I have 2 nodes on one router and LAN at home (563760 and 563761). They are not able to receive inbound connections. They can make outbound connections. They can connect to each other. Each node is registered on a separate Allstarlink server. 563760 uses port 4569 and 563761 uses 4568. My router has 4569 UDP routed to 192.168.10.92, which is node 563760 and 4568 UDP is routed to 192.168.10.90, which is node 563761. In CLI I see connection attempt failed when I try to connect to either of them from another node outside this network.
I have the following configuration settings.
When I change anything, I always restart the Asterisk CLI client. What am I missing?
Note: I first thought this was a problem in Supermon with connecting to multiple nodes (see my previous topic) but after digging deeper I found that it’s actually an inbound connection problem for these nodes.
I have 7 PIs on my network, all running either Allstar or Hamvoip and I had the same problem. I had to fwd a different internal port to 4569 and it worked. My friend had the same problem as you and it was a problem with the port fwd from the router like Mike said.
I rebooted my router with no change. I had rebooted it several times while fighting this problem. Inbound connections to 563761 are still a problem. That node (RPi) is connected to a switch which is connected to a beacon from the router. The beacon is necessary b/c of the location of my shack. It has only 1 ethernet port so I ran that to a switch and from there to my computer. I have other devices on the switch so it is necessary.
Next things to try:
Connect the RPi directly to the beacon and temporarily remove the switch.
Reconfigure the RPi to use WiFi to the beacon
instead of an ethernet cable. The node that does accept inbound connections, 563760, is on a PC and uses WiFi.
If that doesn’t work I will contact my ISP for possible solutions. All this started after they replaced my old router and beacon. Before that everything was working.
Below are a set of CLI messages from my attempt to connect from 56517 to 563761. 56517 is on a different network at a repeater site and has been working fine for months. I use it as my outside node attempting inbound connections to my nodes at home (563760 and 563761). I’ve been through the node settings over and over and they look correct. One thing to note: 563760, which works, is on Allstarlink software on a PC whereas 563761, which doesn’t work, is on Hamvoip on a RPi.
Successful connection from 56517 to 563760, CLI display from 563760
– Accepting UNAUTHENTICATED call from 199.102.125.2:
> requested format = ulaw,
> requested prefs = (ulaw|g726aal2|ilbc|gsm),
> actual format = ulaw,
> host prefs = (ulaw|adpcm|g722|g726aal2|gsm|ilbc),
> priority = mine
– Executing [563760@radio-secure:1] Rpt(“IAX2/199.102.125.2:4568-4696”, “563760”) in new stack
== Spawn extension (radio-secure, 563760, 1) exited KEEPALIVE on ‘IAX2/199.102.125.2:4568-4696’
– Hungup ‘DAHDI/pseudo-480544962’
– <DAHDI/pseudo-898012040> Playing ‘rpt/node’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘digits/5’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘digits/6’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘digits/3’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘digits/7’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘digits/6’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘digits/0’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘rpt/connected’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘digits/2’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘rpt/node’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘digits/5’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘digits/6’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘digits/5’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘digits/1’ (language ‘en’)
– <DAHDI/pseudo-898012040> Playing ‘digits/7’ (language ‘en’)
– Hungup ‘DAHDI/pseudo-898012040’
Unsuccesful connection from 56517 to 563761, CLI disply from 56517.
[Mar 9 12:11:32] NOTICE[6851]: chan_iax2.c:4139 __auto_congest: Auto-congesting call due to slow response
– Hungup ‘DAHDI/pseudo-919561817’
– Hungup ‘IAX2/38.19.180.5:4568-6472’
– Hungup ‘DAHDI/pseudo-1393332758’
– Remote UNIX connection
– Remote UNIX connection disconnected
– Remote UNIX connection
– <DAHDI/pseudo-1262730815> Playing ‘rpt/node’ (language ‘en’)
– Remote UNIX connection disconnected
– <DAHDI/pseudo-1262730815> Playing ‘digits/5’ (language ‘en’)
– <DAHDI/pseudo-1262730815> Playing ‘digits/6’ (language ‘en’)
– <DAHDI/pseudo-1262730815> Playing ‘digits/3’ (language ‘en’)
– <DAHDI/pseudo-1262730815> Playing ‘digits/7’ (language ‘en’)
– <DAHDI/pseudo-1262730815> Playing ‘digits/6’ (language ‘en’)
– <DAHDI/pseudo-1262730815> Playing ‘digits/1’ (language ‘en’)
– <DAHDI/pseudo-1262730815> Playing ‘rpt/connection_failed’ (language ‘en’)
– Hungup ‘DAHDI/pseudo-1262730815’
Nothing appeared on the 563761 CLI display for the unsuccessful connection.
