konrad armitage & matthew lapinski ncs 416 prof. ronny bull november 21 st, 2013
TRANSCRIPT
![Page 1: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/1.jpg)
Installing and Configuring an Asterisk Conference Bridge for the NCS Club
Konrad Armitage & Matthew LapinskiNCS 416
Prof. Ronny BullNovember 21st, 2013
![Page 2: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/2.jpg)
Project Scope
Installation of an Asterisk server on a physical device to be used by the NCS club
Installation & configuration of a conference bridge to allow multiple users from inside and outside the network to hold group meetings.
![Page 3: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/3.jpg)
Equipment
Dell PowerEdge 860 serverDevices for testing
Computers, cellphones etc.Hardphones and SoftphonesHeadsetsPacket analyzer (Wireshark & TCPdump)
![Page 4: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/4.jpg)
Planning Stages
Setup Asterisk on physical serverDeveloped layout for network configurationsWork with Sys Admins to implement
networkingDiscuss choice between MeetMe() and
ConfBridge()Setup SIP trunkTest abilities of the serverTroubleshoot problems.
![Page 5: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/5.jpg)
Networking and Installation
Installation of CentOS and AsteriskDevicesConfiguration filesModules
NetworkingArrangements with CS Sys AdminPort configurationsSetup of SIP trunk
![Page 6: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/6.jpg)
Asterisk Installation
CentOS 6.4 x86_64 minimal installAsterisk 2.6.32 from source
* Initially created on NCS Club network and migrated to the 10.107.0.0 /16
![Page 7: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/7.jpg)
Solving NAT Issues on a Campus Network
1) Publicly routable address2) DNAT on external interface
![Page 8: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/8.jpg)
DNATDestination Network Address Translation
Pre-processing alteration (doesn’t change source address)Changes the destination address to specified address
Example:
Asterisk server at 10.107.1.98
Packet destined for 150.156.201.22-> Destination address changed to 10.107.1.98
![Page 9: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/9.jpg)
Solving NAT Issues on a Campus Network
![Page 10: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/10.jpg)
Firewall Rules
UDP 5060 (SIP)TCP 5061 (SIP/TLS)UDP 10000-10200 (RTP)TCP 22 (SSH)UDP 123 (NTP)
![Page 11: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/11.jpg)
Initial Testing
Internal connections successful
Could register externally but: Inbound connections without audio Could not initiate calls
![Page 12: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/12.jpg)
Problem Solving?
CS system administrator dropped inbound firewall rules
Inbound connections began to work
![Page 13: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/13.jpg)
SIP Trunk
With inbound connections working successfully, an outbound SIP trunk from SIP.us was created.
Free trial with 60 minutes
Outbound call successfully tested to cellular network
![Page 14: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/14.jpg)
TroubleshootingAsterisk
Problems with MeetMe() and ConfBridge()Incorrect port usage/assignmentErrors in configuration filesErrors between connections of outside users to
internal users
![Page 15: Konrad Armitage & Matthew Lapinski NCS 416 Prof. Ronny Bull November 21 st, 2013](https://reader036.vdocuments.us/reader036/viewer/2022072014/56649e855503460f94b87124/html5/thumbnails/15.jpg)
Concluding Thoughts What went right?
Setup Troubleshooting Testing
What could we have done? MeetMe() IAX2 Reduce modules loaded for efficiency
How can we build on this? Paid SIP trunk Publically available number Admin settings for conference Video conferencing OpenSSL Improved hardware