Hey everyone. I've been scratching my head on this throughout the weekend and am hoping a second set of eyes is all I need to figure out what my mistake is on configuring a PBXinaflash w/ IncrediblePBX install to work with a new AT&T IP Flex Reach circuit that was activated this weekend. AT&T has been completely unable to offer any form of assistance, but have gotten (I feel) about 90% of the way using
https://pbxinaflash.com/community/threads/how-to-at-t-ip-flex-trunk-configuration.9155/
http://asterisk-pro.com/how-to/attipflex/
Currently, inbound calls 'work' but the audio is only one way (inbound) and the call automatically disconnects at (almost exactly) 12 or 32 seconds in, which happen to line up with the RTP timers. Outbound calls are not currently working at all and give an 'All circuits are busy now. Please try your call again later' recording. I think I'm dealing with two separate issues here but I'm at a loss as to how I should troubleshoot this further. SIP debug DOES show me messages similar to:
Retransmitting #4 (NAT) to 12.194.215.x:5060:
OPTIONS sip:12.194.215.x SIP/2.0
Via: SIP/2.0/UDP 12.175.x.x:5060;branch=z9hG4bK4b7a9880;rport
Max-Forwards: 70
From: "Unknown" <sip:[email protected]>;tag=as14f91541
To: <sip:12.194.215.x>
Contact: <sip:[email protected]:5060>
Call-ID: [email protected]:5060
CSeq: 102 OPTIONS
User-Agent: FPBX-12.0.74(13.10.0)
Date: Mon, 20 Feb 2017 18:48:53 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Content-Length: 0
which suggests a problem with NAT, but I've tried about every combination I can think of (public, static, nat no, nat yes, etc...) and feel I have to be overlooking something hopefully simple. Any assistance whatsoever would be greatly, greatly, greatly appreciated!
The only information AT&T gave me:
Border Elements
Signaling -
Primary - 12.194.223.x
Alternate - 12.194.215.x
Alternate inbound media -
Primary - 12.194.223.y
Alternate - 12.194.215.y
Current configuration
PFSense
NAT
Forwarding port 5060 UDP from 12.194.0.0/16 to 10.5.0.20 (Internal PBX IP)
Forwarding ports 16384 - 32767 UDP from 12.194.0.0/15 to 10.5.0.20 (for RTP)
Manual outbound NAT rule generation
all traffic from 10.5.0.0/16 -> 12.175.X.X (PBX External/public IP) , static port CHECKED
Outbound allowing all traffic from 10.5.0.0/16 to 12.194.0.0/16 (was originally just allowing outbound 5060 and RTP ports but allowed all for testing)
PIAF
Using Chan_SIP across the board, PJSIP disabled
General SIP Settings
Allow anonymous inbound sip calls YES (hesitantly... testing)
NAT Settings
External Address: 12.175.X.X (did a basic 'what is my ip' search from the pbx and confirmed outbound NAT IS translating to the correct external IP)
Local Networks: 10.5.0.0/24 (PBX VLAN)
10.5.1.0/24 (phone VLAN)
10.5.2.0/24 (additional phone VLAN)
RTP Settings
RTP Port Ranges Start: 16384 End: 32767
RTP Checksums: No
STrict RTP: No
Codecs: Allow disabled except ulaw for testing
Chan SIP Settings
NAT: Yes
IP Configuration: Static IP
Override External IP: blank, but has correct external ip in grey text
Video Support: Disabled
Reinvite behavior: no
RTP Timers (defaults): 30 rtptimeout, 300 rtpholdtimeout, 0 rtpkeepalive
Bind Port: 5060
SRV Lookup: Disabled
Configured two trunks
Trunk Name: ATTSignaling1
Outbound CallerID: TestTN
CID Options: Allow any CID
Max Channels: 23
Outgoing Settings
Trunk Name: ATTSig1
PEER Details:
type=peer
qualify=2000
dtmfmode=rfc2833
host=12.194.223.x
insecure=port,invite
context=from-pstn
disallow=all
allow=ulaw
canreinvite=no
nat=yes
Incoming Settings -- blank
Register String -- blank
Trunk Name: ATTSignaling2
Outbound CallerID: Same TestTN as above
CID Options: Allow anyu CID
Max Channels: 23
Outgoing Settings
Trunk Name: ATTSig2
PEER Details:
type=peer
qualify=2000
dtmfmode=rfc2833
host=12.194.215.x
insecure=port,invite
context=from-pstn
disallow=all
allow=ulaw
canreinvite=no
nat=yes
Incoming Settings -- blank
Register String -- blank
Inbound route created for Test TN, default settings, just going through to my extension
Outbound Route
Route Name: temptestroute
Route CID: same TestTN as above, override extension CHECKED
dial patterns (using 9 prefix so that my testing doesnt affect our default, still in use route)
9 (prefix) NXXNXXXXXX
