FAQ: Difference between revisions
(15 intermediate revisions by the same user not shown) | |||
Line 170: | Line 170: | ||
tos=ef | tos=ef | ||
cos=5 | cos=5 | ||
; I am getting an error in WebRTC client about digest | |||
It can be worth trying to enable the dtls in sip.conf, disable the SSL Cert in Admin/Settings and set the Auto DTLS in the ps_endpoint configuration for PJSIP | |||
== Asterisk Errors == | == Asterisk Errors == | ||
Line 194: | Line 198: | ||
messages => security,notice,warning,error | messages => security,notice,warning,error | ||
; The manager interface is not reporting all the data | |||
It is possible the system is slow so you need to give to the manager connection more time. Try to add | |||
writetimeout=1000 | |||
in manager.conf and reload | |||
; A call is being reported as FAILED or CONGESTION, how can I get more details about it | |||
You can get additional details pressing on the FAILED or CONGESTION link and check the pcap of the call. If instead you think the problem can be on the asterisk side, you can check the logs of the call. Asterisk under normal configuration reports a very well detailed logs of each activity, so you need to proceed in isolating your call first. You can do starting searching with the date and time of your call. Mind the call started at 2022-08-12 16:09:09, as reported in the Status/Call History. You need to locate this entry in the asterisk logs. | |||
The asterisk logs are located in full files in /var/log/asterisk. These files are rotated daily, so only the latest 10 are available. You need to locate the one containing your date and grep for it, like: | |||
# ls -la /var/log/asterisk/full* | |||
-rw-r--r-- 1 root root 2,1M 13 ago 11:37 /var/log/asterisk/full | |||
-rw-r--r-- 1 root root 4,6M 10 ago 00:02 /var/log/asterisk/full.0 | |||
-rw-r--r-- 1 root root 4,2M 11 ago 00:02 /var/log/asterisk/full.1 | |||
-rw-r--r-- 1 root root 4,3M 9 ago 00:02 /var/log/asterisk/full.10 | |||
-rw-r--r-- 1 root root 3,9M 12 ago 00:02 /var/log/asterisk/full.2 | |||
-rw-r--r-- 1 root root 4,5M 13 ago 00:02 /var/log/asterisk/full.3 | |||
-rw-r--r-- 1 root root 3,3M 3 ago 00:02 /var/log/asterisk/full.4 | |||
-rw-r--r-- 1 root root 3,9M 4 ago 00:02 /var/log/asterisk/full.5 | |||
-rw-r--r-- 1 root root 7,5M 5 ago 00:02 /var/log/asterisk/full.6 | |||
-rw-r--r-- 1 root root 4,3M 6 ago 00:02 /var/log/asterisk/full.7 | |||
-rw-r--r-- 1 root root 3,4M 7 ago 00:02 /var/log/asterisk/full.8 | |||
-rw-r--r-- 1 root root 4,1M 8 ago 00:02 /var/log/asterisk/full.9 | |||
As you can see, the 2022-08-12 will be in the /var/log/asterisk/full.3 file. | |||
# grep "2022-08-12 16:09:09" /var/log/asterisk/full.3 | |||
[2022-08-12 16:09:09] VERBOSE[24114] pbx_variables.c: Setting global variable 'SIPDOMAIN' to 'devel.mirtapbx.com' | |||
[2022-08-12 16:09:09] VERBOSE[24114] netsock2.c: Using SIP RTP Audio TOS bits 184 | |||
[2022-08-12 16:09:09] VERBOSE[24114] netsock2.c: Using SIP RTP Audio TOS bits 184 in TCLASS field. | |||
[2022-08-12 16:09:09] WARNING[17516][C-00020673] func_channel.c: Unknown or unavailable item requested: 'peername' | |||
[2022-08-12 16:09:09] WARNING[17516][C-00020673] chan_sip.c: This function can only be used on SIP channels. | |||
[2022-08-12 16:09:09] VERBOSE[17516][C-00020673] pbx.c: Executing [800@authenticated:1] NoOp("PJSIP/136-DEVEL-00000033", "Received a call from peer 136-DEVEL from with CID 136 htek 924 to number 800 for | |||
accountcode DEVEL with SIP CALL ID requesting for a max duration of SETPEERNAME= ORIGINATEID= BLIND...=") in new stack | |||
Multiple calls can be shown for the same date/time, so you need to identify the correct one and get the Asterisk Call identification, C-00020673 and grep again for this value, getting the whole call details | |||
# grep "C-00020673" /var/log/asterisk/full.3 | more | |||
[2022-08-12 16:09:09] WARNING[17516][C-00020673] func_channel.c: Unknown or unavailable item requested: 'peername' | |||
[2022-08-12 16:09:09] WARNING[17516][C-00020673] chan_sip.c: This function can only be used on SIP channels. | |||
[2022-08-12 16:09:09] VERBOSE[17516][C-00020673] pbx.c: Executing [800@authenticated:1] NoOp("PJSIP/136-DEVEL-00000033", "Received a call from peer 136-DEVEL from with CID 136 htek 924 to number 800 for | |||
accountcode DEVEL with SIP CALL ID requesting for a max duration of SETPEERNAME= ORIGINATEID= BLIND...=") in new stack | |||
[2022-08-12 16:09:09] VERBOSE[17516][C-00020673] pbx.c: Executing [800@authenticated:2] NoOp("PJSIP/136-DEVEL-00000033", "Transfer: - - - - ") in new stack | |||
[2022-08-12 16:09:09] VERBOSE[17516][C-00020673] pbx.c: Executing [800@authenticated:3] NoOp("PJSIP/136-DEVEL-00000033", "FROMQUEUEID: ") in new stack | |||
[2022-08-12 16:09:09] VERBOSE[17516][C-00020673] pbx.c: Executing [800@authenticated:4] GotoIf("PJSIP/136-DEVEL-00000033", "1?5:6") in new stack | |||
[2022-08-12 16:09:09] VERBOSE[17516][C-00020673] pbx_builtins.c: Goto (authenticated,800,5) | |||
... | |||
[2022-08-12 16:09:11] VERBOSE[17516][C-00020673] pbx.c: Executing [800@dialoutbound:1618] Dial("PJSIP/136-DEVEL-00000033", | |||
"PJSIP/800@onlypjsiptest,60,U(destChannelActions^external^wav^^^^^on^)b(pjsip_header,setpjsipheader,1)Tto()") in new stack | |||
'''[2022-08-12 16:09:11] WARNING[17516][C-00020673] app_dial.c: Unable to create channel of type 'PJSIP' (cause 3 - No route to destination) | |||
[2022-08-12 16:09:11] VERBOSE[17516][C-00020673] app_dial.c: No devices or endpoints to dial (technology/resource)''' | |||
[2022-08-12 16:09:11] VERBOSE[17516][C-00020673] pbx.c: Executing [800@dialoutbound:1619] Goto("PJSIP/136-DEVEL-00000033", "1739") in new stack | |||
[2022-08-12 16:09:11] VERBOSE[17516][C-00020673] pbx_builtins.c: Goto (dialoutbound,800,1739) | |||
== Linux System == | == Linux System == | ||
Line 201: | Line 263: | ||
CentOS 6 support has expired on 1st December, however, you can continue to use it, but it is important to change the repo destination to "Vault". You can do easily using the following command | CentOS 6 support has expired on 1st December, however, you can continue to use it, but it is important to change the repo destination to "Vault". You can do easily using the following command | ||
cd /etc/yum.repos.d/ ; mv CentOS-Base.repo CentOS-Base.repo.old ; wget http://devel.mirtapbx.com/mirtapbx_support/CentOS-Base.repo ; yum clean all ; mv epel.repo epel.repo.old ; wget http://devel.mirtapbx.com/mirtapbx_support/epel.repo ; yum --security upgrade ; \rm /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo /etc/yum.repos.d/CentOS-SCLo-scl.repo | cd /etc/yum.repos.d/ ; mv CentOS-Base.repo CentOS-Base.repo.old ; wget http://devel.mirtapbx.com/mirtapbx_support/centos6/CentOS-Base.repo ; yum clean all ; mv epel.repo epel.repo.old ; wget http://devel.mirtapbx.com/mirtapbx_support/centos6/epel.repo ; yum --security upgrade ; \rm /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo /etc/yum.repos.d/CentOS-SCLo-scl.repo | ||
; My CentOS 7 is out of support | |||
CentOS 7 support has expired on 30 June 2024, however, you can continue to use it, but it is important to change the repo destination to another mirror. You can do easily using the following command | |||
cd /etc/yum.repos.d/ ; mv CentOS-Base.repo CentOS-Base.repo.old ; wget http://devel.mirtapbx.com/mirtapbx_support/centos7/CentOS-Base.repo ; mv CentOS-SCLo-scl.repo CentOS-SCLo-scl.repo.old ; wget http://devel.mirtapbx.com/mirtapbx_support/centos7/CentOS-SCLo-scl.repo ; mv CentOS-SCLo-scl-rh.repo CentOS-SCLo-scl-rh.repo.old ; wget http://devel.mirtapbx.com/mirtapbx_support/centos7/CentOS-SCLo-scl-rh.repo ; yum clean all ; yum --security upgrade | |||
; I can't connect from a more recent server based on CentOS 9 to old servers | |||
update-crypto-policies --set LEGACY | |||
then reboot | |||
; How can I change the system hostname in CentOS 7 | ; How can I change the system hostname in CentOS 7 | ||
Line 211: | Line 285: | ||
<pre>/etc/init.d/dahdi restart</pre> | <pre>/etc/init.d/dahdi restart</pre> | ||
If it doesn't fix the issue, try recompiling dahdi module, going in /usr/local/src/ | If it doesn't fix the issue, try recompiling dahdi module, going in /usr/local/src/dahdi-linux-complete-* | ||
and running: | and running: | ||
Line 219: | Line 294: | ||
</pre> | </pre> | ||
; How can I change the kernel to be booted? | |||
Check the current running kernel with | |||
grubby --default-kernel | |||
Check the index it is running with | |||
grubby --default-index | |||
Check all the kernel installed with | |||
grubby --info=ALL | |||
You can change the booting kernel using the name with | |||
grubby --set-default [kernel-filename] | |||
or the index | |||
grubby --set-default-index=[kernel-entry-index] | |||
; How can I install a specific kernel version? | |||
You can check all the kernel version available using | |||
yum --showduplicates list kernel | |||
You can install an older version using: | |||
yum -y install 5.14.0-391.el9 | |||
; At boot time, the clock is wrong | |||
It is possible your RTC (Realtime clock) is set on a different time. You can reset the RTC clock to the Local time using | |||
hwclock --systohc | |||
To check the status | |||
timedatectl status | |||
; The web interface session is expiring too often, I need always to reauthenticate, how can I make it run longer? : You should change the session timeout value in php.ini and then restart the web server process, by default is 2880 seconds, set as long as you like | ; The web interface session is expiring too often, I need always to reauthenticate, how can I make it run longer? : You should change the session timeout value in php.ini and then restart the web server process, by default is 2880 seconds, set as long as you like | ||
Line 354: | Line 470: | ||
iptables -I INPUT -s 0.0.0.0/0 -j DROP | iptables -I INPUT -s 0.0.0.0/0 -j DROP | ||
export i=1 ; while [ $i -lt 255 ]; do iptables -I INPUT -s $i.0.0.0/8 -j ACCEPT ; export i=$(($i+1)) ; sleep 3s ; netstat -nap | grep 5060 ; asterisk -rx 'sip show peers' | tail -10 ; done | export i=1 ; while [ $i -lt 255 ]; do iptables -I INPUT -s $i.0.0.0/8 -j ACCEPT ; export i=$(($i+1)) ; sleep 3s ; netstat -nap | grep 5060 ; asterisk -rx 'sip show peers' | tail -10 ; done | ||
; The pdftk process is running endlessyat 100% CPU | |||
Some older versions have this problem. Please upgrade to a newer one available from https://www.pdflabs.com/docs/install-pdftk-on-redhat-or-centos/ | |||
; I can't load kernel modules due to "Key was rejected by service" | |||
You have Secure Boot enabled, don't you? In that case it's working as designed. See the Secure Boot status with dmesg | grep -i secure . | |||
If you need to load that module, you will need to disable Secure Boot from your firmware (BIOS). By doing that you will of course lose the protection provided by UEFI Secure Boot. | |||
== MySQL == | == MySQL == | ||
Line 435: | Line 561: | ||
Time required: 14.124006986618 | Time required: 14.124006986618 | ||
Time for 1000 requests: 0.14124006986618 | Time for 1000 requests: 0.14124006986618 | ||
; I can't upgrade MySQL, the GPG key is expired or invalid | |||
rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2022 | |||
== Extensions == | == Extensions == | ||
Line 546: | Line 676: | ||
This PHP scripts read the AMI events from one of the servers and distribute them to all other servers. These pair is scripts is needed to run even if there is a single node in the cluster. | This PHP scripts read the AMI events from one of the servers and distribute them to all other servers. These pair is scripts is needed to run even if there is a single node in the cluster. | ||
; My provider wants to receive the PAI address in clear even for | ; My provider wants to receive the PAI address in clear even for Anonymous calls | ||
In this case you can use the additional header in the provider definition with something like: | In this case you can use the additional header in the provider definition with something like: | ||
Line 577: | Line 707: | ||
php composer.phar update | php composer.phar update | ||
</tt> | </tt> | ||
== Tenants mixup == | |||
This should not happen, but I see it is still sometime happening or maybe they are old interface errors coming only now to light. When you are editing a page and in another tab you change the tenant, saving the first page can lead to a mixup because you are saving in a different tenant. Unfortunately the browsers don't allow different security environment for each tab. | |||
To detect if you have any of these mixup, you can run the following query | |||
select count(distinct de_te_id),de_type_src,de_type_id_src from de_destinations group by de_type_src,de_type_id_src having count(distinct de_te_id)>1; | |||
You can obtain the following output: | |||
+--------------------------+---------------+----------------+ | |||
| count(distinct de_te_id) | de_type_src | de_type_id_src | | |||
+--------------------------+---------------+----------------+ | |||
| 2 | FLOW | 88 | | |||
| 2 | QUEUE-TIMEOUT | 413 | | |||
+--------------------------+---------------+----------------+ | |||
You can check what happened, by investigating the records for the queue: | |||
mysql> select qu_te_id from qu_queues where qu_id=413; | |||
+----------+ | |||
| qu_te_id | | |||
+----------+ | |||
| 719 | | |||
+----------+ | |||
1 row in set (0.00 sec) | |||
mysql> select * from de_destinations where de_type_src='QUEUE-TIMEOUT' and de_type_id_src=413; | |||
+--------+----------+---------------+----------------+-------------+----------------+--------+ | |||
| de_id | de_te_id | de_type_src | de_type_id_src | de_type_dst | de_type_id_dst | de_ord | | |||
+--------+----------+---------------+----------------+-------------+----------------+--------+ | |||
| 185731 | 6 | QUEUE-TIMEOUT | 413 | VOICEMAIL | 81 | 1 | | |||
| 192043 | 719 | QUEUE-TIMEOUT | 413 | VOICEMAIL | 4285 | 1 | | |||
+--------+----------+---------------+----------------+-------------+----------------+--------+ | |||
2 rows in set (0.00 sec) | |||
Here you can see the destination for QUEUE-TIMEOUT with id 413 is both VOICEMAIL in both tenant 6 and tenant 719, but the queue is in tenant 719, so the entry with de_id 185731 needs to be removed. | |||
== Email == | |||
; I cannot receive email for recordings, maybe the recording size is too big | |||
Try to increase the max size limit for the message in /etc/postfix/main.cf | |||
message_size_limit=102400000 |
Latest revision as of 06:47, 6 July 2024
Asterisk
- How can I setup Asterisk to use TLS
- Asterisk can use TLS as transport for the signalling, increasing the authentication security and providing extra privacy about the number dialed and other info usually transmitted in clear over the SIP channel. TLS will encrypt only the signalling part, without offering any extra security to the RTP (voice) part. In the [general] section of sip.conf, add the following info, replacing the IP address with the IP address of the server. Provide the certificate and key in pem format.
