No Register Between Asterisk 15 And 13 Running Pjsip

Home » Asterisk Users » No Register Between Asterisk 15 And 13 Running Pjsip
Asterisk Users No Comments

Hello,

we have 4 asteriks, 2 in office on one server (wazo and mobydick), and 2
in DC (self compiled) each on his own server. All of them are VMs under Debian Stretch. We used OpenVPN to connect the machines together in TAP
mode, everything was running well.

Setup is following: the 2 asterisk in office on the same server are Asterisk 15 (wazo) and Asterisk 11certified (mobydick). Each of them is connected to the 2 others Asterisk in DC, both being Asterisk 13, all using chan_sip except one in DC wich is pjsip. They are also 2 IP phones in the office which are connected to all servers. As stated above, in tap mode everything is running well.

Now we changed our VPNs to use tun. The setup was tested appart of asterisks, all connections are OK, all machines can speak to each others including Windows one.

Now the problem: all VOIP devices are connecting as before except the Asterisk 15 from Office who can’t register to the Asterisk 13 in DC
running pjsip. No problem with the Asterisk11 certified against the same pjsip, as well as no problem to the other Asterisk 13 in DC running chan_sip.

What we get:

<--- Received SIP request (394 bytes) from UDP:10.99.0.52:5060 --->
REGISTER sip:zone-s SIP/2.0
Via: SIP/2.0/UDP 192.168.12.250:5060;branch=z9hG4bK4d838884
Max-Forwards: 70
From: ;tag=as17aa56c4
To:
Call-ID: 2efc5e2320a31ff1107505663a02397d@127.0.1.1
CSeq: 102 REGISTER
Supported: replaces, timer User-Agent: Office PBX
Expires: 3600
Contact:
Content-Length: 0

[2018-07-05 18:49:08] NOTICE[21317]: acl.c:750 ast_apply_acl: SIP ACL:
Rejecting ‘10.99.0.52’ due to a failure to pass ACL ‘(BASELINE)’
[2018-07-05 18:49:08] NOTICE[21317]: res_pjsip/pjsip_distributor.c:649
log_failed_request: Request ‘REGISTER’ from ‘
failed for ‘10.99.0.52:5060’ (call$
d: 2efc5e2320a31ff1107505663a02397d@127.0.1.1) – Not match Endpoint ACL
<--- Transmitting SIP response (322 bytes) to UDP:10.99.0.52:5060 --->
SIP/2.0 403 Forbidden Via: SIP/2.0/UDP
192.168.12.250:5060;rport=5060;received=10.99.0.52;branch=z9hG4bK4d838884
Call-ID: 2efc5e2320a31ff1107505663a02397d@127.0.1.1
From: ;tag=as17aa56c4
To: ;tag=z9hG4bK4d838884
CSeq: 102 REGISTER
Server: TOOTAiAudio Content-Length:  0

where 10.99.0.52 is the IP of the office tun VPN and 192.168.12.250 is the Asterisk 15 IP. zone-s is the hostname of the Asterisk pjsip server. The 10.99.0.52 is not in ACL (we tried by including it but no luck). zwr-IPBX is the username/auth_user. Remember, both VOIP phones as well as the Asterisk 11 server connect without problem. The Asterisk 11 an Asterisk 13 configuration is the same in pjsip.conf appart of username/auth_name.

If someone had any clue on this.

Regards

Daniel