You say a beacon is installed between the router and the server, but I do not understand what this is or it’s purpose.
Perhaps you can explain more on this as it seems something between your router and the server is interfering or not allowing the forwarding.
If there is a device installed in between, that is the first place I would look for the answer.
Do the register lines in iax.conf have the correct port numbers for both nodes? It could be that 563761 is sending the wrong port info in its register line.
By moving the nodes 563760 and 563761 to different ports on the router, I am now able to access them inbound. I made the corresponding changes in the Allstarlink.org server ports, iax.conf, and rpt.conf. I don’t know why this fixed the problem, but it did. If you could also verify inbound connectivity to these nodes that would be great.
For starters, my public IP address is 38.19.180.5. I have ports 7560 open to 192.168.10.90 and port 7600 open to 192.168.10.92. These are on separate servers here on my home network and on their Allstarlink registrations with the corresponding ports listed. A check of 192.168.10.90 using Netstat does not show port 4569 open but does show 7600 open. I’m not sure where you got your public IP addresses and ports. Does Allstarlink map that IP and ports to mine? Attached are screenshots from my router - port forwarding and WAN IP.
It appears I used the wrong node number when I ran the search last time (573760/1)
This is the current data:as seen by ASL nodes you connect to or connect to you.
If the data in file does not match data on connect, it is refused.
I should add that while some ports used are not specifically routed, many ‘smart devices’ use ports that you pay no mind to.
These types of devices basically report on connection of the internet outbound, not to exclude smart tv’s or tv dongles, cameras and the list is numerous. As well as some PC software or phone apps when using wifi.
Just because they are not port forwarded, does not mean the are not being used.
Port forwarding is used to make a connection strictly inbound where there was no connection to start with so it gets to the correct device to be answered.
If the initial comes from internal source it chooses and uses a available port or port range at the time initiated.
So, think potential conflicts in ports used when you later add something. So when you port scan, you need to pay mind to what device is answering. Not just that it is being answered.
I can remember first running into this nearly 20 years ago the first time. A repeater at the site of a biz where they used the biz internet for a echolink on the analog repeater.
I was there to service his inability to get his Microsoft Exchange/Outlook Mail web application working, and as it turned out, the echolink port numbers were in conflict in his network for the web app.
Discovered by accident when the PC running the echolink software was shut down for service as well. Glad as it could have taken more than a day/2 to sort out back then.
Just one example of what can happen. Who would have figured ? Now we should know better, but I often forget about it. Perhaps I will write something on the issue in detail.
Your reply has some good ideas to consider. This whole problem started a few weeks ago when my ISP replaced my Nokia router and beacon with newer models. I reentered all my port forwarding and port reservation information for their new local IP addresses. At the time my PC and Rpi here had been using 4569 and 4568. On the new router those were not working most of the time even though they showed open with Netstat. After trying many things with your help and others, I recently moved them to 7560 and 7600. Since them everything is working. I’m going to have a talk with my ISP to see what they can tell me about ports and port forwarding. Thanks for your help.
Bob
KE0SDV
Bob,
I doubt this is an issue for the ISP, but devices in your home on the same router.
But I could be wrong. Just something you need to look at.
Once many of these look and grab a port(s), you may have a harder time changing the device.
Take net TV dongles, it will look at what is available and use what it needs and save that setting internally until at least if fails network connection. Then it ‘MAY’ look again.
If you add one more, it may have wanted the ports used by the other, but seeing them in use, may grab from a secondary or 3rd pool.and it will remember it’s settings.
I do know that surveillance video uses a range of ports and often with some will also remember it’s initial usage until reset.
If the last thing attempted was your static ASL Ports, well, if they were in use before you did not look to see if they were available as these device will do.
You have to think about this logically and in order…
If you want to get to the bottom of it, you will need to unplug all the smart devices from the router,
reboot the router, and just run the node servers with the original ports you wanted.
Then you can be sure it’s not port address conflict.
You can plug them in one at a time and hopefully they will reset the ports they are claiming on the network or you will find the culprit device.