tlsenable=yes tlsbindaddr=213.133.102.85 tlscertfile=/etc/asterisk/certificates/demo.mirtapbx.com.pem tlsdontverifyserver=no tlscipher=DES-CBC3-SHA tlsclientmethod=tlsv1 transport=udp,tls
Optionally you can add a port number to tlsbindaddr parameter
Don't forget to set asterisk to listen on tcp:
tcpenable=yes
Optionally you can provide a separate certificate and key
tlscertfile=/etc/ssl/demo.mirtapbx.com.crt tlsprivatekey=/etc/ssl/demo.mirtapbx.com.key
- I think my Asterisk is locked... how can I check it?
- If you think your asterisk is locked, probably it is. To be 100% sure, just run the following command and check the result:
This is a locked asterisk
# netstat -nap | grep 5060 tcp 0 0 0.0.0.0:5060 0.0.0.0:* LISTEN 26090/asterisk udp 213504 0 0.0.0.0:5060 0.0.0.0:* 26090/asterisk
This is a normal asterisk
# netstat -nap | grep 5060 tcp 0 0 0.0.0.0:5060 0.0.0.0:* LISTEN 4127/asterisk udp 0 0 0.0.0.0:5060 0.0.0.0:* 4127/asterisk
When asterisk locks up, it stops processing SIP packets, so the UDP buffer fills up. In this case an asterisk restart is needed.
- How can I enable TCP for SIP (port 5060)?
You need to add the following rows to /etc/asterisk/sip.conf and then reload the SIP module (when you have no traffic)
tcpenable=yes tcpbindaddr=0.0.0.0
- How can I configure Asterisk to listen to multiple ports?
You can't, it is not possible to configure Asterisk to listen to multiple ports. However, you can use an iptables REDIRECT to get the same result. To redirect a single port with iptables:
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 5090 -j REDIRECT --to-ports 5060
This example redirects UPD port 5090 to port 5060, so you can connect to Asterisk on both of them.
Remember to add this command to any init script, like /etc/rc.local
- BLF monitoring is not working!
One of the common pitfall about BLF is to monitor just the extension number and not the "username" as required. So if you are in the tenant "DEMO" and you want to monitor extension 100 with username "100-DEMO", you need to monitor 100-DEMO and not just 100.
- What is HANGUP_CAUSE XX?
You can check this piece of code:
#define AST_CAUSE_UNALLOCATED 1 #define AST_CAUSE_NO_ROUTE_TRANSIT_NET 2 #define AST_CAUSE_NO_ROUTE_DESTINATION 3 #define AST_CAUSE_MISDIALLED_TRUNK_PREFIX 5 #define AST_CAUSE_CHANNEL_UNACCEPTABLE 6 #define AST_CAUSE_CALL_AWARDED_DELIVERED 7 #define AST_CAUSE_PRE_EMPTED 8 #define AST_CAUSE_NUMBER_PORTED_NOT_HERE 14 #define AST_CAUSE_NORMAL_CLEARING 16 #define AST_CAUSE_USER_BUSY 17 #define AST_CAUSE_NO_USER_RESPONSE 18 #define AST_CAUSE_NO_ANSWER 19 #define AST_CAUSE_SUBSCRIBER_ABSENT 20 #define AST_CAUSE_CALL_REJECTED 21 #define AST_CAUSE_NUMBER_CHANGED 22 #define AST_CAUSE_REDIRECTED_TO_NEW_DESTINATION 23 #define AST_CAUSE_ANSWERED_ELSEWHERE 26 #define AST_CAUSE_DESTINATION_OUT_OF_ORDER 27 #define AST_CAUSE_INVALID_NUMBER_FORMAT 28 #define AST_CAUSE_FACILITY_REJECTED 29 #define AST_CAUSE_RESPONSE_TO_STATUS_ENQUIRY 30 #define AST_CAUSE_NORMAL_UNSPECIFIED 31 #define AST_CAUSE_NORMAL_CIRCUIT_CONGESTION 34 #define AST_CAUSE_NETWORK_OUT_OF_ORDER 38 #define AST_CAUSE_NORMAL_TEMPORARY_FAILURE 41 #define AST_CAUSE_SWITCH_CONGESTION 42 #define AST_CAUSE_ACCESS_INFO_DISCARDED 43 #define AST_CAUSE_REQUESTED_CHAN_UNAVAIL 44 #define AST_CAUSE_FACILITY_NOT_SUBSCRIBED 50 #define AST_CAUSE_OUTGOING_CALL_BARRED 52 #define AST_CAUSE_INCOMING_CALL_BARRED 54 #define AST_CAUSE_BEARERCAPABILITY_NOTAUTH 57 #define AST_CAUSE_BEARERCAPABILITY_NOTAVAIL 58 #define AST_CAUSE_BEARERCAPABILITY_NOTIMPL 65 #define AST_CAUSE_CHAN_NOT_IMPLEMENTED 66 #define AST_CAUSE_FACILITY_NOT_IMPLEMENTED 69 #define AST_CAUSE_INVALID_CALL_REFERENCE 81 #define AST_CAUSE_INCOMPATIBLE_DESTINATION 88 #define AST_CAUSE_INVALID_MSG_UNSPECIFIED 95 #define AST_CAUSE_MANDATORY_IE_MISSING 96 #define AST_CAUSE_MESSAGE_TYPE_NONEXIST 97 #define AST_CAUSE_WRONG_MESSAGE 98 #define AST_CAUSE_IE_NONEXIST 99 #define AST_CAUSE_INVALID_IE_CONTENTS 100 #define AST_CAUSE_WRONG_CALL_STATE 101 #define AST_CAUSE_RECOVERY_ON_TIMER_EXPIRE 102 #define AST_CAUSE_MANDATORY_IE_LENGTH_ERROR 103 #define AST_CAUSE_PROTOCOL_ERROR 111 #define AST_CAUSE_INTERWORKING 127 #define AST_CAUSE_BUSY AST_CAUSE_USER_BUSY #define AST_CAUSE_FAILURE AST_CAUSE_NETWORK_OUT_OF_ORDER #define AST_CAUSE_NORMAL AST_CAUSE_NORMAL_CLEARING #define AST_CAUSE_NOANSWER AST_CAUSE_NO_ANSWER #define AST_CAUSE_CONGESTION AST_CAUSE_NORMAL_CIRCUIT_CONGESTION #define AST_CAUSE_UNREGISTERED AST_CAUSE_SUBSCRIBER_ABSENT #define AST_CAUSE_NOTDEFINED 0 #define AST_CAUSE_NOSUCHDRIVER AST_CAUSE_CHAN_NOT_IMPLEMENTED
- When I change the name of an extension or any properties requiring an extension reload, the extension goes offline after few minutes
Asterisk caches the info for the extension, so when updating the extension, it is pruned and reloaded. It is automatically reloaded with an expire time of 120 seconds. If you have an expire time longer, it will go offline. You can avoid this by setting a longer default expiration time using the following parameter in sip.conf
rtautoclear=3600
- Calls are dropping after around 30 seconds when using PJSIP
Some softphones sends INFO packets to the pbx and if you have not activated "TrustRPID", the pbx will not answer and the softphone may hangup the call
- Asterisk is not using the correct audio file
When using audio translations, even if placed correctly in /var/lib/asterisk/sounds/<your language code> is always possible asterisk will choose to use the english version because in the "best" format. In this case, it can be good to convert all audio files in multiple formats. Let's make the example to have all audio files for da_DK language in "wav" format, while asterisk is picking up the "ulaw" english version. We can easily convert them using:
cd /var/lib/asterisk/sounds/da_DK for i in `ls *.wav`; do asterisk -x "file convert /var/lib/asterisk/sounds/da_DK/$i /var/lib/asterisk/sounds/da_DK/`basename $i .wav`.ulaw"; done
- Asterisk is not reporting the PAUSE event when a phone is auto paused
The name of the event changed from asterisk 13.x to asterisk 16.x and your manager.conf may be still using the old event name. Please check and fix:
eventfilter=Event: QueueMemberPause
- My provider uses DNS SRV entry, how should I configure it?
Configure it as a normal entry, but leave the port to zero. That will force a DNS SRV resolution
- How to configure TOS and COS for PJSIP?
The configuration of TOS and COS for PJSIP is separated between the realtime extension and the transport. You can check the PJSIP extension security section and insert the following values:
TOS Audio: ef TOS Video: af41 COS Audio: 5 COS Video: 4
You can also edit pjsip.conf and enter the following values for each type of transport:
tos=ef cos=5
- I am getting an error in WebRTC client about digest
It can be worth trying to enable the dtls in sip.conf, disable the SSL Cert in Admin/Settings and set the Auto DTLS in the ps_endpoint configuration for PJSIP
Asterisk Errors
- What is this error? WARNING[23261]: res_musiconhold.c:719 monmp3thread: poll() failed: Interrupted system call
- Nothing to worry, when the Musing On Hold process terminates to play the media file, this error is thrown out, just ignore it
- What is this error? WARNING[3221]: func_cdr.c:352 cdr_write_callback: CDR requires a value (CDR(variable)=value)
- Nothing to worry, it is a small glitch in the dialplan, but avoiding it will require an extra check, slowing down the call processing, so it is avoided, preferring the warning. Just ignore it.
- What is this error? ERROR[24984][C-00008457]: res_fax.c:4364 acf_faxopt_read: channel 'SIP/201-#######-0001547a' can't read FAXOPT(gateway) because it has never been written.
- Nothing to worry, it is a small glitch in the dialplan, but avoiding it will require an extra check, slowing down the call processing, so it is avoided, preferring the error. Just ignore it.
- What is this error? WARNING[3221]: func_cdr.c:364 cdr_write_callback: Using the CDR function to set 'accountcode' is deprecated. Please use the CHANNEL function instead.
- I am using an old syntax to preserve compatibility with older asterisk versions. Just ignore it.
- What is this error? WARNING[25144][C-0000845c]: dsp.c:1489 ast_dsp_process: Inband DTMF is not supported on codec #####. Use RFC2833
- This is important, you are using an incompatible DTMF format for the codec you selected. Inband DTMF is supported in only a limited number of codec. Use RFC2833 as suggested.
- What is this error? NOTICE[9505] manager.c: 217.28.216.250 tried to authenticate with nonexistent user 'admin'
- What is this error? NOTICE[9505] manager.c: 217.28.216.250 failed to authenticate as 'admin'
- Someone really stupid is trying to connect using the manager interface (port 5038). The manager interface is often locked down by IP address so it is really unlikely to be hacked this way, however this can be just annoying. To stop it after a few attempts, you can tweak the fail2ban to capture also these attempts by adding the following row in /etc/fail2ban/filters.d/asterisk.conf: ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s <HOST> failed to authenticate as '[^']*'$ and reload fail2ban
- What is this error? WARNING[26421][C-0000b22f]: chan_sip.c:7350 sip_write: Can't send 10 type frames with SIP write
- Asterisk doesn't yet support comfort noise generation. Just ignore it.
- What is this error? NOTICE[6534] chan_sip.c: Received SIP subscribe for peer without mailbox: 226-SINI
- The extension 226-SINI has sent a "SUBSCRIBE" message to asterisk, but the extension has no voicemail mailbox associated. This can be due to a configuration problem, you forget to associate the MWI mailbox in Configuration/Extension, or an asterisk problem... some time asterisk loads the extension without the mailbox associated. In this case you can restart the phone and deregister the extension, in this way when the phone registers again and subscribe to the voicemail mailbox, it should be loaded correctly. Otherwise you can move that extension to "No (Use externnotify)" in "Send MWI only if subscribed:" and set externnotify=/var/lib/asterisk/agi-bin/vmnotify.php in /etc/asterisk/voicemail.conf
- What is this error? WARNING[53344][C-000015c8] app_voicemail.c: SQL Get Data error! coltitle=category
- This is a long standing asterisk bug fixed only in later releases... it is harmless and can be ignored
- Asterisk is logging INVITE attempts from the Internet, but Fail2ban is not blocking it, like "chan_sip.c
- Failed to authenticate device "12345"<sip:12345@demo.mirtapbx.com>;tag=4b18a608" How is it possible to block them? : You need to path the logger.conf file and restart asterisk when possible
messages => security,notice,warning,error
- The manager interface is not reporting all the data
It is possible the system is slow so you need to give to the manager connection more time. Try to add
writetimeout=1000
in manager.conf and reload
- A call is being reported as FAILED or CONGESTION, how can I get more details about it
You can get additional details pressing on the FAILED or CONGESTION link and check the pcap of the call. If instead you think the problem can be on the asterisk side, you can check the logs of the call. Asterisk under normal configuration reports a very well detailed logs of each activity, so you need to proceed in isolating your call first. You can do starting searching with the date and time of your call. Mind the call started at 2022-08-12 16:09:09, as reported in the Status/Call History. You need to locate this entry in the asterisk logs.
The asterisk logs are located in full files in /var/log/asterisk. These files are rotated daily, so only the latest 10 are available. You need to locate the one containing your date and grep for it, like:
# ls -la /var/log/asterisk/full* -rw-r--r-- 1 root root 2,1M 13 ago 11:37 /var/log/asterisk/full -rw-r--r-- 1 root root 4,6M 10 ago 00:02 /var/log/asterisk/full.0 -rw-r--r-- 1 root root 4,2M 11 ago 00:02 /var/log/asterisk/full.1 -rw-r--r-- 1 root root 4,3M 9 ago 00:02 /var/log/asterisk/full.10 -rw-r--r-- 1 root root 3,9M 12 ago 00:02 /var/log/asterisk/full.2 -rw-r--r-- 1 root root 4,5M 13 ago 00:02 /var/log/asterisk/full.3 -rw-r--r-- 1 root root 3,3M 3 ago 00:02 /var/log/asterisk/full.4 -rw-r--r-- 1 root root 3,9M 4 ago 00:02 /var/log/asterisk/full.5 -rw-r--r-- 1 root root 7,5M 5 ago 00:02 /var/log/asterisk/full.6 -rw-r--r-- 1 root root 4,3M 6 ago 00:02 /var/log/asterisk/full.7 -rw-r--r-- 1 root root 3,4M 7 ago 00:02 /var/log/asterisk/full.8 -rw-r--r-- 1 root root 4,1M 8 ago 00:02 /var/log/asterisk/full.9
As you can see, the 2022-08-12 will be in the /var/log/asterisk/full.3 file.
# grep "2022-08-12 16:09:09" /var/log/asterisk/full.3 [2022-08-12 16:09:09] VERBOSE[24114] pbx_variables.c: Setting global variable 'SIPDOMAIN' to 'devel.mirtapbx.com' [2022-08-12 16:09:09] VERBOSE[24114] netsock2.c: Using SIP RTP Audio TOS bits 184 [2022-08-12 16:09:09] VERBOSE[24114] netsock2.c: Using SIP RTP Audio TOS bits 184 in TCLASS field. [2022-08-12 16:09:09] WARNING[17516][C-00020673] func_channel.c: Unknown or unavailable item requested: 'peername' [2022-08-12 16:09:09] WARNING[17516][C-00020673] chan_sip.c: This function can only be used on SIP channels. [2022-08-12 16:09:09] VERBOSE[17516][C-00020673] pbx.c: Executing [800@authenticated:1] NoOp("PJSIP/136-DEVEL-00000033", "Received a call from peer 136-DEVEL from with CID 136 htek 924 to number 800 for accountcode DEVEL with SIP CALL ID requesting for a max duration of SETPEERNAME= ORIGINATEID= BLIND...=") in new stack
Multiple calls can be shown for the same date/time, so you need to identify the correct one and get the Asterisk Call identification, C-00020673 and grep again for this value, getting the whole call details
# grep "C-00020673" /var/log/asterisk/full.3 | more [2022-08-12 16:09:09] WARNING[17516][C-00020673] func_channel.c: Unknown or unavailable item requested: 'peername' [2022-08-12 16:09:09] WARNING[17516][C-00020673] chan_sip.c: This function can only be used on SIP channels. [2022-08-12 16:09:09] VERBOSE[17516][C-00020673] pbx.c: Executing [800@authenticated:1] NoOp("PJSIP/136-DEVEL-00000033", "Received a call from peer 136-DEVEL from with CID 136 htek 924 to number 800 for accountcode DEVEL with SIP CALL ID requesting for a max duration of SETPEERNAME= ORIGINATEID= BLIND...=") in new stack [2022-08-12 16:09:09] VERBOSE[17516][C-00020673] pbx.c: Executing [800@authenticated:2] NoOp("PJSIP/136-DEVEL-00000033", "Transfer: - - - - ") in new stack [2022-08-12 16:09:09] VERBOSE[17516][C-00020673] pbx.c: Executing [800@authenticated:3] NoOp("PJSIP/136-DEVEL-00000033", "FROMQUEUEID: ") in new stack [2022-08-12 16:09:09] VERBOSE[17516][C-00020673] pbx.c: Executing [800@authenticated:4] GotoIf("PJSIP/136-DEVEL-00000033", "1?5:6") in new stack [2022-08-12 16:09:09] VERBOSE[17516][C-00020673] pbx_builtins.c: Goto (authenticated,800,5) ... [2022-08-12 16:09:11] VERBOSE[17516][C-00020673] pbx.c: Executing [800@dialoutbound:1618] Dial("PJSIP/136-DEVEL-00000033", "PJSIP/800@onlypjsiptest,60,U(destChannelActions^external^wav^^^^^on^)b(pjsip_header,setpjsipheader,1)Tto()") in new stack [2022-08-12 16:09:11] WARNING[17516][C-00020673] app_dial.c: Unable to create channel of type 'PJSIP' (cause 3 - No route to destination) [2022-08-12 16:09:11] VERBOSE[17516][C-00020673] app_dial.c: No devices or endpoints to dial (technology/resource) [2022-08-12 16:09:11] VERBOSE[17516][C-00020673] pbx.c: Executing [800@dialoutbound:1619] Goto("PJSIP/136-DEVEL-00000033", "1739") in new stack [2022-08-12 16:09:11] VERBOSE[17516][C-00020673] pbx_builtins.c: Goto (dialoutbound,800,1739)
Linux System
- My CentOS 6 is out of support
CentOS 6 support has expired on 1st December, however, you can continue to use it, but it is important to change the repo destination to "Vault". You can do easily using the following command
cd /etc/yum.repos.d/ ; mv CentOS-Base.repo CentOS-Base.repo.old ; wget http://devel.mirtapbx.com/mirtapbx_support/centos6/CentOS-Base.repo ; yum clean all ; mv epel.repo epel.repo.old ; wget http://devel.mirtapbx.com/mirtapbx_support/centos6/epel.repo ; yum --security upgrade ; \rm /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo /etc/yum.repos.d/CentOS-SCLo-scl.repo
- My CentOS 7 is out of support
CentOS 7 support has expired on 30 June 2024, however, you can continue to use it, but it is important to change the repo destination to another mirror. You can do easily using the following command
cd /etc/yum.repos.d/ ; mv CentOS-Base.repo CentOS-Base.repo.old ; wget http://devel.mirtapbx.com/mirtapbx_support/centos7/CentOS-Base.repo ; mv CentOS-SCLo-scl.repo CentOS-SCLo-scl.repo.old ; wget http://devel.mirtapbx.com/mirtapbx_support/centos7/CentOS-SCLo-scl.repo ; mv CentOS-SCLo-scl-rh.repo CentOS-SCLo-scl-rh.repo.old ; wget http://devel.mirtapbx.com/mirtapbx_support/centos7/CentOS-SCLo-scl-rh.repo ; yum clean all ; yum --security upgrade
- I can't connect from a more recent server based on CentOS 9 to old servers
update-crypto-policies --set LEGACY
then reboot
- How can I change the system hostname in CentOS 7
hostnamectl set-hostname host.example.com --static
- When a conference is going to start, I get the message app_meetme.c:1296 build_conf: Unable to open DAHDI pseudo device
- It seems the dahdi kernel module is not started or not compiled/available for your running kernel. It is possible you have upgraded your kernel and restarted your system. Try restarting the dahdi by using the command:
/etc/init.d/dahdi restart
If it doesn't fix the issue, try recompiling dahdi module, going in /usr/local/src/dahdi-linux-complete-*
and running:
make make install /etc/init.d/dahdi restart
- How can I change the kernel to be booted?
