Setting my ISP's modem to let me call via my landline when I'm not home, using its internal hidden SIP server
My ISP offers to his VDSL users the ability to use any smartphone as a cordless home phone, using an official app.
They provide no documentation or source code, but someone managed to de-obfuscate the app and found out that it works thanks to a SIP server that runs on the modem/router the ISP lends to their customers. There is no way to configure it, it's completely hidden to the average user.
This guy also found the way the app obtains the credentials needed for the login, thus enabling any device with a SIP client installed on it to connect to the router and receive and make calls on the land line.
The address the app uses for the login is a string (modemtelecom.homenet.telecomitalia.it
) that is resolved to the router's LAN address (by default 192.168.1.1
). If I try to login to [email protected]
it works fine; anyway, if I attempt to log in to the server, using as host address my external IP address, it fails.
I tried to set the router to forward traffic incoming from the WAN on the SIP port to its own address, but it refuses to do so (I don't know if this may be a restriction from the ISP or something one just can't do).
Do you think there may be a way to trick my router into letting me login to the SIP server while I'm outside my home LAN?
As MariusMatutiae suggested me, I set up a OpenVPN server on a PC connected to my LAN; I then proceeded to masquerade the traffic from OpenVPN, and successfully connected my Android smartphone to the VPN and the SIP server inside my LAN. So far though it seems like I can only send audio, without being able to receive anything.
Anyways, this looks like the right track: to try to get help with the issues I encountered, I asked another question here.
If I try to login to [email protected] it works fine; anyway, if I attempt to log in to the server, using as host address my external IP address, it fails.
Of course it fails: if it didn't, I (and many, many other people ;-) ) would be making calls thru your SIP server, at your expense.
The way to make it work is to make sure your phone, when outside your home, has an IP address within your LAN. This can be achieved if you set up a routed OpenVPN server on a Linux box at home (it can be done with a Raspberry pi 3, a small pc which costs little more than 40 euros).
There is an OpenVPN app for Android and iOS (and perhaps some other OS but I am not sure, you will have to check), which allows phones to use routed OpenVPNs (not bridged OpenVPNs, careful). The only missing ingredient is the use of a MASQUERADE rule on the Linux box,
sudo iptables -t nat -A POSTROUTING -o eth0 ! -d 10.0.0.0/24 -j MASQUERADE
(if you are using the subnet 10.0.0.0/24 for your OpenVPN clients, otherwise change accordingly). At this point, all traffic from your phone directed to your LAN, including the SIP server, will appear as coming from the Linux box, which does have an IP address in your LAN, and thus your phone will be able to access your SIP server.
This will work, but possibly in a sub-ideal way. If sound quality is not ideal, if there is stuttering or intermittent connections, you will have to learn how to prioritize VoIP traffic on your LAN. But since this already is setup thru your ISP modem, my bet is it will work out of the box.
It is a tad complex, but lots of fun. All steps are well documented on a gazillion sites, just use your Google.
EDIT
Your routing table should look like this:
default via 192.168.1.254 dev eth0
10.8.73.128/26 via 10.8.73.130 dev tun0
10.8.73.130 dev tun0 proto kernel scope link src 10.8.73.129
192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.128
192.168.73.0/24 dev brlan proto kernel scope link src 192.168.73.1
My Debian router has two interfaces, eth0 is the WAN and brlan is the LAN. 192.168.73.0/24 is the LAN, 192.168.1.0/254 in the WAN-side connection to my modem, 10.8.73.128/26 is the OpenVPN net, and what you are missing is the important statement
10.8.73.130 dev tun0 proto kernel scope link src 10.8.73.129
which defines the tunnel.