent to private IP address

Bang… not working… :frowning: I was logged in using VPN. That’s why It worked just a minute ago. OMG.

If the sipml5 client its outside the lan then don’t touch the I’ve servers and configure correctly the NAT settings for your PBX: externip or externhost, localnet, externrefresh, the Nat type for the extension.

Hello,

When I am testing, I am always testing outside of my LAN in which my FreePBX is. And I am always behind some NAT.

I have no issues with my Blackberry SIP Client when outside of my LAN (2224).
I have the same NAT settings for my Extension which I use with sipml5 (2225).

When I connect to my LAN using VPN, or when I am actually in my LAN when using sipml5, I have no issues.

I have one way audio issue only with sipml5 and only when I am outside of my LAN.

Herewith once again my settings:

rtp_additional.conf

[general] icesupport=yes rtpend=13000 rtpstart=12000

rtp_custom.conf

sip_additional.conf

[code].
.
.
[2224]
deny=0.0.0.0/0.0.0.0
secret=secret123
dtmfmode=rfc2833
canreinvite=no
context=from-internal
host=dynamic
trustrpid=yes
sendrpid=no
type=friend
nat=yes
port=5060
qualify=yes
qualifyfreq=30
transport=udp
encryption=no
callgroup=
pickupgroup=
dial=SIP/2224
mailbox=2224@device
permit=0.0.0.0/0.0.0.0
callerid=Blackberry <2224>
callcounter=yes
faxdetect=no
cc_monitor_policy=generic

[2225]
deny=0.0.0.0/0.0.0.0
secret=secret123
dtmfmode=rfc2833
canreinvite=no
context=from-internal
host=dynamic
trustrpid=yes
sendrpid=no
type=friend
nat=yes
port=5060
qualify=yes
qualifyfreq=60
transport=ws,udp,tcp,tls
avpf=yes
icesupport=yes
encryption=yes
callgroup=
pickupgroup=
dial=SIP/2225
mailbox=2225@device
permit=0.0.0.0/0.0.0.0
callerid=2225 <2225>
callcounter=yes
faxdetect=no
cc_monitor_policy=generic
.
.
.[/code]

sip_custom_post.conf

[2225](+) directmedia=no

sip_general_additional.conf

fromdomain=pbx.tld callevents=no bindport=5060 jbenable=no srvlookup=no notifyhold=yes videosupport=no canreinvite=no nat=yes externip=91.AAA.BBB.CC localnet=192.168.7.0/255.255.255.0 . . .

sip_nat.conf

Thank you very much.

Regards,
K.

Hello,

I am currently suspecting my /etc/hosts and general hostname settings for being responsible for my one way audio issues.
/etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 192.168.7.32 pbx.tld pbx

I played with it and even when I have put /etc/hosts back to what it was before, now I have no audio with sipml5 both ways.

Hello,

it took me few days, but I tried everything I could to resolve the mentioned issue. Unfortunately without success.

I am still facing in the sipml5 -> NAT -> Internet -> NAT -> pbx.server direction one way audio issue.
When I call from another SIP extension and receive the call on sipml5 again behind NAT <- internet <- NAT <- pbx.server, I have no issues.

Not sure if it means anything, but when I say one way audio, I am able to hear on sipml5 side, but the callee can not hear me. Or when using Echo test, I hear the announcement, but do not hear myself later on.
Than I only have to connect via VPN and everything works just fine.

Does it mean its the sipml5 client having an issue? Or its still something wrong with my setup?

ICE,STUN,TURN setting does not seem to have any impact in my setup. It makes no difference whether I use on sipml5 side [color=#FF0000][] [/color]or [color=#FF0000]empty[/color] or [color=#FF0000]null[/color] or [color=#FF0000][{ url: ‘stun:stun.l.google.com:19302’}][/color].

I also installed a brand new server on a different hardware, different IP from the scratch. Changed only the bare minimum and fixed my hostname issues (I think).

At this point I am good to give up since I am fighting with this for months.

I do understand that people got it working on LAN side, but I have found hardly a reference somebody specifically saying its working over the internet like in my scenario.

One way audio is a NAT settings issue on your PBX. And yes many people use sipml5 over the internet not just LAN(I use it over internet with good results and my PBX is behind nat too), but keep in mind that webrtc -all not just sipml5- doesn’t work well with proxies between client and pbx.

You can try the webrtc2sip media gateway, many people use it to avoid NAT issues.

Thanks navaismo,

in that case I am lost because I do not know, what I am doing wrong here. I am using the latest sipml5, I tried also the Demo on their web page.
I was hoping I can get it working out of the box without any proprietary solutions re webrtc2sip :frowning:

I see the sipml5 software using some sort of their proxy. Is that correct? Could that be the reason for the one way audio when starting the call on sipml5 side?

[quote=“karol_kovalik”]Thanks navaismo,

in that case I am lost because I do not know, what I am doing wrong here. I am using the latest sipml5, I tried also the Demo on their web page.
I was hoping I can get it working out of the box without any proprietary solutions re webrtc2sip :frowning:[/quote]
Have you tried changing your scenario, moving your PBX to a PUBLIC network no NAT involved?

I can not imagine how I would do that. Maybe because I do not have the options to do that. My PBX is one of many Virtual Machines in a home network.

As a final attempt you can show us your recent sp debug with one way audio and describe the paths to reach your PBX.

Thank You navaismo,

could you please tell me what do you mean with describe paths to reach my PBX?

Like how many Jumps:

PUBLIC IP on SIPML5------>WAN------>PUBLIC IP YOUR ROUTER------>IP for your PBX

Using the JsSIP demo cause the same behavior?

Also installing webrtc2sip its easy and it doesn’t consume many resources, I have build some RPMs for i386 if you want to test that scenario too.

