Cloud PBX and MX67

Andrew21
Here to help

Cloud PBX and MX67

I am working on deployment of a new Free PBX (Asterisk based) phone system but both I and the managed IT partner have been struggling for two weeks to make things work with their Cisco Meraki MX67 appliance / router.

 

FreePBX server is cloud hosted on Vultr, phones are Grandstream GRP series. Outgoing calls work just fine, but incoming calls do not work unless the SIP and RTP port(s) are forwarded to each device. This is an issue as from what I can tell, Free PBX / Asterisk does not allow you to define different ports for each extension, rather uses whatever defined ports for every device (in this case 5060 for SIP and 10000-2000 for RTP as standard).

 

I’m hoping someone with Meraki experience with a similar setup has a suggestion…thanks in advance!

10 REPLIES 10
Iridium79
Getting noticed

Haven’t had a problem and didn’t need to forward ports.  There might be a problem with your asterisk configuration.

Any suggestions as to what to look for in asterisk?

 

I have 15 identical systems up and running with most settings default and haven’t run into this before except in one instance and managed it partner was able to forward ports in short order and get everything working. 

Is your Mx getting a public ip on its interface or getting a private from your isp’s router.  From what you are explaining sounds like a double nat issue.

it is assigned a static IP on it's Internet / WAN interface...I believe the connection is fiber / media converter direct into the MX, but not on site and can't verify for sure.  But yes, a public IP.

Do you have the advanced security license or enterprise?

I have no idea since I don't manage the network, though I do have access to the Meraki....is there somewhere easy to find this?

DarrenOC
Kind of a big deal
Kind of a big deal

5060 - SIP and RTP are pretty standard setups.  I can’t see this being an MX issue.  What are your wireshark traces showing on the MX?  You should obviously be seeing two way comms with your cloud PBX

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

The Calls are not getting to the phone / being blocked by the MX I believe.

 

Here is a PCAP of a successful call:

https://www.dropbox.com/s/uvlzk3yixzowezs/answered.rtf?dl=0

 

 

And one of an unsuccessful call

https://www.dropbox.com/s/agkxaau1nttblhl/answered-un.rtf?dl=0

 

149 ip is the PBX

68 is the MX

Adam2104
Building a reputation

Look for an "rport" option inside the phone's configuration. This helps deal with NAT, especially when there's multiple phones behind the same NAT device.

So, it turns out this wasn't an issue with the MX, but rather an error in each extension within Free PBX:

 

it seems that for the non-working extensions the “dial” is only the digit 1 instead of the full extension, committing the second and third integer…ext 103 and 112 work and are proper.

 

In correcting this, all is well

 

[root@freepbx ~]# asterisk -rx ‘database show DEVICE/100’
/DEVICE/100/default_user : 100
/DEVICE/100/dial : PJSIP/1
/DEVICE/100/tech : pjsip
/DEVICE/100/type : fixed
/DEVICE/100/user : 100
5 results found.
[root@freepbx ~]# asterisk -rx ‘database show DEVICE/103’
/DEVICE/103/default_user : 103
/DEVICE/103/dial : PJSIP/103
/DEVICE/103/tech : pjsip
/DEVICE/103/type : fixed
/DEVICE/103/user : 103
5 results found.
[root@freepbx ~]# asterisk -rx ‘database show DEVICE/102’
/DEVICE/102/default_user : 102
/DEVICE/102/dial : PJSIP/1
/DEVICE/102/tech : pjsip
/DEVICE/102/type : fixed
/DEVICE/102/user : 102
5 results found.
[root@freepbx ~]# asterisk -rx ‘database show DEVICE/112’
/DEVICE/112/default_user : 112
/DEVICE/112/dial : PJSIP/112
/DEVICE/112/tech : pjsip
/DEVICE/112/type : fixed
/DEVICE/112/user : 112


Thanks again for all of your help!

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels