astlinux-users — AstLinux Users Mailing List

Re: [Astlinux-users] PJSIP

[The C. K. <eld...@ya...>]

 has PJ fixed the issues they had with BLF caller ID ? I had tried it a year or so ago and the NOTIFY messages for BLF were not sending the calling party...   I really need to be making the move in our next production version to PJ since chan_sip is fully on its way out now..  

havent tried compiling it on my RPI 5 yet to see if PJ will compile or not. Chan_sip does without issue. 

    On Sunday, June 16, 2024 at 05:40:06 PM EDT, Michael Knill <mic...@ip...> wrote:  
 
 Thanks David
Due to move to PJSIP in our next major release.

Regards

Michael Knill
From: David Kerr <da...@ke...>
Sent: Thursday, 13 June 2024 11:31 PM
To: AstLinux Users Mailing List <ast...@li...>
Subject: Re: [Astlinux-users] PJSIP Thanks for the pointer to the custom asterisk commands, for some reason my eyes didn't pick up on those.  So all is good, I used the show registrations and contacts commands.

Michael, I've been putting off moving to PJSIP for so long!  I'm still on Asterisk 16.  But I decided I should move up to Asterisk 20 and before doing that would make the shift to PJSIP (as old SIP is officially deprecated).  So I've made the move to PJSIP on 16 and if all is good, will then move to 20.  The process turned out to be easier than I expected.
There is a python script in the Asterisk source tree that helps a lot.  It's not perfect, but it goes a long way towards creating a working pjsip.conf file out of an existing sip.conf file.  It includes a commented-out section at the top which lists things it could not migrate, somewhat surprisingly for me, that included "username" fields that need to go into the authentication sections... I had to correct those manually.  And it did not convert "fullname" fields which I think need to go into a callerid field, not done that yet.
And then in extensions.conf you have to replace all Dial() destinations that are "SIP/<number>" with "PJSIP/<number>" and if you have syntax that looks like "SIP/<trunk>/<number>" then those need to change to "PJSIP/<number>@<trunk>"
And the last thing to note is don't have both SIP and PJSIP at the same time... at least not using both your old sip.conf and new pjsip.conf files.  Either remove/rename your old sip.conf or do what I did and add a noload statement to modules.conf for chan_sip.
I still have to test all my esoteric paths in extensions.conf, but basic ingoing and outgoing calls are working for me.
David.

On Wed, Jun 12, 2024 at 8:52 PM Michael Knill <mic...@ip...> wrote:

Yes Im going to need to go down this path at some stage but Im not looking forward to it 🙁

Regards

Michael Knill
From: Home <da...@ry...>
Sent: Thursday, 13 June 2024 8:27 AM
To: AstLinux Users Mailing List <ast...@li...>
Subject: Re: [Astlinux-users] PJSIP For what it may be worth, I've found...
pjsip show endpoints
and
pjsip show contacts
... to be useful.
Dan


-------- Original message --------From: Lonnie Abelbeck <li...@lo...>Date: 6/12/24 6:05 PM (GMT-05:00) To: AstLinux Users Mailing List <ast...@li...>Subject: Re: [Astlinux-users] PJSIP 
Hi David,

In the Prefs -> Status Tab Options:, there are 4 pairs of these:
--
Custom Asterisk Name:
Custom Asterisk Command:
--
Which you can label and call what commands you want.

And uncheck:
--
Show SIP Trunk Registrations
Show SIP Peer Status
--

Though I don't think there is an exact equivalent from chan_sip to chan_pjsip for status.  I still use chan_sip.


Lonnie



> On Jun 12, 2024, at 4:17 PM, David Kerr <da...@ke...> wrote:
> 
> It looks like
> 
> pjsip list (or show) registrations
> pjsip list (or show) contacts
> 
> Gets closest to the old versions?  Should the prefs panel be updated to allow a command to be provided?
> 
> David
> 
> On Wed, Jun 12, 2024 at 5:10 PM David Kerr <da...@ke...> wrote:
> I'm embarking on a long overdue conversion from SIP to PJSIP in my Asterisk configuration. I think I have it mostly working now but I notice that in the status page the commands to show SIP trunk and SIP peer status no longer exist (I have noload for chan_sip.so).
> 
> SIP Trunk Registrations:No such command 'sip show registry' (type 'core show help sip show' for other possible commands)
> 
> SIP Peer Status:No such command 'sip show peers' (type 'core show help sip show' for other possible commands)
> 
> 
> Are there alternative commands we could use?
> 
> Thanks
> David
> 
> 
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> 
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....




_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to pa...@kr...._______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....  

Re: [Astlinux-users] PJSIP

[Michael K. <mic...@ip...>]

Thanks David

Due to move to PJSIP in our next major release.


Regards

Michael Knill

________________________________
From: David Kerr <da...@ke...>
Sent: Thursday, 13 June 2024 11:31 PM
To: AstLinux Users Mailing List <ast...@li...>
Subject: Re: [Astlinux-users] PJSIP

Thanks for the pointer to the custom asterisk commands, for some reason my eyes didn't pick up on those.  So all is good, I used the show registrations and contacts commands.

Michael, I've been putting off moving to PJSIP for so long!  I'm still on Asterisk 16.  But I decided I should move up to Asterisk 20 and before doing that would make the shift to PJSIP (as old SIP is officially deprecated).  So I've made the move to PJSIP on 16 and if all is good, will then move to 20.  The process turned out to be easier than I expected.

There is a python script in the Asterisk source tree that helps a lot.  It's not perfect, but it goes a long way towards creating a working pjsip.conf file out of an existing sip.conf file.  It includes a commented-out section at the top which lists things it could not migrate, somewhat surprisingly for me, that included "username" fields that need to go into the authentication sections... I had to correct those manually.  And it did not convert "fullname" fields which I think need to go into a callerid field, not done that yet.

And then in extensions.conf you have to replace all Dial() destinations that are "SIP/<number>" with "PJSIP/<number>" and if you have syntax that looks like "SIP/<trunk>/<number>" then those need to change to "PJSIP/<number>@<trunk>"

And the last thing to note is don't have both SIP and PJSIP at the same time... at least not using both your old sip.conf and new pjsip.conf files.  Either remove/rename your old sip.conf or do what I did and add a noload statement to modules.conf for chan_sip.

I still have to test all my esoteric paths in extensions.conf, but basic ingoing and outgoing calls are working for me.

David.


On Wed, Jun 12, 2024 at 8:52 PM Michael Knill <mic...@ip...<mailto:mic...@ip...>> wrote:
Yes Im going to need to go down this path at some stage but Im not looking forward to it 🙁


Regards

Michael Knill

________________________________
From: Home <da...@ry...<mailto:da...@ry...>>
Sent: Thursday, 13 June 2024 8:27 AM
To: AstLinux Users Mailing List <ast...@li...<mailto:ast...@li...>>
Subject: Re: [Astlinux-users] PJSIP

For what it may be worth, I've found...

pjsip show endpoints

and

pjsip show contacts

... to be useful.

Dan



-------- Original message --------
From: Lonnie Abelbeck <li...@lo...<mailto:li...@lo...>>
Date: 6/12/24 6:05 PM (GMT-05:00)
To: AstLinux Users Mailing List <ast...@li...<mailto:ast...@li...>>
Subject: Re: [Astlinux-users] PJSIP

Hi David,

In the Prefs -> Status Tab Options:, there are 4 pairs of these:
--
Custom Asterisk Name:
Custom Asterisk Command:
--
Which you can label and call what commands you want.

And uncheck:
--
Show SIP Trunk Registrations
Show SIP Peer Status
--

Though I don't think there is an exact equivalent from chan_sip to chan_pjsip for status.  I still use chan_sip.


Lonnie



> On Jun 12, 2024, at 4:17 PM, David Kerr <da...@ke...<mailto:da...@ke...>> wrote:
>
> It looks like
>
> pjsip list (or show) registrations
> pjsip list (or show) contacts
>
> Gets closest to the old versions?  Should the prefs panel be updated to allow a command to be provided?
>
> David
>
> On Wed, Jun 12, 2024 at 5:10 PM David Kerr <da...@ke...<mailto:da...@ke...>> wrote:
> I'm embarking on a long overdue conversion from SIP to PJSIP in my Asterisk configuration. I think I have it mostly working now but I notice that in the status page the commands to show SIP trunk and SIP peer status no longer exist (I have noload for chan_sip.so).
>
> SIP Trunk Registrations:No such command 'sip show registry' (type 'core show help sip show' for other possible commands)
>
> SIP Peer Status:No such command 'sip show peers' (type 'core show help sip show' for other possible commands)
>
>
> Are there alternative commands we could use?
>
> Thanks
> David
>
>
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...<mailto:Ast...@li...>
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr...<mailto:pa...@kr...>.




_______________________________________________
Astlinux-users mailing list
Ast...@li...<mailto:Ast...@li...>
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to pa...@kr...<mailto:pa...@kr...>.
_______________________________________________
Astlinux-users mailing list
Ast...@li...<mailto:Ast...@li...>
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to pa...@kr...<mailto:pa...@kr...>.

[Astlinux-users] In praise of AstLinux

[David K. <da...@ke...>]

I first stumbled on AstLinux in 2008.  Sixteen years later I am still using
it as my router, firewall and land-line phone system in my house.  Who
would have thought.  I love that I have full control and can add features
that improve how it works for me.

I'm writing this because I confess there are times when I think I should
use something more mainstream... maybe I should separate the
router/firewall from the phone system (which over the years has become less
and less important).  E.g. maybe I should just go with one of Unifi's
gateways.  Or use pfSense or OPNSense and a separate FreePBX or Asterisk.
But every time I look at it, I land back at AstLinux.

