I’m Not Able To Register Softphone(X-lite) In Asterisk(Which Is Installed In EC2 Cloud).
Home » Asterisk Users » I’m Not Able To Register Softphone(X-lite) In Asterisk(Which Is Installed In EC2 Cloud).
–f46d04426732146ea10514206719
Content-Type: text/plain; charset=UTF-8
Hi Folks,
I’m trying to register softphone(X-lite) but I’m not able to register softphone whenever I’m trying to register softphone I got below error
[image: Inline image 1]
Is there any document/guide line where I will get process to register softphone in asterisk(Which is installed in EC2 Cloud).
Regards Akhilesh
–f46d04426732146ea10514206719
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Hi Folks,
I'm trying to register softphone(X-lite) but I'm not able to register softphone whenever I'm trying to register softphone I got below error
Is there any document/guide line where I will get process to register softphone in asterisk(Which is installed in EC2 Cloud).
Regards
Akhilesh
–f46d04426732146ea10514206719
28 thoughts on - I’m Not Able To Register Softphone(X-lite) In Asterisk(Which Is Installed In EC2 Cloud).
Am 20.04.15 um 06:31 schrieb akhilesh chand:
Do you have access to the asterisk server? If so, what’s in the logs?
cheers t.
–089e013d1a529242d00514230dc5
Content-Type: text/plain; charset=UTF-8
Check if asterisk is running or not first .
If asterisk is running check iptables ( firewall ) might be blocking the connection . You can see listening ports with netstat -upln command
–089e013d1a529242d00514230dc5
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
–089e013d1a529242d00514230dc5
Hi Thomas,
Yes I’m able to access asterisk server but there is no logs capture into log file related to softphone.If you want more information regarding configuration means sip.conf and extension.conf I will share.
Regards Akhilesh
Am 20.04.15 um 09:43 schrieb akhilesh chand:
Hello.
Could you increase the verbose level?
# core set verbose 6
# sip set debug on
Looking for blocking Firewall Rules is also a valid point.
cheers t.
–047d7b86de86675f9e05142332ad Content-Type: text/plain; charset=UTF-8
Hi Karthik,
Asterisk is running the output of above command is given below
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 0.0.0.0:5000 0.0.0.0:*
10340/asterisk udp 0 0 0.0.0.0:4520 0.0.0.0:*
10340/asterisk udp 0 0 0.0.0.0:5060 0.0.0.0:*
10340/asterisk udp 0 0 0.0.0.0:4569 0.0.0.0:*
10340/asterisk
–047d7b86de86675f9e05142332ad Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
–047d7b86de86675f9e05142332ad
Hi Thomas,
I followed your recommended command in asterisk CLI which is mentioned in above chain mail but I’m not able capture any log related to softphone.
Chain INPUT (policy ACCEPT)
target prot opt source destination ACCEPT all — 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp — 0.0.0.0/0 0.0.0.0/0
ACCEPT all — 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp — 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
REJECT all — 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited ACCEPT udp — 0.0.0.0/0 0.0.0.0/0 udp spt:5060
ACCEPT udp — 0.0.0.0/0 0.0.0.0/0 udp spt:5083
ACCEPT udp — 0.0.0.0/0 0.0.0.0/0 udp spt:10000
Chain FORWARD (policy ACCEPT)
target prot opt source destination REJECT all — 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Am 20.04.15 um 09:58 schrieb akhilesh chand:
Well then i guess you have the softphone somehow misconfigured. You have to double check your settings. IP / Port / Protokoll and so on.
best regards t.
It looks like youre REJECT rule is getting hit before the accept rules for asterisk. Try moving the REJECT rule to last in the list. I think your firewall is blocking asterisk.
–Greg
Don’t make it to complicated …
Connect to your Asterisk via ssh and run asterisk -rvvvvvv.
Then let your Phone try to register. Asterisk should show you what’s getting wrong.
If you can’t see anything while trying to register, shutdown your firewall and try it again …
Regards Guenther
–
Hi Guenther,
What did you recommend to me, I did accordingly but there is no log showing in asterisk CLI. I’m getting same problem.
Regards Akhilesh
Hi Greg,
I moved REJECT rule to last in the list but I’m getting same error.
