No auth credentials for realm(s) 'sip.twilio.com'

[rahulkathet]

Hi,

This works perfectly for within extensions but when I try to add twilio for outbound calls I am getting error messages: Unable to create request with auth. No auth credentials for realm(s) 'sip.twilio.com' in challenge.

Have done modifications in extensions and pjsip config file but the changes not working.

[InnovateAsterisk]

This is great question, and would also like to hear what other ISP's people are having success with.

So with Twilio, there are quite a few things you have to do inside the control panel. I have never setup a Twilio trunk before, so I thought I would try it out... I will probably do a Video on this some time soon, but here are the basics.

Open a Twilio account, and then read this document carefully: https://twilio-cms-prod.s3.amazonaws.com/documents/TwilioElasticSIPTrunking-AsteriskPBX-Configuration-Guide-Version2-1-FINAL-09012018.pdf

Another good one is: https://twilio-cms-prod.s3.amazonaws.com/documents/AsteriskTwilioSIPTrunkingv2_1.pdf

Twilio is hosted on AWS also, so they are aware of the NAT issues you have to overcome, but follow the guides, it does work with a PBX on AWS. If your PBX is internal at your office, then you must (have and) know your live IP address

I'm not sure where you got "sip.twilio.com", because I all the documents i read referred to a *.pstn.twilio.com url that you make up when you create the account. It's probably just a CNAME, but this makes a huge difference to SIP.

Another thing I noticed was that Twilio say you can use either/or authentication schemes, but this didn't seem to be the case, when I configured my SIP Trunk, it required that I specify an IP (source ip of my server) and a username and password credentials.

Then the last little trick, make sure you only offer ULAW codec, otherwise they reject you SDP - strange but true. (And also my test trunk call was over UDP)

[InnovateAsterisk]

This was added to the pjsip.conf file:

Note: Its only the very basics, their documentation suggests providing many more settings.

; ===============
; Twilio Trunking
; ===============

[twilio-transport]
type = transport
protocol = udp
bind = 0.0.0.0:5060
external_media_address = (my.live.ip.address)
external_signaling_address = (my.live.ip.address)
allow_reload = no
tos = cs3
cos = 3
local_net = (my.local.ip.address)/24

[twilio-acl]
type = acl
permit = 0.0.0.0/0.0.0.0

[twilio-trunk]
type = endpoint
aors = twilio-aor
outbound_auth = twilio-auth
allow = !all,ulaw
context = from-Twilio

[twilio-aor]
type = aor
contact = sip:(the url you made up goes here).pstn.twilio.com
qualify_frequency = 60

[twilio-auth]
type = auth
auth_type = userpass
username = (the username you made up goes here)
password = (the password you made up goes here)

[twilio-identify]
type = identify
endpoint = twilio-trunk
match = (the url you made up goes here).pstn.twilio.com

[InnovateAsterisk]

[from-extensions]
; Feature Codes:
exten => *65,1,Gosub(moh,s,1)
; Extensions
exten => 100,1,Gosub(dial-extension,s,1,(yAS43lAg8L))
exten => 200,1,Gosub(dial-extension,s,1,(drdZc30SSe))
exten => 300,1,Gosub(dial-extension,s,1,(User3))
exten => 800,1,Gosub(dial-extension,s,1,(TTbXG7XMOC))
; Anything else, Trunk Out
exten => _[+*0-9].,1,NoOp(You called: ${EXTEN}, so we need to trunk it out)
exten => _[+*0-9].,n,Set(CALLERID(all)="+1xxxxxxxxxx" <+1xxxxxxxxxx>) ; they provide you with a number, you have to use this here
exten => _[+*0-9].,n,Dial(PJSIP/${EXTEN}@twilio-trunk,30)
exten => _[+*0-9].,n,Hangup()

[from-Twilio]
exten => _[+*0-9].,1,NoOp(HELLO!)
exten => _[+*0-9].,n,Gosub(moh,s,1)

[rahulkathet]

Hey Hi,

Thank you for explaining in detail was able to connect now. I actually did this by changing overall pjconfig of your with my version, it was also work.

But in both the example audio doesnt work if it is related to codec or but I am getting Error sending STUN request: Operation not permitted

any idea what should be the case??

