HOW TO SETUP WEBRTC ON VICIBOX 8.0 - 100 % WORKING

Support forum for the ViciBox ISO Server Install and ISO LiveCD Demo

Moderators: enjay, williamconley, Staydog, mflorell, MJCoate, mcargile, Kumba

HOW TO SETUP WEBRTC ON VICIBOX 8.0 - 100 % WORKING

Postby dito » Fri Feb 16, 2018 12:48 pm

WEBRTC INEGRATION ON VICIBOX 8

1 – setup ssl for web
2 – setup ssl for asterisk
3 – setup vicidial
4 – Use of PBXWebPhone as webrtc phone


Work done on a VPS 4 cores 16 Gb Ram 80 Gb HDD, Vicidiabox 8 with asterisk 13
Needed to set up separated cert for asterisk in addition to the web cert setup it worked after ..
I did those steps in a drafty mode it worked I hope I will optimize it and may be not a day a kind of script to do all those steps …
Don’t forget to replace yourdomain.com with your domain
Don’t forget the domain not the ip …


1 – setup ssl for web (@kumba how to )
First you need to modify the file /etc/certbot/cli.ini. Here's what you need to modify or verify:
1) Uncomment and make sure the 'email =' section is set to your valid email. This is what ties the SSL certificates to you for management.
2) Uncomment and put the Fully Qualified Domain Name (FQDN) into the 'domains =' section.
3) Uncomment the line 'agree-tos = True'
4) Uncomment the line 'renew-by-default = True'
5) Uncomment the 'authenticator =' line and change it from standalone to webroot, I.E. 'authenticator = webroot'
6) Uncomment the 'webroot-path =a /srv/www/htdocs' line
7) Comment out the staging 'server =' line and uncomment the production 'server =' line.

After this, you need to make sure you can successfully generate an SSL certificate before continuing to modify Apache configs. If you modify Apache and cannot get an SSL cert issued then Apache will error and refuse to start. You can run certbot by running 'certbot certonly --webroot'. In the output it should say that the SSL was successfully issued. Only once you have successfully gotten an SSL cert issued should you continue with the next set of instructions.


Once you have the SSL cert issued, you need to modify the file /etc/apache2/vhosts.d/1111-default-ssl.conf to reflect where the new SSL certs will be. Replace <FQDN> with the actual fully qualified domain name, I.E. http://www.vicibox.com, etc:
1) Change the SSLCertificateFile line to read: SSLCertificateFile /etc/certbot/live/<FQDN>/cert.pem
2) Uncomment and change the SSLCertificateChainFile line to read: SSLCertificateChainFile /etc/certbot/live/<FQDN>/fullchain.pem
3) Change the SSLCertificateKeyFile line to read: SSLCertificateKeyFile /etc/certbot/live/<FQDN>/privkey.pem
4) service apache2 restart

After that, you should be able to go to https://<FQDN> and successfully reach your ViciDial server.

2 - setup ssl for asterisk :
First check if this line is correct in asterisk.conf : astkeydir => /usr/share/asterisk
And if a folder named key is in
Then get the script from the asterisk repo :
https://github.com/asterisk/asterisk/bl ... t_tls_cert
execute it
./ast_tls_cert -C pbx.example.com -O "My Super Company" -d /usr/share/asterisk/keys
You can then check your /usr/share/asterisk/keys directory to verify the new files were created, as such:
# ls -w 1 /usr/share/asterisk/keys

And you should see:
asterisk.crt
asterisk.csr
asterisk.key
asterisk.pem
ca.cfg
ca.crt
ca.key
tmp.cfg

now go to httpd.conf
Code: Select all
 [general]
enabled=yes
bindaddr=0.0.0.0
bindport=8088
enablestatic=yes
tlsenable=yes         
tlsbindaddr=YOURIP:8089
tlscertfile=/etc/certbot/live/yourdomain.com/cert.pem
tlsprivatekey=/etc/certbot/live/yourdomain.com/privkey.pem 


edit/add those lines to sip.conf :

