Administrator TOOTAI
2018-Jul-05 17:24 UTC
[asterisk-users] No register between Asterisk 15 and 13 running pjsip
Hello, we have 4 asteriks, 2 in office on one server (wazo and mobydick), and 2 in DC (self compiled) each on his own server. All of them are VMs under Debian Stretch. We used OpenVPN to connect the machines together in TAP mode, everything was running well. Setup is following: the 2 asterisk in office on the same server are Asterisk 15 (wazo) and Asterisk 11certified (mobydick). Each of them is connected to the 2 others Asterisk in DC, both being Asterisk 13, all using chan_sip except one in DC wich is pjsip. They are also 2 IP phones in the office which are connected to all servers. As stated above, in tap mode everything is running well. Now we changed our VPNs to use tun. The setup was tested appart of asterisks, all connections are OK, all machines can speak to each others including Windows one. Now the problem: all VOIP devices are connecting as before except the Asterisk 15 from Office who can't register to the Asterisk 13 in DC running pjsip. No problem with the Asterisk11 certified against the same pjsip, as well as no problem to the other Asterisk 13 in DC running chan_sip. What we get: <--- Received SIP request (394 bytes) from UDP:10.99.0.52:5060 ---> REGISTER sip:zone-s SIP/2.0 Via: SIP/2.0/UDP 192.168.12.250:5060;branch=z9hG4bK4d838884 Max-Forwards: 70 From: <sip:zwr-IPBX at zone-s>;tag=as17aa56c4 To: <sip:zwr-IPBX at zone-s> Call-ID: 2efc5e2320a31ff1107505663a02397d at 127.0.1.1 CSeq: 102 REGISTER Supported: replaces, timer User-Agent: Office PBX Expires: 3600 Contact: <sip:callbackextension at 192.168.12.250:5060> Content-Length: 0 [2018-07-05 18:49:08] NOTICE[21317]: acl.c:750 ast_apply_acl: SIP ACL: Rejecting '10.99.0.52' due to a failure to pass ACL '(BASELINE)' [2018-07-05 18:49:08] NOTICE[21317]: res_pjsip/pjsip_distributor.c:649 log_failed_request: Request 'REGISTER' from '<sip:zwr-IPBX at zone-s>' failed for '10.99.0.52:5060' (call$ d: 2efc5e2320a31ff1107505663a02397d at 127.0.1.1) - Not match Endpoint ACL <--- Transmitting SIP response (322 bytes) to UDP:10.99.0.52:5060 ---> SIP/2.0 403 Forbidden Via: SIP/2.0/UDP 192.168.12.250:5060;rport=5060;received=10.99.0.52;branch=z9hG4bK4d838884 Call-ID: 2efc5e2320a31ff1107505663a02397d at 127.0.1.1 From: <sip:zwr-IPBX at zone-s>;tag=as17aa56c4 To: <sip:zwr-IPBX at zone-s>;tag=z9hG4bK4d838884 CSeq: 102 REGISTER Server: TOOTAiAudio Content-Length: 0 where 10.99.0.52 is the IP of the office tun VPN and 192.168.12.250 is the Asterisk 15 IP. zone-s is the hostname of the Asterisk pjsip server. The 10.99.0.52 is not in ACL (we tried by including it but no luck). zwr-IPBX is the username/auth_user. Remember, both VOIP phones as well as the Asterisk 11 server connect without problem. The Asterisk 11 an Asterisk 13 configuration is the same in pjsip.conf appart of username/auth_name. If someone had any clue on this. Regards Daniel