My home network is non-trivial.  I have a mix of 1Gbps, 2.5Gbps and 10Gbps
attached systems.  I have a proliferation of IoT devices on multiple VLANs,
I have Raspberry Pi's, A humongous NAS, and a Proxmox server on which I
have dozen+ containers and multiple VMs... one of which is AstLinux at the
center of it all.  A few months ago fiber-based internet finally arrived,
so multi-gig internet is now possible for me.  I started looking for a
system with 10Gbps NBase-T or SFP+ ports that could become my Proxmox
server.  I have not bought anything yet (because I don't *really* need it)
but it got me looking again at pfSense/OPNSense and I've again discovered
how good AstLinux is.

The core issue for those is that they are based on FreeBSD, and it has very
poor network support when running as a guest VM.  The maximum throughput on
a VirtIO network (to a Proxmox hosted Linux container or VM) is 2-3Gbps.
Which may sound okay, but is in fact lousy... AstLinux can achieve 10x
that, comfortably 25Gbps.  AstLinux can route between two subnets
(different VLANs) at >10Gbps... and may be able to do better if I separate
the VLANs into different interfaces (rather than VLAN tags on the same
interface).  I could pass through the SFP+ PCI h/w to FreeBSD, but then the
rest of my containers and VMs need to route through that to my network...
and run into the VirtIO limitation.  SFP+ devices support SR-IOV that
virtualizes the network device at the h/w layer... but no one appears to
have got that working with FreeBSD guests on Proxmox (whereas it works fine
with Linux).

Which left me looking for a Linux-based router/firewall of which only
OpenWRT comes close to being mainstream, but again it isn't a good fit
either... it's really intended to run directly on the h/w.  Support for VM
guest or even running in a container exists, but on investigation I
concluded it may be okay for dev/test, but really not for production (main
issue is how updates would be applied).

So... AstLinux turns out to be (in my opinion) best-of-breed.  It's a shame
that it is not more widely known.  Now it's not perfect... I would love it
if my enhancements were merged into the mainline, but that aside there are
a few things I would really like to see done...

1) Bring our build environment up-to-date with buildroot, so it is much
easier to keep in sync with updates contributed from the wider user base
that has.

2) Add a package manager (is that even possible with buildroot).

3) Modernize the user interface

Of course, that is a very large project for which none of us have the
time.  But some of the design decisions / constraints that applied to
AstLinux 16 years ago are really not relevant any more.

So there you have it... sixteen years in and AstLinux still rules for me.

David.

Re: [Astlinux-users] PJSIP

[David K. <da...@ke...>]

Thanks for the pointer to the custom asterisk commands, for some reason my
eyes didn't pick up on those.  So all is good, I used the show
registrations and contacts commands.

Michael, I've been putting off moving to PJSIP for so long!  I'm still on
Asterisk 16.  But I decided I should move up to Asterisk 20 and before
doing that would make the shift to PJSIP (as old SIP is officially
deprecated).  So I've made the move to PJSIP on 16 and if all is good, will
then move to 20.  The process turned out to be easier than I expected.

There is a python script in the Asterisk source tree that helps a lot.
It's not perfect, but it goes a long way towards creating a working
pjsip.conf file out of an existing sip.conf file.  It includes a
commented-out section at the top which lists things it could not migrate,
somewhat surprisingly for me, that included "username" fields that need to
go into the authentication sections... I had to correct those manually.
And it did not convert "fullname" fields which I think need to go into a
callerid field, not done that yet.

And then in extensions.conf you have to replace all Dial() destinations
that are "SIP/<number>" with "PJSIP/<number>" and if you have syntax that
looks like "SIP/<trunk>/<number>" then those need to change to
"PJSIP/<number>@<trunk>"

And the last thing to note is don't have both SIP and PJSIP at the same
time... at least not using both your old sip.conf and new pjsip.conf
files.  Either remove/rename your old sip.conf or do what I did and add a
noload statement to modules.conf for chan_sip.

I still have to test all my esoteric paths in extensions.conf, but basic
ingoing and outgoing calls are working for me.

David.


On Wed, Jun 12, 2024 at 8:52 PM Michael Knill <
mic...@ip...> wrote:

> Yes Im going to need to go down this path at some stage but Im not looking
> forward to it 🙁
>
> Regards
>
> Michael Knill
> ------------------------------
> *From:* Home <da...@ry...>
> *Sent:* Thursday, 13 June 2024 8:27 AM
> *To:* AstLinux Users Mailing List <ast...@li...>
> *Subject:* Re: [Astlinux-users] PJSIP
>
> For what it may be worth, I've found...
>
> pjsip show endpoints
>
> and
>
> pjsip show contacts
>
> ... to be useful.
>
> Dan
>
>
>
> -------- Original message --------
> From: Lonnie Abelbeck <li...@lo...>
> Date: 6/12/24 6:05 PM (GMT-05:00)
> To: AstLinux Users Mailing List <ast...@li...>
> Subject: Re: [Astlinux-users] PJSIP
>
> Hi David,
>
> In the Prefs -> Status Tab Options:, there are 4 pairs of these:
> --
> Custom Asterisk Name:
> Custom Asterisk Command:
> --
> Which you can label and call what commands you want.
>
> And uncheck:
> --
> Show SIP Trunk Registrations
> Show SIP Peer Status
> --
>
> Though I don't think there is an exact equivalent from chan_sip to
> chan_pjsip for status.  I still use chan_sip.
>
>
> Lonnie
>
>
>
> > On Jun 12, 2024, at 4:17 PM, David Kerr <da...@ke...> wrote:
> >
> > It looks like
> >
> > pjsip list (or show) registrations
> > pjsip list (or show) contacts
> >
> > Gets closest to the old versions?  Should the prefs panel be updated to
> allow a command to be provided?
> >
> > David
> >
> > On Wed, Jun 12, 2024 at 5:10 PM David Kerr <da...@ke...> wrote:
> > I'm embarking on a long overdue conversion from SIP to PJSIP in my
> Asterisk configuration. I think I have it mostly working now but I notice
> that in the status page the commands to show SIP trunk and SIP peer status
> no longer exist (I have noload for chan_sip.so).
> >
> > SIP Trunk Registrations:No such command 'sip show registry' (type 'core
> show help sip show' for other possible commands)
> >
> > SIP Peer Status:No such command 'sip show peers' (type 'core show help
> sip show' for other possible commands)
> >
> >
> > Are there alternative commands we could use?
> >
> > Thanks
> > David
> >
> >
> > _______________________________________________
> > Astlinux-users mailing list
> > Ast...@li...
> > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> >
> > Donations to support AstLinux are graciously accepted via PayPal to
> pa...@kr....
>
>
>
>
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> pa...@kr....
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> pa...@kr....
>

Re: [Astlinux-users] PJSIP

[Michael K. <mic...@ip...>]

Yes Im going to need to go down this path at some stage but Im not looking forward to it 🙁


Regards

Michael Knill

________________________________
From: Home <da...@ry...>
Sent: Thursday, 13 June 2024 8:27 AM
To: AstLinux Users Mailing List <ast...@li...>
Subject: Re: [Astlinux-users] PJSIP

For what it may be worth, I've found...

pjsip show endpoints

and

pjsip show contacts

... to be useful.

Dan



-------- Original message --------
From: Lonnie Abelbeck <li...@lo...>
Date: 6/12/24 6:05 PM (GMT-05:00)
To: AstLinux Users Mailing List <ast...@li...>
Subject: Re: [Astlinux-users] PJSIP

Hi David,

In the Prefs -> Status Tab Options:, there are 4 pairs of these:
--
Custom Asterisk Name:
Custom Asterisk Command:
--
Which you can label and call what commands you want.

And uncheck:
--
Show SIP Trunk Registrations
Show SIP Peer Status
--

Though I don't think there is an exact equivalent from chan_sip to chan_pjsip for status.  I still use chan_sip.


Lonnie



> On Jun 12, 2024, at 4:17 PM, David Kerr <da...@ke...> wrote:
>
> It looks like
>
> pjsip list (or show) registrations
> pjsip list (or show) contacts
>
> Gets closest to the old versions?  Should the prefs panel be updated to allow a command to be provided?
>
> David
>
> On Wed, Jun 12, 2024 at 5:10 PM David Kerr <da...@ke...> wrote:
> I'm embarking on a long overdue conversion from SIP to PJSIP in my Asterisk configuration. I think I have it mostly working now but I notice that in the status page the commands to show SIP trunk and SIP peer status no longer exist (I have noload for chan_sip.so).
>
> SIP Trunk Registrations:No such command 'sip show registry' (type 'core show help sip show' for other possible commands)
>
> SIP Peer Status:No such command 'sip show peers' (type 'core show help sip show' for other possible commands)
>
>
> Are there alternative commands we could use?
>
> Thanks
> David
>
>
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....




_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....

Re: [Astlinux-users] PJSIP

[Home <da...@ry...>]

For what it may be worth, I've found...pjsip show endpointsandpjsip show contacts... to be useful.Dan
-------- Original message --------From: Lonnie Abelbeck <li...@lo...> Date: 6/12/24  6:05 PM  (GMT-05:00) To: AstLinux Users Mailing List <ast...@li...> Subject: Re: [Astlinux-users] PJSIP Hi David,In the Prefs -> Status Tab Options:, there are 4 pairs of these:--Custom Asterisk Name:Custom Asterisk Command:--Which you can label and call what commands you want.And uncheck:--Show SIP Trunk RegistrationsShow SIP Peer Status--Though I don't think there is an exact equivalent from chan_sip to chan_pjsip for status.  I still use chan_sip.Lonnie> On Jun 12, 2024, at 4:17 PM, David Kerr <da...@ke...> wrote:> > It looks like> > pjsip list (or show) registrations> pjsip list (or show) contacts> > Gets closest to the old versions?  Should the prefs panel be updated to allow a command to be provided?> > David> > On Wed, Jun 12, 2024 at 5:10 PM David Kerr <da...@ke...> wrote:> I'm embarking on a long overdue conversion from SIP to PJSIP in my Asterisk configuration. I think I have it mostly working now but I notice that in the status page the commands to show SIP trunk and SIP peer status no longer exist (I have noload for chan_sip.so). > > SIP Trunk Registrations:No such command 'sip show registry' (type 'core show help sip show' for other possible commands)> > SIP Peer Status:No such command 'sip show peers' (type 'core show help sip show' for other possible commands)> > > Are there alternative commands we could use?> > Thanks> David> > > _______________________________________________> Astlinux-users mailing list> Ast...@li...> https://lists.sourceforge.net/lists/listinfo/astlinux-users> > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr...._______________________________________________Astlinux-users mailing lis...@li...://lists.sourceforge.net/lists/listinfo/astlinux-usersDonations to support AstLinux are graciously accepted via PayPal to pa...@kr....

