[Freeswitch-users] Docker/Freeswitch/FusionPBX/snom320 no media on outgoing calls

Jörn Ott joern.ott at ext.pixelhouse.de
Tue Aug 18 11:30:55 MSD 2015 

Hello all, 

Our company currently uses an asterisk (without GUI) running on Ubuntu 14.04 in a docker environment. As we had a couple of feature requests, I decided to set up Freeswitch/FusionPBX in parallel and later switch over to it. Almost everything works fine despite Docker giving us NAT between the physical network and the container, using different ports as both containers run on the same physical machine and the firewall NATting the physical network to the outside world. I can make calls to asterisk, receive calls from asterisk and receive calls from the outside which go first to asterisk and then are forwarded to freeswitch. The only thing, I can't get to work is outgoing calls from our snom phones to the external SIP provider via freeswitch. Signalling works, but I don't have any media. I tried direct connections between freeswitch and the SIP provider as well as going through asterisk without any success. 

On asterisk, we have canreinvite=no in the sip connections to the phones and the provider. I tried the following settings on the internal and external SIP trunk to handle the RTP stream through the PBX. I have set the following options: 

In vars.xml: 
<X-PRE-PROCESS cmd="set" data="external_rtp_ip=PUBLIC_IP"/> 
<X-PRE-PROCESS cmd="set" data="external_sip_ip=PUBLIC_IP"/> 

The public IP is natted to the physical hosts IP on the firewall. 

In 
Hello all, 

Our company currently uses an asterisk (without GUI) running on Ubuntu 14.04 in a docker environment. As we had a couple of feature requests, I decided to set up Freeswitch/FusionPBX in parallel and later switch over to it. Almost everything works fine despite Docker giving us NAT between the physical network and the container, using different ports as both containers run on the same physical machine and the firewall NATting the physical network to the outside world. I can make calls to asterisk, receive calls from asterisk and receive calls from the outside which go first to asterisk and then are forwarded to freeswitch. The only thing, I can't get to work is outgoing calls from our snom phones to the external SIP provider via freeswitch. Signalling works, but I don't have any media. I tried direct connections between freeswitch and the SIP provider as well as going through asterisk without any success. 

I am now running out of ideas on what else I can try to get outgoing calls to work.On asterisk, we have canreinvite=no in the sip connections to the phones and the provider. I tried the following settings on the internal and external SIP trunk to handle the RTP stream through the PBX. I have set the following options: 

In vars.xml: 
<X-PRE-PROCESS cmd="set" data="external_rtp_ip=PUBLIC_IP"/> 
<X-PRE-PROCESS cmd="set" data="external_sip_ip=PUBLIC_IP"/> 

The public IP is natted to the physical hosts IP on the firewall. 

In sip_profiles/external.xml, I have the following: 
<param name="debug" value="0"/> 
<param name="sip-trace" value="no"/> 
<param name="sip-capture" value="no"/> 
<param name="rfc2833-pt" value="101"/> 
<param name="sip-port" value="$${external_sip_port}"/> 
<param name="dialplan" value="XML"/> 
<param name="context" value="public"/> 
<param name="dtmf-duration" value="2000"/> 
<param name="inbound-codec-prefs" value="$${global_codec_prefs}"/> 
<param name="outbound-codec-prefs" value="$${outbound_codec_prefs}"/> 
<param name="hold-music" value="$${hold_music}"/> 
<param name="zrtp-passthru" value="true"/> 
<param name="rtp-timer-name" value="soft"/> 
<param name="local-network-acl" value="localnet.auto"/> 
<param name="manage-presence" value="false"/> 
<param name="inbound-codec-negotiation" value="generous"/> 
<param name="nonce-ttl" value="60"/> 
<param name="auth-calls" value="false"/> 
<param name="rtp-ip" value="$${local_ip_v4}"/> 
<param name="sip-ip" value="$${local_ip_v4}"/> 
<param name="rtp-timeout-sec" value="300"/> 
<param name="rtp-hold-timeout-sec" value="1800"/> 
<param name="tls" value="$${external_ssl_enable}"/> 
<param name="tls-only" value="false"/> 
<param name="tls-bind-params" value="transport=tls"/> 
<param name="tls-sip-port" value="$${external_tls_port}"/> 
<param name="tls-cert-dir" value="$${external_ssl_dir}"/> 
<param name="tls-passphrase" value=""/> 
<param name="tls-verify-date" value="true"/> 
<param name="tls-verify-policy" value="none"/> 
<param name="tls-verify-depth" value="2"/> 
<param name="tls-verify-in-subjects" value=""/> 
<param name="tls-version" value="$${sip_tls_version}"/> 
<param name="ext-rtp-ip" value="$${external_rtp_ip}"/> 
<param name="ext-sip-ip" value="$${external_sip_ip}"/> 
<param name="dtmf-type" value="rfc2833"/> 
<param name="bypass-media" value="false"/> 
<param name="bypass_media_after_bridge" value="false"/> 
<param name="bypass_media" value="false"/> 
<param name="bypass-media-after-bridge" value="false"/> 
<param name="sip-force-contact" value="NDLB-connectile-dysfunction"/> 
<param name="sip-sticky-contact" value="true"/> 
<param name="sip_sticky_contact" value="true"/> 
<param name="sip_ignore_reinvites" value="true"/> 

I have added bypass-media and bypass-media-after-bridge with underscore and with dash as I found contradicting information on the web. 