Code: Select all
[general]
transport=udp,ws,wss
avpf=yes
srvlookup=yes
udpbindaddr=0.0.0.0:5060
context=trunkinbound 
allowguest=no     
allowoverlap=no
realm=YOURDOMAIN.com
bindport=5060
bindaddr=0.0.0.0
srvlookup=yes                 
disallow=all               
allow=ulaw                 
allow=alaw
mohinterpret=default
mohsuggest=default
language=en       


3 – setup vicidial

Go to admin – servers edit server then:
Add to the web socket line:
Code: Select all
wss://yourdomaine.com:8089/ws

Then go to admin templates add a new template call it WebRTC Phone then add :

Code: Select all
type=friend
host=dynamic
trustrpid=yes
sendrpid=no
qualify=yes
qualifyfreq=600
transport=ws,wss,udp
encryption=yes
avpf=yes
icesupport=yes
rtcp_mux=yes
directmedia=no
disallow=all
allow=ulaw,opus,vp8,h264
nat=yes
directmedia=no
dtlsenable=yes
dtlsverify=no
dtlscertfile=/etc/certbot/live/yourdomain.com/cert.pem
dtlsprivatekey=/etc/certbot/live/yourdomain.com/privkey.pem
dtlssetup=actpass



go to admin – phone then create a phone using the webrtc template ,
then go to edit the phone setting go to the line set as webphone to Y

4 – Use of PBXWebPhone as webrtc phone

https://github.com/chornyitaras/PBXWebPhone
Git clone it into your web root folder /srv/www/htdocs/
Then in vicidial goto admin – system settings then to the line :
Default webphone set it to 1
Webphone url:
Code: Select all
PBXWebPhone/index.php


Open url log the agent with the created phone you should hear the sexy laday voice " you are the only one in the world" :p
Last edited by dito on Sat Feb 17, 2018 12:19 pm, edited 4 times in total.
VoIP TUNISIE
support@crm.tn - https://crm.tn
dito
 
Posts: 49
Joined: Wed Nov 11, 2015 9:29 pm

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby williamconley » Fri Feb 16, 2018 12:50 pm

Now that's a cool post. ;)
Vicidial Installation and Repair, plus Hosting and Colocation
SugarCRM integration - Customization and Add-ons - We Bring It All Together.
http://www.PoundTeam.com # 352-269-0000 # +44 (203) 769-2294 # +506 4001-8914
williamconley
 
Posts: 17433
Joined: Wed Oct 31, 2007 4:17 pm
Location: Davenport, FL (By Disney!)

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby dito » Fri Feb 16, 2018 12:59 pm

williamconley wrote:Now that's a cool post. ;)

thanks sir, i think the webrtc + asterisk 15 (the newest one with streaming feature into the confbridge)
could be the core of future release of vicidial team
i thank you all vicidial team, you helped a lot of people for years and years
i hope i will succeed to make an automate script for webrtc ..
VoIP TUNISIE
support@crm.tn - https://crm.tn
dito
 
Posts: 49
Joined: Wed Nov 11, 2015 9:29 pm

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby Kumba » Fri Feb 16, 2018 2:10 pm

You can also use the certbot SSL keys for Asterisk as long as the FQDN matches, or run certbot separately on all the dialer servers. This might be a better solution in case WebRTC ever complains about Asterisk using a self-signed SSL certificate.
Kumba
 
Posts: 721
Joined: Tue Oct 16, 2007 11:44 pm
Location: Florida

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby dito » Fri Feb 16, 2018 3:38 pm

Kumba wrote:You can also use the certbot SSL keys for Asterisk as long as the FQDN matches, or run certbot separately on all the dialer servers. This might be a better solution in case WebRTC ever complains about Asterisk using a self-signed SSL certificate.

