[Freeswitch-users] New system: sofia is on wrong IP address
Bote Man
botelist at gmail.com
Wed Feb 24 01:49:45 UTC 2021
It looks like you still have 3 SIP profiles listening, so I would rename
external-ipv6.xml -> external-ipv6.hold
external.xml -> external.hold
just to get them out of the way for now. You can always bring them back in later if necessary.
All of these files are merely serving suggestions, you should change things to suit your needs.
I would work with internal.xml as your “phone” profile just because it’s intuitive.
So, in each SIP profile I would set the desired interface address explicitly.
<profile name="phone">
…
<param name="rtp-ip" value="192.168.3.2"/>
<param name="sip-ip" value="192.168.3.2"/>
<!-- <param name="ext-rtp-ip" value="auto-nat"/>-->
<!-- <param name="ext-sip-ip" value="auto-nat"/>-->
In my own vars.xml it’s using STUN to determine my public IP address, but sofia status only shows FS listening on the private RFC1918 address. It registers just fine with both CallCentric and InterMedia via gateway definitions. If you don’t need FS to listen for remote registrations from outside I don’t think you need the external SIP profile.
Anyway, try it just with the one profile and see what sofia says. Once you get the phones to register with FS locally you can expand your horizons to the other network.
Bote
From: FreeSWITCH-users <freeswitch-users-bounces at lists.freeswitch.org> On Behalf Of Steven Schoch
Sent: Tuesday, 23 February, 2021 17:37
To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
Subject: Re: [Freeswitch-users] New system: sofia is on wrong IP address
Thanks, John!
The system does not have a "public" interface. I assume it gets the 67.* address from auto-nat. Its 2 IP addresses are 10.0.0.167 (DHCP) (local_ip_v4), and 192.168.3.2 (phone_ip_v4). I disabled the "internal" profile and the internal-ipv6 profile to avoid confusion. Now "ss -n -a sport = 5060" shows this:
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 192.168.3.2:5060 <http://192.168.3.2:5060> 0.0.0.0:*
tcp LISTEN 0 64 192.168.3.2:5060 <http://192.168.3.2:5060> 0.0.0.0:*
...which means it's listening on the "phone" network, as it should be. However "sofia status" still gives me this:
Name Type Data State
=================================================================================================
external-ipv6 profile sip:mod_sofia@[2601:647:4802:9220:c816:30ae:6a9a:d191]:5080 RUNNING (0)
external profile sip:mod_sofia at 67.164.101.201:5080 <http://sip:mod_sofia@67.164.101.201:5080> RUNNING (0)
external::flowroute gateway sip:6509889800 at us-west-or.sip-flowroute.com <mailto:sip%3A6509889800 at us-west-or.sip-flowroute.com> NOREG
phone profile sip:mod_sofia at 10.0.0.167:5060 <http://sip:mod_sofia@10.0.0.167:5060> RUNNING (0)
=================================================================================================
3 profiles 0 aliases
The IP address after "sip:mod_sofia@" is my home LAN. Why isn't it the IP of the "phone" network?
--
Steve
On Tue, Feb 23, 2021 at 1:36 PM Bote Man <botelist at gmail.com <mailto:botelist at gmail.com> > wrote:
HO BOY. By “pbx system” may we assume that you mean the linux box running FreeSWITCH?
1) First and foremost, it appears that you (inadvertently?) have FreeSWITCH listening on a public interface since sofia status shows both an ipv4 and an ipv6 address. I strongly suggest you eliminate that before attackers attack from those interfaces. Since the FS “Vanilla” configuration files are intended to get you up and running as quickly as possible, they anticipate the most common scenario which is an internal SIP profile to service your phones (named default) and an external SIP profile (named external) that you may or may not need to listen on a different ip:port pair.
I usually rename those files from external.xml to external.hold so they remain as references, but won’t be picked up by FS when it starts since they no longer have the .xml suffix.
2) Those two gateway definitions are picked up by an include statement at the top of one of the SIP profiles. I’ve never questioned how or why, but my gateway is included in my internal profile and it works just fine. This is why I say that you might not even need that external profile at all, but you’ll need to investigate that further.
3) The SIP profiles as well as all the other XML definitions depend on the “name=” tag at the top, so the filename is irrelevant to FS. The Vanilla configs name the internal profile “default” inside and from your sofia status table it appears that you’ve copied that and named it “phone” so now you have 3 SIP profiles listening, with the internal profile listening on your public IP address.
