[Amportal-users] NAT Problems** :( :L) Pulling My hair out

Ok.

Here we go.

I have a Asterisk Server that is behind NAT.

Public Address – Private Address. All Ports Are OPEN on the Public IP that
is NAT to Private IP of Asterisk Server. here is my SIP.CONF

[general]
port = 5060 ; Port to bind to (SIP is 5060)
bindaddr = 0.0.0.0 ; Address to bind to (all addresses on machine)
bindaddr = 192.168.2.106 ;added by WK for NAT issues
localnet = 192.168.2.0/200 ;added by WK for NAT issues
externip=216.74.27.72 ;added by WK for NAT issues
nat=yes ;added by WK for NAT issues
disallow=all
allow=ulaw
allow=alaw

I am unable to register my home SIP phone (Polycom) to this server. My home
SIP phone is also behind NAT. In my Asterisk Extension Configuration I do
have nat=yes

Please help me… I am ready to pull my hair.

Stay in touch with old friends and meet new ones with Windows Live Spaces
http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us

Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

Amportal-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amportal-users

Post generated using Mail2Forum (http://www.mail2forum.com)

I agree about ipcop ----- best thing I have used.

Before I was using wrt54g (linksys) and westel modem (bellsouth) and I thing because of westel blocking traffic I could never get it to work. I think I also put the modem set as only a modem and used wrt5g to do ppoe and somehow westel used to block traffic ---- it was almost a double net.

Once I put ipcop and disable all blocking in the modem It was all good and I like the addon for Qos_ng

If you need help leave me a message and fwd number I will call and try to help

Bubba,

I have what I think is a public ip address. It was sold as a static ip. It is 72.0.72.x .

PBX working fine in LAN with multiple soft IAX phones.

PBX seems to work fine with “port switch” previously mentioned for remote extensions in home LAN.

I may be able to connect pbx to internet but have to figure out setup of lan and voip lan.

I will get back to you on this.

Thanks

Regards

Peter

Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

Amportal-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amportal-users

Post generated using Mail2Forum (http://www.mail2forum.com)

Just want to verify that I use IPCop both at home, customers sites and work and it works very well with Asterisk.

There are also QOS addons for it that work extremely well with VoIP traffic.

Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

Amportal-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amportal-users

Post generated using Mail2Forum (http://www.mail2forum.com)

Bubba,

I have sent you output in other post.

I changed 5060 to 4569 as we are talking about IAX.

I have not forwarded the home IPCop router to the phone but I think I may have forwarded all ports to a test trixbox I have at home. I may be wrong but do not that has anything to do with it as 4570 worked fine for IAXy no other changes.

Look forward to you insight.

Thanks

Regards

Peter

Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

Amportal-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amportal-users

Post generated using Mail2Forum (http://www.mail2forum.com)

OK 1 st is to see what is going on.

On the server run
ngrep -d any -Wbyline -t port 5060

try to connect form home… The cmd above with watch the port…

do you see any traffic ???

Yes that is a PRO safe router…it has SPI enabled by default…

did u go into your home router and forward the ports to your phone??

I will look at your other post…

Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

Amportal-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amportal-users

Post generated using Mail2Forum (http://www.mail2forum.com)

I had the same problem and finally got it working after changing some settings in the extensions profile. I changed the “NAT” to “yes”, the “PORT” to the actual port number my pbx server is listening to. That did the trick at least for me…

Tom

go into your home router and forward the sip ports to your home computer as well and test it

Also go grab a IAX softphone for testing…
http://www.laser.com/dante/

SIP is flaky ALWAYS test with IAX to save time hassle…
you only need to open port 4569 to the server and nothing on the home end.

No RTP ports (default 10000-20000 UDP) and SIP port (5060 TCP) in addition to that? I had problems without these ports being forwarded as well.

Tom

[quote=“bubba”]…
you only need to open port 4569 to the server and nothing on the home end.[/quote]

Port 4569 for IAX is all that is needed

5060 is the “standard” sip port

as for the rtp it may or may not be the right range…
some devices / softphone are setup for a different range

check the config of the SIP device / software for the RTP they use.

SIP is also TIME aware so my sure the RTC are working on both the server and any computer using softphone (SIP) IAX could care less…

I have used the IAX soft phones (IDEfisk - http://www.asteriskguru.com/idefisk/) and Digium’s IAXy. As good as they are, I have spent endless hours trying to get a two or more IAX phones to connect from home network to office network. All I could find online suggested that “all you need is port 4569”. Recently someone suggested using another port number but at the time, the response seemed sloppy. This morning I assigned a different port number to the IAXy device, after a soft phone connection had already been made back to office from one of my home pc’s and it worked great. Then I went to another PC and tried to connect another IDEfisk- soft phone and it connected. In fact, it seemed to self assign port 1024.

I would strongly suggest a popup beside the port number field on the extension screen listing the different default port numbers based on the major protocols. I would further suggest that the message indicate that if more than one IAX phone is connecting to a remote PBX in a remote LAN and that if all the IAX phone will be hitting that pbx with the same LAN ip address that the only way for all phones to work is to assign different port numbers to every new phone on that LAN. Happily this is very easy in Freepbx. Just change the port number and after pressing the red line, everything has been updated.

Hope this helps.

