Hello
First and foremost, my compliments to Selintra and his Sail PBX. This is a GREAT contrib! Onto my dilemma and please excuse my inexperience with Sail. Most of my experience is with Trixbox and I'm fairly new to it too.
I've set up a SIP trunk in sail as follows:
context=from-pstn
dtmfmode=rfc2833
type=peer
host=callcentric.com
qualify=3000
canreinvite=no
username=1777XXXXXXX
fromuser=1777XXXXXXX
secret=password
insecure=very
disallow=all
allow=alaw
allow=ulaw
Reg String: 1777XXXXXXX:password@callcentric.com/1777XXXXXXX
The trunk works right out of the gate and outbound calls never fail. OTOH, inbound connections to Asterisk from the ITSP will randomly drop every five minutes (for three or four seconds at the most) and then re-establish.
Callcentric (the ITSP) has a realtime status screen that will show you when the phone is registered and when it is not... and it's accurate. The SIP channel is dropping, but only on their side. The Asterisk CLI will always show the peers in OK status and the STATE definition in the Trunk Definitions will show clear too.
The same exact problem occurs with Trixbox and the fast and dirty workaround in TB is to check the "allow anonymous SIP calls" tickmark. Once TB is set to allow anonymous SIP, it never drops again.
Both the SMEServer and the TB are in standalone mode behind a firewall and the firewall provides QoS. Neither of the boxes have the SIP ports forwarded to them. (Yes, I know that's probably the cause but please bear with me. Perhaps I've stumbled onto something here that may be of some value.) I'm not very keen on port forwarding anything unless I absolutely have to. TB works 100% of the time when the "allow anonymous" flag is checked. I was just wondering if there is a way to do this in Sail? Does allowing anonymous SIP create a big security hole in server only environments like the one I've described?
Thank you,
6 Replies
3140 Views