On 10/17/21 12:59 PM, cio-al...@playerschool.edu wrote:
I did test manually and the NFS mount works fine. I do create a
directory and it shows at the server.
I am using containers, indeed. How can it be affecting Asterisk that I
am using LXC containers?
I'm by no means an expert in
I did not explain myself well, for this I apologize.
The files never appear on the NFS mount, only in the local drive.
Restarting Asterisk with the mount on does not fix it.
Asterisk simply ignores the mount and writes to the local drive.
But the mount is fine, I can create a dir and it appears
>> A good Ethernet cable-pair tester can spot such things pretty quickly.
>
> I disagree.
>
> *Certainly*, incorrect pair terminations can cause the sort of problems
> described, however I haven't yet come across a cable tester which can
> identify
> that a cable correctly connected from end
> I looked at your network diagram. Try checking the configuration of the
> Ethernet ports on the firewall and the Asterisk box. Make sure they are
> set to auto-negotiate and not set to a fixed speed and fixed duplex.
> I have found in the past that if one end of a link is expecting auto-
>
> Hey all
>
> I am trying to register a PJSIP server on our office to an Asterisk 11
> chan_sip server in a datacenter.
>
> I keep getting
> WARNING[18084]: res_pjsip_outbound_authenticator_digest.c:178
> digest_create_request_with_auth_from_old: Host: 'XXX.XXX.XXX.XXX:5060':
> Unable to
I'm not sure of the precise specifics of how Digium runs the
list, but this sort of problem has been a "known issue" with
mailing list distributions ever since SPF and similar technologies
showed up, almost a decade ago. DomainKeys and DMARC makes it more of
an issue, but the overall problem is
> Not sure maybe there's a better solution but I thought about using another
> peer with type=user for incoming connections.
That's what I've done for my connection to the service provider
I use (Vitelity), as they have different inbound and outbound
hosts/proxies. This works fine.
--
>>> so the main question is -- how to Disallow CALLS without registering
>>> on PBX
> In fact, I'm not sure that it's actually possible to disallow [authenticated]
> calls from a peer that hasn't registered!
>
> As far as I can tell, 'registration' was never intended to be part of the
>
> So does the Dial command go directly to the registered device or does
> it use the extension?
If you've given the Dial() command the SIP/user1 format, it will attempt
to dial directly to the SIP device/phone/endpoint you specify. If you
specify SIP/user1/user2&... it attempts to dial
> I am using ODBC realtime storage with Asterisk. Currently, with no password
> set, a user can dial the voicemail number to retrieve their own voicemail,
> without needing to enter a password (without hearing the password prompt).
> However, there is still a 'mailbox' prompt played, and if a
>OK. Maybe an echo canceller won't make any difference. But why does the
>remote side _always_ hear an echo if we use a local dahdi extension,
>and _never_ when we use a local SIP extension ??
The echo that the remote called hears, might be of either electrical or
acoustic origin.
If
> Thanks Jeff, just to confirm, password are not sent in plain text? I
> want to safeguard against man in the middle attacks, sniffing traffic of
> clients.
That's correct.
The way it works is:
- Both the client, and Asterisk, know what the password is.
- The client sends a SIP message
Now I have the problem for my cellphone... I need to register from almost any
IP (at least in Europe), so I can't restrict it.
Well, the password is NOT simple and random.
Now, I tried to register the user of my cellphone using a PC, as my cellphone
was already registered.
And Asterisk
1 - My SIP server (Asterisk) will have some SIP clients registered in its SIP
registrar. Let's say 6 SIP clients. In my project I have to implement a way
of a SIP client making a call to a number and all others 5 SIP clients ring.
That is, the others 5 SIP clients must receive the SIP
Someone on this list uses the address @sedwards.com
I doubt this is their actual email address as there is no MX record for
sedwards.com and I can't find registration for their domain either.