Regards

Peter

No sir you assume wrong

IAX can have MANY MANY connection’s behind a natted device (i sit here with five iax extens on five different servers)

what causes many users issues is SPI (Stateful Packet Inspection)

SIP traffic is very busy… lots of traffic for nothing…so GOOD router will
Say Hey this traffic looks like a DDOS attack let me kill it…

so if you got a smart router dumb it down by killing SPI…
get it working then enable it back if you still have problems kill it…

NOW sip that is the problem child, and with sip you can have them on the same port SOMETIMES it is a router issue I think…

but IAX does need any changing…it just works…

Bubba,

Thanks, sort of.

I have a Netgear FVS124G from their business line of wired vpn/routers. It even has dual WAN ports. So I suspect they think it is “smart”. From my point of view, it has been a pain! I think your right but I have yet to figure out how to this on this particular router.

I would gladly use my retail Netgear but it seems to lose connection from time to time and not reconnect all the time.

I have IPcop at home and would also gladly replace my router at the office with this IPcop as long as it would not cause me any troubles.

Can you offer any assistance with this router?

Do you do any consulting/custom development? As per a post in development forum, I need some help with a small project with my box. As in that post, I am happy if most if not all of the work done on my project can be plowed back into FreePbx.

Thanks

Regards

Peter

OK 1 st is to see what is going on.

On the server run
ngrep -d any -Wbyline -t port 5060

try to connect form home… The cmd above with watch the port…

do you see any traffic ???

Yes that is a PRO safe router…it has SPI enabled by default…

did u go into your home router and forward the ports to your phone??

I will look at your other post…

Bubba,

I have sent you output in other post.

I changed 5060 to 4569 as we are talking about IAX.

I have not forwarded the home IPCop router to the phone but I think I may have forwarded all ports to a test trixbox I have at home. I may be wrong but do not that has anything to do with it as 4570 worked fine for IAXy no other changes.

Look forward to you insight.

Thanks

Regards

Peter

Just want to verify that I use IPCop both at home, customers sites and work and it works very well with Asterisk.

There are also QOS addons for it that work extremely well with VoIP traffic.

OK I get lost the way forum is layed out

the thread started as SIP… turned into IAX

The sip debug was for the OP issues with sip…

Bubba,

Fair point, it was my ADD that picked up on problem and also your reference to IAX softphone.

I had problems with SIP and NAT with PSTN provider so we switched to IAX trunk. I also had problems with IAX as above and thought problems may be linked in some way. Ultimately link may be my router not SIP/IAX issues. Sorry.

Now back to my and my issues. Last night I tried your suggestion and ran function you suggested. For some reason IAXy started to work after I set it back to port 4569 but this morning it is not. In fact when I re-run this function on pbx this morning there do not seem to be any entries relating to IAXy extension! I have done nothing to office router. The IPcop router at home restarts every night at 3 am but otherwise have done nothing to this router either, so it may be that settings lasted till then and with restart IAXy path was lost and was not able to restart. Bottom line, I am still lost on this issue.

I am going to reset my IAXy back to port 4570 till I here from you again. I look forward to doing this the right way!

As indicated by you above problem may relate to SPI (I know, not SIP) but I do not know how to “fix” it.

Your continued input is appreciated.

Thanks.

Regards

Peter

tommy13v,

I was thinking of adding QOS add-on but was worried about breaking IPCop. I fact I had tried to add on add-on during the summer when I started learning about these things but with no success. I suspect that I would have more luck now.

As I recall there were a few QOS add-on for IPcop, is there one you would suggest?

Is IPcop the best way to go or is there a better one to use? I have tried a few. Although PFSense, Smoothwall and a few others sound like they should be easier to use and have more functions, I had one problem or another with each of these others. Maybe its IPcop’s “KISS” approach. I do which IPcop had qos and a little better VPN features but suspect that will come over time.

Lookforward to your input.

Thanks.

Regards

Peter

I use QOS NG found here
http://mh-lantech.css-hamburg.de/ipcop/download.php?view.158

It works very well but can be a bit complicated to setup but if you do install it and need assistance please let me know.

On 10/31/06, pbassel <[email protected] ([email protected])> wrote:[quote] tommy13v,

I was thinking of adding QOS add-on but was worried about breaking IPCop.  I fact I had tried to add on add-on during the summer when I started learning about these things but with no success.  I suspect that I would have more luck now.

As I recall there were a few QOS add-on for IPcop, is there one you would suggest?

Is IPcop the best way to go or is there a better one to use?  I have tried a few.  Although PFSense, Smoothwall and a few others sound like they should be easier to use and have more functions, I had one problem or another with each of these others.  Maybe its IPcop’s “KISS” approach.  I do which IPcop had qos and a little better VPN features but suspect that will come over time.

Lookforward to your input.

Thanks.

Regards

Peter

-------------------- m2f --------------------

Sent using Mail2Forum (http://www.mail2forum.com).

Read this topic online here:
http://www.freepbx.org/forums/viewtopic.php?p=2044#2044

-------------------- m2f --------------------

Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

Amportal-users mailing list
[email protected] ([email protected])
https://lists.sourceforge.net/lists/listinfo/amportal-users
[/quote]

–
Tom Vile
Baldwin Technology Solutions, Inc
Consulting - Web Design - VoIP Telephony
www.baldwintechsolutions.com
Phone: 518-631-2855 x205
Fax:     518-631-2856

Post generated using Mail2Forum (http://www.mail2forum.com)