FAQ: Difference between revisions
Jump to navigation
Jump to search
Line 1: | Line 1: | ||
== Asterisk == | |||
; How can I setup Asterisk to use TLS : Asterisk can use TLS as transport for the signalling, increasing the authentication security and providing extra privacy about the number dialed and other info usually transmitted in clear over the SIP channel. TLS will encrypt only the signalling part, without offering any extra security to the RTP (voice) part. In the [general] section of sip.conf, add the following info, replacing the IP address with the IP address of the server. Provide the certificate and key in pem format. | |||
<pre>tlsenable=yes | |||
tlsbindaddr=213.133.102.85 | |||
tlscertfile=/etc/asterisk/certificates/demo.mirtapbx.com.pem | |||
tlsdontverifyserver=no | |||
tlscipher=DESCBC3SHA | |||
tlsclientmethod=tlsv1 | |||
transport=udp,tls </pre> | |||
== Asterisk Errors == | == Asterisk Errors == | ||
; What is this error? <nowiki>WARNING[23261]: res_musiconhold.c:719 monmp3thread: poll() failed: Interrupted system call</nowiki> : Nothing to worry, when the Musing On Hold process terminates to play the media file, this error is thrown out, just ignore it | ; What is this error? <nowiki>WARNING[23261]: res_musiconhold.c:719 monmp3thread: poll() failed: Interrupted system call</nowiki> : Nothing to worry, when the Musing On Hold process terminates to play the media file, this error is thrown out, just ignore it |
Revision as of 21:00, 31 May 2016
Asterisk
- How can I setup Asterisk to use TLS
- Asterisk can use TLS as transport for the signalling, increasing the authentication security and providing extra privacy about the number dialed and other info usually transmitted in clear over the SIP channel. TLS will encrypt only the signalling part, without offering any extra security to the RTP (voice) part. In the [general] section of sip.conf, add the following info, replacing the IP address with the IP address of the server. Provide the certificate and key in pem format.
tlsenable=yes tlsbindaddr=213.133.102.85 tlscertfile=/etc/asterisk/certificates/demo.mirtapbx.com.pem tlsdontverifyserver=no tlscipher=DESCBC3SHA tlsclientmethod=tlsv1 transport=udp,tls
Asterisk Errors
- What is this error? WARNING[23261]: res_musiconhold.c:719 monmp3thread: poll() failed: Interrupted system call
- Nothing to worry, when the Musing On Hold process terminates to play the media file, this error is thrown out, just ignore it
- What is this error? WARNING[3221]: func_cdr.c:352 cdr_write_callback: CDR requires a value (CDR(variable)=value)
- Nothing to worry, it is a small glitch in the dialplan, but avoiding it will require an extra check, slowing down the call processing, so it is avoided, preferring the warning. Just ignore it.
- What is this error? ERROR[24984][C-00008457]: res_fax.c:4364 acf_faxopt_read: channel 'SIP/201-#######-0001547a' can't read FAXOPT(gateway) because it has never been written.
- Nothing to worry, it is a small glitch in the dialplan, but avoiding it will require an extra check, slowing down the call processing, so it is avoided, preferring the error. Just ignore it.
- What is this error? WARNING[3221]: func_cdr.c:364 cdr_write_callback: Using the CDR function to set 'accountcode' is deprecated. Please use the CHANNEL function instead.
- I am using an old syntax to preserve compatibility with older asterisk versions. Just ignore it.
- What is this error? WARNING[25144][C-0000845c]: dsp.c:1489 ast_dsp_process: Inband DTMF is not supported on codec #####. Use RFC2833
- This is important, you are using an incompatible DTMF format for the codec you selected. Inband DTMF is supported in only a limited number of codec. Use RFC2833 as suggested.
- What is this error? NOTICE[9505] manager.c: 217.28.216.250 tried to authenticate with nonexistent user 'admin'
- What is this error? NOTICE[9505] manager.c: 217.28.216.250 failed to authenticate as 'admin'
- Someone really stupid is trying to connect using the manager interface (port 5038). The manager interface is often locked down by IP address so it is really unlikely to be hacked this way, however this can be just annoying. To stop it after a few attempts, you can tweak the fail2ban to capture also these attempts by adding the following row in /etc/fail2ban/filters.d/asterisk.conf: ^(%(__prefix_line)s|\[\]\s*)%(log_prefix)s <HOST> failed to authenticate as '[^']*'$ and reload fail2ban
- What is this error? WARNING[26421][C-0000b22f]: chan_sip.c:7350 sip_write: Can't send 10 type frames with SIP write
- Asterisk doesn't yet support comfort noise generation. Just ignore it.
- What is this error? NOTICE[6534] chan_sip.c: Received SIP subscribe for peer without mailbox: 226-SINI
- The extension 226-SINI has sent a "SUBSCRIBE" message to asterisk, but the extension has no voicemail mailbox associated. This can be due to a configuration problem, you forget to associate the MWI mailbox in Configuration/Extension, or an asterisk problem... some time asterisk loads the extension without the mailbox associated. In this case you can restart the phone and deregister the extension, in this way when the phone registers again and subscribe to the voicemail mailbox, it should be loaded correctly. Otherwise you can move that extension to "No (Use externnotify)" in "Send MWI only if subscribed:" and set externnotify=/var/lib/asterisk/agi-bin/vmnotify.php in /etc/asterisk/voicemail.conf
- What is this error? WARNING[53344][C-000015c8] app_voicemail.c: SQL Get Data error! coltitle=category
- This is a long standing asterisk bug fixed only in later releases... it is harmless and can be ignored
Linux System
- When a conference is going to start, I get the message app_meetme.c:1296 build_conf: Unable to open DAHDI pseudo device
- It seems the dahdi kernel module is not started or not compiled/available for your running kernel. It is possible you have upgraded your kernel and restarted your system. Try restarting the dahdi by using the command:
/etc/init.d/dahdi restart
If it doesn't fix the issue, try recompiling dahdi module, going in /usr/local/src/dahdilinux-complete-* and running:
make make install /etc/init.d/dahdi restart
- The web interface session is expiring too often, I need always to reauthenticate, how can I make it run longer?
