cmrabet Posted December 10, 2008 Report Share Posted December 10, 2008 Hi, Remote users throught sofphones can register into our PBXnSIP server, we also can dial each other, we can hear the ringing, however when we pick up the phones we can't hear each other. I found out that when the remote users logs into our VPN network (where the PBXnSIP server is), and they put in their SoftPhones "realm" parameter the privete PBXnSIP server IP, then WE CAN hear each other. However when they are not into the VPN they can just ring. So far our static public IP is routing the following ports to the private IP used by our PBXnSIP server: - SIP 5060 - SIP 5061 But I am pretty sure that these ports are not enough. Could you please let me know which ports should we open in our router and forward them to the PBXnSIP server in order to establish SIP remote calls? Thanks and regards, Quote Link to comment Share on other sites More sharing options...
pbx support Posted December 10, 2008 Report Share Posted December 10, 2008 Hi, Remote users throught sofphones can register into our PBXnSIP server, we also can dial each other, we can hear the ringing, however when we pick up the phones we can't hear each other. I found out that when the remote users logs into our VPN network (where the PBXnSIP server is), and they put in their SoftPhones "realm" parameter the privete PBXnSIP server IP, then WE CAN hear each other. However when they are not into the VPN they can just ring. So far our static public IP is routing the following ports to the private IP used by our PBXnSIP server: - SIP 5060 - SIP 5061 But I am pretty sure that these ports are not enough. Could you please let me know which ports should we open in our router and forward them to the PBXnSIP server in order to establish SIP remote calls? Thanks and regards, Please check out the RTP ports range under Admin->Settings->Ports page Quote Link to comment Share on other sites More sharing options...
cmrabet Posted December 11, 2008 Author Report Share Posted December 11, 2008 Please check out the RTP ports range under Admin->Settings->Ports page Well I checked these ports and they are from 49152 to 64512. Also I made sure that from our router these ports are being forwarded to the PBXnSIP computer, however when from outside sombody tries to check one of those ports it appears as closed. So I wanted to investigate a little bit more; I logged into the PBXnSIP server, I made a "netstat -a" command, and I noticed that none of those ports were under "LISTENING", but the SIP ports, the SMTP ports, etc... were, so I think the origin of this issue is not the router configuration, but the PBXnSIP setup up. Any ideas? Thanks. Quote Link to comment Share on other sites More sharing options...
shopcomputer Posted December 11, 2008 Report Share Posted December 11, 2008 Well I checked these ports and they are from 49152 to 64512. Also I made sure that from our router these ports are being forwarded to the PBXnSIP computer, however when from outside sombody tries to check one of those ports it appears as closed. So I wanted to investigate a little bit more; I logged into the PBXnSIP server, I made a "netstat -a" command, and I noticed that none of those ports were under "LISTENING", but the SIP ports, the SMTP ports, etc... were, so I think the origin of this issue is not the router configuration, but the PBXnSIP setup up. Any ideas? Thanks. These ports are UDP, not TCP, so a telnet to these ports won't show. They must be forwarded to the pbxnsip server. Also you may want to get a SIP aware router. Quote Link to comment Share on other sites More sharing options...
cmrabet Posted December 11, 2008 Author Report Share Posted December 11, 2008 These ports are UDP, not TCP, so a telnet to these ports won't show. They must be forwarded to the pbxnsip server. Also you may want to get a SIP aware router. Well actually we are using DD-WRT in a Cisco router, so I think it is already prepared for that, in fact the SIP signaling ports are already working. Still no sound during the calls. Quote Link to comment Share on other sites More sharing options...
shopcomputer Posted December 11, 2008 Report Share Posted December 11, 2008 Well actually we are using DD-WRT in a Cisco router, so I think it is already prepared for that, in fact the SIP signaling ports are already working. Still no sound during the calls. What model router are you using? Did you forward the RTP UDP port to the pbxnsip? This is definetly I firewall/ router issue. YYou may also want to check http://wiki.pbxnsip.com/index.php/Office_w...ic_IP_addresses Quote Link to comment Share on other sites More sharing options...
cmrabet Posted December 11, 2008 Author Report Share Posted December 11, 2008 What model router are you using? Did you forward the RTP UDP port to the pbxnsip? This is definetly I firewall/ router issue. YYou may also want to check http://wiki.pbxnsip.com/index.php/Office_w...ic_IP_addresses From the PBXnSIP side (A computer based in Ubuntu Server 8.10 Intrepid) the IPTABLES is not blocking any port. Form the router side I am already forwarding ports 49152-64512 to the IP where the PBXnSIP computer is, in fact I am doing the same with ports 5060 and 5061 in the same way and they are working. My Router model is WRT-54G (Linux version, 4.0). Regards, Quote Link to comment Share on other sites More sharing options...