Part of my mail servers reject these emails because they cannot be
replied to, or are likely
Hmm the calls are made during the day (and sometimes very early in the
morning). Right now it looks like someone actually made these calls. If
that is the case it's somewhat comforting to know the system wasn't
compromised. However, the $25,000 phone bill still remains. Yikes. $6.25
per
Is the destination Number like Country Code +972?
+972 59 xx(x) mobile - Jawall [moving to 7-digit subscriber numbers]
source - http://www.wtng.info/wtng-972-il.html
My SIP Proxy logs all the unauth. INVITEs and I found the a lot calls go
to the Country code +972 xxx
I've
Problem with this is client needs to listen to the call recordings and my
interface will only display .wav or .mp3 so they will moan if they have to
wait until the next day for today's recordings
If you're up to writing a bit of shell script, and are running
on Linux, you could automate the
Just checking the transcoding on our Asterisk boxes and I get the
following results.
I have the g726, ilbc and lpc10 formats and codecs enabled in 'make
menuselect' so I dont understand why its showing as no translation path.
Any ideas?
Are the modules actually loaded?
Try doing a module
In my case, I have good incoming quality and terrible quality going out.
That is, I can hear people perfectly well but they complain that my
voice drops out and is garbled regardless of who places the call.
This suggests to me that you may have congestion problems in your
upstream traffic
Is there any way to force this? I have several user agents and I want to
achieve
near 100% availability for all peers. I realise that the peer will be 'woken'
up
at my qualify intervals, but can I actually force registration from the CLI?
For those peers which are at known, fixed,
Here's where I am baffled and I am hoping someone with intricate
knowledge of this implementation may be able to explain it to me. What
we had to do to get this working was to set the host= parameter to the
respective endpoint IP's of the VPN tunnel, 172.10.1.1 in my case, and
172.10.1.2 in
Setting up a group of analog lines to use for outbound emergency calls
(911). My current dial plan and debug output shown below. It appears
that when the SoftHangup() is executed that the line does not really
hang up. In the case shown, I had reduced the group to a single DAHDI
Here is my IP-PBX setupmy setup is : sips softphone - asterisk - xorcom
PSTN gateway - pstn line to telcoi'm using xlite for windows
when I make a phone call (sip - outgoing channel),I can hear my own voice so
clear. it's very annoying mewhen talking a little loud... any solution?
Two
I must be missing something. If a phone sends a UDP packet to
192.168.1.1, how does that get routed to (arrive at) the 10.0.2.1
interface on the Asterisk server? The only way I can imagine that
happening is if a router in between the phone and the server has been
told that 192.168.1.0/24
In our app we do not forward packet immediately. After enough packet
received to increase rtp packetization time (ptime) the we forward the
message over raw socket and set dscp to be 10 so that this time
packets can escape iptable rules.
From client side the RTP stream analysis shows nearly
Ouch. That isn't going to be so easy to spot, then! You would have to guess
a bunch of likely passwords, fake up a challenge with some known nonce, and
compare the response against those you would expect with each of the various
possible passwords. (You've already got the Source Code
5. Placing ferrite cores on the phone cables.
Do either of the phone lines in question have DSL on them?
If so, a ferrite core (which will block common-mode RF
signals) probably won't help much, if at all. DSL is a
differential-mode signal, and its frequency content starts
down in the tens of
I've been trying to find a solution that would allow our sip phones to
communication with walkie talkies. Our setup is that we have sip phones
setup in 2 locations, headquarters and dome. We can communication from
headquarters and dome through sip phones, but within the dome we have
Is about outgoing calls from multiple devices with the same username at
aprox same time. The overwritten is for incomming calls. I want to prevent
using the same account in multiple devices at same time. The solution with
IP will not apply because users may be behind nat or will change
Great discussion, all of it. Thanks, people.
How much power does the home asterisk box need ?
I'm using Asus Eee Box (1012Ps) as Myth front ends in another project.