[Astlinux-users] PJSIP

[David K. <da...@ke...>]

I'm embarking on a long overdue conversion from SIP to PJSIP in my Asterisk
configuration. I think I have it mostly working now but I notice that in
the status page the commands to show SIP trunk and SIP peer status no
longer exist (I have noload for chan_sip.so).

SIP Trunk Registrations:

No such command 'sip show registry' (type 'core show help sip show'
for other possible commands)

SIP Peer Status:

No such command 'sip show peers' (type 'core show help sip show' for
other possible commands)


Are there alternative commands we could use?

Thanks
David

Re: [Astlinux-users] PJSIP

[Lonnie A. <li...@lo...>]

Hi David,

In the Prefs -> Status Tab Options:, there are 4 pairs of these:
--
Custom Asterisk Name:
Custom Asterisk Command:
--
Which you can label and call what commands you want.

And uncheck:
--
Show SIP Trunk Registrations
Show SIP Peer Status
--

Though I don't think there is an exact equivalent from chan_sip to chan_pjsip for status.  I still use chan_sip.


Lonnie



> On Jun 12, 2024, at 4:17 PM, David Kerr <da...@ke...> wrote:
> 
> It looks like
> 
> pjsip list (or show) registrations
> pjsip list (or show) contacts
> 
> Gets closest to the old versions?  Should the prefs panel be updated to allow a command to be provided?
> 
> David
> 
> On Wed, Jun 12, 2024 at 5:10 PM David Kerr <da...@ke...> wrote:
> I'm embarking on a long overdue conversion from SIP to PJSIP in my Asterisk configuration. I think I have it mostly working now but I notice that in the status page the commands to show SIP trunk and SIP peer status no longer exist (I have noload for chan_sip.so). 
> 
> SIP Trunk Registrations:No such command 'sip show registry' (type 'core show help sip show' for other possible commands)
> 
> SIP Peer Status:No such command 'sip show peers' (type 'core show help sip show' for other possible commands)
> 
> 
> Are there alternative commands we could use?
> 
> Thanks
> David
> 
> 
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> 
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....

Re: [Astlinux-users] PJSIP

[David K. <da...@ke...>]

It looks like

pjsip list (or show) registrations
pjsip list (or show) contacts

Gets closest to the old versions?  Should the prefs panel be updated to
allow a command to be provided?

David

On Wed, Jun 12, 2024 at 5:10 PM David Kerr <da...@ke...> wrote:

> I'm embarking on a long overdue conversion from SIP to PJSIP in my
> Asterisk configuration. I think I have it mostly working now but I notice
> that in the status page the commands to show SIP trunk and SIP peer status
> no longer exist (I have noload for chan_sip.so).
>
> SIP Trunk Registrations:
>
> No such command 'sip show registry' (type 'core show help sip show' for other possible commands)
>
> SIP Peer Status:
>
> No such command 'sip show peers' (type 'core show help sip show' for other possible commands)
>
>
> Are there alternative commands we could use?
>
> Thanks
> David
>
>
>

Re: [Astlinux-users] AstLinux VM under UnRaid

[Lonnie A. <li...@lo...>]

Great!  Thanks for the note.

Lonnie


> On Jun 10, 2024, at 7:56 PM, Ionel Chila via Astlinux-users <ast...@li...> wrote:
> 
> That was easy. Looks like it worked perfect under UnRaid VM. I will ne to document and take some screenshots for future installations.  I need to now configure and do some testing. Will keep you updated.
> 
> 
> 
> <Screenshot 2024-06-10 at 7.54.46 PM.png>
> 
> 
>> On Jun 10, 2024, at 6:52 PM, Lonnie Abelbeck <li...@lo...> wrote:
>> 
>> /mnt/kd/rc.conf.d/user.conf
> 
> 
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> 
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....

Re: [Astlinux-users] AstLinux VM under UnRaid

[Ionel C. <ion...@me...>]

That was easy. Looks like it worked perfect under UnRaid VM. I will ne to document and take some screenshots for future installations.  I need to now configure and do some testing. Will keep you updated.







> On Jun 10, 2024, at 6:52 PM, Lonnie Abelbeck <li...@lo...> wrote:
> 
> /mnt/kd/rc.conf.d/user.conf

Re: [Astlinux-users] AstLinux VM under UnRaid

[Ionel C. <ion...@me...>]

Hi Lonnie,

And I hope things are good with you Sir. Thanks again for all the hard work.

I was thinking about keeping the DAHDI PCI but I guess not anymore :) If the UnRaid VM works I may just buy me one of these PAP2 boxes and put the analog line for the house on that box. 

Will let you know about my progress

Best regards



> On Jun 10, 2024, at 6:52 PM, Lonnie Abelbeck <li...@lo...> wrote:
> 
> Hi Ionel,
> 
> Do you use still use DAHDI PCI hardware?  If so, that is a problem as the AstLinux VM ISO does not include the DAHDI PCI firmware files. If you are still using DAHDI PCI hardware I would keep your dedicated hardware.
> 
> On the other hand, if your setup is VoIP-only, I have not used UnRaid, but it seems to use KVM/QEMU, so in theory it should work.
> 
> Just like Proxmox, you may want to enable the QEMU Guest Agent:
> -- /mnt/kd/rc.conf.d/user.conf
> QEMU_GUEST_AGENT="yes"
> --
> 
> It should be easy to give it a try using UnRaid with the AstLinux VM ISO.
> 
> Lonnie
> 
> 
> 
>> On Jun 10, 2024, at 6:20 PM, Ionel Chila via Astlinux-users <ast...@li...> wrote:
>> 
>> I am running two UnRaid NAS and they have a very rich ecosystems as far as dockers and VM goes.  I was wondering if anyone managed to install and run an AstLinux VM under UnRaid?  I would love to retire my home-pbx dedicated hardware and run this VM in my existing UnRaid setup.
>> 
>> Thanks for your advise.
>> _______________________________________________
>> Astlinux-users mailing list
>> Ast...@li...
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>> 
>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
> 
> 
> 
> 
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> 
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....

Re: [Astlinux-users] AstLinux VM under UnRaid

[Lonnie A. <li...@lo...>]

Hi Ionel,

Do you use still use DAHDI PCI hardware?  If so, that is a problem as the AstLinux VM ISO does not include the DAHDI PCI firmware files. If you are still using DAHDI PCI hardware I would keep your dedicated hardware.

On the other hand, if your setup is VoIP-only, I have not used UnRaid, but it seems to use KVM/QEMU, so in theory it should work.

Just like Proxmox, you may want to enable the QEMU Guest Agent:
-- /mnt/kd/rc.conf.d/user.conf
QEMU_GUEST_AGENT="yes"
--

It should be easy to give it a try using UnRaid with the AstLinux VM ISO.

Lonnie



> On Jun 10, 2024, at 6:20 PM, Ionel Chila via Astlinux-users <ast...@li...> wrote:
> 
> I am running two UnRaid NAS and they have a very rich ecosystems as far as dockers and VM goes.  I was wondering if anyone managed to install and run an AstLinux VM under UnRaid?  I would love to retire my home-pbx dedicated hardware and run this VM in my existing UnRaid setup.
> 
> Thanks for your advise.
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> 
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....

[Astlinux-users] AstLinux VM under UnRaid

[Ionel C. <ion...@me...>]

I am running two UnRaid NAS and they have a very rich ecosystems as far as dockers and VM goes. I was wondering if anyone managed to install and run an AstLinux VM under UnRaid? I would love to retire my home-pbx dedicated hardware and run this VM in my existing UnRaid setup. Thanks for your advise.

[Astlinux-users] Announcing AstLinux Release: 1.5.4

[Lonnie A. <li...@lo...>]

Announcing AstLinux Release: 1.5.4

More Info: AstLinux Project
https://www.astlinux-project.org/

AstLinux 1.5.4 Highlights:
* Asterisk Versions: 16.30.0, 18.22.0, 20.7.0

* Linux Kernel 5.10.216, security and bug fixes
* RUNNIX, version bump to runnix-0.6.18
* atlantic, enable the Marvell (Aquantia) 10-Gigabit Ethernet Network Driver (Aquantia AQC107/AQC113/etc. support)
* r8125, version 9.013.02, Realtek RTL8125 2.5-Gigabit Ethernet Network Driver
* libcurl (curl) version bump to 8.7.1, security fixes: CVE-2024-0853, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466
* expat, version bump to 2.6.2, security fixes: CVE-2023-52425, CVE-2023-52426, CVE-2024-28757
* libxml2, version bump to 2.11.8, security fixes: CVE-2024-25062, CVE-2024-34459
* php, version 7.2.34, add security fixes: CVE-2024-2756, CVE-2024-3096
* sngrep, version bump to 1.8.1, security fix: CVE-2024-3120
* tinyproxy, version bump to 1.11.2, security fix: CVE-2023-49606
* unbound, version bump to 1.19.3, security fixes: CVE-2023-50387, CVE-2023-50868, CVE-2024-1931
* fping, version bump to 5.2
* htop, version bump to 3.3.0
* msmtp, version bump to 1.8.26
* sqlite, version bump to 3.45.3
* stunnel, version bump to 5.72
* vnStat, version bump to 2.12
* ca-certificates, update trusted root certificates 2024-03-11
* mac2vendor, oui.txt database snapshot 2024-05-22
* Asterisk '16se' (stable edition) version 16.30.0 is the last Asterisk 16.x "Legacy" version, built --without-pjproject and --without-dahdi
* Package upgrades providing important security and bug fixes

Full ChangeLog:
https://raw.githubusercontent.com/astlinux-project/astlinux/1.5.4/docs/ChangeLog.txt

All users are encouraged to upgrade, read the ChangeLog for the details.

