.$$$$$$$$$$$$$$$=..
.$7$7.. .7$$7:.
.$$:. ,$7.7
.$7. 7$$$$ .$$77
..$$. $$$$$ .$$$7
..7$ .?. $$$$$ .?. 7$$$.
$.$. .$$$7. $$$$7 .7$$$. .$$$.
.777. .$$$$$$77$$$77$$$$$7. $$$,
$$$~ .7$$$$$$$$$$$$$7. .$$$.
.$$7 .7$$$$$$$7: ?$$$.
$$$ ?7$$$$$$$$$$I .$$$7
$$$ .7$$$$$$$$$$$$$$$$ :$$$.
$$$ $$$$$$7$$$$$$$$$$$$ .$$$.
$$$ $$$ 7$$$7 .$$$ .$$$.
$$$$ $$$$7 .$$$.
7$$$7 7$$$$ 7$$$
$$$$$ $$$
$$$$7. $$ (TM)
$$$$$$$. .7$$$$$$ $$
$$$$$$$$$$$$7$$$$$$$$$.$$$$$$
$$$$$$$$$$$$$$$$.
SIP is time sensitive
systemctl status ntp #should not run apt -y install ntpdate ntpdate -u 0.ru.pool.ntp.org hwclock --systohc apt -y install ntp systemctl status ntp
chose the nearest servers and listen on your subnet
vi /etc/ntp.conf server 0.md.pool.ntp.org server 1.europe.pool.ntp.org server 3.europe.pool.ntp.org restrict x.x.x.0 mask 255.255.255.0 systemctl restart ntp ntpq -p
jansson libraries need to be >= 2.11, hence Xenial does not do (2.7). Bionic and Focal are ok.
lsb_release -a apt -y install build-essential subversion libncurses5-dev libssl-dev libxml2-dev apt -y install wget libnewt-dev linux-headers-`uname -r` apt -y install libedit-dev uuid-dev libjansson-dev libsqlite3-dev apt -y install libsrtp2-dev
seek for the latest version
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-18-current.tar.gz tar xzf asterisk-18-current.tar.gz cd asterisk-18.1.0/ ./configure #./configure NOISY_BUILD=yes
grep PBX_SRTP= config.log grep HAVE_SRTP config.log
build
#make menuconfig grep ^proc /proc/cpuinfo time make -j12 > ../asterisk.log && echo BUILT tail -20 ../asterisk.log make install
install the configuration samples
make samples #make basic-pbx ls -lF /etc/asterisk/
avoid running it as root (eventually choose a specific UID/GID for it)
useradd -s /bin/false -d /var/lib/asterisk asterisk chown -R asterisk:asterisk /var/spool/asterisk /var/lib/asterisk /var/run/asterisk /var/log/asterisk/cdr-csv
deploy some init script
cp contrib/init.d/rc.debian.asterisk /etc/init.d/asterisk vi /etc/init.d/asterisk DAEMON=/usr/sbin/asterisk ASTVARRUNDIR=/var/run/asterisk ASTETCDIR=/etc/asterisk cp contrib/init.d/etc_default_asterisk /etc/default/asterisk vi /etc/default/asterisk AST_USER="asterisk" AST_GROUP="asterisk"
fortunately, that still works on Bionic and Focal
update-rc.d asterisk defaults
Check the path and version
which asterisk asterisk -V #asterisk -cvvv
Run the daemon
/etc/init.d/asterisk start /etc/init.d/asterisk status #/etc/init.d/asterisk stop ps auxfww | grep ^asterisk netstat -lntup | grep asterisk
warning: using version 15 with chan_sip for now
TODO switch to pjsip
cd /etc/asterisk/
prepare for device registration
mv sip.conf sip.conf.dist
sed '/^[[:space:]]*;/d; /^$/d' sip.conf.dist > sip.conf
vi sip.conf
[general]
...
qualify=yes
[testphone]
type=friend
context=phones
allow=ulaw,alaw
secret=PASS
host=dynamic
[testphone2]
type=friend
context=phones
allow=ulaw,alaw
secret=PASS2
host=dynamic
register the contextes, extensions and define applications that will get used,
mv extensions.conf extensions.conf.dist sed '/^[[:space:]]*;/d; /^$/d' extensions.conf.dist > extensions.conf vi extensions.conf [phones] exten => 101,1,NoOp(testphone is being called) exten => 101,2,Dial(SIP/testphone) exten => 101,3,Hangup exten => 102,1,NoOp(testphone2 is being called) exten => 102,2,Dial(SIP/testphone2) exten => 102,3,Hangup
Get to the CLI with verbosity level 3, and apply,
/etc/init.d/asterisk status asterisk -rvvv sip reload sip show peers core show applications like dial dialplan reload dialplan show 101@phones dialplan show 102@phones
Setup your SIP phone, be it soft or hard, against your registrar/domain, with the according name.
