WebRTC setup on master branch not working


#1

I have just started exploring Asterisk mainly because of Video SFU support in version 15. I recently cloned Asterisk source code from GIT master branch and successfully built the code. The Asterisk is currently running on AWS EC2 instance.

As I am trying to configure different modules as explained in the link below to set up an environment for making WebRTC video calls using SFU video mode on Asterisk.
http://blogs.asterisk.org/2017/09/20/asterisk-15-multi-stream-media-sfu/

After making all the config modifications as per the above blog, I am noticing an issue with SIP REGISTER REQUEST and chan_sip is complaining about wrong password, if I try to request guest account from CMP2K client.

Here is the SIP log message that I notice and I don’t see anything wrong with the password that I have set up on the Asterisk server and CMP2K client instances. I have outlined the configuration changes that I have made in different config files and the snippet of SIP log messages.

Any idea and help with this issue will be much appreciated.

Thanks and Regards,
Ashok

  1. Modifications and additions to /etc/asterisk/pjsip.conf
    [transport_wss]
    type=transport
    bind=0.0.0.0
    protocol=wss

[guest]
type=aor
max_contacts=1

[authguest]
type=auth
auth_type=userpass
username=guest
password=12345 ; This is a completely insecure password. Do NOT expose this
; system to the Internet without utilizing a better password.

[guest]
type=endpoint
transport=transport-wss
context=default
direct_media=no
allow=!all,ulaw,vp8,h264,alaw,opus,gsm
aors=guest
auth=authguest
allowguest=yes
max_audio_streams=10
max_video_streams=10
webrtc=yes
avpf=yes
nat=yes,force_rport
dtls_cert_file=/etc/asterisk/keys/asterisk.pem
dtls_ca_file=/etc/asterisk/keys/ca.crt
transport=tls,udp,ws ; Asterisk will allow this peer to register on UDP or WebSockets
dtlsverify=no ; Tell Asterisk to not verify your DTLS certs
rtcp_mux=yes

  1. Changes to sip.conf
    [general]
    tcpenable=yes
    tcpbindaddr=0.0.0.0
    allowoverlap=no ; existing setting

Other existing settings -->
basic-options ; a template
dtmfmode=rfc2833
context=from-office
type=friend

natted-phone ; another template inheriting basic-options
directmedia=no
host=dynamic

public-phone ; another template inheriting basic-options
directmedia=yes

my-codecs ; a template for my preferred codecs
disallow=all
allow=ilbc
allow=g729
allow=gsm
allow=g723
allow=ulaw
; Or, more simply:
;allow=!all,ilbc,g729,gsm,g723,ulaw

ulaw-phone ; and another one for ulaw-only
disallow=all
allow=ulaw
; Again, more simply:
;allow=!all,ulaw

  1. Additions and modifications to http.conf
    [general]
    enabled=yes
    bindaddr=0.0.0.0
    bindport=8088
    tlsenable=yes
    tlsbindaddr=0.0.0.0:8089
    tlscertfile=/etc/asterisk/keys/asterisk.pem
    enablestatic=yes

  2. Additions and modifications confbridge.conf
    [default_bridge]
    type=bridge
    video_mode=sfu

[default_user]
type=user
music_on_hold_when_empty=yes
music_on_hold_class=default

  1. Additions and modifications to extensions.conf --> added dialplan for echo and video-conference applications

[default]
exten => echo,1,Answer()
same => n,StreamEcho(3)
same => n,Hangup()

exten => video-conference,1,Answer()
same => n,ConfBridge(guest)
same => n,Hangup()

SIP debug log from the Asterisk server running on AWS EC2 instance:
== WebSocket connection from ‘xx.xxx.xx.xx:50505’ for protocol ‘sip’ accepted using version ‘13’