Yes still not sandboxed a clustered vicidial... I will love to make it work with the asterisk 15 .. confbridge seems to be at it's top level..if it continues to rain this weekend. Will give a try.. thx for the help sir !
VoIP TUNISIE
support@crm.tn - https://crm.tn
dito
 
Posts: 49
Joined: Wed Nov 11, 2015 9:29 pm

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby dito » Fri Feb 16, 2018 3:44 pm

Spoiler from asterisk 15 release (i tested it on a routing environment 300 channels / 50 cps results very similiar to the asterisk 13 but feeling that he is much lighter in process ... in asterisk 15 webrtc config will be so much easier:
Streams
Streams, at their core are logical flows of media. They can be unidirectional or bidirectional and are comprised of media formats. The media formats also contain a type. To simplify things streams only carry a single type of media. Streams can also carry an identifier in the form of a name. For a simple voice call, the stream concept adds no additional value. For video, and specifically WebRTC, streams are essential for things like multi-party video conferencing where a single client may have 8 video streams coming in, 1 video stream going out and 1 bi-directional audio stream.

Prior to version 15, Asterisk had no explicit interface for streams and simply had a single pipe that frames are written to and read from. The negotiated formats are scoped to the entire channel as a result. Interfaces that needed to manipulate media had to inject themselves into this single pipe and had to take special care to not manipulate frames they do not need to. This same pipe also carries control frames and other signaling related operations. The result was a very loose stream implementation. For Asterisk 15, the stream concept has been codified with a new set of capabilities designed specifically for manipulating streams and stream topologies that can be used by any channel driver.

WebRTC
To simplify configuration for users a new option, webrtc, has been created which controls configuration options that are required for WebRTC. If the webrtc option is set to "yes" then all options required for WebRTC are enabled. This does still require that DTLS certificates be manually created and configured.

BUNDLE support has been added which improves call setup time. BUNDLE allows multiple streams (for example audio and video) to use the same underlying transport. Since in WebRTC a transport has to go through ICE negotiation and DTLS negotiation this reduces each of those to only happening once. If additional streams are added to a call this also removes the need to do ICE negotiation and DTLS negotiation allowing the media to flow immediately.
VoIP TUNISIE
support@crm.tn - https://crm.tn
dito
 
Posts: 49
Joined: Wed Nov 11, 2015 9:29 pm

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby proper » Wed Mar 07, 2018 3:40 am

Thank you for the detailed post Dito.

This setup works well for servers facing the internet but did not work with the server behind a network, with direct NAT.

Phone shows ready and gets the call but looks like RTP traffic is not received by the server, any specific configuration changes that would make it work?

Network config is very simple, external IP translated to local IP and any traffic from local IP outbound is routed as external IP, NAT setting is not even needed as all outbound traffic shows up with servers external IP.

If you have any ideas, will appreciate your input.
proper
 
Posts: 50
Joined: Sun Dec 06, 2015 7:25 pm

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby dito » Wed Mar 07, 2018 12:51 pm

proper wrote:Thank you for the detailed post Dito.

This setup works well for servers facing the internet but did not work with the server behind a network, with direct NAT.

Phone shows ready and gets the call but looks like RTP traffic is not received by the server, any specific configuration changes that would make it work?

Network config is very simple, external IP translated to local IP and any traffic from local IP outbound is routed as external IP, NAT setting is not even needed as all outbound traffic shows up with servers external IP.

If you have any ideas, will appreciate your input.


hi propoer,
did you follow all steps ?
webrtc over lan is quite easier !
using webrtc on a local asterisk-freepbx working without https over LAN...
VoIP TUNISIE
support@crm.tn - https://crm.tn
dito
 
Posts: 49
Joined: Wed Nov 11, 2015 9:29 pm

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby chornyi_taras » Wed Mar 07, 2018 2:52 pm

2 - setup ssl for asterisk :
First check if this line is correct in asterisk.conf : astkeydir => /usr/share/asterisk
And if a folder named key is in
Then get the script from the asterisk repo :
https://github.com/asterisk/asterisk/bl ... t_tls_cert
execute it
./ast_tls_cert -C pbx.example.com -O "My Super Company" -d /usr/share/asterisk/keys
You can then check your /usr/share/asterisk/keys directory to verify the new files were created, as such:
# ls -w 1 /usr/share/asterisk/keys

And you should see:
asterisk.crt
asterisk.csr
asterisk.key
asterisk.pem
ca.cfg
ca.crt
ca.key
tmp.cfg


