WebRTC NoVoice on External Network, works on Local Network
Posted: Sat Dec 01, 2018 9:38 am
Hi,
WIth Vicidial 8.1.2 install, on our local network (LAN), the webrtc calls and phone setup is working fine, no issues.
However, when we try to login to vicidial from internet ( external network ), the login agent is not able to hear any voice. Agent can manually dial the call and receive inbound calls, but there is no voice in either direction ( caller to agent or agent to caller ). On LAN, it works without issue.
I read the post viewtopic.php?f=8&t=38057 and still no avail. I have done a Firewall NAT for all ports (1-65000) from Firewall of external ip to the vicidial server ip. I know it is a security risk at present to open the ssh and other ports for the world. But I am not sure at present which ports system would use, so opened all ports, essentially DMZ.
Can you please tell me what more information would you need?
Following Asterisk log (internal lan connection login of agent, working log)
[Dec 1 19:56:24] Asterisk 13.21.1-vici, Copyright (C) 1999 - 2014, Digium, Inc. and others.
[Dec 1 19:56:24] Created by Mark Spencer <markster@digium.com>
[Dec 1 19:56:24] Asterisk comes with ABSOLUTELY NO WARRANTY; type 'core show warranty' for details.
[Dec 1 19:56:24] This is free software, with components licensed under the GNU General Public
[Dec 1 19:56:24] License version 2 and other licenses; you are welcome to redistribute it under
[Dec 1 19:56:24] certain conditions. Type 'core show license' for details.
[Dec 1 19:56:24] =========================================================================
[Dec 1 19:56:24] Connected to Asterisk 13.21.1-vici currently running on call (pid = 2122)
[Dec 1 19:56:29] == WebSocket connection from '192.168.2.33:63082' for protocol 'sip' accepted using version '13'
[Dec 1 19:56:29] -- Registered SIP '8002' at 192.168.2.33:63082
[Dec 1 19:56:35] == Manager 'sendcron' logged on from 127.0.0.1
[Dec 1 19:56:35] == DTLS ECDH initialized (automatic), faster PFS enabled
[Dec 1 19:56:35] == Using SIP RTP CoS mark 5
[Dec 1 19:56:35] -- Called 8002
[Dec 1 19:56:35] -- SIP/8002-00000363 is ringing
[Dec 1 19:56:35] > 0x7f7e94004690 -- Strict RTP learning after remote address set to: 192.168.2.33:59422
[Dec 1 19:56:35] -- SIP/8002-00000363 answered
[Dec 1 19:56:35] -- Executing [8600053@default:1] MeetMe("SIP/8002-00000363", "8600053,F") in new stack
[Dec 1 19:56:35] -- Created MeetMe conference 1023 for conference '8600053'
[Dec 1 19:56:35] -- <SIP/8002-00000363> Playing 'conf-onlyperson.gsm' (language 'en')
[Dec 1 19:56:35] > 0x7f7e94004690 -- Strict RTP learning after ICE completion
[Dec 1 19:56:36] == Manager 'sendcron' logged off from 127.0.0.1
[Dec 1 19:56:36] > 0x7f7e94004690 -- Strict RTP switching to RTP target address 192.168.2.33:59422 as source
[Dec 1 19:56:38] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:39] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:40] > 0x7f7e94004690 -- Strict RTP learning complete - Locking on source address 192.168.2.33:59422
[Dec 1 19:56:41] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:44] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:46] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:49] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:53] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:53] == WebSocket connection from '192.168.2.33:63016' forcefully closed due to fatal write error
[Dec 1 19:56:55] == SRTCP unprotect failed because of authentication failure
Following is the log of same agent login from internet ( no voice log ):
[Dec 1 20:00:48] Asterisk 13.21.1-vici, Copyright (C) 1999 - 2014, Digium, Inc. and others.
[Dec 1 20:00:48] Created by Mark Spencer <markster@digium.com>
[Dec 1 20:00:48] Asterisk comes with ABSOLUTELY NO WARRANTY; type 'core show warranty' for details.
[Dec 1 20:00:48] This is free software, with components licensed under the GNU General Public
[Dec 1 20:00:48] License version 2 and other licenses; you are welcome to redistribute it under
[Dec 1 20:00:48] certain conditions. Type 'core show license' for details.