shopcomputer Posted December 11, 2008 Report Share Posted December 11, 2008 From the PBXnSIP side (A computer based in Ubuntu Server 8.10 Intrepid) the IPTABLES is not blocking any port. Form the router side I am already forwarding ports 49152-64512 to the IP where the PBXnSIP computer is, in fact I am doing the same with ports 5060 and 5061 in the same way and they are working. My Router model is WRT-54G (Linux version, 4.0). Regards, The ports you are forwarding TCP or UDP or both? Quote Link to comment Share on other sites More sharing options...
cmrabet Posted December 11, 2008 Author Report Share Posted December 11, 2008 The ports you are forwarding TCP or UDP or both? For RTP both just in case. Quote Link to comment Share on other sites More sharing options...
cmrabet Posted December 11, 2008 Author Report Share Posted December 11, 2008 For RTP both just in case. I saw the link in the wiki and I am really afraid of changing the route tables, I really need help on this guys if it is the only way. On the other hand I can't do DMZ since the same computer where the PBXnSIP is there is our web site server (port 80 is forwarded from our public IP). We are 3 extensions with 3-4 calls per day so we just mounted both servers in a last generation computer. Quote Link to comment Share on other sites More sharing options...
cmrabet Posted December 11, 2008 Author Report Share Posted December 11, 2008 I saw the link in the wiki and I am really afraid of changing the route tables, I really need help on this guys if it is the only way. On the other hand I can't do DMZ since the same computer where the PBXnSIP is there is our web site server (port 80 is forwarded from our public IP). We are 3 extensions with 3-4 calls per day so we just mounted both servers in a last generation computer. This is my "route" command result from the PBXnSIP server console: Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 default Linksys 0.0.0.0 UG 100 0 0 eth0 However I don't understand why should I delete the "default" route entry and what should I add instead. Thanks. Quote Link to comment Share on other sites More sharing options...
shopcomputer Posted December 11, 2008 Report Share Posted December 11, 2008 This is my "route" command result from the PBXnSIP server console: Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 default Linksys 0.0.0.0 UG 100 0 0 eth0 However I don't understand why should I delete the "default" route entry and what should I add instead. Thanks. You should not need to play with your route. You may want to check your softphone to see if it is using any special ports. I have it working through many routers including some linksys, though I never tried the linux version. Attached please find a sample port forward from a router. Quote Link to comment Share on other sites More sharing options...
cmrabet Posted December 11, 2008 Author Report Share Posted December 11, 2008 You should not need to play with your route. You may want to check your softphone to see if it is using any special ports.I have it working through many routers including some linksys, though I never tried the linux version. Attached please find a sample port forward from a router. The same as I already have, look at the picture attached; Quote Link to comment Share on other sites More sharing options...
shopcomputer Posted December 11, 2008 Report Share Posted December 11, 2008 The same as I already have, look at the picture attached; From your image, it appears thar you are also behind a second firewall or router, as it says your wan IP is 192.168.2.2, which is a private IP. Quote Link to comment Share on other sites More sharing options...
cmrabet Posted December 11, 2008 Author Report Share Posted December 11, 2008 From your image, it appears thar you are also behind a second firewall or router, as it says your wan IP is 192.168.2.2, which is a private IP. Yes, your are right; The router is actually behind the DSL modem which is acting just in bridge mode, so no firewall no routing operations. Our setup is as follows: DSL (internet)->DSL modem (actually DSL modem & Router in bridge mode) -> Router (The Lynksys router) PUBLIC IP -> 192.168.2.1 -> 198.168.1.1 Anyway, I am going to check the ADSL modem, but I didn't have to check anything while opening the 5060 ports and they work properly. Regards. Quote Link to comment Share on other sites More sharing options...
shopcomputer Posted December 12, 2008 Report Share Posted December 12, 2008 Yes, your are right; The router is actually behind the DSL modem which is acting just in bridge mode, so no firewall no routing operations. Our setup is as follows: DSL (internet)->DSL modem (actually DSL modem & Router in bridge mode) -> Router (The Lynksys router) PUBLIC IP -> 192.168.2.1 -> 198.168.1.1 Anyway, I am going to check the ADSL modem, but I didn't have to check anything while opening the 5060 ports and they work properly. Regards. Bridge mode should not assign the 2.1 address to your router, your router should be assigned the public IP, staticly, DHCP or PPPOE. double NAT with SIP which is not NAT friendly, is a NO NO. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.