Jump to content
Vodia PBX forum
HerBiVoRe

Register and calls works with UDP, not TCP

Recommended Posts

Hello,

We have a concern with a client. We do not manage his internet connection and can not act on it. All ports are open to the PBX from LAN.

The problem:

If we keep the defaults settings, the phone does not register. It is impossible to emit and receive any calls. If we change the parameter "Outbound Proxy" directly on the phone's web interface, and switch from "transport=tcp" to "transport=udp", everything works perfectly ... until the next reboot of the phone.

Do you have an idea to fix this parameter UDP instead of TCP? I can not find the option on the pbx and change the outbound proxy each electrical outage or when phones reboot is not acceptable for us ...

In advance thank you, and have a good day!

 

PS : PBX and phones are up to date ;)

Share this post


Link to post
Share on other sites

Hi again !

 

The log from one of the phones :

15/9/2014 15:40:16 [NOTICE] PHN: SIP: Add dirty host: tcp:X.X.X.X:5060 (0 sec)15/9/2014 15:40:16 [NOTICE] PHN: SIP: final transport error: 1000007 -> tcp:X.X.X.X:506015/9/2014 15:40:16 [ERROR ] PHN: SIP: transport error 1000007: generating fake 59815/9/2014 15:40:45 [ERROR ] PHN: SIP: transaction timeout tcp/tls: 100001015/9/2014 15:40:45 [ERROR ] PHN: SIP: final transaction timeout 1000010 (tcp:X.X.X.X:50603e000000cd2d-cum748lmobbg)

I confirm, all ports (UDP and TCP) to the PBX are open.

Share this post


Link to post
Share on other sites

This is a common problem with the firewall. Check if the customer's firewall has anything with "SIP" and/or "ALG" (application layer gateway). It probably detects the SIP traffic and applies a security policy to it, in other words, blocks it.

 

One common solution to this problem is to use TLS and encrypt the SIP traffic. This way, the firewall only sees binary spaghetti and does not mess with the SIP traffic.

 

In the 5.2.3 version we have introduced a new parameter for the provisioning of the domain, in the general settings at the bottom. There you can tell the PBX for what IP address (the customers public IP address) with what netmask (32 if this is only one IP address) the PBX should provision the outbound proxy (the PBX public IP address) and what port (5060 typically) and what transport protocol. For the transport protocol you can try udp. Then restart the phones, let them download their PnP configuration and check if this solved the problem.

Share this post


Link to post
Share on other sites

Hey,

 

Thank's for the answer !

 

I suspected for some time the firewall, but could not put the finger on it. So, I looked a little better and that's it! A option in the mikrotik WAS activated ...

Thank's again, it's all good now!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×