RobertoAchab Posted January 25, 2009 Report Share Posted January 25, 2009 Hello, I've read this article http://wiki.pbxnsip.com/index.php/Office_w...ic_IP_addresses, but I'm trying since this morning and I'm not reached any goal. Pheraphs what I want to do is not possible, but I'd like to be supported by someone else having the same problems. I have a pbxnsip installed on a new machine in the office of a costumer, it's behind a NAT firewall (a WatchGuard, unfortunately I can't put my hands on it) that's forwarding all ports to it. Infact I can connect in remote terminal to the XP machine, in HTTP to the PBX and so on. They want to connect some shops via a VPN, and they work, then some agents that have offices connected via simple ADSLs with NATting routers. They can't do it, the phone they are using are old and can't connect in TCP, so I tried from my home From home I can connect using a public IP from my PC and Eye-beam, so I'm on the Internet and I can phone. The other option from my home is to use NAT myself and a SNOM320 Phone, in this second situation (but it's the same the costumer have) I can register, but I can't hear any sound. The configuration of the modem at home is also in port-forwarding, infact I can connect to the web-page of the SNOM from external. In the end the configuration is: My cell-Phone<->PSTNGW192.168.0.21<->PBXnSIP192.168.0.127<->192.168.0.13WatchGuard203.xxx.xxx.xxx<->213.xxx.xxx.xxxHome(alcatelST)10.0.0.138<->10.0.0.135SNOM I set the IP replacement list "192.168.0.127/203.xxx.xxx.xxx" so the pbx should announce itself with the public ip, I've tried to use the phone with and without STUN, in UDP, TCP and TLS(in TLS doesn't even register), making all the mixed trials I could think of. The result is always the same, I can place a phone call, but i can't hear anything. It happens in both directions. Running WireShark I can see a strange behaviour, even setting TCP and registering in TCP (rebooting the phone, to be sure to really re-register) the voice-traffic seems to be in UDP, I thought it tunnel the RTP in TCP also, not only SIP. The DST and SRC in data packet are the public ips, as i think it's correct, I can't think about why it's not working. I assume this is solved using phones with integrated VPN clients, but the costumer already has a lot of not-so-sophisticated Siemens C450, so I must be sure before asking him to change the phones... Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted January 26, 2009 Report Share Posted January 26, 2009 Generally speaking, if you want to use the PBX service, the PBX must have a routable IP address. Behind a firewall which does NAT that is not so easy. Actually, it is the intention of the firewall to make it as hard as possible. Even if you get it working, it will likely be instable. Not being able to change the firewall does not make the job easier. And one thing is also guaranteed: It will be a lot of work, setting it up and keeping it running. Bottom line: Try to make your life easier and change the setup. Ideally just get a public IP directly to the PBX and then it will be a easy setup. Quote Link to comment Share on other sites More sharing options...
RobertoAchab Posted January 27, 2009 Author Report Share Posted January 27, 2009 Generally speaking, if you want to use the PBX service, the PBX must have a routable IP address. Behind a firewall which does NAT that is not so easy. Actually, it is the intention of the firewall to make it as hard as possible. Even if you get it working, it will likely be instable. Not being able to change the firewall does not make the job easier. And one thing is also guaranteed: It will be a lot of work, setting it up and keeping it running. Bottom line: Try to make your life easier and change the setup. Ideally just get a public IP directly to the PBX and then it will be a easy setup. Yes, I must face it, unfortunately they don't have a transparent FW, so to have a routable IP I must put the PBX outside the network. Anyway, I will do it. About the more "theorical" questions, I'm curious about the reason why I see UDP packets during conversations when pbxnsip is configured for TCP, I thought it used RTP over TCP... Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted January 27, 2009 Report Share Posted January 27, 2009 About the more "theorical" questions, I'm curious about the reason why I see UDP packets during conversations when pbxnsip is configured for TCP, I thought it used RTP over TCP... Nonono. Audio is always sent over UDP. TCP has huge delay if a packet gets lost. Instead of repeating a lost packet (and letting all other packets wait) you better just play back a little click and then the audio will go on. Quote Link to comment Share on other sites More sharing options...
RobertoAchab Posted January 29, 2009 Author Report Share Posted January 29, 2009 Just in case someone searches for a "workaround"... I tried the same thing at the office, I didn't want to put a second NIC of the server, 'cause usually the NIc registters on the DNS and the users trying to connect to it sometime receive a wrong IP (the public one, not reachable by clients)... So I decided to use our SIP-Gateway, that also does NAT, but a full-cone NAT, the only one VoIP can survive, I put it in the WAN (Well, actually behind a transparent-mode firewall...) and NATted the private ip of the pbxnsip, now I can phone well... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.