Asterisk teams configuration

From MiRTA PBX documentation
Revision as of 16:06, 2 April 2024 by Admin (talk | contribs) (Created page with "In the pjsip.conf file for your asterisk server, create a new transport named transporttls and reletad indentify and aor sections. That will be different from your usual transport-tls used for normal PJSIP phones. <pre> [transporttls] type=transport protocol=tls bind=0.0.0.0:5091 cert_file=/etc/opensips/ssl/cert.crt ca_list_file=/etc/opensips/ssl/ca.crt priv_key_file=/etc/opensips/ssl/privkey.crt cipher=ECDHE-RSA-CHACHA20-POLY1305,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-A...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

In the pjsip.conf file for your asterisk server, create a new transport named transporttls and reletad indentify and aor sections. That will be different from your usual transport-tls used for normal PJSIP phones.

[transporttls]
type=transport
protocol=tls
bind=0.0.0.0:5091
cert_file=/etc/opensips/ssl/cert.crt
ca_list_file=/etc/opensips/ssl/ca.crt
priv_key_file=/etc/opensips/ssl/privkey.crt
cipher=ECDHE-RSA-CHACHA20-POLY1305,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES128-SHA256,AES256-GCM-SHA384,AES128-GCM-SHA256
method=sslv23
external_media_address = 139.*****.91
external_signaling_address = 139.*****.91

[msteams_trunk_from_teams]
type=endpoint
transport=transporttls
context=msteams
disallow=all
allow=ulaw
aors=aor_msteams_trunk_from_teams
media_encryption=sdes
from_domain=vir-ast-fe-04.*****.net
send_pai=no
rewrite_contact=no
force_rport=no
sdp_owner=-
sdp_session=FullysPBX
allow_transfer=yes
ice_support=no
direct_media=no

[aor_msteams_trunk_from_teams]
type = aor
qualify_frequency=60
contact=sip:sbc.*****.net:5067

[msteams_trunk_from_teams]
type=identify
endpoint = msteams_trunk_from_teams
match = 139.*****.91

The certificate generation is important and must contain all your Teams domains

./acme.sh --issue --keylength 4096 --standalone -d asterisk.yourdomain.com -d opensips.yourdomain.com -d teams1.yourdomain.com --fullchain-file /etc/opensips/ssl/cert.crt --cert-file /etc/opensips/ssl/ca.crt --key-file /etc/opensips/ssl/privkey.crt --server https://acme-v02.api.letsencrypt.org/directory