Canary Amazon AWS
69 views
Skip to first unread message
Volmar Machado
Mar 8, 2016, 5:00:16 PM3/8/16
to SIPfoundry users and developers group
I am trying to setup a canary sipxecs server on amazon aws, I have all the ports open on my security groups,
And from the internal interface port 5060 is open, but by the external interface, the 5060 is closed.
Is there some configuration that I should do here (Since sipxecs installs over the internal interface)?
Regards,
Volmar
Joegen E. Baclor
Mar 9, 2016, 6:33:14 AM3/9/16
to Volmar Machado, SIPfoundry users and developers group
Volmar,
This is a big design change. sipxecs-ng now uses an SBC to handle upper registration. This service must be enabled if you want to support remote workers. It is listening on port 5062 for both TCP and UDP. This means you need to setup your global DNS/SRV records to point to 5062 instead of 5060.
Joegen
This is a big design change. sipxecs-ng now uses an SBC to handle upper registration. This service must be enabled if you want to support remote workers. It is listening on port 5062 for both TCP and UDP. This means you need to setup your global DNS/SRV records to point to 5062 instead of 5060.
Joegen
--
You received this message because you are subscribed to the Google Groups "SIPfoundry users and developers group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sipfoundry-users-and-dev...@googlegroups.com.
To post to this group, send email to sipfoundry-users-a...@googlegroups.com.
Visit this group at https://groups.google.com/group/sipfoundry-users-and-developers-group.
To view this discussion on the web visit https://groups.google.com/d/msgid/sipfoundry-users-and-developers-group/b1ea29e3-723a-41ca-a500-57413292e832%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Volmar Machado
Mar 9, 2016, 7:07:00 AM3/9/16
to SIPfoundry users and developers group
Thank you for your answer.
But let me tell you, that I am a developer with a little experience in devops, and even lees with sipxecs 5, so that is not so obvious for me (but I've been investigating). Would a default SBC come with sipxecs canary? if so, where I have to go to activate it? If not which one you recommend for testing purposes(mus be free)? And, should I put the port 5062 on linphone to connect? And when are do you planning to launch an article to help the less illuminated in how to do that transition (I already read the quick guide for admin).
Regards,
Volmar
Em quarta-feira, 9 de março de 2016 05:33:14 UTC-6, Joegen Baclor escreveu:
Volmar,
This is a big design change. sipxecs-ng now uses an SBC to handle upper registration. This service must be enabled if you want to support remote workers. It is listening on port 5062 for both TCP and UDP. This means you need to setup your global DNS/SRV records to point to 5062 instead of 5060.
Joegen
On 08/03/2016 5:00 PM, Volmar Machado wrote:
I am trying to setup a canary sipxecs server on amazon aws, I have all the ports open on my security groups,--
And from the internal interface port 5060 is open, but by the external interface, the 5060 is closed.
Is there some configuration that I should do here (Since sipxecs installs over the internal interface)?
Regards,Volmar
You received this message because you are subscribed to the Google Groups "SIPfoundry users and developers group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sipfoundry-users-and-developers-group+unsubscribe@googlegroups.com.
To post to this group, send email to sipfoundry-users-and-developers-group@googlegroups.com.
Joegen E. Baclor
Mar 9, 2016, 3:36:08 PM3/9/16
to Volmar Machado, SIPfoundry users and developers group
Yes, there is an internal SBC that goes
with canary. You can enable it via the core telephony services
admin page. It will listen on port 5062 when enabled. You should
be pointing your outbound proxy settings to that port if you are
not utilizing DNS/SRV.
Joegen
Joegen
To unsubscribe from this group and stop receiving emails from it, send an email to sipfoundry-users-and-dev...@googlegroups.com.
To post to this group, send email to sipfoundry-users-a...@googlegroups.com.
Visit this group at https://groups.google.com/group/sipfoundry-users-and-developers-group.
To view this discussion on the web visit https://groups.google.com/d/msgid/sipfoundry-users-and-developers-group/885299b1-b9ce-4d5f-978c-4ea80db217b9%40googlegroups.com.
Volmar Machado
Mar 10, 2016, 12:50:11 AM3/10/16
to joegen...@gmail.com, SIPfoundry users and developers group
Hi Joegen, that worked after, I had some problem with the aws instance to make the internal name nad external name cohexist. But that part is reolved.
Now, I have this "2016-03-10T05:42:28.767507Z":239:AUTH:ERR:XXXXXXXXXX.us-west-2.compute.amazonaws.com::7f6af4b75700:sipxregistry:"Response auth hash does not match (bad password?) toUri='sip:2...@XXXXXXXXXXXX.us-west-2.compute.amazonaws.com' requestUser='machadin' requestNonce='5649dde0be289db52c3bdfc7c8559c5356e10944' uriParam='sip:XXXXXXXXXXXXX.us-west-2.compute.amazonaws.com' passTokenDB='b9YgW1x8lVnz' authTypeDB='DIGEST'"
I am using TCP (not tls) connection with sipdroid and the same happens to my linphone connection
2016-03-09 14:36 GMT-06:00 Joegen E. Baclor <joegen...@gmail.com>:
Yes, there is an internal SBC that goes with canary. You can enable it via the core telephony services admin page. It will listen on port 5062 when enabled. You should be pointing your outbound proxy settings to that port if you are not utilizing DNS/SRV.
Joegen
On 09/03/2016 7:06 AM, Volmar Machado wrote:
Thank you for your answer.
But let me tell you, that I am a developer with a little experience in devops, and even lees with sipxecs 5, so that is not so obvious for me (but I've been investigating). Would a default SBC come with sipxecs canary? if so, where I have to go to activate it? If not which one you recommend for testing purposes(mus be free)? And, should I put the port 5062 on linphone to connect? And when are do you planning to launch an article to help the less illuminated in how to do that transition (I already read the quick guide for admin).
Regards,Volmar
Em quarta-feira, 9 de março de 2016 05:33:14 UTC-6, Joegen Baclor escreveu:
Volmar,
This is a big design change. sipxecs-ng now uses an SBC to handle upper registration. This service must be enabled if you want to support remote workers. It is listening on port 5062 for both TCP and UDP. This means you need to setup your global DNS/SRV records to point to 5062 instead of 5060.
Joegen
On 08/03/2016 5:00 PM, Volmar Machado wrote:
I am trying to setup a canary sipxecs server on amazon aws, I have all the ports open on my security groups,--
And from the internal interface port 5060 is open, but by the external interface, the 5060 is closed.
Is there some configuration that I should do here (Since sipxecs installs over the internal interface)?
Regards,Volmar
You received this message because you are subscribed to the Google Groups "SIPfoundry users and developers group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sipfoundry-users-and-dev...@googlegroups.com.
To post to this group, send email to sipfoundry-users-a...@googlegroups.com.
Visit this group at https://groups.google.com/group/sipfoundry-users-and-developers-group.
To view this discussion on the web visit https://groups.google.com/d/msgid/sipfoundry-users-and-developers-group/b1ea29e3-723a-41ca-a500-57413292e832%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Volmar Machado
Mar 10, 2016, 12:55:18 AM3/10/16
to joegen...@gmail.com, SIPfoundry users and developers group
Addiotionally thank you for your support, and I have tried with easy numeric passwordd and didn't work either.
Regards,
Volmar
Joegen E. Baclor
Mar 10, 2016, 6:56:27 AM3/10/16
to Volmar Machado, SIPfoundry users and developers group
Please set the proxy log to debug level
and send it please. I'll take a look. Feel free to send in a
private mail.
Reply all
Reply to author
Forward
0 new messages