I’ve setup a FreePBX 12.0.74 server on a virtual machine with a windows 7 host behind a NAT router.
Outbound calls are working but Inbound calls immediately after work only after an Outbound call and then it stops working with the message the number you have dialed is not available.
Following are the trunk settings:
Outgoing settings
peer details
username=[Authentication Name]
type=peer
secret=[Authentication Key]
qualify=no
nat=no
maxexpirey=3600
insecure=invite, port
host= host ip
fromuser=[Authentication Name]
fromdomain=host ip
dtmfmode=rfc2833
disallow=all
defaultexpirey=60
context=from-trunk
canreinvite=no
allow=ulaw
session-timers=refuse
auth=md5
sendrpid=yes
^^ That’s your problem. The symptom of the call only being usable within a short time is because the NAT ‘automatic’ forwarding is timing out. Ensure that you MANUALLY FORWARD THE REQUIRED PORTS (udp, ports 5060 and 10000-20000 inclusive) directly to the VoIP server.
Following the above advice I opened up the required ports started receiving all the incoming calls I tested. Within hours the server was attacked, trying to initiate sip connections from two different IPs.
I changed the sip binding port. Again incoming created problems, working sometimes.
Opened the above port in the firewall and incoming started to work again.
I have no external user / extension, why do I have to open the sip port for incoming connections?
If I configure the trunk directly on an IP / Soft phone it works without any port forwarding.
If there isn’t any other way without opening the ports, what are the best options to avoid such attacks?