No Audio Issue When Connecting Vicidial-User from Remote Net

All installation and configuration problems and questions

Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N

No Audio Issue When Connecting Vicidial-User from Remote Net

Postby d001 » Mon Aug 19, 2024 4:23 am

Hello there, hope you are well!

I'm facing a No audio issue when connecting to my Vicibox server from remote networks. Here's the situation:
1. I've set up a Vicibox server with a subdomain to allow access from anywhere.
2. I've implemented Viciphone for the softphone.
3. I have whitelisted the external IPs of the networks from which I plan to connect, and I’ve opened the necessary ports on the server (on mikrotik too).
4. When I connect from the same network where the server is hosted, everything works perfectly—calls connect, and audio flows both ways.
5. However, when I connect from a remote network that has already been whitelisted, I can successfully log in, and calls connect in both directions (inbound-outbound) , but the audio is non-existent.
6. The Asterisk CLI shows no errors during these remote calls.
I've double-checked the IP whitelist and firewall rules, and I believe everything is set up correctly. I suspect this may be a NAT-related issue, but I’m unsure how to troubleshoot further. Any advice or solutions would be greatly appreciated.
Thanks in advance!


Asterisk 16.30.0-vici | VERSION: 2.14-924a | BUILD: 240716-1453 | OpenSUSE Leap: 15.5
ViciBox v.11.0.1 | VERSION: 2.14-918a | BUILD: 240528-1722 | Asterisk 16.30.0-vici | OpenSUSE Leap: 15.5
d001
 
Posts: 36
Joined: Wed Jul 10, 2024 9:56 am

Re: No Audio Issue When Connecting Vicidial-User from Remote

Postby carpenox » Wed Aug 21, 2024 2:02 am

firewall-cmd --list-all --zone-external

whats the output for this ^
Alma Linux 9.4 | SVN Version: 3889 | DB Schema Version: 1721 | Asterisk 18.21.1 | PHP8
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WA: +19549477572
GC: https://join.skype.com/ujkQ7i5lV78O | DC: https://discord.gg/DVktk6smbh
carpenox
 
Posts: 2418
Joined: Wed Apr 08, 2020 2:02 am
Location: St Petersburg, FL

Re: No Audio Issue When Connecting Vicidial-User from Remote

Postby d001 » Wed Aug 21, 2024 9:41 am

This is the output of the command above:

Code: Select all
vicibox11:~ # firewall-cmd --list-all --zone-external
usage: see firewall-cmd man page
firewall-cmd: error: unrecognized arguments: --zone-external



Code: Select all
vicibox11:~ # firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources:
  services: dhcpv6-client rtp viciportal viciportal-ssl
  ports: 446/tcp 5060/udp 10000-20000/udp 80/tcp 443/tcp
  protocols:
  forward: no
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:
        rule family="ipv4" source ipset="whitenets" service name="asterisk" accept
        rule family="ipv4" source ipset="whitenets" service name="apache2" accept
        rule family="ipv4" source ipset="whiteips" service name="apache2" accept
        rule family="ipv4" source ipset="dynamiclist" service name="apache2" accept
        rule family="ipv4" source ipset="dynamiclist" service name="apache2-ssl" accept
        rule family="ipv4" source ipset="dynamiclist" service name="asterisk" accept
        rule family="ipv4" source ipset="whitenets" service name="apache2-ssl" accept
        rule family="ipv4" source ipset="whiteips" service name="asterisk" accept
        rule family="ipv4" source ipset="whiteips" service name="apache2-ssl" accept
vicibox11:~ #
ViciBox v.11.0.1 | VERSION: 2.14-918a | BUILD: 240528-1722 | Asterisk 16.30.0-vici | OpenSUSE Leap: 15.5
d001
 
Posts: 36
Joined: Wed Jul 10, 2024 9:56 am

Re: No Audio Issue When Connecting Vicidial-User from Remote

Postby carpenox » Sat Aug 24, 2024 9:35 am

oops i meant --zone=external - typo sorry
Alma Linux 9.4 | SVN Version: 3889 | DB Schema Version: 1721 | Asterisk 18.21.1 | PHP8
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WA: +19549477572
GC: https://join.skype.com/ujkQ7i5lV78O | DC: https://discord.gg/DVktk6smbh
carpenox
 
Posts: 2418
Joined: Wed Apr 08, 2020 2:02 am
Location: St Petersburg, FL

Re: No Audio Issue When Connecting Vicidial-User from Remote

Postby d001 » Mon Aug 26, 2024 7:16 am

carpenox wrote:oops i meant --zone=external - typo sorry


No problem, thanks for the reply. I appreciate it.

