TUTORIAL U Need Travelin' Man

lopaka

New Member
Joined
Jan 11, 2008
Messages
81
Reaction score
0
Thanks for the input ;). At least I know whats happening. Hopefully someone will know what steps to take to fix or troubleshoot it.

lopaka
 

lopaka

New Member
Joined
Jan 11, 2008
Messages
81
Reaction score
0
Uncle Ward?

Ward, could you outline the specific settings in the iphone sip client? I'm thinking this might possibly be a problem with sipdroid and something its doing, since the PIAF server gets the correct external IP addy but the SIP software ends up grabbing the IP address of the router it's passing through.

I'm going to try using one of the other sip clients and see if anything different happens

lopaka
 

MyKroFt

Guru
Joined
Oct 31, 2008
Messages
659
Reaction score
3
i installed sipdroid today and it worked the 1st time. I just use the standard xxxx (extension #), password, and pbx hostname - left everything else blank/default.

Now granted I had a no sound problem and didnt get time to debug it before work, but i think that is because my 10000-20000 port setup is messed up. pfsense firewall has a setup for RTP, and it supposed to pick the ports, but i dunno if they are the same and have to find out.

but otherwise, i saw the phone register and dialout, just could not hear anything :)
 

lopaka

New Member
Joined
Jan 11, 2008
Messages
81
Reaction score
0
Were you using the "travelin man" setup from another wifi, or are you just trying sipdroid on your home LAN? Mine works fine from home but has issues when used remotely with the travelin man setup. In fact I've been using sipdroid without problems for a while now, I just can't get the remote connection to work right.

I just retried the setup with aSIP on my nexus one, but it just looks like a clone of sipdroid and has the same problem.

lopaka
 

MyKroFt

Guru
Joined
Oct 31, 2008
Messages
659
Reaction score
3
I am using mine via the 3g network as I am connecting using my outside real ip - otherwise i would need to changed after hitting port 83 via wifi on local lan would be the local ip of the machine

if you are connected on your internal lan and trying to use your external ip to test real world outside access, you need to make sure your router can do what we call reflecting - allow you to access real world ip and reflect it back into your lan (wan interface) and then your router would send it to where it was told to forward it to.

my pfsense can do that also....
 

lopaka

New Member
Joined
Jan 11, 2008
Messages
81
Reaction score
0
I tested both ways and they do the same thing each time, picking up the address of the home router (example [email protected], and being denied because that address doesn't match the one being approved.

I can only test via wifi and not 3G, because I have no data plan. The issue may be specific to wifi connection, but I have a theory to test that. When I get back in town I'm going to try and connect "travelin man" style using my old nokia SIP client and see how that fares. If it works, my problem is with the sipdroid client. If it doesn't the problem lies elsewhere.

Thanks for the input!

lopaka:smile5:
 

lopaka

New Member
Joined
Jan 11, 2008
Messages
81
Reaction score
0
Hey Ward, thanks for jumpin in! I'm running a WHR-HP-54G Buffalo router with Tomato firmware. I've contemplated going with D-link just because of the recommendations, but the buffalo with tomato has been the best at dealing with high traffic + QOS, and I don't have any VOIP quality problems with this setup.

I started with WRT54G with talisman, then went to DDWRT on it. Then switched to WRT150N with DDWRT. Then to the current setup which handles lots of traffic. Currently I have 4 medical clinics with on and offsite backups, and the offsites FPT into my LAN on scheduled times, I've got heavy torrent and P2P loads, and also VNC or RD into the network to grab files, etc. I'd be concerned that the D-links would choke on this since this is the only router that keeps everything smooth so far.

lopaka
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,168
Reaction score
5,199
You're probably right. I gave up on SIPdroid because of all the problems and switched to SIPagent which is rock-solid. Unfortunately, they sold out to someone else and I have no idea how the new code works because I don't want to forfeit my copy of SIPagent which works. Just search the Marketplace for SIPagent and give the new release a try. Let me know how it goes.
 