Regards Akhilesh
Am 21.04.15 um 11:00 schrieb akhilesh chand:
Please shutdown the firewall completely and try again.
cheers t.
Hi Akhilesh,
looks like your firewall is blocking it.
Have you tried ‘nmap -p5060‘ or something similar?
Regards Guenther
– — Bandwidth and Colocation Provided by http://www.api-digital.com
Hi Guenther,
When I executed nmap -p5060 I got below output.
[root@ip-172-31-32-117 cel]# nmap -p5060 xx.xx.xx.xx
Starting Nmap 5.51 ( http://nmap.org ) at 2015-04-21 11:19 UTC
Nmap scan report for ec2-xx-xx-xx-xx.us-west-2.compute.amazonaws.com
(xx.xx.xx.xx)
Host is up (0.00080s latency). PORT STATE SERVICE
5060/tcp filtered sip
Nmap done: 1 IP address (1 host up) scanned in 0.23 seconds
Am 21.04.15 um 13:38 schrieb akhilesh chand:
Maybe your softphone is trying UDP?
cheers t.
– — Bandwidth and Colocation Provided by http://www.api-digital.com
Hi Thomas,
Could you tell how can I change the protocol of corresponding port means
5060 is configured with tcp protocol I want to configured with udp. When I
execute nmap -p5060 xx.xx.xx.xx I got below output
[root@ip-172-31-32-117 cel]# nmap -p5060 xx.xx.xx.xx
Starting Nmap 5.51 ( http://nmap.org ) at 2015-04-21 11:19 UTC
Nmap scan report for ec2-xx-xx-xx-xx.us-west-2.compute.amazonaws.com
(xx.xx.xx.xx)
Host is up (0.00080s latency). PORT STATE SERVICE
5060/tcp filtered sip
Nmap done: 1 IP address (1 host up) scanned in 0.23 seconds
Where I’m seeing 5060 is configured with tcp.
Regards Akhilesh
sip.conf
– ——————————–
‘nmap -p5060 xx.xx.xx.xx’ will show you only tcp-ports, try ‘nmap -sU
– -p5060 xx.xx.xx.xx insteadt ….
—–BEGIN PGP SIGNATURE—
Hi Guenther,
Thanks for ur reply I have concern from long time I’m not able to login through softphone with AWS Cloud.Please let me know is there any document or guide line for the same.
Regards Akhilesh
Sorry Akhilesh,
with this I can’t help you and I’m on Linux so I even can’t try x-lite.
Have you tried zoiper already? It’s available at http://www.zoiper.com/e n
Regards
Guenther
—–BEGIN PGP SIGNATURE—
Hi Akhilesh,
SIP protocol use port 5060 (default) and many other ports to stablish calls. You need to check if there is AWS firewall rule that allow your communication from your client external IP and your AWS host.
Also, think in use IAX intead of SIP, because SIP protocol has many trouble when used with NAT, also IAX protocol use only one port (4569)
to everything. When i need allow external clients (throught NAT or not)
i used to use IAX.
If you want i can help you in your environment (SIP or IAX).
Att, H
Hi,
Try as a first step a tcpdump capture to verify if the softphone is actually sending the register message to the server.
For me it seems like the softphone is not able to reach the server !
Best Regards,
I think in a same way.
Or you can run *”sip set debug on*” on asterisk console to enable sip debugging.
Att, H
Hi Helvio,
Could you tell me what is process to setup an environment for IAX.
Regards Akhilesh
Am 27.04.2015 um 14:53 schrieb akhilesh chand:
Did you read this: http://www.asteriskdocs.org/ ?
Having said that, you might still run into some NAT-related problems, if you use a normal router.
jg
Akhilesh, I have implemented several ec2 instances with both sip and iax2 and have no problems with xlite or hard phones. Have you already opened the ports in the vpc security group on the Amazon side? Let me know is I can help.
–James
Hi James,
Please let me know how could I implement for sip.I will appreciate your help.
Regards Akhilesh
Akhilesh, for sip, just make sure you have up 5060 open and up 10000-20000
open in the security group to the public address where your phones will be
(soft or hard phones). You shouldn’t need the address of your trunk provider (since you should register to them). Of course you’ll still need
22 open to manage the server, but you already have that. That’s all you need from a security group perspective. Make sure that right then we can inspect your config files.