- You should change the session timeout value in php.ini and then restart the web server process, by default is 2880 seconds, set as long as you like
session.gc_maxlifetime = 2880
- How can I upgrade to PHP 5.5 to use AWS S3 Storage?
- System is now shipped with PHP 5.5 already installed, but previous installations were using the standard PHP version which is not suitable for AWS S3 because it requires PHP 5.5. On CentOS 6 64bit You can upgrade with the following steps:
rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm yum -y install yum-plugin-replace yum replace php-common --replace-with=php55w-common yum install php55w-opcache rpm --import https://mirror.webtatic.com/yum/RPM-GPG-KEY-webtatic-andy service httpd restart
Extensions
- Can I use an extension to connect a remote PBX to the system?
- Yes, but you need to enable the “trunk” feature for the extension or otherwise the Caller ID of the call coming from the remote PBX will be overwritten.
- When I use server side attended or unattended transfer (#* and ##), there is no enough time to dial the destination extension!
- The default timeout is set to 3 seconds, but the “transfer” message is played inside this time, so it may seem shorter. You can increase the timeout of the transfer by editing the /etc/asterisk/features.conf and changing the value for transferdigittimeout to the amount of seconds you like. Once done, reload the module from within asterisk with “module reload features”
- When I try to recover the Voicemail, it says the PIN is invalid
- Most of the time, there is a problem with DTMF, check the log for the call in /var/log/asterisk/full if you see this message:
dsp.c: Inband DTMF is not supported on codec g729. Use RFC2833
In this case, change the DTMF setting on the PBX from “auto” to RFC2833 and if possible, also on the phone
Voicemails
- A caller leaves a voicemail for an extension, but that voicemail is not appearing
- The voicemail box can be locked, please check if in there a .lock file in the INBOX
folder, like in this example:
#find /var/spool/asterisk/voicemail/pulmonarycriticl/100/ /var/spool/asterisk/voicemail/pulmonarycriticl/100/ /var/spool/asterisk/voicemail/pulmonarycriticl/100/Cust2 /var/spool/asterisk/voicemail/pulmonarycriticl/100/Urgent /var/spool/asterisk/voicemail/pulmonarycriticl/100/INBOX /var/spool/asterisk/voicemail/pulmonarycriticl/100/INBOX/.lock /var/spool/asterisk/voicemail/pulmonarycriticl/100/Work /var/spool/asterisk/voicemail/pulmonarycriticl/100/Cust3 /var/spool/asterisk/voicemail/pulmonarycriticl/100/Old /var/spool/asterisk/voicemail/pulmonarycriticl/100/tmp /var/spool/asterisk/voicemail/pulmonarycriticl/100/tmp/Av5Vqa.wav /var/spool/asterisk/voicemail/pulmonarycriticl/100/tmp/Av5Vqa
Just remove it. About the source of the lock… maybe your asterisk server has crashed in the middle of a voicemail message.
Miscellaneous
- My clients are getting ghost calls from weird numbers not logged in MiRTA PBX
- Those ghost calls are attempts made by “hackers” to place rogue calls, usually to premium rate numbers. They start by analyzing large part of Internet trying to connect to port 5060, the standard port used by PBX and phones. If they detect an answer, they try placing some calls using different formats. If one of these calls has success, then they start to send hundred of calls to premium rate numbers. They get some money rewards by phone companies. To avoid this issue, you can place the phone behind a firewall or NAT router, allowing only the PBX to connect or you can configure the phone to accept calls only from registered server. This option has several names depending by the phone brand.
- When a call has no callerid, is received as “asterisk”. How can I change it?
- You can change setting the “callerid” parameter in the sip.conf and then reload sip from asterisk. Remember it will disconnect all clients connected.
- My Music on Hold is starting from the middle, but I want it to be started from the start each time
- There are two ways to run Music on Hold... you can run a single process for all clients waiting in queue or you can start a new process for each of the clients. Obviously the first way is preferred if you have a big number of clients awaiting, but it has the drawback of having the MOH process to stream the music continuously, so a client joining the queue will start listening it not from the start. The second way can be activated by changing the musiconhold.conf and disabling cachertclasses
[general] cachertclasses=no ; use 1 instance of moh class for all users who are using it, ; decrease consumable cpu cycles and memory ; disabled by default
This setting is PBX wide and cannot be turned on/off based on tenant
Phones
- How can I avoid to receive a new call while I am already in a conversation?
- You can receive another call while on line because the feature “Call Waiting” is active on your phone. Turn it off and the second call will get a BUSY signal. Disabling on the phone depends by the phone model, for example on Yealink it is here:
- How can I allow a SNOM phone to auto answer on paging?
- SNOM has a security setting to prevent auto answer, so it has to be enabled to make it to work. On version V8 you need to go to Advanced / Behaviour (tab) / Phone Behaviour / Intercom policy
Provisioning
- My phone refuse to provision, but when I download the configuration, it seems perfect
- If you are trying to provision over https, then check if the SSL certificate is valid. Phones require a valid certificate for provisioning. Verify the date and time on the phone because the certificate has a start and end date of validity. As last chance, try provisioning with http, but just to verify if the problem is in the certificate (some phones are really picky about certificates), then change the key and the extension password.