PBX Server Guru Help Needed

I guess I should probably start by explaining what I'm trying to do. I have a pair of Grandstream HandyTone analog telephone adapters that I need to work with incoming and outgoing calls to a SIP trunking provider over Asterisk running on a remote FreeBSD server. The ATAs are behind NAT, the server is not.
I was easily able to configure the ATAs to work with a FreeBSD server on the local network so that they could call each other. Next I tried setting it up the same way on the remote server. Signalling worked, and I could call out and get calls to ring in to and from both endpoints, but there was no audio in either direction. I'm not exactly a SIP expert but I know missing audio is related to NAT. I solved this problem by creating a VPN tunnel between the routers the ATAs were connected to and the remote FreeBSD server. At this point I could make calls from one ATA to the other with bidirectional audio over separate internet connections to the remote server.
Next I try adding the SIP trunk and I'm back to the problem I was having before. Signalling is working, I can call the ATAs number from the PSTN and vice versa, but there's no audio in either direction.
This is what the console spits out, 3045555555 is a stand-in for my cell phone number and 6815555555 is a stand-in for the ATA's PSTN number.

Code:
[Jun 18 22:45:36] WARNING[100513]: netsock2.c:636 int ast_set_qos(int, int, int, const char *): Unable to set SIP RTP Audio DSCP TOS value to 184 (may be you have no root privileges): Invalid argument
  == Using SIP RTP Audio TOS bits 184 in TCLASS field.
    -- Executing [3045555555@from-internal:1] Set("PJSIP/demo-bob-00000008", "CALLERID(all)="Test User" <+16815555555>") in new stack
    -- Executing [3045555555@from-internal:2] Dial("PJSIP/demo-bob-00000008", "PJSIP/+13045555555@twilio-na-us") in new stack
    -- Called PJSIP/+13045555555@twilio-na-us
       > 0x8072b0000 -- Strict RTP learning after remote address set to: 34.203.251.157:11662
    -- PJSIP/twilio-na-us-00000009 is making progress passing it to PJSIP/demo-bob-00000008
       > 0x80729f000 -- Strict RTP learning after remote address set to: 10.24.0.2:5004
       > 0x8072b0000 -- Strict RTP switching to RTP target address 34.203.251.157:11662 as source
    -- PJSIP/twilio-na-us-00000009 answered PJSIP/demo-bob-00000008
    -- Channel PJSIP/twilio-na-us-00000009 joined 'simple_bridge' basic-bridge <e3c7d804-1be6-41cb-971c-fd3242e37dfa>
    -- Channel PJSIP/demo-bob-00000008 joined 'simple_bridge' basic-bridge <e3c7d804-1be6-41cb-971c-fd3242e37dfa>
       > Bridge e3c7d804-1be6-41cb-971c-fd3242e37dfa: switching from simple_bridge technology to native_rtp
       > Locally RTP bridged 'PJSIP/demo-bob-00000008' and 'PJSIP/twilio-na-us-00000009' in stack
       > 0x8072b0000 -- Strict RTP learning complete - Locking on source address 34.203.251.157:11662
    -- Channel PJSIP/twilio-na-us-00000009 left 'native_rtp' basic-bridge <e3c7d804-1be6-41cb-971c-fd3242e37dfa>
    -- Channel PJSIP/demo-bob-00000008 left 'native_rtp' basic-bridge <e3c7d804-1be6-41cb-971c-fd3242e37dfa>
  == Spawn extension (from-internal, 3045555555, 2) exited non-zero on 'PJSIP/demo-bob-00000008'
    -- Executing [+16815555555@from-pstn:1] Dial("PJSIP/twilio-na-us-0000000a", "PJSIP/demo-bob") in new stack
    -- Called PJSIP/demo-bob

[Jun 18 22:45:58] WARNING[100513]: netsock2.c:636 int ast_set_qos(int, int, int, const char *): Unable to set SIP RTP Audio DSCP TOS value to 184 (may be you have no root privileges): Invalid argument
  == Using SIP RTP Audio TOS bits 184 in TCLASS field.
    -- PJSIP/demo-bob-0000000b is ringing
       > 0x8072b0000 -- Strict RTP learning after remote address set to: 10.24.0.2:5004
    -- PJSIP/demo-bob-0000000b answered PJSIP/twilio-na-us-0000000a
       > 0x80729f000 -- Strict RTP learning after remote address set to: 54.172.61.15:14654
    -- Channel PJSIP/demo-bob-0000000b joined 'simple_bridge' basic-bridge <2d5ada1c-5ec2-4bf3-8be1-8e2b6778d1ab>
    -- Channel PJSIP/twilio-na-us-0000000a joined 'simple_bridge' basic-bridge <2d5ada1c-5ec2-4bf3-8be1-8e2b6778d1ab>
       > Bridge 2d5ada1c-5ec2-4bf3-8be1-8e2b6778d1ab: switching from simple_bridge technology to native_rtp
       > Locally RTP bridged 'PJSIP/twilio-na-us-0000000a' and 'PJSIP/demo-bob-0000000b' in stack
       > 0x80729f000 -- Strict RTP switching to RTP target address 54.172.61.15:14654 as source
       > 0x80729f000 -- Strict RTP learning complete - Locking on source address 54.172.61.15:14654
    -- Channel PJSIP/twilio-na-us-0000000a left 'native_rtp' basic-bridge <2d5ada1c-5ec2-4bf3-8be1-8e2b6778d1ab>
  == Spawn extension (from-pstn, +16815555555, 1) exited non-zero on 'PJSIP/twilio-na-us-0000000a'
    -- Channel PJSIP/demo-bob-0000000b left 'native_rtp' basic-bridge <2d5ada1c-5ec2-4bf3-8be1-8e2b6778d1ab>

My questions are: What am I doing wrong here? There are so many variables I don't even know where to start. Is there an easier way to do this than creating VPN tunnels between the router and FreeBSD machine? Why does this work between internal endpoints but not to/from external endpoints even though there's no NAT between the Asterisk server and the SIP trunk?
 
Signalling will work as you've presumably configured and controlled the SIP port on 5060, assuming pjsip works similarly to old-school sip protocol. However you need to define and control the RTP ports for sucessful audio transmisssion, something like this...this is how I control my pbx through pfSense

Screenshot 2021-06-19 at 1.17.23 am.png
 
Back
Top