Check the current running kernel with
grubby --default-kernel
Check the index it is running with
grubby --default-index
Check all the kernel installed with
grubby --info=ALL
You can change the booting kernel using the name with
grubby --set-default [kernel-filename]
or the index
grubby --set-default-index=[kernel-entry-index]
- How can I install a specific kernel version?
You can check all the kernel version available using
yum --showduplicates list kernel
You can install an older version using:
yum -y install 5.14.0-391.el9
- At boot time, the clock is wrong
It is possible your RTC (Realtime clock) is set on a different time. You can reset the RTC clock to the Local time using
hwclock --systohc
To check the status
timedatectl status
- The web interface session is expiring too often, I need always to reauthenticate, how can I make it run longer?
- You should change the session timeout value in php.ini and then restart the web server process, by default is 2880 seconds, set as long as you like
session.gc_maxlifetime = 2880
- How can I upgrade to PHP 5.5 to use AWS S3 Storage?
- System is now shipped with PHP 5.5 already installed, but previous installations were using the standard PHP version which is not suitable for AWS S3 because it requires PHP 5.5. On CentOS 6 64bit You can upgrade with the following steps:
rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm yum -y install yum-plugin-replace yum replace php-common --replace-with=php55w-common yum install php55w-opcache rpm --import https://mirror.webtatic.com/yum/RPM-GPG-KEY-webtatic-andy service httpd restart
- How can I change the server IP?
- To change the server IP you need to refer to your OS documentation, but after you have changed your IP, there are a series of changes to be applied to MiRTA PBX:
- /etc/odbc.ini, /var/www/html/pbx/include/db.inc.php and /var/lib/asterisk/agi-bin/include/db.inc.php – contain the IP for the database server. If you are running a cluster with MySQL multimaster replication, please refer to MySQL documentation on how to change a node IP and realign the replication.
- /etc/asterisk/sip.conf – contains the server itself definition used to allow the server to call itself. If you are running your server behind a NAT, it can be needed to change also the externip parameter. Once changed, you need to reload SIP (asterisk -rx 'sip reload'). Please note all extensions will be deregistered.
- /etc/asterisk/manager.conf – allows the web interface to access the manager interface. Once changed, you need to reload the manager interface (asterisk -rx 'manager reload')
- /etc/hosts – it is important to have the server host to resolv correctly to the new IP. Please don't use 127.0.0.1 as server IP
- /var/lib/asterisk/agi-bin/devstate.conf.php – lists the servers available in the pool to distribute the extension state. Status exchange is done over port 19771 using UDP protocol. Once the new IP has been inserted, you need to kill devstatesender.php and devstatereceiver.php processes, these will be automatically restarted.
Finally, you need to change the server IP defined in the web interface, using Admin/PBX Nodes. It can be a good idea to update the Always Allowed IP in the Admin/Security/GeoIP Fail2ban. It can be possible you need to request a new license for the server due to the change in IP. Please remember asterisk will still works and call will be processed normally even with an expired or not valid license.
- I want to put an additional firewall, which ports need to be open?
- You can identify three kinds of connections:
- Connections from outside: your clients will need to connect to port tcp/80 and tcp/443 for web interface, udp/5060, tcp/5060, udp/5080, tcp/5061, tcp/5081 for SIP and from udp/10000 to udp/20000 for RTP (audio). If you have enabled multimanager, open port tcp/5039
- Connections between multiple servers: your servers need to talk each other in several ports. In addition to the above ports, you'll need to open tcp/5038 for manager, tcp/3306 for MySQL, udp/19771 for devstate alignment
- Connections from management servers: please keep open port tcp/22 from my IP and port tcp/5666 from Nagios server, if service subscribed.
- I am a bit worried about memory usage, I see the server has only few megabytes free
Just checking the availabile free memory is not enough to understand the health of a system. You should sum up the free and cached memory. On a real busy server with Voipmonitor pumping a lots of megabytes in the database, it is easy to see an high usage of cached memory. If you feel safer to leave some memory free, you can force the system to release all the cached memory with the command:
echo 3 > /proc/sys/vm/drop_caches
- I have lots of connections in TIME_WAIT state
You can mitigate this problem by instructing Linux to recycle old connections:
echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse
- My system is running very slow even if I have lots of RAM and lots of CPU
Your system can be running slow because you have power saving. You can check your CPU power saving mode with:
cat /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
You can set all your CPU cores to "performance" by running
for CPUFREQ in /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor; do [ -f $CPUFREQ ] || continue; echo -n performance > $CPUFREQ; done
If you are running CentOS 6, your kernel can have problems in dealing with large memory. It can be good to disable the memory defrag with
echo 0 > /sys/kernel/mm/transparent_hugepage/khugepaged/defrag echo never > /sys/kernel/mm/transparent_hugepage/defrag echo never > /sys/kernel/mm/transparent_hugepage/enabled echo never > /sys/kernel/mm/redhat_transparent_hugepage/defrag
You may want to try running on a newer kernel (but beware, dahdi may not compile) by installing a new kernel-ml repository using the following link
http://elrepo.org/tiki/tiki-index.php
- I can't connect to external services, like IBM Watson, it seems a certificate problem.
Like any other browser, your system needs to have a list of CA authorized to issue certificate. The one used by IBM Watson has been updated and you are not recognizing it. Please download the updated list of CA and then copy where curl is expecting it
curl-config --ca wget --no-check-certificate https://curl.haxx.se/ca/cacert.pem cp cacert.pem /etc/pki/tls/certs/ca-bundle.crt
- How to configure a SFTP server
You can easily configure an SFTP server adding the user you want to use, adding a group sftpusers, putting the user in the group and then adding the following info in /etc/ssh/sshd_config
Subsystem sftp internal-sftp # add follows to the end Match Group sftp_users X11Forwarding no AllowTcpForwarding no ChrootDirectory /home ForceCommand internal-sftp
- Which ports need to be open?
If you are running a single node, you need to open the following ports:
For SIP:
5060/udp 5060/tcp 5061/tcp 5080/udp 5080/tcp 5081/tcp 5082/tcp
For RTP:
From 10000 to 20000 udp
If you are running multiple nodes in cluster, you need to open also the following ports between the nodes:
For MySQL:
3306/tcp
For extension state replication:
19771/udp
For manager:
5038/tcp
- I have restarted my server and now asterisk is crashing under the load
It may happen if you have too many chan_sip phones. Under normal circumstances, the system works great, but once restarted, all the phones are trying to register at the same time and asterisk crashes. In this case can be convenient to use the firewall to schedule the registration.
iptables -X iptables -F iptables -I INPUT -s 0.0.0.0/0 -j DROP export i=1 ; while [ $i -lt 255 ]; do iptables -I INPUT -s $i.0.0.0/8 -j ACCEPT ; export i=$(($i+1)) ; sleep 3s ; netstat -nap | grep 5060 ; asterisk -rx 'sip show peers' | tail -10 ; done
- The pdftk process is running endlessyat 100% CPU
Some older versions have this problem. Please upgrade to a newer one available from https://www.pdflabs.com/docs/install-pdftk-on-redhat-or-centos/
- I can't load kernel modules due to "Key was rejected by service"
You have Secure Boot enabled, don't you? In that case it's working as designed. See the Secure Boot status with dmesg | grep -i secure .
