Configure Asterisk to receive incoming SIP calls
If you want people from the outside world to be able to contact you via SIP, there are a few things you need to configure.
First, in FreePBX setup, click General Settings on the left hand menu, scroll down and select Yes to Allow Anonymous Inbound SIP Calls.
The Asterisk configuration file sip.conf defines the parameters for accepting incoming SIP calls. We need to make some changes to this file to correctly process incoming calls. From the Trixbox Admin web page, click Asterisk, Config Edit, then sip.conf on the left hand side. Modify the contents of this file so it reflects what is shown below.
[general]
bindport=5060 ; UDP Port to bind to
bindaddr=0.0.0.0 ; (0.0.0.0 binds to all)
disallow=all
allow=ulaw
allow=alaw
allow=gsm
allow=ilbc
context=from-sip-external
callerid=Unknown
tos=0x68
;------------- Ryan's Mods --------------
externip=203.214.45.124 ;required behind NAT
localnet=192.168.0.0/255.255.255.0 ;required behind NAT
fromdomain=lithiumblue.com canreinvite=no ;Required for UM calls to work
insecure=very
srvlookup=yes ;Required for outbound calls
#include sip_nat.conf
#include sip_custom.conf
#include sip_additional.conf
bindaddr - The IP address to listen on
disallow - Always specified first to disable all codecs, then we use allow to specify only the ones we want to use
context - The section to send SIP calls to for processing. From-sip-external will process calls provided that Allow Anonymous Inbound SIP Calls is set to Yes. Otherwise, it will just give a busy tone.
tos - Type of Service - used for traffic prioritization if supported on the network
externip - If you are behind a NAT, set this value to your public IP address. If you are not behind a NAT, delete this line.
localnet - If you are behind a NAT, set this value to your local subnet and network mask values. Note you can have multiple localnet= lines
fromdomain - Use if you want asterisk will append a domain (rather than its own hostname) to outgoing calls. Note that for people external to your organization to be able to contact you using this domain, the appropriate DNS SRV records must be configured on your public facing DNS servers.
canreinvite - Must be set to 'no' to enable diversions to Exchange UM to be processed correctly. Setting to 'yes' will result in calls being dropped and Event ID 1150 logged on the UM server by UMCore saying "The Unified Messaging server was unable to create a message for the fax call with ID...".
srvlookup - Must be set to 'yes' to allow Asterisk to make outbound SIP calls external to your organization. See Understanding DNS SRV records and SIP for more details.
Some people suggest using nat=yes in sip.conf if your Asterisk server is behind a NAT. I have found that this is not needed, and tends to break calls/diversions to Exchange when enabled. As long as the externip and localnet settings are present, Asterisk should have no problem processing the call from behind a NAT. If you have individual extensions are behind a NAT, you can set nat=yes in each extension definition in sip_additional.conf. This is required in this scenario, and will not break diversions or calls to Exchange.
A detailed guide on all the options available in sip.conf is available on the voip-info.org wiki.
Service Name: SIP
Port: 5060
Protocol: UDP
Service Name: RTP
Port: 10000-20000
Protocol: UDP
If you need to change the RTP port range, use the Config Edit web interface to modify the rtp.conf. Read my post on RTP and SIP to understand their relationship and why you need this.
[general]
rtpstart=10000
rtpend=20000
_sip._udp.mydomain.com. 86400 IN SRV 10 5 5060 asterisk.mydomain.com.
_sip._udp.asterisk.mydomain.com. 86400 IN SRV 10 5 5060 asterisk.mydomain.com.
I have created instructions for configuring these records using Windows Server DNS, as well as a description of how SIP uses SRV records.
First, in FreePBX setup, click General Settings on the left hand menu, scroll down and select Yes to Allow Anonymous Inbound SIP Calls.
The Asterisk configuration file sip.conf defines the parameters for accepting incoming SIP calls. We need to make some changes to this file to correctly process incoming calls. From the Trixbox Admin web page, click Asterisk, Config Edit, then sip.conf on the left hand side. Modify the contents of this file so it reflects what is shown below.