I believe that this can be skipped. script from the asterisk repo will generate self signed cert which is not used. for wss concretion as well as for phone configuration letsencrypt cert is used
ViciBox: 7.0.3 | VERSION: 2.12-560aBUILD: 160617-1427 | Webphone: PBXWebPhone

Skype: tarasukcho
chornyi_taras
 
Posts: 83
Joined: Tue Jun 14, 2016 3:41 pm
Location: L'viv, Ukraine

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby proper » Wed Mar 07, 2018 9:34 pm

dito wrote:hi propoer,
did you follow all steps ?
webrtc over lan is quite easier !
using webrtc on a local asterisk-freepbx working without https over LAN...


My tests were from outside the network, and asterisk CLI reported lack of RTP activity. The phone registered fine though, just no voice data.

I set up multiple servers with webrtc phone and all of the were facing the internet but this one was behind lan and it is the only one I could not get to work. I checked and recheck all settings number of times. Just thought there maybe setting I am missing for being behind the router.
proper
 
Posts: 50
Joined: Sun Dec 06, 2015 7:25 pm

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby dito » Thu Mar 08, 2018 4:02 am

proper wrote:
dito wrote:hi propoer,
did you follow all steps ?
webrtc over lan is quite easier !
using webrtc on a local asterisk-freepbx working without https over LAN...


My tests were from outside the network, and asterisk CLI reported lack of RTP activity. The phone registered fine though, just no voice data.

I set up multiple servers with webrtc phone and all of the were facing the internet but this one was behind lan and it is the only one I could not get to work. I checked and recheck all settings number of times. Just thought there maybe setting I am missing for being behind the router.


did ou forwarded 20000 to 60000 udp on your router? rtp on webrct seems to use high port udp range
- shut down your firewall to have clear test.
- try to use same codec for exten as for carrier ex: ulaw
VoIP TUNISIE
support@crm.tn - https://crm.tn
dito
 
Posts: 49
Joined: Wed Nov 11, 2015 9:29 pm

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby proper » Thu Mar 15, 2018 4:00 pm

dito wrote:
proper wrote:
dito wrote:hi propoer,
did you follow all steps ?
webrtc over lan is quite easier !
using webrtc on a local asterisk-freepbx working without https over LAN...


My tests were from outside the network, and asterisk CLI reported lack of RTP activity. The phone registered fine though, just no voice data.

I set up multiple servers with webrtc phone and all of the were facing the internet but this one was behind lan and it is the only one I could not get to work. I checked and recheck all settings number of times. Just thought there maybe setting I am missing for being behind the router.


did ou forwarded 20000 to 60000 udp on your router? rtp on webrct seems to use high port udp range
- shut down your firewall to have clear test.
- try to use same codec for exten as for carrier ex: ulaw


All firewalls were shut down as part of testing, and ordinary sip phone worked without issues.
I am sure this has something to do with audio packets not getting to the server despite 1:1 NAT on the external firewall, this means any traffic to given IP is sent to the internal server IP.
I also made sure that any traffic leaving the server is tagged with its external IP

I will play with this soon to see what I can find.
proper
 
Posts: 50
Joined: Sun Dec 06, 2015 7:25 pm

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby vkad » Thu Apr 12, 2018 2:56 am

dito wrote:
proper wrote:
dito wrote:hi propoer,
did you follow all steps ?
webrtc over lan is quite easier !
using webrtc on a local asterisk-freepbx working without https over LAN...


My tests were from outside the network, and asterisk CLI reported lack of RTP activity. The phone registered fine though, just no voice data.

I set up multiple servers with webrtc phone and all of the were facing the internet but this one was behind lan and it is the only one I could not get to work. I checked and recheck all settings number of times. Just thought there maybe setting I am missing for being behind the router.


did ou forwarded 20000 to 60000 udp on your router? rtp on webrct seems to use high port udp range
- shut down your firewall to have clear test.
- try to use same codec for exten as for carrier ex: ulaw



Does your /etc/asterisk/sip.conf contains externip?