About $280 with 320 Gb hard drive and 2 GB RAM. Atom 510 processor. Built
in Wifi. Nearly silent. Runs F15 nicely.
They've got a bunch of Grandstreams that seem to be rock solid... until
7:00pm. At 7:00, some of the phones become unavailable, and stay down. Call
quality is solid almost all the time. But right at 7:00, things go bad.
Only
some of the phone lines go down and they stay down until the
I need to keep out all connection from 5 countries, which originate
most of the Denial of Service attacks. The entries are around 9000 if
used as xx.xx.0.0/16. I heard that there is a smarter way to do this
by using User Tables in iptables, that will keep the speed equal to
LOG(x). I
I'm using iaxagent on a Droid X to connect by IAX to 1.8.3 at the
office. 1.8.3 has sip phones. The audio is fine on the Droid X side. On
the office side, they hear an echo of _their_ speech, not mine.
The office uses sip-providers generally without any echo problem.
Where do I start to
How about encrypt the whole hard drive?
If I built a server and give to other people, there is no easy way to
stop them reset the root password or just mount my drive to read
everything on it. But if build an encrypt OS then it will be secure.
It will be more secure. However, you
In the meantime, does anyone have a nice way to update a stable/stock lenny
installation with the updated glibc as well as the latest kernel
Scary and risky, as others have noted!
There is an official backports release kit associated with Debian,
which contains newer versions of many packages
I know this is an {*} list but does anyone know if simply adding the Squeeze
repository to my sources.lst and running an 'aptitude
upgrade/safe-upgrade/full-upgrade will just upgrade Lenny - Squeeze
without me having to rebuild the system from scratch?
In my experience: you're likely to run
I may be wrong here, but I think you can only register once. The last
registration received will overwrite the first one. You will need to
specify a second entry and register that one separately. This is the
same reason you cannot register two devices to the same extension.
Yes, that's
Different brand/model, but similar as they are both el cheapo,
entry-level headsets. I tried using them on a laptop, and I get
marginally better microphone output, even with its volume cranked all
the way up + automatic gain control enabled.
I guess those on-board soundcards by Realtek
I'm having the following problem when using a headset on XP
connected to an on-board Realtek soundcard on an AsusTek M2N68-AM Plus
motherboard:
- Using any sound recorder (Windows', Audacity, XLite), the level is
just too low when speaking at a conversational level, even with the
I know understand the latency due to the resending .. But if the link was
have a good speed internet, then resending will make a big latency?
Maybe this latency better than having a cutting voice?
Fundamentally, TCP's congestion-avoidance and loss-recovery logic simply
won't work well with
Hi ,
I am a newbie with Asterix and not sure if Asterix is a right tool for my
needs.
Let's suppose this scenario :
I have a telephone line in one office( all calls are paid to telephone
operator).
In other offices I have only internet connections.
Is it possible to use Asterix so
Hi
I wonder if anyone has any sugestions
I have had a TDM400 for a couple of years, and I have always had problems
with noise on the line, so tonight I have been doing some research and have
found that if I load the CPU dahdi_test has almost perfect results and no
noise
dahdi_test
I don't think it's an endpoint issue. I think the SIP packet headers get
over-written by the tunnel (openvpn) protocol.
I'd be rather astonished if OpenVPN itself were responsible for this.
As far as I know, OpenVPN doesn't do higher-level-protocol rewriting
of any sort. It just provides the
Yes. Just the lone integrated NIC that's always been there. NO hardware
changes. Still eth0 with the same MAC address.
Do you have any additional, soft network interfaces defined? For
example, have you enabled OpenVPN, and thus loaded either the
tap or tun network-interface drivers? Do you
Is there a database of MAC address prefixes used the common VoIP
devices. I see the Linksys Sipura devices state with 00:0E.
Does the same apply to other Linksys VoIP equipment?
The Ethernet prefixes (OUIs) are three octets long.
