Jigasi can dial out but not receive sip call

Hoping someone can help. I’ve spun up Jitsi on AWS and loving it. Added Jigasi and registered it to a SIP provider (actually tried a couple). Symptom is always the same…outgoing calls from Jitsi work great on Opus. Incoming calls connect fine to room siptest but without audio. My SIP device is sending RTP Opus (I see it in a packet capture) but I’m not getting any RTP from Jigasi.
I have UDP 10000-20000 open in my AWS security settings. I looked over the forum and there’s lots of similar issues with resolutions that don’t work for me. Particularly I tried:

adding
net.java.sip.communicator.impl.protocol.sip .SKIP_REINVITE_ON_FOCUS_CHANGE_PROP=true
to the jigasi config
jigasi log is at Dropbox - jigasi.log - Simplify your life. Any help out there?

Does onsip support latching? Will start sending media to the address and port from where media is received.

I believe it does, but I also don’t think this is a NAT issue. My SIP device is on a static, public IP and the AWS instance uses 1:1 NAT.

Aws machines are behind nat.

But if I read correctly the FAQ they do have latching NAT and Firewall Traversal Recommendation – OnSIP Support

Are you running jigasi on the same machine as jvb?

A useful thing to debug this: jigasi/sip-communicator.properties at b7423fad61beccab18728e05358b4e7a69702eff · jitsi/jigasi · GitHub
Then there will be pcap files in /var/log/jitsi and this will include sip and xmpp signaling and see where jigasi communicates with sip server in the sip signalling, and with jvb in the xmpp jingle messages and see whether the link between jigasi and jvb is established …

incoming calls you do not hear any media or just one of the directions?

damencho
Yes, jvb and jigasi are on the same machine. Thanks for the tip on packet logging, I’ll try that this week.
Can you explain more about latching? Is latching a good thing to be using with Jigasi, or might it be part of the problem?
Finally, this could be made easier if I could call directly into the Jigasi server (unregistered). My system can dial via IP address (e.g. user@74.94.151.151). Is this possible with Jigasi?

Latching is on the sip side, and it will not start sending media till the user which in this case is jigasi start sending media and when it receives it it will send media to the ip and port it received it, this way client open hole in nat/firewall/router and server use that to send back.
This is very common mechanism for dealing with nats.

For direct dialing … There was a property to disable as for security reasons only sip from the registered endpoint is processed.

Got it. Packet captures shows Jigasi registering and sending “OPTIONS” to the server every 25 seconds as a keep alive. The invite arrives, Jigasi sends an ACK and a “RINGING” message followed by OK.
From that point on there is no indication of anything being sent or received except for the occasional “OPTIONS” keepalive from jigasi.
I assume since Jigasi sends no RTP, the latching of Onsip sends nothing as well.
What could prevent Jigasi from initiating an RTP stream at this point? Note the connection appears in the siptest room as expected with no audio either way.

Normally jigasi sends at least 3 hole punch packets to open the nats, in case participants in the meeting are muted and no audio reaches jigasi from jvb. Are your in meeting participants from the web audio muted?
It should work if even muted … But if it works with unmuted and not otherwise means those hole punches do not reach sip side …

I have 3 tabs open and audio is unmuted during attempt to dial in. Trying to make sense of the capture.
I see some UDP packets being sent, but they are just looping from port 10000 to 10001 on my server

If you are looking at jigasi’s pcap, not all rtp traffic is logger, just a few packets on every few seconds, I forgot the details.
Packets sent to port 10000 are to jvb.
Port 10001 sounds interesting …

Well I’ve spent too may hours on this so I’m shelving it. I do believe we’re in NAT territory on the AWS side and it’s a pity there’s so little support for that. It seems there’s a lot of frustration on this board with one-way or no-way audio on Jigasi. If I could humbly suggest improvements to Jigasi, I think STUN or some other NAT support would be a big plus.

I think Jitsi is an amazing product otherwise!

There are no plan for this and the sip stack in jigasi had been used for many years with all sorts of sip providers and as part of Jitsi Desktop.
Sometimes installing Jitsi Desktop and make it work with your provider also helps find the correct settings.
We are using jigasi on aws for production with no problem. You may try another provider, for example there is a good tutorial how we use it with voximplant Guide for setting up Jigasi with Voximplant