Does your /etc/asterisk/rtp.conf contain any ice servers or ice candidate mapping locaip => externip
Vicibox 8.0.1 (Asterisk 13.21.0-vici) + Remote WebRTC Agents
Version: 2.14b0.5 | SVN: 2990 | DB Version: 1548
1 x DB + Web + Dialer - E3 1270 v6 + 16gb ddr4 + 256gb SSD
2 x Additional Dialer - E3 1270 v6 + 8gb ddr4 + 256gb SSD
vkad
 
Posts: 180
Joined: Thu Nov 09, 2017 3:46 am

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby buns » Fri Apr 13, 2018 7:15 am

Hi all,

Great tutorial. Do not forget to compile asterisk with "./configure --with-pjproject-bundled" ; I experienced 488 not acceptable here without it.
My full ./configure options are : --libdir=/usr/lib --with-gsm=internal --enable-opus --enable-srtp --with-ogg=/usr/lib64/ --with-ssl --enable-asteriskssl --with-pjproject-bundled

Sugestions are welcome !

Cheers
Vicidial Consultant in France and Indian Ocean. http://vicidial.fr
buns
 
Posts: 12
Joined: Thu Nov 23, 2017 1:59 am

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby rrb555 » Mon Apr 23, 2018 8:53 pm

Does your /etc/asterisk/sip.conf contains externip?

Does your /etc/asterisk/rtp.conf contain any ice servers or ice candidate mapping locaip => externip


My installation doesn't have any externip. Which is very good unlike before

rtp.cofnf question > i didn't bother to configure this one. and my webrtc is working just fine. Already upgraded an old vicibox 6 installation to v 8 because of this. What I want to test next is the Viciphone which I think is great.
One server that I am managing | Single Server | ViciBox Redux 6.0 | VERSION: 2.12-549a | BUILD: 160404-0940 | revision 2508| No other hardware
For help you can send me a direct email info@support.com.ph
rrb555
 
Posts: 572
Joined: Tue Feb 08, 2011 4:24 pm
Location: Quezon City, Philippines

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby rrb555 » Mon Apr 23, 2018 8:54 pm

buns wrote:Hi all,

Great tutorial. Do not forget to compile asterisk with "./configure --with-pjproject-bundled" ; I experienced 488 not acceptable here without it.
My full ./configure options are : --libdir=/usr/lib --with-gsm=internal --enable-opus --enable-srtp --with-ogg=/usr/lib64/ --with-ssl --enable-asteriskssl --with-pjproject-bundled

Sugestions are welcome !

Cheers


I didn't get this error, already installed Viciboxv8 10 times
One server that I am managing | Single Server | ViciBox Redux 6.0 | VERSION: 2.12-549a | BUILD: 160404-0940 | revision 2508| No other hardware
For help you can send me a direct email info@support.com.ph
rrb555
 
Posts: 572
Joined: Tue Feb 08, 2011 4:24 pm
Location: Quezon City, Philippines

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby rheymzkilove » Wed Sep 05, 2018 1:42 am

Hellow,

i follow all the steps on how to but still im getting error .

An Error occured while connecting to the web socket :(
rheymzkilove
 
Posts: 33
Joined: Fri Oct 19, 2012 2:57 pm

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby chornyi_taras » Sat Sep 08, 2018 2:25 am

Make shure that port 8089 is open in firewall
ViciBox: 7.0.3 | VERSION: 2.12-560aBUILD: 160617-1427 | Webphone: PBXWebPhone

Skype: tarasukcho
chornyi_taras
 
Posts: 83
Joined: Tue Jun 14, 2016 3:41 pm
Location: L'viv, Ukraine

Re: HOW TO SETUP WEBRTC ON VICIBOX 8 - 100 % WORKING

Postby rheymzkilove » Sun Sep 09, 2018 8:13 pm

its all good now... thanks guys
rheymzkilove
 
Posts: 33
Joined: Fri Oct 19, 2012 2:57 pm


Return to ViciBox Server Install and Demo

Who is online

Users browsing this forum: No registered users and 12 guests