Code: Select all
vicibox11:~ # firewall-cmd --list-all --zone=external
external (active)
  target: default
  icmp-block-inversion: no
  interfaces:
  sources: ipset:whiteips ipset:whitenets ipset:dynamiclist
  services: apache2 apache2-ssl asterisk dhcpv6-client rtp ssh
  ports:
  protocols:
  forward: no
  masquerade: yes
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:
You have new mail in /var/spool/mail/root
vicibox11:~ #



I'm researching it and I think it may be caused by missing some codec, but I'm not sure..

Regards!
ViciBox v.11.0.1 | VERSION: 2.14-918a | BUILD: 240528-1722 | Asterisk 16.30.0-vici | OpenSUSE Leap: 15.5
d001
 
Posts: 36
Joined: Wed Jul 10, 2024 9:56 am

Re: No Audio Issue When Connecting Vicidial-User from Remote

Postby carpenox » Tue Aug 27, 2024 3:05 am

what happens in asterisk when you login? youre firewall rules look ok, whats in crontab for VB-firewall?
Alma Linux 9.4 | SVN Version: 3889 | DB Schema Version: 1721 | Asterisk 18.21.1 | PHP8
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WA: +19549477572
GC: https://join.skype.com/ujkQ7i5lV78O | DC: https://discord.gg/DVktk6smbh
carpenox
 
Posts: 2418
Joined: Wed Apr 08, 2020 2:02 am
Location: St Petersburg, FL

Re: No Audio Issue When Connecting Vicidial-User from Remote

Postby d001 » Tue Aug 27, 2024 10:05 am

These are the logs for login, inbound, and outbound calls. It works fine with Network1, which is the network I have configured the server on. However, with Network2, where some of my agents are working, the call opens but does not pass the voice, even though everything appears to be okay.

The user is using WebRTC, but we don't use it for calls-just to register the user with a phone. Also, the logs below are for Network2, and I’m using a SIP number where my provider is on Network1. That's why I think it doesn’t work.

login
Code: Select all
[Aug 27 16:30:29]   == WebSocket connection from '7x.10x.xx.xx:6xxx6' for protocol 'sip' accepted using version '13'
[Aug 27 16:30:29]     -- Registered SIP '1001' at 7x.10x.xx.xx:6xxx6
[Aug 27 16:30:51]   == Manager 'sendcron' logged on from 127.0.0.1
[Aug 27 16:30:51]   == Using SIP RTP CoS mark 5
[Aug 27 16:30:51]     -- Called 1001