[InnovateAsterisk]

I'm not sure STUN needs to get involved here at the trunking level, you should have hard code paths to each. In other words your Asterisk Box, will absolutely know the address to Twilio, and Twilio will absolutely know the live IP of your Asterisk Box, so there is no "discovery" required.

I would make sure your Asterisk box stays in the media path, make sure direct_media is off. (In other words don't ask asterisk to move out of the media path (web browser to Twilio directly)... this path may not be possible.

In my test I used https://www.innovateasterisk.com/phone/ to establish a connection to a test Asterisk box I have hosted at AWS, so the SIP signal AND media would have gone; [My PC]. <= Web Socket & DTLS => [AWS hosted PBX] <= UDP & RTP => [Twilio]

[InnovateAsterisk]

Are you using IP6 ?

[rahulkathet]

Are you using IP6 ?

You mean my wifi network?

[InnovateAsterisk]

On your Asterisk Box, I saw this:

https://community.asterisk.org/t/stun-error-no-audio-on-both-side/74169

[rahulkathet]

On your Asterisk Box, I saw this:

https://community.asterisk.org/t/stun-error-no-audio-on-both-side/74169

Give me few min, i'll update you.

[rahulkathet]

Are you using IP6 ?

IPv4

[InnovateAsterisk]

Whats in your rtp.conf ?

Should be something like:

rtpstart=5000
rtpend=31000
rtcpinterval = 5000
stunaddr=stun.l.google.com:19302

[rahulkathet]

Whats in your rtp.conf ?

Should be something like:

rtpstart=5000
rtpend=31000
rtcpinterval = 5000
stunaddr=stun.l.google.com:19302

This is how it look

[general]
rtpstart=5000
rtpend=31000
rtcpinterval = 5000
strictrtp=no
icesupport=yes
stunaddr=stun.l.google.com:19302

[rahulkathet]

The audio issue I think it is from the WebRTC, because when I configured extension on Telephone App on mac and tried to call it from there it worked.

There is one option saying "Update IP address" by enabling this option may solve audio problems.

Do you think we could do something on this?

[InnovateAsterisk]

Well, if STUN fails, you will most certainly have audio issues - but then extension to extension call will probably also have issues. Do you also have a STUN error when you dial into music on hold, or an echo test?

There is one option saying "Update IP address" by enabling this option may solve audio problems.

I'm not sure where this option is?

[rahulkathet]

Well, if STUN fails, you will most certainly have audio issues - but then extension to extension call will probably also have issues. Do you also have a STUN error when you dial into music on hold, or an echo test?

There is one option saying "Update IP address" by enabling this option may solve audio problems.

I'm not sure where this option is?

Yes there is an STUN error icess0x557535cf41c8 ...Error sending STUN request: Operation not permitted

No music on hold, or an echo test

[InnovateAsterisk]

Well, your error is not with Twilio then, its only with WebRTC calling... and specifically with STUN, and since normal desktop extensions (non-webrtc) don't use STUN it seems only to be failing on the WebRTC calls.

Ok, well, you need to figure out whats happening with STUN, because your first post says:

This works perfectly for within extensions but when I try to add twilio for outbound calls I am getting error...

So whats changed since then

[rahulkathet]

Well, your error is not with Twilio then, its only with WebRTC calling... and specifically with STUN, and since normal desktop extensions (non-webrtc) don't use STUN it seems only to be failing on the WebRTC calls.

Ok, well, you need to figure out whats happening with STUN, because your first post says:

This works perfectly for within extensions but when I try to add twilio for outbound calls I am getting error...

So whats changed since then

:) nothing changed after that only stun error, I am not sure whats happening.

[InnovateAsterisk]

The only reference to 'icess' I found in context to this was here:

https://github.com/DoubangoTelecom/sipml5/blob/master/asterisk/asterisk_373330.patch#L1112

And this appear to be a patch for chan_sip, done by DoubangoTelecom for sipml5.

[casualcodex]

No idea about twilio ,but regular pjsip in-out trunking(whether browser to pstn,voip or voip/browser to browser) to external servers works out of the box, as is. If you need anything specific to asterisk, let me know and I'll try to assist .