4) The NAT stuff can be tricky, but you probably want to look into that, as well. Here’s a starting point:
https://freeswitch.org/confluence/display/FREESWITCH/NAT+Traversal
I’m not sure I’ve gotten everything right in here, but my advice is to trim it down to keep it simple and then build it back to more complexity as you master each part.
Hope this helps.
---
John Boteler
BnC Group U.S.A.
From: FreeSWITCH-users <freeswitch-users-bounces at lists.freeswitch.org <mailto:freeswitch-users-bounces at lists.freeswitch.org> > On Behalf Of Steven Schoch
Sent: Tuesday, 23 February, 2021 16:01
To: freeswitch-users <FreeSWITCH-users at lists.freeswitch.org <mailto:FreeSWITCH-users at lists.freeswitch.org> >
Subject: [Freeswitch-users] New system: sofia is on wrong IP address
The last time I played with FreeSWITCH was 10 years ago, and now I'm helping a local nonprofit retire their obsolete analog phone system.
I have a pbx system with 2 network cards: One dedicated to the phones, plugs into a PoE switch. On that network, the pbx has a DHCP server for the phones, as well as an FTP server for the Polycom SoundPoint IP 320 phones. The IP address on that network is 192.168.3.2.
Since I'm setting up the system here at home, the other network card is on my Xfinity LAN, with an IP address of 10.0.0.167 (via DHCP from the Comcast modem).
I understand the "domain" should be fairly fixed, so I set that to my "phone" network:
<X-PRE-PROCESS cmd="set" data="phone_ip_v4=192.168.3.2"/>
<X-PRE-PROCESS cmd="set" data="domain=$${phone_ip_v4}"/>
<X-PRE-PROCESS cmd="set" data="domain_name=eastwest"/>
I defined an sofia profile named "phone" with these lines:
<param name="rtp-ip" value="$${phone_ip_v4}"/>
<param name="sip-ip" value="$${phone_ip_v4}"/>
I also used the default "internal" profile, in case an SIP device is hooked up to the main LAN, but that's not important.
However, a "sofia status" shows this:
Name Type Data State
=================================================================================================
external-ipv6 profile sip:mod_sofia@[2601:647:4802:9220:c816:30ae:6a9a:d191]:5080 RUNNING (0)
192.168.3.2 alias internal ALIASED
external profile sip:mod_sofia at 67.164.101.201:5080 <http://sip:mod_sofia@67.164.101.201:5080> RUNNING (0)
external::sip2sip gateway sip:eastwest at sip2sip.info <mailto:sip%3Aeastwest at sip2sip.info> REGED
external::flowroute gateway sip:6509889800 at us-west-or.sip-flowroute.com <mailto:sip%3A6509889800 at us-west-or.sip-flowroute.com> NOREG
phone profile sip:mod_sofia at 10.0.0.167:5060 <http://sip:mod_sofia@10.0.0.167:5060> RUNNING (0)
internal-ipv6 profile sip:mod_sofia@[2601:647:4802:9220:c816:30ae:6a9a:d191]:5060 RUNNING (0)
internal profile sip:mod_sofia at 67.164.101.201:5060 <http://sip:mod_sofia@67.164.101.201:5060> RUNNING (0)
=================================================================================================
5 profiles 1 alias
Why does the "phone" profile have "sip:mod_sofia at 10.0.0.167:5060 <http://sip:mod_sofia@10.0.0.167:5060> ". Shouldn't that have the 192.168.3.2 address? And why isn't my phone registering?
--
Steve
_________________________________________________________________________
The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
Enhance your FreeSWITCH install with disruptive priced SMS and PSTN services.
Build your next product on our scalable cloud platform.
Join our online community to chat in real time https://signalwire.community
Professional FreeSWITCH Services
sales at freeswitch.com <mailto:sales at freeswitch.com>
https://freeswitch.com
Official FreeSWITCH Sites
https://freeswitch.com/oss
https://freeswitch.org/confluence
https://cluecon.com
FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org <mailto:FreeSWITCH-users at lists.freeswitch.org>
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
https://freeswitch.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20210223/d8736b8d/attachment-0001.html>
More information about the FreeSWITCH-users
mailing list