AstLinux Team

Re: [Astlinux-users] Announcing AstLinux Release: 1.5.2

[Michael K. <li...@mk...>]

Hi Peter,

some things have changed between 16 and 18, there are now a few new modules, that have no config files.
The 4 voicemail config changes could be adapted, but will still work as they are.

> Am 22.03.2024 um 14:59 schrieb Dr. Peter Voigt <pv...@uo...>:
> 
> Hi Lonnie,
> 
> thanks, that trick helped - I'm now on
> "astlinux-1.5.3 x86_64 - Asterisk 18.20.2".
> 
> Good news: My simple configuration survived the upgrade: I can still make and receive phone calls, voicemals are still
> accepted an sent by email.
> 
> I am no Asterisk expert at all so need some advice on the remaining errors and warnings, full boot log:
> 
> Mar 22 14:27:11] Asterisk 18.20.2 built by build @ build on a x86_64 running Linux on 2024-01-30 17:27:01 UTC
> [Mar 22 14:27:11] NOTICE[534] loader.c: 349 modules will be loaded.
> [Mar 22 14:27:13] NOTICE[534] res_odbc.c: Registered ODBC class 'asterisk' dsn->[asterisk]
> [Mar 22 14:27:13] NOTICE[534] res_odbc.c: Registered ODBC class 'asterisk-cdr' dsn->[asterisk-cdr]
> [Mar 22 14:27:13] NOTICE[534] cdr.c: CDR simple logging enabled.
> [Mar 22 14:27:13] NOTICE[534] dnsmgr.c: Managed DNS entries will be refreshed every 30 seconds.
> [Mar 22 14:27:13] NOTICE[534] indications.c: Default country for indication tones: us
> [Mar 22 14:27:13] NOTICE[534] indications.c: Setting default indication country to 'us'
> [Mar 22 14:27:14] WARNING[534] res_musiconhold.c: No music on hold classes configured, disabling music on hold.
> [Mar 22 14:27:14] NOTICE[534] res_smdi.c: No SMDI interfaces are available to listen on, not starting SMDI listener.
> [Mar 22 14:27:14] WARNING[534] res_phoneprov.c: Unable to find a valid server address or name.
> [Mar 22 14:27:14] ERROR[534] res_sorcery_config.c: Unable to load config file 'aeap.conf'
> [Mar 22 14:27:14] NOTICE[534] chan_skinny.c: Configuring skinny from skinny.conf
> [Mar 22 14:27:14] NOTICE[692] chan_sip.c: Peer '6003' is now Reachable. (28ms / 2000ms)
> [Mar 22 14:27:14] NOTICE[534] chan_dahdi.c: Ignoring any changes to 'userbase' (on reload) at line 23.
> [Mar 22 14:27:14] NOTICE[534] chan_dahdi.c: Ignoring any changes to 'vmsecret' (on reload) at line 31.
> [Mar 22 14:27:14] NOTICE[534] chan_dahdi.c: Ignoring any changes to 'hassip' (on reload) at line 35.
> [Mar 22 14:27:14] NOTICE[534] chan_dahdi.c: Ignoring any changes to 'hasiax' (on reload) at line 39.
> [Mar 22 14:27:14] NOTICE[534] chan_dahdi.c: Ignoring any changes to 'hasmanager' (on reload) at line 47.
> [Mar 22 14:27:14] NOTICE[692] chan_sip.c: Peer '6002' is now Reachable. (25ms / 2000ms)
> [Mar 22 14:27:14] ERROR[534] ari/config.c: No configured users for ARI
> [Mar 22 14:27:15] NOTICE[534] confbridge/conf_config_parser.c: Adding default_menu menu to app_confbridge
> [Mar 22 14:27:15] NOTICE[692] chan_sip.c: Peer 'sipgate_de' is now Reachable. (31ms / 2000ms)
> [Mar 22 14:27:15] NOTICE[692] chan_sip.c: Peer 'telekom' is now Reachable. (51ms / 2000ms)
> [Mar 22 14:27:15] NOTICE[534] cel_custom.c: No mappings found in cel_custom.conf. Not logging CEL to custom CSVs.
> [Mar 22 14:27:15] ERROR[534] config_options.c: Unable to load config file 'res_http_media_cache.conf'
> [Mar 22 14:27:15] NOTICE[534] res_http_media_cache.c: Could not load res_http_media_cache config; using defaults
> [Mar 22 14:27:16] ERROR[534] codec_dahdi.c: Failed to open /dev/dahdi/transcode: No such file or directory
> [Mar 22 14:27:16] WARNING[534] app_voicemail.c: Setting 'maxmessage' has been deprecated in favor of 'maxsecs'.
> [Mar 22 14:27:16] WARNING[534] app_voicemail.c: Setting 'minmessage' has been deprecated in favor of 'minsecs'.
> [Mar 22 14:27:16] WARNING[534] app_voicemail.c: maxsilence should be less than minmessage or you may get empty messages
> [Mar 22 14:27:16] WARNING[534] app_voicemail.c: Invalid max message greeting length
> [Mar 22 14:27:16] WARNING[534] res_hep_rtcp.c: res_hep is disabled; declining module load
> [Mar 22 14:27:16] ERROR[534] config_options.c: Unable to load config file 'prometheus.conf'
> [Mar 22 14:27:16] WARNING[534] res_hep_pjsip.c: res_hep is disabled; declining module load
> [Mar 22 14:27:16] WARNING[534] loader.c: Some non-required modules failed to load.
> [Mar 22 14:27:17] ERROR[534] loader.c: res_pjsip_transport_websocket declined to load.
> [Mar 22 14:27:17] ERROR[534] loader.c: cel_sqlite3_custom declined to load.
> [Mar 22 14:27:17] ERROR[534] loader.c: cdr_sqlite3_custom declined to load.
> [Mar 22 14:27:17] ERROR[534] loader.c: res_hep_rtcp declined to load.
> [Mar 22 14:27:17] ERROR[534] loader.c: res_prometheus declined to load.
> [Mar 22 14:27:17] ERROR[534] loader.c: res_hep_pjsip declined to load.
> 
> I could fix:
> loader.c: res_pjsip_transport_websocket declined to load.
> by adding:
> websocket_enabled = false
> to /etc/asterisk/sip.conf [General] section.
> 
> Peter
> 
> 
> On Fri, 2024-03-22 at 07:52 -0500, Lonnie Abelbeck wrote:
>> Hi Peter,
>> 
>> What you need to do is first perform a "System tab -> "Revert to Previous"
>> 
>> 
>> 
>> Then (no need to reboot) perform an "Upgrade with New".
>> 
>> This will use your changed repository URL, and since the previous version is different from the latest it will allow
>> the upgrade.
>> 
>> Lonnie
>> 
>> 
>> 
>>> On Mar 22, 2024, at 7:10 AM, Dr. Peter Voigt <pv...@uo...> wrote:
>>> 
>>> Well, I have some time left and would like to upgrade to ast18.
>>> 
>>> I am currently on 1.5.3 of ast16se. I've just changed the repository URL
>>> from https://mirror.astlinux-project.org/ast16se-firmware-1.x
>>> to https://mirror.astlinux-project.org/ast18-firmware-1.x
>>> and checked for new firmware (System -> System Firmware Upgrade:).
>>> However: "You are running the newest available version: astlinux-1.5.3".
>>> 
>>> Can I upgrade the Asterisk version only, if there is also a new AstLinux release
>>> available or what else might be wrong?
>>> 
>>> Peter
>>> 
>>> 
>>> On Fri, 2023-11-17 at 15:03 -0600, Lonnie Abelbeck wrote:
>>>> +1 what Michael said ... my thoughts.
>>>> 
>>>> Given, currently using ast16:
>>>> 
>>>> 1) If currently using chan_pjsip, migrate to ast18.
>>>> 
>>>> 2) If currently using dahdi (ex. pcie telephony card), migrate to ast18.
>>>> 
>>>> 3) Else next step, change the "ast16" to "ast16se", ex.
>>>> --
>>>> Prefs -> System & Staff Tab Options: Repository URL:
>>>> https://mirror.astlinux-project.org/ast16se-firmware-1.x
>>>> --
>>>> This should be quick and painless and will give you the latest security fixes
>>>> in the packages with 1.5.2.
>>>> 
>>>> 3a) Consider migrating to "ast18" when you have time to research the
>>>> differences and testing.
>>>> 
>>>> 
>>>> Additionally, it is recommended any "ast13se" systems be migrated to at least
>>>> "ast16se".  Relatively painless, but still requires some research and testing
>>>> as with any version change of Asterisk.
>>>> 
>>>> 
>>>> Lonnie
>>>> 
>>>> 
>>>> 
>>>>> On Nov 17, 2023, at 12:21 PM, Dr. Peter Voigt <pv...@uo...> wrote:
>>>>> 
>>>>> Hi Michael,
>>>>> 
>>>>> thanks for feedback. I will try the upgrade to ast18 as soon as I've some
>>>>> time
>>>>> left necessary to deal with obviously arising error messages and required
>>>>> configuration changes. May be I'll have to contact the list again, if
>>>>> something
>>>>> goes wrong.
>>>>> 
>>>>> 
>>>>> On Fri, 2023-11-17 at 19:06 +0100, Michael Keuter wrote:
>>>>>> Hi Peter,
>>>>>> 
>>>>>> it is just a matter of changing the repository URL (you must run a lower
>>>>>> version).
>>>>>> 
>>>>>> I would suggest you choose ast18 cause Asterisk is EOL now. 
>>>>>> 20 is not well tested yet, it runs fine for me though.
>>>>>> There was much changed between 16 and 18 (a few missing new config files
>>>>>> =>
>>>>>> error messages.)
>>>>>> The originals are in "/stat/etc/asterisk/".
>>>>>> 
>>>>>>> Am 17.11.2023 um 18:21 schrieb Dr. Peter Voigt <pv...@uo...>:
>>>>>>> 
>>>>>>> I am currently on the ast16 branch and ask myself, if I should switch to
>>>>>>> ast16se
>>>>>>> or to one of the higher version branches ast18/ast20.
>>>>>>> 
>>>>>>> And another question: Is upgrading just a matter of changing the
>>>>>>> repository
>>>>>>> URL
>>>>>>> according to
>>>>>>> https://doc.astlinux-project.org/userdoc:tt_asterisk_upgrade_version
>>>>>>> or will I have to adapt or re-create my Asterisk configuration?
>>>>>>> 
>>>>>>> Regards,
>>>>>>> Peter
>>>>>>> 
>>>>>>> 
>>>>>>> On Thu, 2023-11-16 at 07:33 -0600, Lonnie Abelbeck wrote:
>>>>>>>> Announcing AstLinux Release: 1.5.2
>>>>>>>> 
>>>>>>>> More Info: AstLinux Project
>>>>>>>> https://www.astlinux-project.org/
>>>>>>>> 
>>>>>>>> Changes to supported firmware builds:
>>>>>>>> * Previous 'ast13se' and 'ast16' firmware branches are no longer
>>>>>>>> updated.
>>>>>>>> * New 'ast16se' firmware branch, Asterisk 16.x built --without-
>>>>>>>> pjproject
>>>>>>>> and -
>>>>>>>> -without-dahdi
>>>>>>>> * Previous 'ast18' firmware branch, Asterisk 18.x built --with-
>>>>>>>> pjproject
>>>>>>>> and -
>>>>>>>> -with-dahdi
>>>>>>>> * New 'ast20' firmware branch, Asterisk 20.x built --with-pjproject
>>>>>>>> and --
>>>>>>>> with-dahdi
>>>>>>>> 
>>>>>>>> AstLinux 1.5.2 Highlights:
>>>>>>>> * Asterisk Versions: 16.30.0, 18.20.0, 20.5.0
>>>>>>>> 
>>>>>>>> * Linux Kernel 5.10.197, security and bug fixes
>>>>>>>> * RUNNIX, version bump to runnix-0.6.16
>>>>>>>> * OpenSSL, version bump to 1.1.1w, security fixes: CVE-2023-3446, CVE-
>>>>>>>> 2023-
>>>>>>>> 3817
>>>>>>>> * libcurl (curl) version bump to 8.4.0, security fixes: CVE-2023-
>>>>>>>> 38039,
>>>>>>>> CVE-
>>>>>>>> 2023-38545, CVE-2023-38546
>>>>>>>> * LibreTLS, version bump to 3.8.1
>>>>>>>> * libpng, version bump to 1.6.40
>>>>>>>> * libsodium, version bump to 1.0.19
>>>>>>>> * libxml2, version bump to 2.11.5
>>>>>>>> * chrony, version bump to 4.4
>>>>>>>> * ne, version bump to 3.3.3
>>>>>>>> * msmtp, version bump to 1.8.25
>>>>>>>> * netsnmp, version bump to 5.9.4
>>>>>>>> * pjsip version bump to 2.13.1
>>>>>>>> * screen, version 4.9.1, security fix: CVE-2023-24626
>>>>>>>> * sqlite, version bump to 3.43.2
>>>>>>>> * sqliteodbc, version bump to 0.99991
>>>>>>>> * tiff, version bump to 4.6.0
>>>>>>>> * unbound, version bump to 1.18.0
>>>>>>>> * unixodbc, version bump to 2.3.12
>>>>>>>> * vnStat, version bump to 2.11
>>>>>>>> * zabbix, version bump to 4.0.50
>>>>>>>> * Asterisk '16se' (stable edition) version 16.30.0 is the last
>>>>>>>> Asterisk
>>>>>>>> 16.x
>>>>>>>> "Legacy" version, built --without-pjproject and --without-dahdi 
>>>>>>>> * Package upgrades providing important security and bug fixes
>>>>>>>> 
>>>>>>>> Full ChangeLog:
>>>>>>>> https://raw.githubusercontent.com/astlinux-project/astlinux/1.5.2/docs/ChangeLog.txt
>>>>>>>> 
>>>>>>>> All users are encouraged to upgrade, read the ChangeLog for the
>>>>>>>> details.
>>>>>>>> 
>>>>>>>> AstLinux Team
>>>>>> 
>>>>>> Michael
>>>>>> 
>>>>>> http://www.mksolutions.info