In sip_profiles/internal.xml, I have 
<param name="debug" value="0"/> 
<param name="sip-trace" value="no"/> 
<param name="sip-capture" value="no"/> 
<param name="watchdog-enabled" value="no"/> 
<param name="watchdog-step-timeout" value="30000"/> 
<param name="watchdog-event-timeout" value="30000"/> 
<param name="log-auth-failures" value="true"/> 
<param name="forward-unsolicited-mwi-notify" value="false"/> 
<param name="rfc2833-pt" value="101"/> 
<param name="sip-port" value="$${internal_sip_port}"/> 
<param name="dialplan" value="XML"/> 
<param name="dtmf-duration" value="2000"/> 
<param name="inbound-codec-prefs" value="$${global_codec_prefs}"/> 
<param name="outbound-codec-prefs" value="$${global_codec_prefs}"/> 
<param name="rtp-timer-name" value="soft"/> 
<param name="hold-music" value="$${hold_music}"/> 
<param name="apply-nat-acl" value="nat.auto"/> 
<param name="apply-inbound-acl" value="domains"/> 
<param name="local-network-acl" value="localnet.auto"/> 
<param name="record-path" value="$${recordings_dir}"/> 
<param name="record-template" value="${domain_name}/archive/${strftime(%Y)}/${strftime(%b)}/${strftime(%d)}/${uuid}.wav"/> 
<param name="manage-presence" value="true"/> 
<param name="presence-probe-on-register" value="true"/> 
<param name="manage-shared-appearance" value="true"/> 
<param name="presence-hosts" value="$${domain},$${local_ip_v4}"/> 
<param name="presence-privacy" value="$${presence_privacy}"/> 
<param name="inbound-codec-negotiation" value="generous"/> 
<param name="tls" value="$${internal_ssl_enable}"/> 
<param name="tls-only" value="false"/> 
<param name="tls-bind-params" value="transport=tls"/> 
<param name="tls-sip-port" value="$${internal_tls_port}"/> 
<param name="tls-cert-dir" value="$${internal_ssl_dir}"/> 
<param name="tls-passphrase" value=""/> 
<param name="context" value="default"/> 
<param name="sip-ip" value="$${local_ip_v4}"/> 
<param name="rtp-ip" value="$${local_ip_v4}"/> 
<param name="tls-verify-date" value="true"/> 
<param name="tls-verify-policy" value="none"/> 
<param name="tls-verify-depth" value="2"/> 
<param name="tls-verify-in-subjects" value=""/> 
<param name="tls-version" value="$${sip_tls_version}"/> 
<param name="nonce-ttl" value="60"/> 
<param name="auth-calls" value="$${internal_auth_calls}"/> 
<param name="inbound-reg-force-matching-username" value="true"/> 
<param name="auth-all-packets" value="false"/> 
<param name="rtp-timeout-sec" value="300"/> 
<param name="rtp-hold-timeout-sec" value="1800"/> 
<param name="challenge-realm" value="auto_to"/> 
<param name="bypass_media" value="false"/> 
<param name="bypass-media" value="false"/> 
<param name="bypass_media_after_bridge" value="false"/> 
<param name="bypass-media-after-bridge" value="false"/> 
<param name="sip_sticky_contact" value="true"/> 
<param name="sip-force-contact" value="NDLB-connectile-dysfunction"/> 
<param name="sip_ignore_reinvites" value="true"/> 
<param name="ext-rtp-ip" value="PHYSICAL_IP"/> 
<param name="ext-sip-ip" value="PHYSICAL_IP"/> 

PHYSICAL_IP is the IP of the physical host on which the docker container runs. 

The gateway definition looks like this: 
<gateway name="781c8f7f-5d96-4e9e-8939-423b883cb675"> 
<param name="password" value="xxxxx"/> 
<param name="proxy" value="PROVIDER_HOSTNAME"/> 
<param name="expire-seconds" value="800"/> 
<param name="register" value="false"/> 
<param name="retry-seconds" value="30"/> 
<param name="context" value="public"/> 
</gateway> 


Kind regards 
Joern 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20150818/b43375f9/attachment-0001.html

Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list