Wiki

Asterisk WebRTC


About:
In this guide you will find detailed instructions about WebRTC setup for Asterisk 13.

Warning: Asterisk has only basic WebRTC support and doesn't handle corner cases such as streaming over HTTP port 80 (which is needed for most corporate networks where UDP is blocked) and also it doesn't have a built-in TURN server (a separate TURN server needs to be installed). Asterisk also has a long list of WebRTC related issues and bugs even in the latest version.
For VoIP focused companies where reliability is important, it is recommended to use a WebRTC-SIP gateway such as MRTC instead of the Asterisk built-in WebRTC module.



WebRTC and SIP:

For a server to be able to handle WebRTC, the followings needs to be implemented:

1. Signaling:
This is the easiest part as it just have to implement WebSocket for SIP as described in RFC 7118. If two WebRTC endpoints have to call each other, then they can do it via a server supporting only websocket signaling. However if the other endpoint is a simple SIP client, then the server must also handle media conversion. In Asterisk this is handled in res_http_websocket and chan_sip or pjlib.

2. Media:
A fully webrtc compilant server should also implement media routing to enable WebRTC to SIP calls. This is a bit more complicated as the server need to understand DTLS (TLS over UDP as described in RFC 6347), SRTP (secure RTP for media encryption as described in RFC 3711) and ICE. In Asterisk this is handled in res_rtp_asterisk and res_srtp.
    
3. Extra:
A decent WebRTC implementation should also implement STUN and TURN, add secure transport (SSL certificate) and optimize WebRTC handling. This can make the difference between barely “working” and “always working” implementations.

Asterisk:
Asterisk supports WebSocket and WebRTC since version 11. This guide is focusing mostly on WebRTC configuration for Asterisk v.13. (If you are using an older Asterisk, we strongly recommend to upgrade, because there was a lot of development in the recent months on WebRTC to make it more stable and complete implementation). This guide also applies for FreePBX and other Asterisk clones such as Elastix and PIAF). For old Asterisk versions you might consider these patches.

If you prefer to build from source:
We recommend Debian or CentOS
-Asterisk 11 has pjproject built-in. For ICE support get the development library (uuid-dev or , libuuid-devel):
     sudo apt-get install build-essential libncurses5-dev libxml2-dev libsqlite3-dev libssl-dev libsrtp0-dev uuid-dev
Go to your Asterisk source /contrib/scripts directory and run the install_prereq script to get everything else that is needed:
     sudo ./install_prereq install
     sudo ./install_prereq install-unpackaged
 Using menuselect make sure Asterisk will build with res_http_websocket, res_crypto and chan_sip.
In the Asterisk source dir:
    ./configure && make menuselect
Build and install Asterisk:
make && make install && make samples
You can find more details about Asterisk 11 setup here and here.
-With Asterisk 12 you must have pjproject installed.
A good tutorial can be found here.

-Asterisk 13 made a lot of improvements for WebRTC handling so we recommend this latest version. WebRTC should work just fine out of the box, without the need to change/recompile any binary.

We recommend to use Asterisk version 13.15.0 or 14.4.0 or higher for WebRTC (The last stable release is the best).

Asterisk WebRTC

Download:
As a ready to use package you can use Asterisk Now. V.13 which can be downloaded from here.

A public static IP address is highly recommended to avoid NAT related issues. Otherwise make sure that your Asterisk is configured properly (private/public IP, port forwarding, NAT handling).

Your Asterisk root directory will be located at /etc/asterisk.

SIP:
Asterisk 11 used the old sip.conf however from Asterisk 12 upward we have the new pjsip.conf.
Below you can find an example pjsip.conf file with 2 SIP accounts (6001 and 6002) at /etc/asterisk/pjsip.conf. Be aware of the [transport-ws] section where you must enable websocket.