If you need to load that module, you will need to disable Secure Boot from your firmware (BIOS). By doing that you will of course lose the protection provided by UEFI Secure Boot.
MySQL
- MySQL replication is broken with "Relay log read failure: Could not parse relay log event entry. The possible reasons are: the master's binary log is corrupted (you can check this by running 'mysqlbinlog' on the binary log), the slave's relay log is corrupted (you can check this by running 'mysqlbinlog' on the relay log), a network problem, or a bug in the master's or slave's MySQL code. If you want to check the master's binary log or slave's relay log, you will be able to know their names by issuing 'SHOW SLAVE STATUS' on this slave.", how can I fix it?
- MySQL multimaster replication needs some advanced MySQL skills. If you do not have them, it is better if you refer to MiRTA PBX support and subscribe a "Nagios monitoring and OS management" service. If instead you have the needed knowledge, understanding that a wrong action can get things worst and you may lose data, to recover from this problem you need:
- Get the MySQL slave status with "show slave status"
- Stop the slave replication with "stop slave"
- Reset the relay log with "reset slave"
- Reinitialize the relay log with "change master to master_log_file='<Relay_Master_Log_File>', master_log_pos=<Exec_Master_Log_Pos>"
- Start the slave replication with "start slave"
- I have lost the me_media table
- It is easy to panic and to abruptly remove the big voipmonitor.me_media table who is filling your disk, but now you need to recreate it and maybe reduce the retention period for voipmonitor data file. I have created a script as protected/recreatememedia.php doing this job.
- MySQL time is wrong
- It is possible your mysql has no more valid timezone informations. Please run the following command:
mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql
- I need to skip lots of voipmonitor add partition collisions
Why don't use a script like
while [ 1 ]; do if [ `echo "show slave status for channel 'from_voip3_to_voip1'" | mysql -u root -ppassw0rd | grep voipmonitor | wc -l` -gt 0 ]; then echo "stop slave for channel 'from_voip3_to_voip1'; set global sql_slave_skip_counter=1; start slave for channel 'from_voip3_to_voip1'" | mysql -u root -ppassw0rd; fi; sleep 5s; echo "show slave status for channel 'from_voip3_to_voip1'\G" | mysql -u root -ppassw0rd | grep Seconds_Behind_Master; done
- MySQL max open file limit is 5000
The standard MySQL install has an open file limit of 5000 files. To raise this limit, edit the file /usr/lib/systemd/system/mysqld.service and set like
LimitNOFILE = 32768
then reload the service with:
systemctl daemon-reload service mysqld restart
If instead you still run CentOS 6, you can add the following to my.cnf and restart mysqld
open_files_limit = 32768
- I need to connect to MySQL using SSL
From version 4.0.13 is possible to connect to MySQL using SSL. A small change is needed on both /var/www/html/pbx/include/db.inc.php and /var/lib/asterisk/agi-bin/include/db.inc.php adding the following rows in the right place:
$dbconn=NewADOConnection($dbtype); $dbconn->ssl_capath=""; $dbconn->clientFlags=MYSQLI_CLIENT_SSL; $GLOBALS['ADODB_SESS_CONN']=$dbconn;
- I need to load timezone data in MySQL
You can do from your database server running:
mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p MySQL
- Where do I find MySQL 5.5 ?
Use this command:
yum install http://repo.mysql.com/yum/mysql-5.5-community/el/7/x86_64/mysql-community-release-el7-5.noarch.rpm
- How fast should be MySQL?
It is not easy to measure the performance of MySQL, but there is a script you can try to run in /var/www/html/pbx/protected
These are some performance analysis, just to compare
# php check_performance.php Checking voicemail table Collected 1269 queries Running 100 cycles Time required: 11.420516967773 Time for 1000 requests: 8.9996193599475 Checking sipfriends table Collected 256 queries Running 100 cycles Time required: 3.5946228504181 Time for 1000 requests: 14.041495509446 Checking st_states table Loading 100000 queries Time required: 14.124006986618 Time for 1000 requests: 0.14124006986618
- I can't upgrade MySQL, the GPG key is expired or invalid
rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2022
Extensions
- Can I use an extension to connect a remote PBX to the system?
- Yes, but you need to enable the “trunk” feature for the extension or otherwise the Caller ID of the call coming from the remote PBX will be overwritten.
- When I use server side attended or unattended transfer (#* and ##), there is no enough time to dial the destination extension!
- The default timeout is set to 3 seconds, but the “transfer” message is played inside this time, so it may seem shorter. You can increase the timeout of the transfer by editing the /etc/asterisk/features.conf and changing the value for transferdigittimeout to the amount of seconds you like. Once done, reload the module from within asterisk with “module reload features”
- When I try to recover the Voicemail, it says the PIN is invalid
- Most of the time, there is a problem with DTMF, check the log for the call in /var/log/asterisk/full if you see this message:
dsp.c: Inband DTMF is not supported on codec g729. Use RFC2833
In this case, change the DTMF setting on the PBX from “auto” to RFC2833 and if possible, also on the phone
Queues
- How can I get rid of the message "All of our representatives are currently..."
- You need to set to 0 (zero) the Announce Frequency
Conference
- Sometime the quality is really bad... is there anything I can do?
- Try increasing the number of audiobuffers in meetme.conf and reload the module
Voicemails
- A caller leaves a voicemail for an extension, but that voicemail is not appearing
- The voicemail box can be locked, please check if in there a .lock file in the INBOX
folder, like in this example:
#find /var/spool/asterisk/voicemail/pulmonarycriticl/100/ /var/spool/asterisk/voicemail/pulmonarycriticl/100/ /var/spool/asterisk/voicemail/pulmonarycriticl/100/Cust2 /var/spool/asterisk/voicemail/pulmonarycriticl/100/Urgent /var/spool/asterisk/voicemail/pulmonarycriticl/100/INBOX /var/spool/asterisk/voicemail/pulmonarycriticl/100/INBOX/.lock /var/spool/asterisk/voicemail/pulmonarycriticl/100/Work /var/spool/asterisk/voicemail/pulmonarycriticl/100/Cust3 /var/spool/asterisk/voicemail/pulmonarycriticl/100/Old /var/spool/asterisk/voicemail/pulmonarycriticl/100/tmp /var/spool/asterisk/voicemail/pulmonarycriticl/100/tmp/Av5Vqa.wav /var/spool/asterisk/voicemail/pulmonarycriticl/100/tmp/Av5Vqa
Just remove it. About the source of the lock… maybe your asterisk server has crashed in the middle of a voicemail message.
