The last Sep 20 I sent to helpdesk this message and never receive the answer, I hope somebody here can help me:
I have a VPN with port forwarding service and I have a problem with my dedicated IP address, the central server used nslookp 59201.ip.hamvoip.org to discover the ip, and got sometimes my dedicated ip and sometime my provider ip, example
Unfortunately my provider cannot permit access to router so I have all ports closed,and the only way to open ports is using a vpn with port forwarding, i use a dedicated ip at the end of the tunnel, but the nslookup got it the provider ip instead the tunnel, sorry my bad english
root@pi-asl:/home/repeater# ip r
0.0.0.0/1 via 45.74.23.1 dev tun0
default via 45.74.23.1 dev tun0
default via 192.168.1.1 dev eth0 proto dhcp src 192.168.1.157 metric 202
default via 192.168.1.1 dev wlan0 proto dhcp src 192.168.1.155 metric 303
45.74.23.0/24 dev tun0 proto kernel scope link src 45.74.23.180
128.0.0.0/1 via 45.74.23.1 dev tun0
139.28.216.230 via 192.168.1.1 dev eth0
192.168.1.0/24 dev eth0 proto dhcp scope link src 192.168.1.157 metric 202
192.168.1.0/24 dev wlan0 proto dhcp scope link src 192.168.1.155 metric 303
yes, but sometimes the Allstar server got my provider ip instead my tunnel ip, so when the distribution will do, the wrong ip are stored in all nodes database
It looks on the surface that when you are registering, your native IP is being used, thereby making all the nodelists incorrect when you try to connect using the VPN IP and they will not allow the connect.
Somehow, you need to force the use of VPN IP during registration. Then the nodelist data will be correct for inbound and allow the outbound connects you make.
Or don’t use the VPN on the server. Perhaps DDNS.
If the outbound connection attempt does not match the ip data in the targets nodeslist file,
it will be refused.(security)
You can look at that yourself for testing /var/lib/asterisk/rpt_extnodes
and know when you have it correct.
You might want to delay the start of Asterisk. This should allow time for the VPN to establish before you start to send packets out. If this works you may want to write a script that checks the default gateway is correct before Asterisk starts.
I don’t use VPN, so I can only guess at what might be a remedy.
And one method to try is to wait long enough for the vpn to settle after boot,
then go to asterisk cli> asterisk -rvvv
And then reload the node reload
where it will re-register in the process of that reload.
Outside of that, you would need to halt loading asterisk until the network has fully settled with your vpn.
You might need to wait up to 10 more minutes to test and the vpn ip to propagate the nodeslist.
So, I can only present a work-around for the issue. And the above can be done with a startup macro and script if you were trying to make it more permanent.
It is worth a test to see if it gets you there and then try better methods.