[global]
type=global
user_agent=FPBX-AsteriskNOW-12.0.76.2(13.2.0)
realm=192.168.213.134 (you need to rewrite this with your IP address)
bindport=5060 (you need to rewrite this with your servers SIP port)
transport=udp,ws,wss

[simpletrans]
type=transport
protocol=udp
bind=0.0.0.0

[transport-ws]
type=transport
protocol=ws
bind=0.0.0.0

[endpoint-basic](!)
type=endpoint
transport=simpletrans
context=internal
disallow=all
allow=ulaw
rtcp_mux=yes

[auth-userpass](!)
type=auth
auth_type=userpass

[aor-single-reg](!)
type=aor
max_contacts=10

[6001](endpoint-basic)
auth=auth6001
aors=6001

[auth6001](auth-userpass)
username=6001
password=6666

[6001](aor-single-reg)

[6002](endpoint-basic)
auth=auth6002
aors=6002

[auth6002](auth-userpass)
password=6002
username=6002

[6002](aor-single-reg)

Dialplan:
A simple plan to be able to make calls from WebRTC to SIP assigning the 6666 number to the 6001 account in /etc/asterisk/extensions.conf:

[internal]
exten => 6666,1,Dial(PJSIP/6001)


Logs:
At /var/logs/asterisk/
Enable sip log: in sip.conf set sipdebug=yes
Set high loglevel – in logger.conf set the below line
[logfiles]
Verbose => notice,warning,error,debug,verbose,dtmf


WebRTC:
You need to make changes in these config files: sip.conf, http.conf, rtp.conf

sip.conf configuration:
In the sip.conf the [general] section should look like this:
[general]
udpbindaddr=YOUR IP:5060
realm=YOUR IP
sipdebug=yes
transport=udp,ws,wss


Setup a WebRTC extension:
An extension to be used by the web client should have the following format:
[9999]
secret=9999
context=internal
host=dynamic
trustrpid=yes
sendrpid=no
type=peer
qualify=yes
qualifyfreq=600
transport=ws,wss
encryption=yes
avpf=yes
icesupport=yes
rtcp_mux=yes
directmedia=no
disallow=all
allow=ulaw,opus,vp8,h264
dtmfmode=info
nat=yes
dtlsenable=yes
dtlscertfile=/etc/asterisk/certificate/cert.pem
dtlsprivatekey=/etc/asterisk/certificate/key.pem
dtlscafile=/etc/asterisk/certificate/key/pem
dtlssetup=actpass

http.conf configuration:
Configure the built-in http server. Bindport and bindaddr is the port and address for res_http_websocket and chan_sip used for websocket. (Websocket is implemented by the res_http_websocket module int the /ws sub-directory only)

The following changes need to be made on /etc/asterisk/http.conf  file:
[general]
enabled=yes
bindaddr=0.0.0.0
bindport=8080

rtp.conf  configuration:
Enable ICE  and STUN (you can use any other STUN server instead of google) and set an RTP port range.
The following changes need to be made on /etc/asterisk/rtp.conf  file:
[general]
rtpstart=10000
rtpend=20000
icesupport=yes
;rtpchecksums=no
;strictrtp=no
stunaddr=stun.l.google.com:19302  

Firewall configuration:
Make sure to enable the following ports:
SIP port: UDP/TCP 5060
Websocket port: TCP 8080
RTP ports: UDP 10000 - 20000

(Re)Start Asterisk.
At this moment you should be able to make calls between a WebRTC and a SIP client.