inbound
Code: Select all
[Aug 27 16:27:53]        > 0x7f63240f46b0 -- Strict RTP learning after remote address set to: xx.xx.xx.xx:1x7x4
[Aug 27 16:27:53]     -- Executing [s@trunkinbound:1] NoOp("SIP/xxxxxxxxx-00000007", "Incoming call to trunkinbound") in new stack
[Aug 27 16:27:53]     -- Executing [s@trunkinbound:2] AGI("SIP/xxxxxxxxx-00000007", "agi://127.0.0.1:4577/call_log") in new stack
[Aug 27 16:27:53]     -- <SIP/xxxxxxxxx-00000007>AGI Script agi://127.0.0.1:4577/call_log completed, returning 0
[Aug 27 16:27:53]     -- Executing [s@trunkinbound:3] Goto("SIP/xxxxxxxxx-00000007", "handle_did,xxxxxxxxx,1") in new stack
[Aug 27 16:27:53]     -- Goto (handle_did,xxxxxxxxx,1)
[Aug 27 16:27:53]     -- Executing [xxxxxxxxx@handle_did:1] AGI("SIP/xxxxxxxxx-00000007", "agi-DID_route.agi") in new stack
[Aug 27 16:27:53]     -- Launched AGI Script /usr/share/asterisk/agi-bin/agi-DID_route.agi
[Aug 27 16:27:53]     -- <SIP/xxxxxxxxx-00000007>AGI Script agi-DID_route.agi completed, returning 0
[Aug 27 16:27:53]     -- Executing [99909*2***DID@default:1] Answer("SIP/xxxxxxxxx-00000007", "") in new stack
[Aug 27 16:27:54]     -- Executing [99909*2***DID@default:2] AGI("SIP/xxxxxxxxx-00000007", "agi-VDAD_ALL_inbound.agi") in new stack
[Aug 27 16:27:54]     -- Launched AGI Script /usr/share/asterisk/agi-bin/agi-VDAD_ALL_inbound.agi
[Aug 27 16:27:55]     -- <SIP/xxxxxxxxx-00000007> Playing 'sip-silence.gsm' (escape_digits=) (sample_offset 0) (language 'en')
[Aug 27 16:27:57]     -- Started music on hold, class 'default', on channel 'SIP/xxxxxxxxx-00000007'
[Aug 27 16:27:57]        > 0x7f63240f46b0 -- Strict RTP switching to RTP target address 8x.9x.xx.xx:13774 as source
[Aug 27 16:27:58]        > 0x7f63240f46b0 -- Strict RTP learning complete - Locking on source address 8x.9x.xx.xx:13774
[Aug 27 16:28:00]     -- Stopped music on hold on SIP/xxxxxxxxx-00000007



outbound
Code: Select all
[Aug 27 16:29:18]     -- Called 8600051@default
[Aug 27 16:29:18]     -- Executing [8600051@default:1] MeetMe("Local/8600051@default-0000000d;2", "8600051,F") in new stack
[Aug 27 16:29:18]     -- Local/8600051@default-0000000d;1 answered
[Aug 27 16:29:18]     -- Executing [355xxxxxx@default:1] AGI("Local/8600051@default-0000000d;1", "agi://127.0.0.1:4577/call_log") in new stack
[Aug 27 16:29:18]     -- AGI Script Executing Application: (EXEC) Options: (Set(_CAMPCUST=DAFCAMP1))
[Aug 27 16:29:18]     -- AGI Script Executing Application: (EXEC) Options: (Set(_CAMPDTO=60))
[Aug 27 16:29:18]   == Manager 'sendcron' logged on from 127.0.0.1
[Aug 27 16:29:18]     -- <Local/8600051@default-0000000d;1>AGI Script agi://127.0.0.1:4577/call_log completed, returning 0
[Aug 27 16:29:18]     -- Executing [355xxxxxx@default:2] Dial("Local/8600051@default-0000000d;1", "SIP/xxxxxxxx/355xxxxxx,60,tTorR") in new stack
[Aug 27 16:29:18]     -- Called 58600051@default
[Aug 27 16:29:18]     -- Executing [58600051@default:1] MeetMe("Local/58600051@default-0000000e;2", "8600051,Fmq") in new stack
[Aug 27 16:29:18]     -- Local/58600051@default-0000000e;1 answered
[Aug 27 16:29:18]     -- Executing [8309@default:1] Answer("Local/58600051@default-0000000e;1", "") in new stack
[Aug 27 16:29:18]     -- Executing [8309@default:2] Monitor("Local/58600051@default-0000000e;1", "wav,20240827-162918_355xxxxxx") in new stack
[Aug 27 16:29:18]     -- Executing [8309@default:3] Wait("Local/58600051@default-0000000e;1", "3600") in new stack
[Aug 27 16:29:18]   == Using SIP RTP CoS mark 5
[Aug 27 16:29:18]     -- Called SIP/xxxxxxxxxx/355xxxxxxxx
[Aug 27 16:29:19]   == Manager 'sendcron' logged off from 127.0.0.1
[Aug 27 16:29:19]   == Manager 'sendcron' logged off from 127.0.0.1
[Aug 27 16:29:20]        > 0x7f6364014f90 -- Strict RTP learning after remote address set to: 8x.9x.xx.xx:1xxx2
[Aug 27 16:29:20]     -- SIP/xxxxxxxxx-00000008 is making progress passing it to Local/8600051@default-0000000d;1
[Aug 27 16:29:20]     -- Dial Tiemout Reset on channel SIP/xxxxxxxxxxx-00000008 due to PROGRESS message.
[Aug 27 16:29:24]     -- SIP/xxxxxxxx-00000008 answered Local/8600051@default-0000000d;1
[Aug 27 16:29:24]     -- Channel SIP/xxxxxxxxxxx-00000008 joined 'simple_bridge' basic-bridge <0a614673-a1b2-4f38-897b-de6c04535656>
[Aug 27 16:29:24]     -- Channel Local/8600051@default-0000000d;1 joined 'simple_bridge' basic-bridge <0a614673-a1b2-4f38-897b-de6c04535656>
[Aug 27 16:29:24]        > 0x7f6364014f90 -- Strict RTP switching to RTP target address 8x.9x.xx.xx:1xxx2 as source
[Aug 27 16:29:25]        > 0x7f6364014f90 -- Strict RTP learning complete - Locking on source address 8x.9x.xx.xx:1xxx2



