Webrtc with Asterisk 16 : complete configuration with SIP

Today, We will wrap up webrtc set up with Asterisk 16. We will see how to configure asterisk 16 to suport webrtc and what more packages will require.

Asterisk and SIP.js were tested using the following setup:

  • CentOS 7.2 minimal (x86_64). Asterisk 16.9.0.
  • OpenSSL 1.0.1e-fips 11 Feb 2013 or later.
  • A public IP address to avoid NAT scenarios on the server side.
  • Disable SELinux

Required Packages

Install the following dependencies:

  • wget
  • gcc
  • gcc-c++
  • ncurses-devel
  • libxml2-devel
  • sqlite-devel
  • libsrtp-devel
  • libuuid-devel
  • openssl-devel
yum install wget gcc gcc-c++ ncurses-devel libuuid-devel jansson-devel libxml2-devel sqlite-devel libsrtp-devel openssl-devel

Install Asterisk

  1. Change the directory to download asterisk in src directory: cd /usr/local/src/.
  2. Download asterisk: wget https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-16.9.0.tar.gz
  3. Extract asterisk: tar zxvf asterisk*
  4. Change the directory: cd /usr/local/src/asterisk*
  5. confugure jason with asterisk : ./configure –with-jansson-bundled
  6. make menuselect
    In the menuselect, go to the resources option and ensure that res_srtp and pjproject is enabled. If there are 3 x’s next to res_srtp, there is a problem with the srtp library and you must reinstall it. Save the configuration (press x).
  7. make && make install
  8. make samples
  9. make config

Setup DTLS Certificates

  1. mkdir /etc/asterisk/keys
  2. cd /usr/local/src/asterisk*/contrib/scripts
  3. Create the DTLS certificates (replace pbx.mycompany.com with your ip address or dns name, replace My Super Company with your company name): ./ast_tls_cert -C pbx.mycompany.com -O "My Super Company" -d /etc/asterisk/keys

Configure Asterisk For WebRTC

For WebRTC, a lot of the settings that are needed MUST be in the peer settings. The global settings do not flow down into the peer settings very well. By default, Asterisk config files are located in /etc/asterisk/. Start by editing http.conf and make sure that the following lines are uncommented:

;http.conf
[general]
enabled=yes
bindaddr=127.0.0.1 ; Replace this with your IP address
bindport=8088 ; Replace this with the port you want to listen on
tlsenable=yes
tlsbindaddr=127.0.0.1:8089 ; Replace this with your IP address
tlscertfile=/etc/asterisk/keys/asterisk.pem

Change the IP address and port to the IP address of your server and the port that you would like Asterisk to listen for web socket connections on.

Next, edit sip.conf. Here you will set up two peers, one for a WebRTC client and one for a non-WebRTC SIP client. The WebRTC peer requires encryption, avpf, and icesupport to be enabled. In most cases, directmedia should be disabled. Also under the WebRTC client, the transport needs to be listed as ‘ws’ to allow websocket connections. All of these config lines should be under the peer itself; setting these config lines globally might not work.

;sip.conf
[general]
realm=127.0.0.1 ; Replace this with your IP address
udpbindaddr=127.0.0.1 ; Replace this with your IP address
transport=udp

[1060] ; This will be WebRTC client
type=friend
username=1060 ; The Auth user for SIP.js
host=dynamic ; Allows any host to register
secret=password ; The SIP Password for SIP.js
encryption=yes ; Tell Asterisk to use encryption for this peer
avpf=yes ; Tell Asterisk to use AVPF for this peer
icesupport=yes ; Tell Asterisk to use ICE for this peer
context=default ; Tell Asterisk which context to use when this peer is dialing
directmedia=no ; Asterisk will relay media for this peer
transport=udp,ws,wss ; Asterisk will allow this peer to register on UDP or WebSockets
force_avp=yes ; Force Asterisk to use avp. Introduced in Asterisk 11.11
dtlsenable=yes ; Tell Asterisk to enable DTLS for this peer
dtlsverify=fingerprint ; Tell Asterisk to verify DTLS fingerprint
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS cert file is
dtlssetup=actpass ; Tell Asterisk to use actpass SDP parameter when setting up DTLS
rtcp_mux=yes ; Tell Asterisk to do RTCP mux

[1061] ; This will be the legacy SIP client
type=friend
username=1061
host=dynamic
secret=password
context=default

Lastly, set up extensions.conf to allow the two peers to call each other.

;extensions.conf
[default]
exten => 1060,1,Dial(SIP/1060) ; Dialing 1060 will call the SIP client registered to 1060
exten => 1061,1,Dial(SIP/1061) ; Dialing 1061 will call the SIP client registered to 1061

Restart Asterisk using service asterisk restart to ensure that the new settings take effect.

Leave a Reply