Michael

http://www.mksolutions.info

Re: [Astlinux-users] Announcing AstLinux Release: 1.5.2

[Dr. P. V. <pv...@uo...>]

Hi Lonnie,

thanks, that trick helped - I'm now on
"astlinux-1.5.3 x86_64 - Asterisk 18.20.2".

Good news: My simple configuration survived the upgrade: I can still make and receive phone calls, voicemals are still
accepted an sent by email.

I am no Asterisk expert at all so need some advice on the remaining errors and warnings, full boot log:

Mar 22 14:27:11] Asterisk 18.20.2 built by build @ build on a x86_64 running Linux on 2024-01-30 17:27:01 UTC
[Mar 22 14:27:11] NOTICE[534] loader.c: 349 modules will be loaded.
[Mar 22 14:27:13] NOTICE[534] res_odbc.c: Registered ODBC class 'asterisk' dsn->[asterisk]
[Mar 22 14:27:13] NOTICE[534] res_odbc.c: Registered ODBC class 'asterisk-cdr' dsn->[asterisk-cdr]
[Mar 22 14:27:13] NOTICE[534] cdr.c: CDR simple logging enabled.
[Mar 22 14:27:13] NOTICE[534] dnsmgr.c: Managed DNS entries will be refreshed every 30 seconds.
[Mar 22 14:27:13] NOTICE[534] indications.c: Default country for indication tones: us
[Mar 22 14:27:13] NOTICE[534] indications.c: Setting default indication country to 'us'
[Mar 22 14:27:14] WARNING[534] res_musiconhold.c: No music on hold classes configured, disabling music on hold.
[Mar 22 14:27:14] NOTICE[534] res_smdi.c: No SMDI interfaces are available to listen on, not starting SMDI listener.
[Mar 22 14:27:14] WARNING[534] res_phoneprov.c: Unable to find a valid server address or name.
[Mar 22 14:27:14] ERROR[534] res_sorcery_config.c: Unable to load config file 'aeap.conf'
[Mar 22 14:27:14] NOTICE[534] chan_skinny.c: Configuring skinny from skinny.conf
[Mar 22 14:27:14] NOTICE[692] chan_sip.c: Peer '6003' is now Reachable. (28ms / 2000ms)
[Mar 22 14:27:14] NOTICE[534] chan_dahdi.c: Ignoring any changes to 'userbase' (on reload) at line 23.
[Mar 22 14:27:14] NOTICE[534] chan_dahdi.c: Ignoring any changes to 'vmsecret' (on reload) at line 31.
[Mar 22 14:27:14] NOTICE[534] chan_dahdi.c: Ignoring any changes to 'hassip' (on reload) at line 35.
[Mar 22 14:27:14] NOTICE[534] chan_dahdi.c: Ignoring any changes to 'hasiax' (on reload) at line 39.
[Mar 22 14:27:14] NOTICE[534] chan_dahdi.c: Ignoring any changes to 'hasmanager' (on reload) at line 47.
[Mar 22 14:27:14] NOTICE[692] chan_sip.c: Peer '6002' is now Reachable. (25ms / 2000ms)
[Mar 22 14:27:14] ERROR[534] ari/config.c: No configured users for ARI
[Mar 22 14:27:15] NOTICE[534] confbridge/conf_config_parser.c: Adding default_menu menu to app_confbridge
[Mar 22 14:27:15] NOTICE[692] chan_sip.c: Peer 'sipgate_de' is now Reachable. (31ms / 2000ms)
[Mar 22 14:27:15] NOTICE[692] chan_sip.c: Peer 'telekom' is now Reachable. (51ms / 2000ms)
[Mar 22 14:27:15] NOTICE[534] cel_custom.c: No mappings found in cel_custom.conf. Not logging CEL to custom CSVs.
[Mar 22 14:27:15] ERROR[534] config_options.c: Unable to load config file 'res_http_media_cache.conf'
[Mar 22 14:27:15] NOTICE[534] res_http_media_cache.c: Could not load res_http_media_cache config; using defaults
[Mar 22 14:27:16] ERROR[534] codec_dahdi.c: Failed to open /dev/dahdi/transcode: No such file or directory
[Mar 22 14:27:16] WARNING[534] app_voicemail.c: Setting 'maxmessage' has been deprecated in favor of 'maxsecs'.
[Mar 22 14:27:16] WARNING[534] app_voicemail.c: Setting 'minmessage' has been deprecated in favor of 'minsecs'.
[Mar 22 14:27:16] WARNING[534] app_voicemail.c: maxsilence should be less than minmessage or you may get empty messages
[Mar 22 14:27:16] WARNING[534] app_voicemail.c: Invalid max message greeting length
[Mar 22 14:27:16] WARNING[534] res_hep_rtcp.c: res_hep is disabled; declining module load
[Mar 22 14:27:16] ERROR[534] config_options.c: Unable to load config file 'prometheus.conf'
[Mar 22 14:27:16] WARNING[534] res_hep_pjsip.c: res_hep is disabled; declining module load
[Mar 22 14:27:16] WARNING[534] loader.c: Some non-required modules failed to load.
[Mar 22 14:27:17] ERROR[534] loader.c: res_pjsip_transport_websocket declined to load.
[Mar 22 14:27:17] ERROR[534] loader.c: cel_sqlite3_custom declined to load.
[Mar 22 14:27:17] ERROR[534] loader.c: cdr_sqlite3_custom declined to load.
[Mar 22 14:27:17] ERROR[534] loader.c: res_hep_rtcp declined to load.
[Mar 22 14:27:17] ERROR[534] loader.c: res_prometheus declined to load.
[Mar 22 14:27:17] ERROR[534] loader.c: res_hep_pjsip declined to load.