crontab
Code: Select all
@reboot /usr/bin/VB-firewall --voipbl --noblack --quiet
0 */6 * * * /usr/bin/VB-firewall --voipbl --noblack --quiet


### Renew SSL certificate every sunday at midnight
0 0 * * 0 /usr/share/vicibox-ssl/acme-renew.sh

# Example crontab entries for managing ViciWhite and Dynamic Portal
@reboot /usr/bin/VB-firewall --white --dynamic --quiet
* * * * * /usr/bin/VB-firewall --white --dynamic --quiet

vicibox11:~ #


Thanks in advance!
ViciBox v.11.0.1 | VERSION: 2.14-918a | BUILD: 240528-1722 | Asterisk 16.30.0-vici | OpenSUSE Leap: 15.5
d001
 
Posts: 36
Joined: Wed Jul 10, 2024 9:56 am

Re: No Audio Issue When Connecting Vicidial-User from Remote

Postby carpenox » Thu Aug 29, 2024 8:45 pm

try commenting out the blacklist lines of crontab, you cant run both white and black at the same time, its probably over riding your whitelist options therefore denying access to network2
Alma Linux 9.4 | SVN Version: 3889 | DB Schema Version: 1721 | Asterisk 18.21.1 | PHP8
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WA: +19549477572
GC: https://join.skype.com/ujkQ7i5lV78O | DC: https://discord.gg/DVktk6smbh
carpenox
 
Posts: 2418
Joined: Wed Apr 08, 2020 2:02 am
Location: St Petersburg, FL

Re: No Audio Issue When Connecting Vicidial-User from Remote

Postby d001 » Fri Aug 30, 2024 5:51 am

Thank you so much! It works!!
I just commented out the blacklist lines and rebooted the server, and now it works.

However, I have a question. Does this make the server less secure? As I understand it, when an IP address is added to the blacklist, any traffic from that IP is denied access to the server. This is the main concept, but in this link https://docs.vicibox.com/en/latest/networking/firewall/voipbl.html, it says that the community-submitted list contains over 55K IP entries of known SIP abusers, which makes me a little confused.

Thanks again, and I appreciate it very much.

Regards.
ViciBox v.11.0.1 | VERSION: 2.14-918a | BUILD: 240528-1722 | Asterisk 16.30.0-vici | OpenSUSE Leap: 15.5
d001
 
Posts: 36
Joined: Wed Jul 10, 2024 9:56 am

Re: No Audio Issue When Connecting Vicidial-User from Remote

Postby carpenox » Sat Aug 31, 2024 1:33 pm

well when you are using whitelist option, youre denying every single ip out there, other than what you have added as allowed, so all of thoseIPs in the blacklist are therefore included.
Alma Linux 9.4 | SVN Version: 3889 | DB Schema Version: 1721 | Asterisk 18.21.1 | PHP8
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WA: +19549477572
GC: https://join.skype.com/ujkQ7i5lV78O | DC: https://discord.gg/DVktk6smbh
carpenox
 
Posts: 2418
Joined: Wed Apr 08, 2020 2:02 am
Location: St Petersburg, FL


Return to Support

Who is online

Users browsing this forum: No registered users and 87 guests