My setup looks like follows:

[code]Device | Private IP | Public IP


FreePBX | 192.168.200.232 | 91.A.B.C
sipml5 | 192.168.20.100 | 92.D.E.F[/code]

[code]sipml5 --> WAN --> Router --> PBX

192.168.20.100 --> 92.D.E.F --> 91.A.B.C --> 192.168.200.232
[/code]
192.168.20.100 is the private address of the computer from which I am using sipml5 to call *43 (Echo Test) on my PBX with private address 192.168.200.232.
192.168.200.111 is the address of the sipml5 (interface of 192.168.20.100) when connected via VPN.

One Way Audio
I can hear the announcement on sipml5 side and this is the corresponding RTP Log:

Sent RTP packet to 92.D.E.F:64882 (via ICE) (type 00, seq 006752, ts 125600, len 4294967284) Sent RTP packet to 92.D.E.F:64882 (via ICE) (type 00, seq 006753, ts 125760, len 4294967284) Sent RTP packet to 92.D.E.F:64882 (via ICE) (type 00, seq 006754, ts 125920, len 4294967284)
PBX is not receiving any RTP packets, only sending to WAN IP of sipml5.

VPN - Audio OK

Got RTP packet from 92.D.E.F:58029 (type 00, seq 039612, ts 189801105, len 000160) Sent RTP packet to 192.168.200.111:58030 (via ICE) (type 00, seq 057991, ts 2619864, len 4294967284) Got RTP packet from 92.D.E.F:58029 (type 00, seq 039613, ts 189801265, len 000160) Sent RTP packet to 192.168.200.111:58030 (via ICE) (type 00, seq 057992, ts 2620024, len 4294967284)
PBX is sending packets to WAN IP of sipml5 and receiving responses via VPN.

LOGS
I have made a single call from sipml5(2222) to *43(Echo Test). There was one way audio - I could hear Echo test announcement, but could not hear myself.

192.168.200.112 can be ignored.
192.168.56.1 is VirtualBox interface running on the same PC as from which I use sipml5 and can be ignored.

Asterisk is listenning on 39999.

sipdebug.txt
http://pastebin.com/pcSPTqmG

Chrome Sip Debug
http://pastebin.com/q4HHfVpv

CONFIG

rtp_additional.conf

[general] icesupport=yes rtpend=13000 rtpstart=12000

rtp_custom.conf

stunaddr=stun4.l.google.com:19302

sip_additional.conf

[2222] deny=0.0.0.0/0.0.0.0 secret=********** dtmfmode=rfc2833 canreinvite=no context=from-internal host=dynamic trustrpid=yes sendrpid=no type=friend nat=yes port=5060 qualify=yes qualifyfreq=60 transport=ws avpf=yes icesupport=yes encryption=yes callgroup= pickupgroup= dial=SIP/2222 mailbox=2222@device permit=0.0.0.0/0.0.0.0 callerid=2222 <2222> callcounter=yes faxdetect=no cc_monitor_policy=generic

sip_custom_post.conf

[2222](+) directmedia=no

sip_general_additional.conf

faxdetect=yes vmexten=*97 context=from-sip-external callerid=Unknown notifyringing=yes notifyhold=yes tos_sip=cs3 tos_audio=ef tos_video=af41 alwaysauthreject=yes useragent=FPBX-2.11.0(11.5.1) disallow=all allow=ulaw allow=alaw accept_outofcall_message=yes outofcall_message_context=sipmessages allow=silk8 allow=silk12 allow=silk16 allow=silk24 fromdomain=pbx.domain.com callevents=no language=cz bindport=39999 jbenable=no defaultexpiry=120 allowguest=yes srvlookup=no minexpiry=60 maxexpiry=3600 registerattempts=0 registertimeout=20 notifyhold=yes g726nonstandard=no videosupport=no maxcallbitrate=384 canreinvite=no rtptimeout=30 rtpholdtimeout=300 rtpkeepalive=0 checkmwi=10 notifyringing=yes nat=yes externip=91.A.B.C localnet=192.168.200.0/255.255.255.0

SIPML5

Both SIPML5 & Asterisk are pointing to same public IP and PORT for RTP, so there is no reason why the RTP isn’t coming to you pbx.

The RTP port range 12000 to 13000 is allowed in your pbx firewall and properly forwarded in your router? If the PBX is a VM the HOST machine allows all ports for public addresses?

It is time to switch the capture to TCPDUMP or wireshark, if your router has logging feature enable it to see if the RTP is coming to the Router and then forwarded to the LAN PC.

I have been playing around with some packet sniffers on both sides.

Using the IP from above:

Wireshark (sipml5 on 192.168.20.100/92.D.E.F)
While listening to the *43 announcement I can see UDP packets coming in from 91.A.B.C You can also see here STUN binding requests are being sent from 192.168.20.100 (sipml5) to 192.168.200.232(PBX)!!!

Once the announcement is over and I am in a call I only see a bunch of STUN Binding requests from 192.168.20.100 to 91.A.B.C(14730) and responses flowing the other way around. No UDP(RTP) packets:

Router
I can see a connection on my router on ports 8088 (WebSocket) and UDP 14730 being open for the call.

IpTraf (PBX Server on 192.168.200.232/91.A.B.C)
Here I can see received udp packets from 92.D.E.F(14730).

* Note that I have changed now RTP packet ports from 12000 - 13000 to 14000 - 15000.

And there is still no sound… :frowning:

I keep analyzing the issue and as far as I can see, its the PBX who is telling sipml5 the private address:

and straight after that sipml5 starts sending STUN Binding requests to the private address:

What is it what makes the PBX to tell sipml5 the private address? At least that’s where I suspect the issue.