I could fix:
loader.c: res_pjsip_transport_websocket declined to load.
by adding:
websocket_enabled = false
to /etc/asterisk/sip.conf [General] section.

Peter


On Fri, 2024-03-22 at 07:52 -0500, Lonnie Abelbeck wrote:
> Hi Peter,
> 
> What you need to do is first perform a "System tab -> "Revert to Previous"
> 
> 
> 
> Then (no need to reboot) perform an "Upgrade with New".
> 
> This will use your changed repository URL, and since the previous version is different from the latest it will allow
> the upgrade.
> 
> Lonnie
> 
> 
> 
> > On Mar 22, 2024, at 7:10 AM, Dr. Peter Voigt <pv...@uo...> wrote:
> > 
> > Well, I have some time left and would like to upgrade to ast18.
> > 
> > I am currently on 1.5.3 of ast16se. I've just changed the repository URL
> > from https://mirror.astlinux-project.org/ast16se-firmware-1.x
> > to https://mirror.astlinux-project.org/ast18-firmware-1.x
> > and checked for new firmware (System -> System Firmware Upgrade:).
> > However: "You are running the newest available version: astlinux-1.5.3".
> > 
> > Can I upgrade the Asterisk version only, if there is also a new AstLinux release
> > available or what else might be wrong?
> > 
> > Peter
> > 
> > 
> > On Fri, 2023-11-17 at 15:03 -0600, Lonnie Abelbeck wrote:
> > > +1 what Michael said ... my thoughts.
> > > 
> > > Given, currently using ast16:
> > > 
> > > 1) If currently using chan_pjsip, migrate to ast18.
> > > 
> > > 2) If currently using dahdi (ex. pcie telephony card), migrate to ast18.
> > > 
> > > 3) Else next step, change the "ast16" to "ast16se", ex.
> > > --
> > > Prefs -> System & Staff Tab Options: Repository URL:
> > > https://mirror.astlinux-project.org/ast16se-firmware-1.x
> > > --
> > > This should be quick and painless and will give you the latest security fixes
> > > in the packages with 1.5.2.
> > > 
> > > 3a) Consider migrating to "ast18" when you have time to research the
> > > differences and testing.
> > > 
> > > 
> > > Additionally, it is recommended any "ast13se" systems be migrated to at least
> > > "ast16se".  Relatively painless, but still requires some research and testing
> > > as with any version change of Asterisk.
> > > 
> > > 
> > > Lonnie
> > > 
> > > 
> > > 
> > > > On Nov 17, 2023, at 12:21 PM, Dr. Peter Voigt <pv...@uo...> wrote:
> > > > 
> > > > Hi Michael,
> > > > 
> > > > thanks for feedback. I will try the upgrade to ast18 as soon as I've some
> > > > time
> > > > left necessary to deal with obviously arising error messages and required
> > > > configuration changes. May be I'll have to contact the list again, if
> > > > something
> > > > goes wrong.
> > > > 
> > > > 
> > > > On Fri, 2023-11-17 at 19:06 +0100, Michael Keuter wrote:
> > > > > Hi Peter,
> > > > > 
> > > > > it is just a matter of changing the repository URL (you must run a lower
> > > > > version).
> > > > > 
> > > > > I would suggest you choose ast18 cause Asterisk is EOL now. 
> > > > > 20 is not well tested yet, it runs fine for me though.
> > > > > There was much changed between 16 and 18 (a few missing new config files
> > > > > =>
> > > > > error messages.)
> > > > > The originals are in "/stat/etc/asterisk/".
> > > > > 
> > > > > > Am 17.11.2023 um 18:21 schrieb Dr. Peter Voigt <pv...@uo...>:
> > > > > > 
> > > > > > I am currently on the ast16 branch and ask myself, if I should switch to
> > > > > > ast16se
> > > > > > or to one of the higher version branches ast18/ast20.
> > > > > > 
> > > > > > And another question: Is upgrading just a matter of changing the
> > > > > > repository
> > > > > > URL
> > > > > > according to
> > > > > > https://doc.astlinux-project.org/userdoc:tt_asterisk_upgrade_version
> > > > > > or will I have to adapt or re-create my Asterisk configuration?
> > > > > > 
> > > > > > Regards,
> > > > > > Peter
> > > > > > 
> > > > > > 
> > > > > > On Thu, 2023-11-16 at 07:33 -0600, Lonnie Abelbeck wrote:
> > > > > > > Announcing AstLinux Release: 1.5.2
> > > > > > > 
> > > > > > > More Info: AstLinux Project
> > > > > > > https://www.astlinux-project.org/
> > > > > > > 
> > > > > > > Changes to supported firmware builds:
> > > > > > > * Previous 'ast13se' and 'ast16' firmware branches are no longer
> > > > > > > updated.
> > > > > > > * New 'ast16se' firmware branch, Asterisk 16.x built --without-
> > > > > > > pjproject
> > > > > > > and -
> > > > > > > -without-dahdi
> > > > > > > * Previous 'ast18' firmware branch, Asterisk 18.x built --with-
> > > > > > > pjproject
> > > > > > > and -
> > > > > > > -with-dahdi
> > > > > > > * New 'ast20' firmware branch, Asterisk 20.x built --with-pjproject
> > > > > > > and --
> > > > > > > with-dahdi
> > > > > > > 
> > > > > > > AstLinux 1.5.2 Highlights:
> > > > > > > * Asterisk Versions: 16.30.0, 18.20.0, 20.5.0
> > > > > > > 
> > > > > > > * Linux Kernel 5.10.197, security and bug fixes
> > > > > > > * RUNNIX, version bump to runnix-0.6.16
> > > > > > > * OpenSSL, version bump to 1.1.1w, security fixes: CVE-2023-3446, CVE-
> > > > > > > 2023-
> > > > > > > 3817
> > > > > > > * libcurl (curl) version bump to 8.4.0, security fixes: CVE-2023-
> > > > > > > 38039,
> > > > > > > CVE-
> > > > > > > 2023-38545, CVE-2023-38546
> > > > > > > * LibreTLS, version bump to 3.8.1
> > > > > > > * libpng, version bump to 1.6.40
> > > > > > > * libsodium, version bump to 1.0.19
> > > > > > > * libxml2, version bump to 2.11.5
> > > > > > > * chrony, version bump to 4.4
> > > > > > > * ne, version bump to 3.3.3
> > > > > > > * msmtp, version bump to 1.8.25
> > > > > > > * netsnmp, version bump to 5.9.4
> > > > > > > * pjsip version bump to 2.13.1
> > > > > > > * screen, version 4.9.1, security fix: CVE-2023-24626
> > > > > > > * sqlite, version bump to 3.43.2
> > > > > > > * sqliteodbc, version bump to 0.99991
> > > > > > > * tiff, version bump to 4.6.0
> > > > > > > * unbound, version bump to 1.18.0
> > > > > > > * unixodbc, version bump to 2.3.12
> > > > > > > * vnStat, version bump to 2.11
> > > > > > > * zabbix, version bump to 4.0.50
> > > > > > > * Asterisk '16se' (stable edition) version 16.30.0 is the last
> > > > > > > Asterisk
> > > > > > > 16.x
> > > > > > > "Legacy" version, built --without-pjproject and --without-dahdi 
> > > > > > > * Package upgrades providing important security and bug fixes
> > > > > > > 
> > > > > > > Full ChangeLog:
> > > > > > > https://raw.githubusercontent.com/astlinux-project/astlinux/1.5.2/docs/ChangeLog.txt
> > > > > > > 
> > > > > > > All users are encouraged to upgrade, read the ChangeLog for the
> > > > > > > details.
> > > > > > > 
> > > > > > > AstLinux Team
> > > > > 
> > > > > Michael
> > > > > 
> > > > > http://www.mksolutions.info
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > _______________________________________________
> > > > > Astlinux-users mailing list
> > > > > Ast...@li...
> > > > > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> > > > > 
> > > > > Donations to support AstLinux are graciously accepted via PayPal to
> > > > > pa...@kr....
> > > > 
> > > > 
> > > > _______________________________________________
> > > > Astlinux-users mailing list
> > > > Ast...@li...
> > > > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> > > > 
> > > > Donations to support AstLinux are graciously accepted via PayPal to
> > > > pa...@kr....
> > > 
> > > 
> > > 
> > > _______________________________________________
> > > Astlinux-users mailing list
> > > Ast...@li...
> > > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> > > 
> > > Donations to support AstLinux are graciously accepted via PayPal to
> > > pa...@kr....
> > 
> > 
> > _______________________________________________
> > Astlinux-users mailing list
> > Ast...@li...
> > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> > 
> > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
> 
> 
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> 
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....

Re: [Astlinux-users] Announcing AstLinux Release: 1.5.2

[Lonnie A. <li...@lo...>]

Hi Peter,

What you need to do is first perform a "System tab -> "Revert to Previous"

Re: [Astlinux-users] Announcing AstLinux Release: 1.5.2

[Dr. P. V. <pv...@uo...>]

Well, I have some time left and would like to upgrade to ast18.

I am currently on 1.5.3 of ast16se. I've just changed the repository URL
from https://mirror.astlinux-project.org/ast16se-firmware-1.x
to https://mirror.astlinux-project.org/ast18-firmware-1.x
and checked for new firmware (System -> System Firmware Upgrade:).
However: "You are running the newest available version: astlinux-1.5.3".

Can I upgrade the Asterisk version only, if there is also a new AstLinux release
available or what else might be wrong?