<— SIP read from WS:12.229.59.89:50505 —>
REGISTER sip:xx.xxx.xxx.xx SIP/2.0
Via: SIP/2.0/WSS xx.xxx.xxx.xx;branch=z9hG4bK8055612
Max-Forwards: 69
To: sip:guest@xx.xxx.xxx.xx
From: sip:guest@xx.xxx.xxx.xx;tag=57emgdfp7h
Call-ID: 0modgqkd3pphq14f55ebej
CSeq: 1 REGISTER
Contact: sip:guest@xx.xxx.xxx.xx;+sip.ice;reg-id=1;+sip.instance=“urn:uuid:da6af3e3-94a0-4ed3-ac6a-5c259271ebe1”;expires=300
Expires: 300
Allow: INVITE,ACK,CANCEL,BYE,UPDATE,MESSAGE,OPTIONS,REFER,INFO
Supported: path,gruu,outbound
User-Agent: JsSIP 3.0.13
Content-Length: 0

<------------->
— (13 headers 0 lines) —

<— Transmitting (no NAT) to 12.229.59.89:5060 —>
SIP/2.0 401 Unauthorized
Via: SIP/2.0/WSS xx.xxx.xxx.xx;branch=z9hG4bK8055612;received=12.229.59.89
From: sip:guest@xx.xxx.xxx.xx;tag=57emgdfp7h
To: sip:guest@xx.xxx.xxx.xx;tag=as491821f7
Call-ID: 0modgqkd3pphq14f55ebej
CSeq: 1 REGISTER
Server: Asterisk PBX GIT-master-e132f22
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce="0858f39d"
Content-Length: 0

<------------>
Scheduling destruction of SIP dialog ‘0modgqkd3pphq14f55ebej’ in 32000 ms (Method: REGISTER)

<— SIP read from WS:12.229.59.89:50505 —>
REGISTER sip:xx.xxx.xxx.xx SIP/2.0
Via: SIP/2.0/WSS xx.xxx.xxx.xx;branch=z9hG4bK1125142
Max-Forwards: 69
To: sip:guest@xx.xxx.xxx.xx
From: sip:guest@xx.xxx.xxx.xx;tag=57emgdfp7h
Call-ID: 0modgqkd3pphq14f55ebej
CSeq: 2 REGISTER
Authorization: Digest algorithm=MD5, username=“guest”, realm=“asterisk”, nonce=“0858f39d”, uri=“sip:xx.xxx.xxx.xx”, response="aef59f5f6243bb57def2a48908242d6b"
Contact: sip:guest@xx.xxx.xxx.xx;+sip.ice;reg-id=1;+sip.instance=“urn:uuid:da6af3e3-94a0-4ed3-ac6a-5c259271ebe1”;expires=300
Expires: 300
Allow: INVITE,ACK,CANCEL,BYE,UPDATE,MESSAGE,OPTIONS,REFER,INFO
Supported: path,gruu,outbound
User-Agent: JsSIP 3.0.13
Content-Length: 0

<------------->
— (14 headers 0 lines) —

<— Transmitting (no NAT) to 12.229.59.89:5060 —>
SIP/2.0 403 Forbidden
Via: SIP/2.0/WSS xx.xxx.xxx.xx;branch=z9hG4bK1125142;received=12.229.59.89
From: sip:guest@xx.xxx.xxx.xx;tag=57emgdfp7h
To: sip:guest@xx.xxx.xxx.xx;tag=as491821f7
Call-ID: 0modgqkd3pphq14f55ebej
CSeq: 2 REGISTER
Server: Asterisk PBX GIT-master-e132f22
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Content-Length: 0

<------------>
[Feb 13 20:47:53] NOTICE[6078]: chan_sip.c:28899 handle_request_register: Registration from ‘sip:guest@xx.xxx.xxx.xx’ failed for ‘12.229.59.89:50505’ - Wrong password
Scheduling destruction of SIP dialog ‘0modgqkd3pphq14f55ebej’ in 32000 ms (Method: REGISTER)


#2

The chan_sip module is not supported for SFU. You would need to disable loading it in modules.conf by using “noload => chan_sip.so”


#3

Thanks for your quick reply Jcolp. Let me try disabling it in modules.conf file.

Thanks,
Ashok