[Dec 1 20:00:48] =========================================================================
[Dec 1 20:00:48] Connected to Asterisk 13.21.1-vici currently running on call (pid = 2122)
[Dec 1 23:30:55] ERROR[2185]: chan_sip.c:4270 __sip_reliable_xmit: Serious Network Trouble; __sip_xmit returns error for pkt data
[Dec 1 20:00:57] == WebSocket connection from '49.34.108.239:38627' for protocol 'sip' accepted using version '13'
[Dec 1 20:00:57] -- Registered SIP '8002' at 49.34.108.239:38627
[Dec 1 23:30:57] ERROR[2185]: tcptls.c:447 tcptls_stream_close: SSL_shutdown() failed: error:00000005:lib(0):func(0):DH lib, Underlying BIO error: Broken pipe
[Dec 1 20:00:57] == WebSocket connection from '49.34.108.239:38547' forcefully closed due to fatal write error
[Dec 1 23:30:57] NOTICE[27667]: chan_sip.c:24639 handle_response_peerpoke: Peer '8002' is now Reachable. (138ms / 2000ms)
[Dec 1 20:01:01] == Manager 'sendcron' logged on from 127.0.0.1
[Dec 1 20:01:01] == Manager 'sendcron' logged off from 127.0.0.1
[Dec 1 20:01:01] == Manager 'sendcron' logged on from 127.0.0.1
[Dec 1 20:01:02] == Manager 'sendcron' logged off from 127.0.0.1
[Dec 1 20:01:06] == Manager 'sendcron' logged on from 127.0.0.1
[Dec 1 20:01:06] == Manager 'sendcron' logged off from 127.0.0.1
[Dec 1 20:01:07] == Manager 'sendcron' logged on from 127.0.0.1
[Dec 1 20:01:07] == DTLS ECDH initialized (automatic), faster PFS enabled
[Dec 1 20:01:07] == Using SIP RTP CoS mark 5
[Dec 1 20:01:07] -- Called 8002
[Dec 1 20:01:08] -- SIP/8002-00000365 is ringing
[Dec 1 20:01:13] -- SIP/8002-00000365 answered
[Dec 1 20:01:13] -- Executing [8600053@default:1] MeetMe("SIP/8002-00000365", "8600053,F") in new stack
[Dec 1 20:01:13] -- Created MeetMe conference 1023 for conference '8600053'
[Dec 1 20:01:13] -- <SIP/8002-00000365> Playing 'conf-onlyperson.gsm' (language 'en')
[Dec 1 20:01:14] == Manager 'sendcron' logged off from 127.0.0.1
[Dec 1 20:01:21] > 0x7f7e9c029e80 -- Strict RTP learning after ICE completion
Based on the external login ( from internet ), there is this "Underlying BIO error: Broken pipe" error, which I am sure is the root cause of the issue, but don't know how to fix it or where to look for it.
WIth Vicidial 8.1.2 install, on our local network (LAN), the webrtc calls and phone setup is working fine, no issues.
However, when we try to login to vicidial from internet ( external network ), the login agent is not able to hear any voice. Agent can manually dial the call and receive inbound calls, but there is no voice in either direction ( caller to agent or agent to caller ). On LAN, it works without issue.
I read the post viewtopic.php?f=8&t=38057 and still no avail. I have done a Firewall NAT for all ports (1-65000) from Firewall of external ip to the vicidial server ip. I know it is a security risk at present to open the ssh and other ports for the world. But I am not sure at present which ports system would use, so opened all ports, essentially DMZ.
Can you please tell me what more information would you need?
Following Asterisk log (internal lan connection login of agent, working log)
[Dec 1 19:56:24] Asterisk 13.21.1-vici, Copyright (C) 1999 - 2014, Digium, Inc. and others.
[Dec 1 19:56:24] Created by Mark Spencer <markster@digium.com>
[Dec 1 19:56:24] Asterisk comes with ABSOLUTELY NO WARRANTY; type 'core show warranty' for details.
[Dec 1 19:56:24] This is free software, with components licensed under the GNU General Public
[Dec 1 19:56:24] License version 2 and other licenses; you are welcome to redistribute it under
[Dec 1 19:56:24] certain conditions. Type 'core show license' for details.