Peter


On Fri, 2023-11-17 at 15:03 -0600, Lonnie Abelbeck wrote:
> +1 what Michael said ... my thoughts.
> 
> Given, currently using ast16:
> 
> 1) If currently using chan_pjsip, migrate to ast18.
> 
> 2) If currently using dahdi (ex. pcie telephony card), migrate to ast18.
> 
> 3) Else next step, change the "ast16" to "ast16se", ex.
> --
> Prefs -> System & Staff Tab Options: Repository URL:
> https://mirror.astlinux-project.org/ast16se-firmware-1.x
> --
> This should be quick and painless and will give you the latest security fixes
> in the packages with 1.5.2.
> 
> 3a) Consider migrating to "ast18" when you have time to research the
> differences and testing.
> 
> 
> Additionally, it is recommended any "ast13se" systems be migrated to at least
> "ast16se".  Relatively painless, but still requires some research and testing
> as with any version change of Asterisk.
> 
> 
> Lonnie
> 
> 
> 
> > On Nov 17, 2023, at 12:21 PM, Dr. Peter Voigt <pv...@uo...> wrote:
> > 
> > Hi Michael,
> > 
> > thanks for feedback. I will try the upgrade to ast18 as soon as I've some
> > time
> > left necessary to deal with obviously arising error messages and required
> > configuration changes. May be I'll have to contact the list again, if
> > something
> > goes wrong.
> > 
> > 
> > On Fri, 2023-11-17 at 19:06 +0100, Michael Keuter wrote:
> > > Hi Peter,
> > > 
> > > it is just a matter of changing the repository URL (you must run a lower
> > > version).
> > > 
> > > I would suggest you choose ast18 cause Asterisk is EOL now. 
> > > 20 is not well tested yet, it runs fine for me though.
> > > There was much changed between 16 and 18 (a few missing new config files
> > > =>
> > > error messages.)
> > > The originals are in "/stat/etc/asterisk/".
> > > 
> > > > Am 17.11.2023 um 18:21 schrieb Dr. Peter Voigt <pv...@uo...>:
> > > > 
> > > > I am currently on the ast16 branch and ask myself, if I should switch to
> > > > ast16se
> > > > or to one of the higher version branches ast18/ast20.
> > > > 
> > > > And another question: Is upgrading just a matter of changing the
> > > > repository
> > > > URL
> > > > according to
> > > > https://doc.astlinux-project.org/userdoc:tt_asterisk_upgrade_version
> > > > or will I have to adapt or re-create my Asterisk configuration?
> > > > 
> > > > Regards,
> > > > Peter
> > > > 
> > > > 
> > > > On Thu, 2023-11-16 at 07:33 -0600, Lonnie Abelbeck wrote:
> > > > > Announcing AstLinux Release: 1.5.2
> > > > > 
> > > > > More Info: AstLinux Project
> > > > > https://www.astlinux-project.org/
> > > > > 
> > > > > Changes to supported firmware builds:
> > > > > * Previous 'ast13se' and 'ast16' firmware branches are no longer
> > > > > updated.
> > > > > * New 'ast16se' firmware branch, Asterisk 16.x built --without-
> > > > > pjproject
> > > > > and -
> > > > > -without-dahdi
> > > > > * Previous 'ast18' firmware branch, Asterisk 18.x built --with-
> > > > > pjproject
> > > > > and -
> > > > > -with-dahdi
> > > > > * New 'ast20' firmware branch, Asterisk 20.x built --with-pjproject
> > > > > and --
> > > > > with-dahdi
> > > > > 
> > > > > AstLinux 1.5.2 Highlights:
> > > > > * Asterisk Versions: 16.30.0, 18.20.0, 20.5.0
> > > > > 
> > > > > * Linux Kernel 5.10.197, security and bug fixes
> > > > > * RUNNIX, version bump to runnix-0.6.16
> > > > > * OpenSSL, version bump to 1.1.1w, security fixes: CVE-2023-3446, CVE-
> > > > > 2023-
> > > > > 3817
> > > > > * libcurl (curl) version bump to 8.4.0, security fixes: CVE-2023-
> > > > > 38039,
> > > > > CVE-
> > > > > 2023-38545, CVE-2023-38546
> > > > > * LibreTLS, version bump to 3.8.1
> > > > > * libpng, version bump to 1.6.40
> > > > > * libsodium, version bump to 1.0.19
> > > > > * libxml2, version bump to 2.11.5
> > > > > * chrony, version bump to 4.4
> > > > > * ne, version bump to 3.3.3
> > > > > * msmtp, version bump to 1.8.25
> > > > > * netsnmp, version bump to 5.9.4
> > > > > * pjsip version bump to 2.13.1
> > > > > * screen, version 4.9.1, security fix: CVE-2023-24626
> > > > > * sqlite, version bump to 3.43.2
> > > > > * sqliteodbc, version bump to 0.99991
> > > > > * tiff, version bump to 4.6.0
> > > > > * unbound, version bump to 1.18.0
> > > > > * unixodbc, version bump to 2.3.12
> > > > > * vnStat, version bump to 2.11
> > > > > * zabbix, version bump to 4.0.50
> > > > > * Asterisk '16se' (stable edition) version 16.30.0 is the last
> > > > > Asterisk
> > > > > 16.x
> > > > > "Legacy" version, built --without-pjproject and --without-dahdi 
> > > > > * Package upgrades providing important security and bug fixes
> > > > > 
> > > > > Full ChangeLog:
> > > > > https://raw.githubusercontent.com/astlinux-project/astlinux/1.5.2/docs/ChangeLog.txt
> > > > > 
> > > > > All users are encouraged to upgrade, read the ChangeLog for the
> > > > > details.
> > > > > 
> > > > > AstLinux Team
> > > 
> > > Michael
> > > 
> > > http://www.mksolutions.info
> > > 
> > > 
> > > 
> > > 
> > > 
> > > _______________________________________________
> > > Astlinux-users mailing list
> > > Ast...@li...
> > > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> > > 
> > > Donations to support AstLinux are graciously accepted via PayPal to
> > > pa...@kr....
> > 
> > 
> > _______________________________________________
> > Astlinux-users mailing list
> > Ast...@li...
> > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> > 
> > Donations to support AstLinux are graciously accepted via PayPal to
> > pa...@kr....
> 
> 
> 
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> 
> Donations to support AstLinux are graciously accepted via PayPal to
> pa...@kr....

Re: [Astlinux-users] Ubiquiti Unifi

[Michael K. <mic...@ip...>]

Thanks all for responding. Sorry I changed my email setup so I missed these responses.
Yes I have decided to not continue trying to get things working with Unifi Gateways and Astlinux until they have Wireguard Site to Site VPN.

Yes the GL.Inet boxes seem to work quite well however I'm thinking I will try the Teltonika RUT300 as we already have these as part of our product portfolio: https://teltonika-networks.com/products/routers/rut300

Im also using Netgate 1100 (pfSense) which also work great.

Awesome to have a number of options.


Regards

Michael Knill

________________________________
From: Ionel Chila via Astlinux-users <ast...@li...>
Sent: Friday, 8 March 2024 12:56 AM
To: AstLinux Users Mailing List <ast...@li...>
Cc: Ionel Chila <ion...@me...>
Subject: Re: [Astlinux-users] Ubiquiti Unifi

I use Unifi UDM-SE for VPN with Gl.inet routers and WireGuard. Works very consistent and reliable.



> On Mar 7, 2024, at 6:20 AM, Michael Keuter <li...@mk...> wrote:
>
> Hi Michael,
>
> I only used StrongSwan with the AVM Fritzbox router/DSL modem models, which are widely used in Germany. You'll have to create a textfile, which has to be imported into the Fritzbox via the WebGUI.
>
> Luckily the newer Fritzbox models now support WireGuard. Never used Unifi for VPN. I thought you wanted to use Gl.inet routers …
>
> Michael
>
> http://www.mksolutions.info
>
>> Am 07.03.2024 um 12:52 schrieb Lonnie Abelbeck <li...@lo...>:
>>
>> Hi Michael,
>>
>> Unifi access points and switches have played well with others over the years.
>>
>> Unifi routing products, while based on linux, never had a good track record of interoperability, particularly with VPNs.
>>
>> It would seem straightforward for Unifi to support sourcing manual Wireguard configs in addition to the pretty GUI Wireguard configs ... maybe someday.
>>
>> Personally, I would not even try to get AstLinux Strongswan to work with Unifi's IPsec.
>>
>> Lonnie
>>
>>
>>
>>> On Mar 7, 2024, at 12:17 AM, Michael Knill <mic...@ip...> wrote:
>>>
>>> Noone 🙁
>>>
>>> Regards
>>> Michael Knill
>>> From: Michael Knill <mic...@ip...>
>>> Sent: Friday, 23 February 2024 2:50 PM
>>> To: AstLinux List (ast...@li...) <ast...@li...>
>>> Subject: [Astlinux-users] Ubiquiti Unifi
>>>
>>> Im kicking and screaming all the way, but I will probably be moving to the Ubiquiti Unifi ecosystem (we already use their WAP’s).
>>> As part of this, I will be implementing some of their gateways (routers) which I really need to connect via VPN to Astlinux in the cloud.
>>> They now support Wireguard but only as a client or server and not as a site to site VPN which they support Open VPN and IPsec only. In the Wireguard client configuration they emulate a mobile client so all traffic is from the gateway address (NAT).
>>>
>>> So just wondering if Im going to be able to get this working with OpenVPN as per below:
>>>
>>> <image002.png>
>>>
>>> Looks like it only support Pre-Shared Key and not certificates?
>>>
>>> Could probably use Strongswan with IPsec but would rather not unless someone has got this working or something similar.
>>>
>>> Regards
>>>
>>> Michael Knill
>>> Managing Director
>>>
>>> D: +61 2 6189 1360
>>> P: +61 2 6140 4656
>>> E: mic...@ip...
>>> W: ipcsolutions.com.au
>>>
>>> <image001.png>
>>> Smarter Business Communications
>
>
>
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....