[general]
bindport=5060 ; UDP Port to bind to
bindaddr=0.0.0.0 ; (0.0.0.0 binds to all)
disallow=all
allow=ulaw
allow=alaw
allow=gsm
allow=ilbc
context=from-sip-external
callerid=Unknown
tos=0x68
;------------- Ryan's Mods --------------
externip=203.214.45.124 ;required behind NAT
localnet=192.168.0.0/255.255.255.0 ;required behind NAT
fromdomain=lithiumblue.com canreinvite=no ;Required for UM calls to work
insecure=very
srvlookup=yes ;Required for outbound calls
#include sip_nat.conf
#include sip_custom.conf
#include sip_additional.conf
Explanation
bindport - The UDP Port to bind to. Standard is 5060bindaddr - The IP address to listen on
disallow - Always specified first to disable all codecs, then we use allow to specify only the ones we want to use
context - The section to send SIP calls to for processing. From-sip-external will process calls provided that Allow Anonymous Inbound SIP Calls is set to Yes. Otherwise, it will just give a busy tone.
tos - Type of Service - used for traffic prioritization if supported on the network
externip - If you are behind a NAT, set this value to your public IP address. If you are not behind a NAT, delete this line.
localnet - If you are behind a NAT, set this value to your local subnet and network mask values. Note you can have multiple localnet= lines
fromdomain - Use if you want asterisk will append a domain (rather than its own hostname) to outgoing calls. Note that for people external to your organization to be able to contact you using this domain, the appropriate DNS SRV records must be configured on your public facing DNS servers.
canreinvite - Must be set to 'no' to enable diversions to Exchange UM to be processed correctly. Setting to 'yes' will result in calls being dropped and Event ID 1150 logged on the UM server by UMCore saying "The Unified Messaging server was unable to create a message for the fax call with ID...".
srvlookup - Must be set to 'yes' to allow Asterisk to make outbound SIP calls external to your organization. See Understanding DNS SRV records and SIP for more details.
Some people suggest using nat=yes in sip.conf if your Asterisk server is behind a NAT. I have found that this is not needed, and tends to break calls/diversions to Exchange when enabled. As long as the externip and localnet settings are present, Asterisk should have no problem processing the call from behind a NAT. If you have individual extensions are behind a NAT, you can set nat=yes in each extension definition in sip_additional.conf. This is required in this scenario, and will not break diversions or calls to Exchange.
A detailed guide on all the options available in sip.conf is available on the voip-info.org wiki.
Port Forwarding
If your Asterisk server is behind a NAT, you will need to configure port forwarding on your router. You will need to forward the following ports to the Asterisk server.Service Name: SIP
Port: 5060
Protocol: UDP
Service Name: RTP
Port: 10000-20000
Protocol: UDP
If you need to change the RTP port range, use the Config Edit web interface to modify the rtp.conf. Read my post on RTP and SIP to understand their relationship and why you need this.
[general]
rtpstart=10000
rtpend=20000
DNS SRV Records
SIP relies heavily on DNS SRV records to be able to route calls through over the internet. To ensure people are able to contact you, configure the following SRV records on your public facing DNS servers._sip._udp.mydomain.com. 86400 IN SRV 10 5 5060 asterisk.mydomain.com.
_sip._udp.asterisk.mydomain.com. 86400 IN SRV 10 5 5060 asterisk.mydomain.com.
I have created instructions for configuring these records using Windows Server DNS, as well as a description of how SIP uses SRV records.
Comments
You are too quick for me! I am working on this one at the moment. The short answer is yes, but at the moment, the incoming call needs to be identified by the SIP/PSTN gateway as a fax. It may be possible to use Asterisk to detect the fax and forward it, but it does not do this out of the box.
Ryan
For some reason it does not seem to work for me - I cannot seem to reach extension@mydomain directly through my (alternate) iptel connection.
-extensions are setup correctly, calls to my DID through my provider work as expected
-sip.conf has each of your lines specified, many were already set
-port forwarding is setup as per your specs
-SRV records in DNS are setup for _sip._udp.@ but I couldn't figure out how to add an SRV record with the same name as an existing A record (asterisk.yourdomain) for the _sip._udp.asterisk.yourdomain (though should'nt you be able to dial by IP {ie extension@xx.yy.zz.bb} to eliminate DNS possibilities?)
Any ideas what I could be missing?
Using Asterisk 13 is it possible to do these directly on the FreePBX web front ?
I am using an Asterisk 13 image directly from docker, that is why I'm asking this question.