Linksys / Cisco has been assigned a number of OUIs,
one of
That would only be true if you used random characters in your 17-character
passphrase. In fact, English text has somewhere between 0.6 and 1.5 bits of
randomness per letter, whereas an SHA1sum has no more than 4 bits of
randomness per letter. Let's assume the higher number of randomness for
I'm still trying to figure that out. Our SIP usernames are seven digit
phone numbers, so not really difficult to guess, but the passwords are 7
char alpha-numeric strings, auto generated. We don't at present restrict
people to their addresses, as some are dynamic.
If they're randomly
I'm still trying to figure that out. Our SIP usernames are seven digit
phone numbers, so not really difficult to guess, but the passwords are 7
char alpha-numeric strings, auto generated. We don't at present restrict
people to their addresses, as some are dynamic.
If the extension in
As I mentioned, I'm not inclined to mess with the secrets, too much
hassle for users.
I'm afraid that I have to consider that attitude to be a bit like
saying It's too much hassle for us to insist that our employees
lock their desk drawers and the front door... or wash their
hands after going
If you leave your asterisk box open to the world with passwords like
you deserve to be hacked..
Well, without making a moral judgment, I will agree that you are *going*
to be hacked if you do this!
The O.P. seems to have made two (fairly common) mistakes:
- Used a secret so obvious that
Thank you for your reply.
The first proposed solution has resolved the problem for a test in the local
network. Another test is planned today later with a client in the same NAT
and another in the public internet with a public static ip address.
Do you have any advice for that case?
Hello All,
I have installed Asterisk 1.6 with openVPN in the same machine. I have set
up a VPN connection between 2 SIP clients and Asterisk using x-lite.
The 2 clients connects to Asterisk. SIP signaling goes ok over the vpn
tunnel.
When attempting to make a call between the clients,
Anyway - is there someone out there that know the behaviour of OpenVPN in
regards of retransmits and such? A VPN that retransmits will at some point
hurt you if you transmit media over it, especially if you scale it up.
OpenVPN is well-behaved in that way. It uses SSL over TCP for its
I've run into a odd issue where inbound calls to the SIP client work
fine, but outbound from the SIP client do not.
The path between the client and the server is as below.
N900 SIP client -- OpenVPN -- Asterisk
The version of Asterisk in question is 1.6.0.18.
Any suggestions?
You
See if it plays back properly.
Running aplay as asterisk user seems to be no problem:
aster...@puppy$ aplay /usr/share/sounds/alsa/Front_Center.wav
Playing: WAVE '/usr/share/sounds/alsa/Front_Center.wav' : Signed 16 bit
Little Endian, Rate: 48000 Hz, mono
aster...@puppy:~$ aplay -Dpulse
this i got from syslog:
puppy:~# grep pulse /var/log/syslog | tail -3
Dec 14 20:32:45 puppy pulseaudio[25967]: main.c: Unable to contact D-Bus:
org.freedesktop.DBus.Error.Spawn.ExecFailed: /usr/bin/dbus-launch
terminated abnormally without any error message
Dec 14 20:32:46 puppy
[Dec 8 18:24:48] ERROR[10571]: chan_alsa.c:693 alsa_read: Read error:
Resource temporarily unavailable
I agree, this looks like some form of conflict for the sound device.
The first thing I'd suggest doing, is trying to reproduce the
error with a command-line tool, with asterisk out of the
It's set to bind to 0.0.0.0, which IIRC is nothing strange.
The question remains: how can a remote Asterisk server be receiving
SIP packets that still contain the private net IP address of a client?
It sounds to me as if the client hasn't been told to use its
gateway's public IP address in
Great idea !
I didn't know it could be possible to run several instances of xinetd, each
binded to a specific IP address.
Is this specific to xinetd or does openbsd-inetd also support this feature ?
Anyway, I'll check this in openbsd-inetd doc myself and (hopefully) report
my findings here.