lopaka

New Member
Joined
Jan 11, 2008
Messages
81
Reaction score
0
I grabbed the sipagent (now 3CXPhone). Can you list your preferred settings so I can test this?

lopaka
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,168
Reaction score
5,199
User: 222
Password: something
Domain: pbx.dyndns.org or whatever

Advanced:
Enable NAT
STUN: stun.xten.com
Enable ICE

G711 codecs

Leave the rest at default settings. If probs, turn ICE off.
 

lopaka

New Member
Joined
Jan 11, 2008
Messages
81
Reaction score
0
Thanks Ward, I'm still getting this on trying to connect. I'm using travelin man shortcut, then starting 3CXphone and when it tries to register I get this on the log

[2010-07-01 13:43:16] NOTICE[25336] chan_sip.c: Registration from '<sip:[email protected]>' failed for '74.93.xx.xxx' - Device does not match ACL

The addresses are correct. I am currently located at the '74.93.xx.xxx" addy and my home addy with PIAF is at 63.193.xxx.xxx.

Do I have to do anything specific to use the stun address you listed other than punch it in? I've never used one prior to this so forgive if it's a dumb question :)
 

tomsyr

Guru
Joined
Oct 26, 2007
Messages
266
Reaction score
1
lopaka,
I'm working though this, and don't have the Incredible PBX setup on my dev box. I ran the sh script that locks down the extensions with the local subnet.
When I create a new extension, I have Permit 0.0.0.0/0.0.0.0
I wonder if you change your ext to that - it may solve your issue.
AmyGrant mentions the ACL's.

I expected the GUI for the ext to reflect the 'new' permit, but it doesn't. It gets it from /etc/asterisk/XXX.inc
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,168
Reaction score
5,199
Permit 0.0.0.0/0.0.0.0 basically opens up an extension to anyone that has your extension password... a very bad idea. :wink5:
 

tomsyr

Guru
Joined
Oct 26, 2007
Messages
266
Reaction score
1
Permit 0.0.0.0/0.0.0.0 basically opens up an extension to anyone that has your extension password... a very bad idea. :wink5:

Ok - so when we use this, a user could keep their extension, but make it available while on the road. The XXX.inc is allowing the additional IP - right?
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,168
Reaction score
5,199
Correct. Lock down permit in FreePBX to your private IP subnet. Then open up a single external IP hole with extension.inc. See this week's Nerd Vittles article for details.
 

lopaka

New Member
Joined
Jan 11, 2008
Messages
81
Reaction score
0
Ward, does the script disable the allow fields or add additional parameters to the block and allow? Just to trouble shoot my problems I added an allow for my router IP and the external addy, but still get a denied due to ACL error. I've took those back off the PBX afterwards, so no security hole now.

I may do a separate clean install on an extra box this weekend just to see if somethings hosed on my current system and preventing this from working right.

lopaka
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,168
Reaction score
5,199
Nothing has been modified in the FreePBX setup except locking down permit to the local subnet. These commands get executed in order like this:

allow: 0.0.0.0/0.0.0.0 (means allow no one access)
permit: 192.168.0.0/255.255.255.0 (means permit local subnet 192.168.0.x)
extension.inc: permit someIP (means permit one specified external IP address)
 

blueskiesokie

New Member
Joined
Sep 18, 2009
Messages
2
Reaction score
0
Ward,
I am having same problem as lopaka. I have a fresh install of incrediblePBX, configured and working. I have a router with DD-WRT loaded and ports open (83 tcp, 5060 udp, 1000-2000 udp)
Travelin man is set and the web page shows that the ip is added to the permit. Works great with local connection at home. registration failed remote though?
 

Members online

No members online now.

Forum statistics

Threads
25,778
Messages
167,504
Members
19,198
Latest member
serhii
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Top