9 (prefix) NXXXXXX
Trunk Sequence for Matched Routes
0 ATTSignaling1
1 ATTSignaling2
PIAF Webmin/Linux Firewall
Accept If protocol is UDP and source is 12.194.0.0/16 and destination ports are 5060,16384:32767
https://pbxinaflash.com/community/threads/how-to-at-t-ip-flex-trunk-configuration.9155/
http://asterisk-pro.com/how-to/attipflex/
Currently, inbound calls 'work' but the audio is only one way (inbound) and the call automatically disconnects at (almost exactly) 12 or 32 seconds in, which happen to line up with the RTP timers. Outbound calls are not currently working at all and give an 'All circuits are busy now. Please try your call again later' recording. I think I'm dealing with two separate issues here but I'm at a loss as to how I should troubleshoot this further. SIP debug DOES show me messages similar to:
Retransmitting #4 (NAT) to 12.194.215.x:5060:
OPTIONS sip:12.194.215.x SIP/2.0
Via: SIP/2.0/UDP 12.175.x.x:5060;branch=z9hG4bK4b7a9880;rport
Max-Forwards: 70
From: "Unknown" <sip:[email protected]>;tag=as14f91541
To: <sip:12.194.215.x>
Contact: <sip:[email protected]:5060>
Call-ID: [email protected]:5060
CSeq: 102 OPTIONS
User-Agent: FPBX-12.0.74(13.10.0)
Date: Mon, 20 Feb 2017 18:48:53 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Content-Length: 0
which suggests a problem with NAT, but I've tried about every combination I can think of (public, static, nat no, nat yes, etc...) and feel I have to be overlooking something hopefully simple. Any assistance whatsoever would be greatly, greatly, greatly appreciated!
The only information AT&T gave me:
Border Elements
Signaling -
Primary - 12.194.223.x
Alternate - 12.194.215.x
Alternate inbound media -
Primary - 12.194.223.y
Alternate - 12.194.215.y
Current configuration
PFSense
NAT
Forwarding port 5060 UDP from 12.194.0.0/16 to 10.5.0.20 (Internal PBX IP)
Forwarding ports 16384 - 32767 UDP from 12.194.0.0/15 to 10.5.0.20 (for RTP)
Manual outbound NAT rule generation
all traffic from 10.5.0.0/16 -> 12.175.X.X (PBX External/public IP) , static port CHECKED
Outbound allowing all traffic from 10.5.0.0/16 to 12.194.0.0/16 (was originally just allowing outbound 5060 and RTP ports but allowed all for testing)
PIAF
Using Chan_SIP across the board, PJSIP disabled
General SIP Settings
Allow anonymous inbound sip calls YES (hesitantly... testing)
NAT Settings
External Address: 12.175.X.X (did a basic 'what is my ip' search from the pbx and confirmed outbound NAT IS translating to the correct external IP)
Local Networks: 10.5.0.0/24 (PBX VLAN)
10.5.1.0/24 (phone VLAN)
10.5.2.0/24 (additional phone VLAN)
RTP Settings
RTP Port Ranges Start: 16384 End: 32767
RTP Checksums: No
STrict RTP: No
Codecs: Allow disabled except ulaw for testing
Chan SIP Settings
NAT: Yes
IP Configuration: Static IP
Override External IP: blank, but has correct external ip in grey text
Video Support: Disabled
Reinvite behavior: no
RTP Timers (defaults): 30 rtptimeout, 300 rtpholdtimeout, 0 rtpkeepalive
Bind Port: 5060
SRV Lookup: Disabled
Configured two trunks
Trunk Name: ATTSignaling1
Outbound CallerID: TestTN
CID Options: Allow any CID
Max Channels: 23
Outgoing Settings
Trunk Name: ATTSig1
PEER Details:
type=peer
qualify=2000
dtmfmode=rfc2833
host=12.194.223.x
insecure=port,invite
context=from-pstn
disallow=all
allow=ulaw
canreinvite=no
nat=yes
Incoming Settings -- blank
Register String -- blank
Trunk Name: ATTSignaling2
Outbound CallerID: Same TestTN as above
CID Options: Allow anyu CID
Max Channels: 23
Outgoing Settings
Trunk Name: ATTSig2
PEER Details:
type=peer
qualify=2000
dtmfmode=rfc2833
host=12.194.215.x
insecure=port,invite
context=from-pstn
disallow=all
allow=ulaw
canreinvite=no
nat=yes
Incoming Settings -- blank
Register String -- blank
Inbound route created for Test TN, default settings, just going through to my extension
Outbound Route
Route Name: temptestroute
Route CID: same TestTN as above, override extension CHECKED
dial patterns (using 9 prefix so that my testing doesnt affect our default, still in use route)
9 (prefix) NXXNXXXXXX
9 (prefix) NXXXXXX
Trunk Sequence for Matched Routes
0 ATTSignaling1
1 ATTSignaling2
PIAF Webmin/Linux Firewall
Accept If protocol is UDP and source is 12.194.0.0/16 and destination ports are 5060,16384:32767