Hello, i try to connect my SIP Client (linphone) via VPN to FreePBX. The routing looks OK. I can ping the Endpoints and traffic is routing. I can also Register my Sip Client.

debpbx*CLI> pjsip list contacts

Contact:

==========================================================================================

Contact: 731/sip:731@192.168.30.132:5060 163a967d99
Avail 15.722
Contact: 734/sip:734@10.8.0.143:5060 1b1aa8cbac Avail 62.180

So far so good. When I try to an other extension I get a timeout. tcpdump:

root@debpbx:/etc/asterisk# tcpdump -ni enp0s15 host 10.8.0.143 and not port 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on enp0s15, link-type EN10MB (Ethernet), capture size 262144 bytes
13:03:04.086687 IP 10.8.0.143.5060 > 192.168.30.28.5060: SIP: INVITE
sip:731@asterisk.kes SIP/2.0
13:03:04.087364 IP 192.168.30.28.5060 > 10.8.0.143.5060: SIP: SIP/2.0
401 Unauthorized
13:03:04.126101 IP 10.8.0.143.5060 > 192.168.30.28.5060: SIP: ACK
sip:731@asterisk.kes SIP/2.0
13:03:09.054643 IP 10.8.0.143.5060 > 192.168.30.28.5060: SIP
13:03:14.112561 IP 192.168.30.28.5060 > 10.8.0.143.5060: SIP: OPTIONS
sip:734@10.8.0.143:5060 SIP/2.0
13:03:14.162609 IP 10.8.0.143.5060 > 192.168.30.28.5060: SIP: SIP/2.0 200 Ok
13:03:19.057752 IP 10.8.0.143.5060 > 192.168.30.28.5060: SIP
13:03:29.060765 IP 10.8.0.143.5060 > 192.168.30.28.5060: SIP
13:03:44.672509 IP 10.8.0.143.5060 > 192.168.30.28.5060: SIP

I think the SIP/2.0 401 Unauthorized is the problem. I also had add the VPN IP range to the local_net but that does not solve the problem.

root@debpbx:/etc/asterisk# grep -ri 10.8.0
sip_general_additional.conf:localnet=10.8.0.0/24
pjsip.transports.conf:local_net=10.8.0.0/24

—