My problem
Can not access and register external sip trunks. any calls using these trunks get the message: all circuits are busy now! this happens after 10/15 sec.
My setup
i have a freePBX(TrixBox) IP PBX setup behind my NetScreen-25. In my setup the modem is in transparent mode and all packets are forwarded to NetScreen, which has its own IP.
I have multiple public IPs setup so in order to make things easier i have assigned an single IP for this purpose using MIP. this public IP points to my internal IP.
then i have created two policies un-trust > trust (MIP) & trust (MIP) > un-trust with the following settings:
Source: ANY/MIP
Destination: MIP/ANY
Services: SIP, VOIP
Application: ignor
Then i have disabled ALG for SIP.
This doesnt seem to solve my problem. i am testing this with two things: 1. if i can register a soft-phone from the internet and 2. if my SIP trunk is registering on my PBX. I am using two trunks, PoivY and CallCentrics
Both of these fail with this setting.
Then i moved to creating custom services with the following ports open:
TCP src port: 5060-5061, dst port: 5060-5061
UDP src port: 5060-5061, dst port: 5060-5061
UDP src port: 10000-20000, dst port: 10000-20000
TCP src port: 5004-5082, dst port: 5004-5082
UDP src port: 5004-5082, dst port: 5004-5082
This also doesnt seem to work at all. i have also tried both options with ALG turned on with no luck.
in addition i have read on some other forms that i must add these lines to sip.conf.
nat=yes
externip=xx.xx.xx.xx
localnet=192.168.3.254/255.255.255.0
any idea what i am doing wrong? i am quite sure that the problem is in the firewall somewhere but not 100%. could it be in the PBX setting?