_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....

Re: [Astlinux-users] Ubiquiti Unifi

[Ionel C. <ion...@me...>]

I use Unifi UDM-SE for VPN with Gl.inet routers and WireGuard. Works very consistent and reliable.



> On Mar 7, 2024, at 6:20 AM, Michael Keuter <li...@mk...> wrote:
> 
> Hi Michael,
> 
> I only used StrongSwan with the AVM Fritzbox router/DSL modem models, which are widely used in Germany. You'll have to create a textfile, which has to be imported into the Fritzbox via the WebGUI.
> 
> Luckily the newer Fritzbox models now support WireGuard. Never used Unifi for VPN. I thought you wanted to use Gl.inet routers …
> 
> Michael
> 
> http://www.mksolutions.info
> 
>> Am 07.03.2024 um 12:52 schrieb Lonnie Abelbeck <li...@lo...>:
>> 
>> Hi Michael,
>> 
>> Unifi access points and switches have played well with others over the years.
>> 
>> Unifi routing products, while based on linux, never had a good track record of interoperability, particularly with VPNs.
>> 
>> It would seem straightforward for Unifi to support sourcing manual Wireguard configs in addition to the pretty GUI Wireguard configs ... maybe someday.
>> 
>> Personally, I would not even try to get AstLinux Strongswan to work with Unifi's IPsec.
>> 
>> Lonnie
>> 
>> 
>> 
>>> On Mar 7, 2024, at 12:17 AM, Michael Knill <mic...@ip...> wrote:
>>> 
>>> Noone 🙁
>>> 
>>> Regards 
>>> Michael Knill
>>> From: Michael Knill <mic...@ip...>
>>> Sent: Friday, 23 February 2024 2:50 PM
>>> To: AstLinux List (ast...@li...) <ast...@li...>
>>> Subject: [Astlinux-users] Ubiquiti Unifi
>>> 
>>> Im kicking and screaming all the way, but I will probably be moving to the Ubiquiti Unifi ecosystem (we already use their WAP’s).
>>> As part of this, I will be implementing some of their gateways (routers) which I really need to connect via VPN to Astlinux in the cloud.
>>> They now support Wireguard but only as a client or server and not as a site to site VPN which they support Open VPN and IPsec only. In the Wireguard client configuration they emulate a mobile client so all traffic is from the gateway address (NAT).
>>> 
>>> So just wondering if Im going to be able to get this working with OpenVPN as per below:
>>> 
>>> <image002.png>
>>> 
>>> Looks like it only support Pre-Shared Key and not certificates?
>>> 
>>> Could probably use Strongswan with IPsec but would rather not unless someone has got this working or something similar.
>>> 
>>> Regards
>>> 
>>> Michael Knill
>>> Managing Director
>>> 
>>> D: +61 2 6189 1360
>>> P: +61 2 6140 4656
>>> E: mic...@ip...
>>> W: ipcsolutions.com.au
>>> 
>>> <image001.png>
>>> Smarter Business Communications
> 
> 
> 
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> 
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....

Re: [Astlinux-users] Ubiquiti Unifi

[Michael K. <li...@mk...>]

Hi Michael,

I only used StrongSwan with the AVM Fritzbox router/DSL modem models, which are widely used in Germany. You'll have to create a textfile, which has to be imported into the Fritzbox via the WebGUI.

Luckily the newer Fritzbox models now support WireGuard. Never used Unifi for VPN. I thought you wanted to use Gl.inet routers …

Michael

http://www.mksolutions.info

> Am 07.03.2024 um 12:52 schrieb Lonnie Abelbeck <li...@lo...>:
> 
> Hi Michael,
> 
> Unifi access points and switches have played well with others over the years.
> 
> Unifi routing products, while based on linux, never had a good track record of interoperability, particularly with VPNs.
> 
> It would seem straightforward for Unifi to support sourcing manual Wireguard configs in addition to the pretty GUI Wireguard configs ... maybe someday.
> 
> Personally, I would not even try to get AstLinux Strongswan to work with Unifi's IPsec.
> 
> Lonnie
> 
> 
> 
>> On Mar 7, 2024, at 12:17 AM, Michael Knill <mic...@ip...> wrote:
>> 
>> Noone 🙁
>> 
>> Regards 
>> Michael Knill
>> From: Michael Knill <mic...@ip...>
>> Sent: Friday, 23 February 2024 2:50 PM
>> To: AstLinux List (ast...@li...) <ast...@li...>
>> Subject: [Astlinux-users] Ubiquiti Unifi
>> 
>> Im kicking and screaming all the way, but I will probably be moving to the Ubiquiti Unifi ecosystem (we already use their WAP’s).
>> As part of this, I will be implementing some of their gateways (routers) which I really need to connect via VPN to Astlinux in the cloud.
>> They now support Wireguard but only as a client or server and not as a site to site VPN which they support Open VPN and IPsec only. In the Wireguard client configuration they emulate a mobile client so all traffic is from the gateway address (NAT).
>> 
>> So just wondering if Im going to be able to get this working with OpenVPN as per below:
>> 
>> <image002.png>
>> 
>> Looks like it only support Pre-Shared Key and not certificates?
>> 
>> Could probably use Strongswan with IPsec but would rather not unless someone has got this working or something similar.
>> 
>> Regards
>> 
>> Michael Knill
>> Managing Director
>> 
>> D: +61 2 6189 1360
>> P: +61 2 6140 4656
>> E: mic...@ip...
>> W: ipcsolutions.com.au
>> 
>> <image001.png>
>> Smarter Business Communications

Re: [Astlinux-users] Ubiquiti Unifi

[Lonnie A. <li...@lo...>]

Hi Michael,

Unifi access points and switches have played well with others over the years.

Unifi routing products, while based on linux, never had a good track record of interoperability, particularly with VPNs.

It would seem straightforward for Unifi to support sourcing manual Wireguard configs in addition to the pretty GUI Wireguard configs ... maybe someday.

Personally, I would not even try to get AstLinux Strongswan to work with Unifi's IPsec.

Lonnie



> On Mar 7, 2024, at 12:17 AM, Michael Knill <mic...@ip...> wrote:
> 
> Noone 🙁
> 
> Regards 
> Michael Knill
> From: Michael Knill <mic...@ip...>
> Sent: Friday, 23 February 2024 2:50 PM
> To: AstLinux List (ast...@li...) <ast...@li...>
> Subject: [Astlinux-users] Ubiquiti Unifi
>  
> Im kicking and screaming all the way, but I will probably be moving to the Ubiquiti Unifi ecosystem (we already use their WAP’s).
> As part of this, I will be implementing some of their gateways (routers) which I really need to connect via VPN to Astlinux in the cloud.
> They now support Wireguard but only as a client or server and not as a site to site VPN which they support Open VPN and IPsec only. In the Wireguard client configuration they emulate a mobile client so all traffic is from the gateway address (NAT).
>  
> So just wondering if Im going to be able to get this working with OpenVPN as per below:
>  
> <image002.png>
>  
> Looks like it only support Pre-Shared Key and not certificates?
>  
> Could probably use Strongswan with IPsec but would rather not unless someone has got this working or something similar.
>  
> Regards
>  
> Michael Knill
> Managing Director
>  
> D: +61 2 6189 1360
> P: +61 2 6140 4656
> E: mic...@ip...
> W: ipcsolutions.com.au
>  
>  <image001.png>
> Smarter Business Communications
>  
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> 
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....

Re: [Astlinux-users] Ubiquiti Unifi

[Michael K. <mic...@ip...>]

Noone 🙁


Regards

Michael Knill

________________________________
From: Michael Knill <mic...@ip...>
Sent: Friday, 23 February 2024 2:50 PM
To: AstLinux List (ast...@li...) <ast...@li...>
Subject: [Astlinux-users] Ubiquiti Unifi


Im kicking and screaming all the way, but I will probably be moving to the Ubiquiti Unifi ecosystem (we already use their WAP’s).

As part of this, I will be implementing some of their gateways (routers) which I really need to connect via VPN to Astlinux in the cloud.

They now support Wireguard but only as a client or server and not as a site to site VPN which they support Open VPN and IPsec only. In the Wireguard client configuration they emulate a mobile client so all traffic is from the gateway address (NAT).



So just wondering if Im going to be able to get this working with OpenVPN as per below:



[cid:image002.png@01DA6666.E9951590]



Looks like it only support Pre-Shared Key and not certificates?



Could probably use Strongswan with IPsec but would rather not unless someone has got this working or something similar.



Regards



Michael Knill

Managing Director



D: +61 2 6189 1360<tel:+61261891360>

P: +61 2 6140 4656<tel:+61261404656>

E: mic...@ip...<mailto:mic...@ip...>

W: ipcsolutions.com.au<https://ipcsolutions.com.au/>



 [Icon  Description automatically generated]

Smarter Business Communications

[Astlinux-users] Ubiquiti Unifi

[Michael K. <mic...@ip...>]

Im kicking and screaming all the way, but I will probably be moving to the Ubiquiti Unifi ecosystem (we already use their WAP’s).
As part of this, I will be implementing some of their gateways (routers) which I really need to connect via VPN to Astlinux in the cloud.
They now support Wireguard but only as a client or server and not as a site to site VPN which they support Open VPN and IPsec only. In the Wireguard client configuration they emulate a mobile client so all traffic is from the gateway address (NAT).

So just wondering if Im going to be able to get this working with OpenVPN as per below:

[cid:image002.png@01DA6666.E9951590]

Looks like it only support Pre-Shared Key and not certificates?

Could probably use Strongswan with IPsec but would rather not unless someone has got this working or something similar.

Regards

Michael Knill
Managing Director

D: +61 2 6189 1360<tel:+61261891360>
P: +61 2 6140 4656<tel:+61261404656>
E: mic...@ip...<mailto:mic...@ip...>
W: ipcsolutions.com.au<https://ipcsolutions.com.au/>

 [Icon  Description automatically generated]
Smarter Business Communications