Configure WebRTC client:
You can use any WebRTC SIP client with Asterisk (mizu, sipml5, sip.js and others). Just set it’s websocket and SIP address to point to your asterisk.
Try it with Firefox for now (as Chrome requires https/wss which is mentioned later).
With the mizu webphone, you will need the following configuration (set in the webphone_api.js):
serveraddress:  ‘ASTERISK_IP:5060’,
webrtcserveraddress:  ‘ws://ASTERISK_IP:8080/ws’

Asterisk WebRTC softphone

Extra configuration:
To be able to make calls also from Chrome, you need:
-Secure webserver to host your web client files (HTTPS)
-Secure websocket (WSS)
You can obtain SSL certificates for free from startssl or letsencrypt or cheap certificate from comodo.
Make sure to apply the certificate for both your web server and asterisk websocket and dtls.
To configure secure calling in Asterisk, check this guide.
Optionally you might also setup a turn gateway (this can be useful to bypass firewalls and to help for peer to peer calls if you have such requirements). A tutorial can be found here.

Troubleshooting:
To be able to see the registration and call details in the CLI: Set the VERBOSE messages to go to the console and turn verbosity to at least 3.
If you have any kind of issues during your asterisk setup, check the logs (/var/log/asterisk) by opening the verbose file with nano or other editor.
Go to your logs end and search ERRORs or WARNINGs.
For example: Can't provide secure audio requested in sdp offer => then set the dtlsenable=yes for webrtc client peer
A few common issue:
-HTTP 404 Not Found response usually occures if the JavaScript library is using an incorrect URL for WebSocket access. The URL must use the /ws sub-directory.
-SIP 488 Not acceptable here response when placing a call to Asterisk: set avpf=yes and make sure to enable at least G.711 (PCMU, PCMA) on the caller/server/called.
-SIP 400 Bad Request response when registering using WebSocket. Update chan_sip to a newer version.
This forum post offers valuable resources for troubleshooting Asterisk WebRTC related issues.

Alternatives:
-You might use other PBX or softswitch with WebRTC support built-in
-You might use a separate WebRTC to SIP gateway and handle only simple SIP from Asterisk:
    -doubango (open source for linux)
    -webrtc to sip for windows (all-in-one turn-key webrtc gateway with built-in STUN and TURN)
-You might use other sip web client which doesn’t require WebRTC support (the mizu webphone works also without WebRTC support in your Asterisk and when WebRTC is supported it provides an optimized WebRTC stack fine-tuned for Asterisk out of the box)
Here is a guide to setup web sip client for Asterisk without WebRTC support (WebRTC support can be also added anytime later as it is fully implemented in the webphone)

Warning:
A production capable WebRTC setup depends on the details. With the default settings you might be able to achieve 80% call success ratio, so you might not be aware how broken is your implementation in various conditions like corporate networks where UDP is usually blocked. WebRTC-SIP can be a very tricky topic and your project success will depend on the followings:
-WebRTC-SIP protocol conversion in Asterisk (to handle all corner cases)
-Media routing and converting from DTLS/SRTP to simple RTP
-NAT handling built-in Asterisk and your configuration (proper handling of candidates, inserting own candidate)
-correct STUN setup (fast / simple stun / multi-homed)
-correct TURN setup (this can be very tricky as for working with asterisk you should disable UDP turn since that is better handled by Asterisk)
-webrtc sip client implementation details (handling corner cases in signaling, auto reconnecting, fine-tuned media settings, correct ICE setup)
-media tunneling over HTTP port 80 (as this is the only port which we can expect to be available from all networks), but still preferring UDP whenever possible
-peer to peer media routing whenever possible (and failback to server or TURN assisted relay)
-codec conversion: the most important codec's in WebRTC are OPUS and G.711 while your SIP peers might require other codec such as G.729 or GSM. Make sure that your server can handle this automatically.

Common WebRTC SIP clients such as SIPML5, SIP.js doesn’t take too much care on these details leaving this configuration tasks up to the users. If you are not an expert in WebRTC-SIP client, then we recommend a solution such as the webphone which is fine-tuned for Asterisk out of the box. Otherwise make sure to test your implementation in various conditions, from behind various routers/NAT’s and different firewall configurations. Also we found that a separate WebRTC-SIP gateway handles this difficult task much better then the built-in WebRTC implementation in Asterisk.




 |  View Topic History  |