Hi We are trying to accept inbound calls from a SIP provider who sends us calls from various IP's within a given subnet but they are failing every time with the following message on the console. chan_sip.c:20006 handle_request_invite: Call from '' to extension '<destination-number>' rejected because extension not found Our understanding is that the deny line blocks every IP and the following permit line then allows calls from the specified subnet but it seems that the peer is never matched when a calls hits the server. It's almost as if there should be a setting somewhere that we are missing to enable ACL's. Can anyone point us in the right direction here please? Is our understanding simply not correct? In our peer config we have: host = dynamic type = peer deny = 0.0.0.0/0.0.0.0 permit = xxx.xxx.xxx.xxx/255.255.255.0 context = Test insecure = invite,port Thanks in advance Mark. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20120402/f8e75238/attachment.htm>
Your understanding of the problem seems incorrect. The problem seems due to the extension not available in your dialplan. Please check carefully in which context the call is placed and if the extension is defined in that context. Maybe it can be useful to define a _X. extension to catch all not defined extensions. Leandro 2012/4/2 Mark Farmer <mark.farmer at gagenetworks.com>> Hi**** > > ** ** > > We are trying to accept inbound calls from a SIP provider who sends us > calls from various IP?s within a given subnet but they are failing every > time with the following message on the console.**** > > ** ** > > chan_sip.c:20006 handle_request_invite: Call from '' to extension > '<destination-number>' rejected because extension not found**** > > ** ** > > Our understanding is that the deny line blocks every IP and the following > permit line then allows calls from the specified subnet but it seems that > the peer is never matched when a calls hits the server.**** > > It?s almost as if there should be a setting somewhere that we are missing > to enable ACL?s.**** > > ** ** > > Can anyone point us in the right direction here please? Is our > understanding simply not correct?**** > > ** ** > > In our peer config we have:**** > > ** ** > > host = dynamic**** > > type = peer**** > > deny = 0.0.0.0/0.0.0.0**** > > permit = xxx.xxx.xxx.xxx/255.255.255.0**** > > context = Test**** > > insecure = invite,port**** > > ** ** > > Thanks in advance**** > > Mark.**** > > ** ** > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20120402/44f84204/attachment.htm>
On Monday 02 April 2012, Mark Farmer wrote:> Hi > > We are trying to accept inbound calls from a SIP provider who sends us > calls from various IP's within a given subnet but they are failing every > time with the following message on the console. > > chan_sip.c:20006 handle_request_invite: Call from '' to extension > '<destination-number>' rejected because extension not foundYour ACL must be working fine. The call is failing at the next stage: there isn't a matching extension in the context where the call comes in.> Our understanding is that the deny line blocks every IP and the following > permit line then allows calls from the specified subnet but it seems that > the peer is never matched when a calls hits the server. It's almost as if > there should be a setting somewhere that we are missing to enable ACL's. > > Can anyone point us in the right direction here please? Is our > understanding simply not correct? > > In our peer config we have: > > host = dynamic > type = peer > deny = 0.0.0.0/0.0.0.0 > permit = xxx.xxx.xxx.xxx/255.255.255.0 > context = Test > insecure = invite,portAh, so the call comes in in context "Test". So, look to your dialplan, then. Does this context have any extensions defined in it? Or, if you created your dialplan using includes, did you remember to include everything you should have? (And remember that it's case sensitive.) -- AJS Answers come *after* questions.
From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Leandro Dardini Sent: 02 April 2012 13:53 To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] Asterisk ACL Your understanding of the problem seems incorrect. The problem seems due to the extension not available in your dialplan. Please check carefully in which context the call is placed and if the extension is defined in that context. Maybe it can be useful to define a _X. extension to catch all not defined extensions. Leandro [Mark Farmer] The problem is that the inbound call is not being matched by the correct peer and as such falls through to the default context which is not supposed to match. The problem is around the matching of a range of IP addresses to one peer. Thanks Mark. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20120402/68ba9f24/attachment.htm>
On Mon, Apr 2, 2012 at 7:44 AM, Mark Farmer <mark.farmer at gagenetworks.com>wrote:> Hi**** > > ** ** > > We are trying to accept inbound calls from a SIP provider who sends us > calls from various IP?s within a given subnet but they are failing every > time with the following message on the console.**** > > ** ** > > chan_sip.c:20006 handle_request_invite: Call from '' to extension > '<destination-number>' rejected because extension not found**** > > >Does "destination-number" contain the context the call is failing in, or is that listed after the "extension not found" part? Can you provide a bit more of the CLI output before the failure? I've seen this type of error before and a lot of the time it has to do with the "insecure=" settings being used. Which version of asterisk are you using? -- Thanks, --Warren Selby, dCAP http://www.SelbyTech.com <http://www.selbytech.com> -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20120402/2bfce55e/attachment.htm>