Isn't an SSL based tunnel all TCP?
Not in the case of OpenVPN. I'm not sure about the commercial
offerings.
Correct. My recollection is that OpenSSL uses TCP for the setup
and management of the tunnel (e.g. authentication and key
exchange) and uses UDP to carry the actual payload... each
Searching their support forum, posted today is the fact they are
discontinuing any VM
The message saying that they are discontinuing their offering of
voicemail was posted on August 24, 2007 - two years ago. That
doesn't seem to be a new issue.
Could someone tell me how to set which IRQ the ISDN card picks up?
It's a multi-stage process.
Each PCI slot has four interrupt pins: INTA through INTD. A
PCI card can choose to use any of these four (or even more than
one of them, as some multi-port serial cards do). Most PCI cards
use only
I would think that VoIP over VPN is a bad idea as UDP packets need to be
in realtime not corrected by the TCP of the VPN.
That depends very much on the VPN in use.
OpenVPN doesn't suffer from this problem. Although it's SSL-based
(and one might think it does everything through SSL-over-TCP),
BTW, can someone explain to a libart major like me (;-)) where echo
comes on in a telephone conversation? I seem to recall it's due to the
length of the line between the CO and the local party, but I'm not
sure.
I'll try.
Echo occurs when part of the signal traveling in one direction
on the
SIP was written in such a way that the hashes it sends for passwords
could, with only a trivial rewrite of the server code, be SHA1 instead
of MD5 -- which would increase security to the level that, currently, it
would be far more trouble than it's worth to even bother to attempt to
crack.
I
In Florida some new subdivision developers have sold the
phone/cable/internet rights to a provider. They run fiber to each house
and then have the uplink to provider which isn't a traditional telco.
You can't get another provider as satellite dishes are limited in
covenants and restrictions
Hi, all. My subject line says it all: is there a WiFi SIP phone with VPN
abilities? Failing that, a WiFi phone that runs Linux? I already know
one phone that does meet my requirements -- the iPhone. The new software
comes with a Cisco VPN client, and a SIP client can be had from
One of my user was asking, can he use VPN to access asterisk ?
What does it mean ?
And its possible ?
How ?VPN
Yes, it's possible.
As one example: I have the OpenVPN software installed on my Asterisk
server, and on my Nokia N810 wireless Internet tablet. The tablet is
configured to use
I want to detect brute-force password hacking attacks - thus if there
are too many failed login attempts for a SIP account I want to lock
this account.
Does somebody have any ideas how this could be implemented?
The usual method (I think) is to monitor the log files, and
detect repeated
I may be over simplifying but I would have a serial number object that
gets incremented anytime it is called and will be set to 0 at start-up.
I would then use it to generate a UUID like this:
MAC.serialid.64bit timedate
I suggest reviewing RFC 4122, which discusses UUID formats in some
Coming from outside the network, setting up for a couple rounds of
NATting isn't going to work well. They are not seeing it between
phones. Others, using the polycom phones have reported echo between two
SIP on a 4ms ping trip.
Could this be due to a purely acoustic echo within the Polycom
I just received an email notice from FWD about $30 membership fee.
My question: Is the email genuine? Did anybody else receive it?
I'm just trying to be sure that it is real and not a scam.
The (FWD) does not do anything to authenticate such emails (implementing
GPG/PGP signature etc.)
I'm preparing for a client install of * by doing a fresh one in-house.
Unlike my earlier installation that runs asterisk as superuser, my
current experimental box runs without such privilege. This is causing
it to moan that it can't set TOS. I absolutely don't want to install it
on the
I'm looking for a way to delay the disconnection of a call to
a SIP extension (or pad it with silence) for a few seconds, after
an incoming call to that extension hangs up.
Rationale: I have an Asterisk PBX (current 1.4.20 codebase), with
a Leadtek BVP8051S ATA hooked to an analog phone which
75 matches
Mail list logo