- MWI has stopped working, it is a periodic issue for my clients
Yes, MWI is often a problem and it is not clear where the problem is, if in the phones or in asterisk. In a normal SIP environment, the phone subscribe to MWI and start getting notify about the status. Subscription needs to be refreshed, like registration and this can be the source of the problem. To get rid of it, use "Externnotify"
Before doing it, you should check if the extern notification has been correctly setup in your system. Edit /etc/asterisk/voicemail.conf and check if the externnotify has been set as following.
externnotify=/var/lib/asterisk/agi-bin/vmnotify.php
If not, set it and reload voicemail module
- I can't listen to voicemails anymore
It is possible you are running MySQL from MySQL repository and a bugged ODBC version has been installed. Any version above 8.0.11 has a problem affecting asterisk and until Asterisk or MySQL dev teams fix it, we need to run the old version.
yum -y install yum-plugin-versionlock yum -y downgrade mysql-connector-odbc-8.0.11 yum versionlock mysql-connector-odbc-8.0.11
Unfortunately a module reload doesn't work and you need to restart asterisk
Voipmonitor
- Register attempts data
To enable the registration and subsequent consultation of access attempt edit
/etc/voipmonitor.conf
and change to yes the following parameter:
sip-register = no
Then restart Voipmonitor:
service voipmonitor restart
Miscellaneous
- My clients are getting ghost calls from weird numbers not logged in MiRTA PBX
- Those ghost calls are attempts made by “hackers” to place rogue calls, usually to premium rate numbers. They start by analyzing large part of Internet trying to connect to port 5060, the standard port used by PBX and phones. If they detect an answer, they try placing some calls using different formats. If one of these calls has success, then they start to send hundred of calls to premium rate numbers. They get some money rewards by phone companies. To avoid this issue, you can place the phone behind a firewall or NAT router, allowing only the PBX to connect or you can configure the phone to accept calls only from registered server. This option has several names depending by the phone brand.
- When a call has no callerid, is received as “asterisk”. How can I change it?
- You can change setting the “callerid” parameter in the sip.conf and then reload sip from asterisk. Remember it will disconnect all clients connected.
- My Music on Hold is starting from the middle, but I want it to be started from the start each time
- There are two ways to run Music on Hold... you can run a single process for all clients waiting in queue or you can start a new process for each of the clients. Obviously the first way is preferred if you have a big number of clients awaiting, but it has the drawback of having the MOH process to stream the music continuously, so a client joining the queue will start listening it not from the start. The second way can be activated by changing the musiconhold.conf and disabling cachertclasses
[general] cachertclasses=no ; use 1 instance of moh class for all users who are using it, ; decrease consumable cpu cycles and memory ; disabled by default
This setting is PBX wide and cannot be turned on/off based on tenant
- When I try to login into the web interface, an error message tell me "You are not allowed to connect right now, try later", but my username/password are correct
- The problem is due to the fact someone from your IP has tried connecting too many times and the system has been configured to check for past failed attempts. You can disable the "Web fail2ban" by using SSH and editing the table se_settings. MySQL root password is "passw0rd"
echo "update se_settings set se_value='' where se_code='WEBFAIL2BAN'" | mysql -u root -p
- When using Mail to Fax, I cannot acces my Gmail account, even if the password is correct
- Gmail doesn't like you to access your mailbox over IMAP or POP3 too often. If you want to still access it every minute (the default Mail to Fax rate), you need to enable "Allow less secure apps". https://support.google.com/accounts/answer/6010255?hl=en
- What should I enter to select "Voicemail Same Number" in an extension field in the New Items Defaults?
- Please enter SAMENUMBERVM
- I enabled Google ReCaptcha with a wrong configuration and now I can't login anymore
- Please connect to your database server and run:
echo "update se_settings set se_value='' where se_code='USERECAPTCHA'" | mysql -u root -ppassw0rd asterisk
- What are the devstatesender and devstatereceiver processes for?
The devstatesender.php and devstatereceiver.php are two processes that need to be always running. They are run at startup by /etc/rc.local using two scripts, restartdevstatesender.sh and restartdevstatereceiver.sh. When one of the PHP process dies or it is killed, the sh script will run it again. You should never run them manually, but always let the sh script to run them. If the sh scripts are not running, you may think of restarting the server or run them manually by executing the script as shown in /etc/rc.local.
This PHP scripts read the AMI events from one of the servers and distribute them to all other servers. These pair is scripts is needed to run even if there is a single node in the cluster.
- My provider wants to receive the PAI address in clear even for Anonymous calls
In this case you can use the additional header in the provider definition with something like:
using the default outbound callerid of the extension:
P-Asserted-Identity: "${HASH(PEER,ex_cidnum)}${HASH(peerdetails,ex_cidnum)}" <sip:${HASH(PEER,ex_cidnum)}${HASH(peerdetails,ex_cidnum)}@pbx.yourdomain.com>
or using the billingcode defined in the tenant
P-Asserted-Identity: "${BILLINGCODE}" <sip:${BILLINGCODE}@pbx.yourdomain.com>
Phones
- How can I avoid to receive a new call while I am already in a conversation?
- You can receive another call while on line because the feature “Call Waiting” is active on your phone. Turn it off and the second call will get a BUSY signal. Disabling on the phone depends by the phone model, for example on Yealink it is here:
- How can I allow a SNOM phone to auto answer on paging?
- SNOM has a security setting to prevent auto answer, so it has to be enabled to make it to work. On version V8 you need to go to Advanced / Behaviour (tab) / Phone Behaviour / Intercom policy
Provisioning
- My phone refuse to provision, but when I download the configuration, it seems perfect
- If you are trying to provision over https, then check if the SSL certificate is valid. Phones require a valid certificate for provisioning. Verify the date and time on the phone because the certificate has a start and end date of validity. As last chance, try provisioning with http, but just to verify if the problem is in the certificate (some phones are really picky about certificates), then change the key and the extension password.
PHP
- I have upgraded PHP to version 5.x/7.x but now my Admin/Settings is no more working
- The Admin/Settings page and few others include the Ivona library and you need to upgrade the requirements, based on your php version. Please move in that directory and then update using composer:
cd /var/www/html/pbx/libs/IvonaSpeechCloudSdkPhp
php composer.phar update
Tenants mixup
This should not happen, but I see it is still sometime happening or maybe they are old interface errors coming only now to light. When you are editing a page and in another tab you change the tenant, saving the first page can lead to a mixup because you are saving in a different tenant. Unfortunately the browsers don't allow different security environment for each tab.
To detect if you have any of these mixup, you can run the following query
select count(distinct de_te_id),de_type_src,de_type_id_src from de_destinations group by de_type_src,de_type_id_src having count(distinct de_te_id)>1;
You can obtain the following output:
+--------------------------+---------------+----------------+ | count(distinct de_te_id) | de_type_src | de_type_id_src | +--------------------------+---------------+----------------+ | 2 | FLOW | 88 | | 2 | QUEUE-TIMEOUT | 413 | +--------------------------+---------------+----------------+
You can check what happened, by investigating the records for the queue:
mysql> select qu_te_id from qu_queues where qu_id=413; +----------+ | qu_te_id | +----------+ | 719 | +----------+ 1 row in set (0.00 sec)
mysql> select * from de_destinations where de_type_src='QUEUE-TIMEOUT' and de_type_id_src=413; +--------+----------+---------------+----------------+-------------+----------------+--------+ | de_id | de_te_id | de_type_src | de_type_id_src | de_type_dst | de_type_id_dst | de_ord | +--------+----------+---------------+----------------+-------------+----------------+--------+ | 185731 | 6 | QUEUE-TIMEOUT | 413 | VOICEMAIL | 81 | 1 | | 192043 | 719 | QUEUE-TIMEOUT | 413 | VOICEMAIL | 4285 | 1 | +--------+----------+---------------+----------------+-------------+----------------+--------+ 2 rows in set (0.00 sec)
Here you can see the destination for QUEUE-TIMEOUT with id 413 is both VOICEMAIL in both tenant 6 and tenant 719, but the queue is in tenant 719, so the entry with de_id 185731 needs to be removed.
- I cannot receive email for recordings, maybe the recording size is too big
Try to increase the max size limit for the message in /etc/postfix/main.cf
message_size_limit=102400000