You should see some NOTICE appear. Then check,
sip show peers
You might have to,
chown asterisk:asterisk /var/lib/asterisk/astdb.sqlite3
http://www.asteriskdocs.org/en/2nd_Edition/asterisk-book-html-chunk/connecting_two_asterisk.html
sip show registry
https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial
vi sip.conf
[general] … tlsenable=yes tlsbindaddr=0.0.0.0 tlscertfile=/etc/asterisk/keys/asterisk.pem tlscafile=/etc/asterisk/keys/ca.crt tlscipher=ALL tlsclientmethod=tlsv1
[malcolm] type=friend context=phones ;disallow=all allow=g722,ulaw,alaw secret=PASSX host=dynamic transport=tls ;dtmfmode=rfc2833
Note. cipher selection could be improved.
vi extensions.conf [internal] ... exten => 105,1,NoOp(malcolm is being called) exten => 105,2,Dial(SIP/malcolm) exten => 105,3,Hangup
Got SRTP libs at compile-time? Then,
encryption=yes
;avpf=no
;force_avp=yes
When using GNU Ring, eventually fully exit the app and re-start it, for it to appear fine as an SIP peer on the Asterisk CLI. The account name also gets fixed.
Also be very careful about the port number that you are using (advanced settings), it may conflict with the Asterisk server… Especially if you are doing TLS, 5061 is not tunable on Ring, as of today (Aug 2018). Only the non-TLS port is tunable.
Eventually start from scratch,
rm -rf ~/.config/ring/
At first run of v15 on Ubuntu Bionic, the daemon loads eventhough there is an ERROR,
WARNING[22596]: res_phoneprov.c:1230 get_defaults: Unable to find a valid server address or name. ERROR[22596]: ari/config.c:312 process_config: No configured users for ARI WARNING[22596]: res_hep_rtcp.c:161 load_module: res_hep is not loaded or running; declining module load WARNING[22596]: res_hep_pjsip.c:238 load_module: res_hep is not loaded or running; declining module load
==> TODO
When reloading sip.conf, you might get this,
ERROR[32021]: chan_sip.c:4274 __sip_reliable_xmit: Serious Network Trouble; __sip_xmit returns error for pkt data
==> make sure you do not have misconfigured user-agents formaly connected.
When registering a TLS-enabled user-agent,
ERROR[17799]: iostream.c:620 ast_iostream_start_tls: Problem setting up ssl connection: error:00000005:lib(0):func(0):DH lib, Underlying BIO error: Success ERROR[17799]: iostream.c:525 ast_iostream_close: SSL_shutdown() failed: error:00000001:lib(0):func(0):reason(1), Internal SSL error
==> check the client certificates and pass-phrase.
Once TLS is enabled and while setting up a call,
WARNING[18808][C-00000007]: chan_sip.c:10801 process_sdp: Rejecting secure audio stream without encryption details: audio 32638 RTP/SAVP 104 9 112 111 110 8 0 101
==> ignorecryptolifetime=yes does not help. avpf=no & force_avp=yes either. SOLUTION IS TO INSTALL SRTP LIBS AND RE-COMPILE.
Index of /pub/telephony/asterisk http://downloads.asterisk.org/pub/telephony/asterisk/
Chapter 3. Installing Asterisk http://asteriskdocs.org/en/3rd_Edition/asterisk-book-html-chunk/asterisk-Install.html
The Asterisk® Open Source PBX https://github.com/asterisk/asterisk/blob/master/README.md
Best Practices https://github.com/asterisk/asterisk/blob/master/README-SERIOUSLY.bestpractices.md
Asterisk Add-on Modules https://github.com/asterisk/asterisk/blob/master/README-addons.txt
SIP Configuration example for Asterisk https://raw.githubusercontent.com/asterisk/asterisk/master/configs/samples/sip.conf.sample
Dashboard https://wiki.asterisk.org/wiki/dashboard.action
Secure Real-time Transport Protocol https://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol
INSTALLING DAHDI https://support.digium.com/s/article/Installing-DAHDI
Asterisk libpri https://www.voip-info.org/asterisk-libpri/
Gatekeeper http://fr.wikipedia.org/wiki/Gatekeeper
GNU Gatekeeper http://www.gnugk.org/