[Dec 1 19:56:24] =========================================================================
[Dec 1 19:56:24] Connected to Asterisk 13.21.1-vici currently running on call (pid = 2122)
[Dec 1 19:56:29] == WebSocket connection from '192.168.2.33:63082' for protocol 'sip' accepted using version '13'
[Dec 1 19:56:29] -- Registered SIP '8002' at 192.168.2.33:63082
[Dec 1 19:56:35] == Manager 'sendcron' logged on from 127.0.0.1
[Dec 1 19:56:35] == DTLS ECDH initialized (automatic), faster PFS enabled
[Dec 1 19:56:35] == Using SIP RTP CoS mark 5
[Dec 1 19:56:35] -- Called 8002
[Dec 1 19:56:35] -- SIP/8002-00000363 is ringing
[Dec 1 19:56:35] > 0x7f7e94004690 -- Strict RTP learning after remote address set to: 192.168.2.33:59422
[Dec 1 19:56:35] -- SIP/8002-00000363 answered
[Dec 1 19:56:35] -- Executing [8600053@default:1] MeetMe("SIP/8002-00000363", "8600053,F") in new stack
[Dec 1 19:56:35] -- Created MeetMe conference 1023 for conference '8600053'
[Dec 1 19:56:35] -- <SIP/8002-00000363> Playing 'conf-onlyperson.gsm' (language 'en')
[Dec 1 19:56:35] > 0x7f7e94004690 -- Strict RTP learning after ICE completion
[Dec 1 19:56:36] == Manager 'sendcron' logged off from 127.0.0.1
[Dec 1 19:56:36] > 0x7f7e94004690 -- Strict RTP switching to RTP target address 192.168.2.33:59422 as source
[Dec 1 19:56:38] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:39] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:40] > 0x7f7e94004690 -- Strict RTP learning complete - Locking on source address 192.168.2.33:59422
[Dec 1 19:56:41] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:44] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:46] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:49] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:53] == SRTCP unprotect failed because of authentication failure
[Dec 1 19:56:53] == WebSocket connection from '192.168.2.33:63016' forcefully closed due to fatal write error
[Dec 1 19:56:55] == SRTCP unprotect failed because of authentication failure
Following is the log of same agent login from internet ( no voice log ):
[Dec 1 20:00:48] Asterisk 13.21.1-vici, Copyright (C) 1999 - 2014, Digium, Inc. and others.
[Dec 1 20:00:48] Created by Mark Spencer <markster@digium.com>
[Dec 1 20:00:48] Asterisk comes with ABSOLUTELY NO WARRANTY; type 'core show warranty' for details.
[Dec 1 20:00:48] This is free software, with components licensed under the GNU General Public
[Dec 1 20:00:48] License version 2 and other licenses; you are welcome to redistribute it under
[Dec 1 20:00:48] certain conditions. Type 'core show license' for details.
[Dec 1 20:00:48] =========================================================================
[Dec 1 20:00:48] Connected to Asterisk 13.21.1-vici currently running on call (pid = 2122)
[Dec 1 23:30:55] ERROR[2185]: chan_sip.c:4270 __sip_reliable_xmit: Serious Network Trouble; __sip_xmit returns error for pkt data
[Dec 1 20:00:57] == WebSocket connection from '49.34.108.239:38627' for protocol 'sip' accepted using version '13'
[Dec 1 20:00:57] -- Registered SIP '8002' at 49.34.108.239:38627
[Dec 1 23:30:57] ERROR[2185]: tcptls.c:447 tcptls_stream_close: SSL_shutdown() failed: error:00000005:lib(0):func(0):DH lib, Underlying BIO error: Broken pipe
[Dec 1 20:00:57] == WebSocket connection from '49.34.108.239:38547' forcefully closed due to fatal write error
[Dec 1 23:30:57] NOTICE[27667]: chan_sip.c:24639 handle_response_peerpoke: Peer '8002' is now Reachable. (138ms / 2000ms)
[Dec 1 20:01:01] == Manager 'sendcron' logged on from 127.0.0.1
[Dec 1 20:01:01] == Manager 'sendcron' logged off from 127.0.0.1
[Dec 1 20:01:01] == Manager 'sendcron' logged on from 127.0.0.1
[Dec 1 20:01:02] == Manager 'sendcron' logged off from 127.0.0.1
[Dec 1 20:01:06] == Manager 'sendcron' logged on from 127.0.0.1
[Dec 1 20:01:06] == Manager 'sendcron' logged off from 127.0.0.1
[Dec 1 20:01:07] == Manager 'sendcron' logged on from 127.0.0.1
[Dec 1 20:01:07] == DTLS ECDH initialized (automatic), faster PFS enabled
[Dec 1 20:01:07] == Using SIP RTP CoS mark 5
[Dec 1 20:01:07] -- Called 8002
[Dec 1 20:01:08] -- SIP/8002-00000365 is ringing
[Dec 1 20:01:13] -- SIP/8002-00000365 answered
[Dec 1 20:01:13] -- Executing [8600053@default:1] MeetMe("SIP/8002-00000365", "8600053,F") in new stack
[Dec 1 20:01:13] -- Created MeetMe conference 1023 for conference '8600053'
[Dec 1 20:01:13] -- <SIP/8002-00000365> Playing 'conf-onlyperson.gsm' (language 'en')
[Dec 1 20:01:14] == Manager 'sendcron' logged off from 127.0.0.1
[Dec 1 20:01:21] > 0x7f7e9c029e80 -- Strict RTP learning after ICE completion
Based on the external login ( from internet ), there is this "Underlying BIO error: Broken pipe" error, which I am sure is the root cause of the issue, but don't know how to fix it or where to look for it.