[Configure Asterisk with webrtc support] Setting up asterisk for webrtc #asterisk #webrtc #sipml5 #configuration

asterisk_webrtc.md

Setting up Asterisk for webrtc

To set up with sipml5 I had been through the asterisk offiial site and I do recommand you to visit it.

We need to update several config file which are located on /etc/asterisk. Those filename are listed below

1. modules.conf
2. extensions.conf
3. http.conf
4. pjsip.conf
5. rtp.conf

I have posted how these file looks below with breif explaination.

1. modules.conf: Since we are using pjsip, we need to stop loading sip. As both of them cannot be used simultaneously. You can update manually or use the bash script below:

   sudo sh -c "echo 'noload => chan_sip.so' >> /etc/asterisk/modules.conf"

2. extension.conf:Add these things to the extension.conf at the end of the file. If you have just installed a fresh copy of asterisk you can even override the existing code.

   I have added two extensions, which are in fact dial plans.

   • Where helloworld just plays the hello-world music when we call in any number
   • Whereas the helloworld2, first plays the hello-world and then calls to another number, it also waits for the dtmf and plays its name based on whether the called number is registered one or not.

   [helloworld]
   exten => _X.,1,NoOp(${EXTEN})
   same => n,Playback(hello-world)
   same => n,Hangup()
   
   [helloworld2]
   exten => _X.,1,NoOp(${EXTEN})
   same => n,Playback(hello-world)
   same => n,Dial(PJSIP/${EXTEN},20)
   same => n,Read(Digits,,)
   same => n,Playback(you-entered)
   same => n,SayNumber(${Digits})
   

3. http.conf: Please update the file accordingly, or replace if you want.

   [general]
   enabled=yes
   bindaddr=0.0.0.0
   bindport=8088
   tlsenable=yes
   tlsbindaddr=0.0.0.0:8089
   tlscertfile=/etc/asterisk/keys/asterisk.pem
   

4. pjsip.conf: 199 is for web based phone 3002 and 3001 for sip clients: (like Linphone for desktop and CSipSimle for mobile)

   This file need to have:

   [transport-wss]
   type=transport
   protocol=wss
   bind=0.0.0.0
   
   [199]
   type=endpoint
   aors=199
   auth=199
   use_avpf=yes
   media_encryption=dtls
   dtls_ca_file=/etc/asterisk/keys/ca.crt
   dtls_cert_file=/etc/asterisk/keys/asterisk.pem
   dtls_verify=fingerprint
   dtls_setup=actpass
   ice_support=yes
   media_use_received_transport=yes
   rtcp_mux=yes
   context=helloworld2
   disallow=all
   allow=ulaw
   allow=opus
   
   [199]
   type=auth
   auth_type=userpass
   username=199
   password=199@pass1 
   
   [199]
   type=aor
   max_contacts=1
   remove_existing=yes
   
   
   [transport-udp]
   type=transport
   protocol=udp
   bind=0.0.0.0
   
   [3001]
   type=endpoint
   context=helloworld2
   disallow=all
   allow=ulaw
   auth=3001
   aors=3001
   
   [3001]
   type=auth
   auth_type=userpass
   password=3001pass
   username=3001
   
   [3001]
   type=aor
   max_contacts=1
   remove_existing=yes
   
   [3002]
   type=endpoint
   context=helloworld2
   disallow=all
   allow=ulaw
   auth=3002
   aors=3002
   
   [3002]
   type=auth
   auth_type=userpass
   password=3002pass
   username=3002
   
   [3002]
   type=aor
   max_contacts=1
   remove_existing=yes
   

5. rtp.conf: Need to have these on rtp.conf.

   [general]
   rtpstart=10000
   rtpend=20000
   icesupport=true
   stunaddr=stun.l.google.com:19302
   

###Create Certificates Call the script as such:

cd /usr/local/src/asterisk-13.17.2/contrib/scripts
sudo ./ast_tls_cert -C pbx.example.com -O "My Super Company" -d /etc/asterisk/keys

• The "-C" option is used to define our host - DNS name or our IP address.
• The "-O" option defines our organizational name.
• The "-d" option is the output directory of the keys.

1. You'll be asked to enter a pass phrase for /etc/asterisk/keys/ca.key, put in something that you'll remember for later.
2. This will create the /etc/asterisk/keys/ca.crt file.
3. You'll be asked to enter the pass phrase again, and then the /etc/asterisk/keys/asterisk.key file will be created.
4. The /etc/asterisk/keys/asterisk.crt file will be automatically generated.
5. You'll be asked to enter the pass phrase a third time, and the /etc/asterisk/keys/asterisk.pem, a combination of the asterisk.key and asterisk.crt files, will be created.
6. You can then check your /etc/asterisk/keys directory to verify the new files were created, as such:

ls -w 1 /etc/asterisk/keys

And you should see:

asterisk.crt
asterisk.csr
asterisk.key
asterisk.pem
ca.cfg
ca.crt
ca.key
tmp.cfg

You can reload the asterisk by:

asterisk -rvvvvvv

or simply typing reload on Asterisk's cli.

To verify the web server is running, perform:

netstat -an | grep 8089

And you should see:

tcp        0      0 0.0.0.0:8089            0.0.0.0:*               LISTEN  

Next, to ensure these modules are loaded by Asterisk, you can perform:

asterisk -rx "module show like crypto"
asterisk -rx "module show like websocket"
asterisk -rx "module show like opus"

You should see something similar to:

# asterisk -rx "module show like crypto"
Module                         Description                              Use Count  Status      Support Level
res_crypto.so                  Cryptographic Digital Signatures         1          Running              core
1 modules loaded

# asterisk -rx "module show like websocket"
Module                         Description                              Use Count  Status      Support Level
res_http_websocket.so          HTTP WebSocket Support                   3          Running          extended
res_pjsip_transport_websocket.so PJSIP WebSocket Transport Support        0          Running              core
2 modules loaded
 
# asterisk -rx "module show like opus"
Module                         Description                              Use Count  Status      Support Level
codec_opus.so                  OPUS Coder/Decoder                       0          Running          extended
res_format_attr_opus.so        Opus Format Attribute Module             1          Running              core