No audio/video when calling from WAN


I am trying to setup a VitXi webrtc server to work through the internet, I have a valid Let’s Encrypt certificate, a domain name redirecting to my server and I opened ports 80, 443, 8088, 8089 and 5060 on my firewall.

I can easily connect to webrtc from WAN and LAN and place calls but when I am calling from WAN audio and video stream doesn’t work.

I use opus, alaw, ulaw, vp8 and vp9 for my extensions and I am also advertising my server using ICE.

Using sngrep to trace calls I can see that one of my hosts is using random ports every session when placing calls, for example 9772, 5103 or 11236 and I don’t want to open such a large port range. Can this have something to do with my issue or am I missing something else ?

Thanks for your help.

1 Like

Add the public ip in the advertised address on RTP this will allow the media to nogtiate behind NAT


Setting → RTP Settings → ICE Hosts
and add the public ip and private ip

1 Like

Thanks for the reply.

I did, following the documentations and tutorials I found online, but it didn’t fix my issue, I also tried ticking “Include local address” but I didn’t notice it changing anything.

Have you also opened the RTP ports? 10000-20000 (Unless you changed it)

Have you also configured your WAN address under the PJSIP settings?


Thanks for your help.

I opened port range 10000-20000 and configured NAT in PJSIP but I still get the same result.

I am using my public adress for both external media and external signal adresses in PJSIP Nat settings.

It might not be related but I cannot see my calls and registrations go through sngrep anymore

VitXi calls are encrypted SIP sessions, sngrep cannot decrypt these sessions by default.

You may need to reload the transports as it is the first time setting this up. So try rebooting the PBX.

1 Like

Thanks about sngrep I wasn’t aware.

I rebooted my pbx and still get the same result, I’ll check my firewall if I see anything I could have missed

If you can, please share a call trace with PJSIP debugging enabled.

asterisk -rvvvv
pjsip set logger on

But make sure that it contains only one call and share the trace via

Also, please describe your network setup.

1 Like

I have my VitalPBX setup behind an OPNSense firewall directly exposed to the internet.
I am allowing and redirecting ports 80, 443, 5060, 8088, 8089, 10000-20000 to my VitalPBX.
I have a PC connected via LAN and a smartphone out of my local network placing calls using 4G to test my setup.

Here is my call trace

I censored the public IPs just in case.

Thanks for your support.

1 Like

I am a bit confused. Please name each of these IPs

Also, unless there is a reason to, please disable IPv6.

Also, this is a partial trace.

Please do one more, call from VitXi *72 (echo test)

1 Like is the LAN IP of my PBX
The three others are preconfigured for other interfaces as I used a disk image to build my server.

I desabled IPv6 and called *72. I hope I managed to get you a full trace this time.

IPs are censored like in my previous trace.

Have you configured a default route/interface?

This is super confusing. It looks like it tries tp negotiate audio now on, but then uses

Additionally, the from, to and contact cannot be DOMAIN_NAME. Please use different references. eg 123.456.789.0=DOMAIN1, 123.456.789.1=DOMAIN2

Finally, what is

Yes I configured the interface using as my default route.
As for the DOMAIN_NAME nameholder, I just replaced the strings using VSCode I can guarantee they were the exact same string before being replaced.
I didn’t see the IP at first place, after some research it seems to be a bogon address.

Could you please share a screenshot of your Default Webrtc Profile settings? (Settings/Technology Settings/Device Profiles)

Here’s my default webRTC profile config,

I didn’t add any parameter in the advanced settings.

1 Like

Can you please also share a screenshot from the PJSIP settings as well as the RTP settings?

Also, is VitXi on the same network as the PBX?

1 Like

Sorry for the late reply,

Yes my VitXi is on the same machine as my PBX.

Here are the screenshots you asked for,

My PJSIP Settings

And my RTP Settings

I just noticed while taking the screenshot that the certificate for my PJSIP Settings was left blank so I put my Let’s Encrypt certificate but I didn’t notice any change.

Did you find the solution? I’m in the same shoes now.

1 Like