1

Running Ubuntu 14.04 LTS and Asterisk 11.7.0. The server is set up for SIP phones to use our SIP trunk via voip.ms/didlogic (two different services because we like international rates on didlogic, but it doesn't have all the domestic features voip.ms has; Not relevant to the issue at hand though). Suffice to say I have little knowledge of IP telephony.

When a SIP softphone from a work-at-home employee attempts to make a call to, say, a land line, the sip softphone will receive audio but not send it. The person on the land line will not receive any audio from the sip softphone. The classic one-way audio issue that plagues SIP.

I cannot recreate the issue. 100% of employee's softphones work locally in the office. I've also tested a softphone from my home connection, I've used VPN to tunnel through and connect through countries half way across the globe to check for latency issues, and I've had a family member who lived miles away test and they were successful. I am baffled.

Also be aware that I've tried on a mix of employee systems, both Mac and PC, and I've open ports on their firewalls, turned firewalls completely off, and so on.

For testing purposes, I have no rules in IPTables and the server is not behind our local router's NAT (consumer routers call this the DMZ).

Asterisk configuration is vanilla out of the box with two exceptions: SIP bind port is 5070 and RTP port range is 20001-30000. This avoids connection spamming from foreign robo dialers looking for a free ride.

Below is an excerpt from Asterisk's sip.conf (specific details redacted, you may need to scroll this sample)

[general]
register => REDACTED:REDACTED@sip.didlogic.net:5060
register => REDACTED:REDACTED@losangeles.voip.ms:5060

externip=REDACTED
localnet=192.168.0.0/255.255.255.0

bindaddr=0.0.0.0
bindport=5070

allowguest=no
alwaysauthreject=yes
cancallforward=yes
canreinvite=nonat
disallow=all
allow=g722
allow=ulaw
allow=alaw
qualify=yes
nat=force_rport,comedia

[didlogic]
host=sip.didlogic.net
username=REDACTED
authname=REDACTED
secret=REDACTED
insecure=port
type=peer

[vms-incoming]
host=losangeles.voip.ms
user=REDACTED
username=REDACTED
fromuser=REDACTED
authuser=REDACTED
secret=REDACTED
context=vms-incoming
insecure=invite
type=peer
trustrpid=yes
sendrpid=yes

[sip-softphone]
context=Sales
secret=REDACTED
type=friend
host=dynamic
fromuser=sip-softphone
authuser=sip-softphone
insecure=port

Two thoughts come to mind server side: Should I be setting my trunk services to type=friend? And are my NAT related configuration settings correct and in the right place? Especially canreinvite=nonat and nat=force_rport,comedia

I've had no luck swapping out softphones. For our test, lets consider an out-of-the-box Zoiper install. This is set up to connect to our ip address and nonstandard SIP port 5070 and it's set to use the default STUN service, stun.zoiper.com. It registers and dials fine so it seems like SIP signalling is fine, it's just an issue with RTP audio. I have a suspicion I should choose a fixed RTP port (Preferences > Advanced) that is in the 20001-30000 range but, again, personal testing seems to confirm an out of the box setup works.

I'm open to posting SIP debug excerpts when I can test with an employee, but any idea why it would work for me and my relative in a handful of situations but not for my general employees? Could it be that some people at home have routers with just horrifically broken NAT implementations or should I switch to a far lower bandwidth codec like iLBC?

Another possibility is that my home, my relatives (40 miles away) and our office all use Time Warner as our ISP. Perhaps there are some ISP issues that need to be sidestepped with clever configuration.

Edit: I was able to do some interesting testing by finding an open random WiFi network. In rtp.conf I set strictrtp=no. In sip.conf I moved nat and canreinvite settings to the individual users so it's not a general setting, something like this:

[sip-softphone]
context=Sales
secret=REDACTED
type=friend
host=dynamic
fromuser=sip-softphone
authuser=sip-softphone
insecure=port
canreinvite=nonat
nat=force_rport,comedia

On the softphone, I disabled Stun (off in Zoiper, set to ICE in X-Lite) and I reliably get two-way audio. I've yet to test with an employee but things look interesting.

1 Answers1

1

Like you I know nothing of the voip world but try the following in sip.conf:

[general]
  directmedia=no

If it works then great, but I cant offer an explanation as I haven't checked into it, start here though.

gwillie
  • 231
  • 1
  • 9