One Way Audio When Changing TCP Bind Port

stevensedory · May 12, 2016, 7:34pm

Great, I will give that a try. Thanks.

stevensedory · May 13, 2016, 4:34pm

So I ran a tcpdump -s0 -w/tmp/capture.pcap -C50 tcp and port 7775 and host 4.4.4.4 from the asterisk box. I sanitized it as follows: 4.4.4.4 is the public IP of the Endpoint that asterisk is seeing due to it being behind NAT, and 1.1.1.1 is the public IP of the asterisk box. You will also see some RFC 1918 stuff, which is the endpoint. Server’s LAN IP is 192.168.90.48, which I don’t see on this dump.

Right away, I notice that though I was tcpdump’ing for port 7775, there’s a bunch of 5060 showing. If anyone can decipher this, please educate me!

ÔÃ²¡ ÿÿ "!5Wœƒ lñeE )&Ú E
(ó@ @:¦À¨Z0lNe_"ºñ”ß¯ÑoOë€õ×Q
>¸$¶BYE sip:[email protected];transport=tcp SIP/2.0
Via: SIP/2.0/TCP 1.1.1.1:5060;branch=z9hG4bK5686566d;rport
Max-Forwards: 70
From: “232” sip:[email protected];tag=as09c19c65
To: sip:[email protected];transport=tcp;tag=3CF29620-107DF03B
Call-ID: [email protected]:5060
CSeq: 103 BYE
User-Agent: FPBX-13.0.115(13.7.0)
X-Asterisk-HangupCause: Requested channel not available
X-Asterisk-HangupCauseCode: 44
Content-Length: 0

"!5WÍ
Î Î )&Ú lñeE E À(@ 4GVlNeÀ¨Z0"º_ÑoOëñ”á…€(ë
’ >¸SIP/2.0 481 Call Leg/Transaction Does Not Exist
Via: SIP/2.0/TCP 1.1.1.1:5060;branch=z9hG4bK5686566d;rport
From: “232” sip:[email protected];tag=as09c19c65
To: sip:[email protected];transport=tcp;tag=3CF29620-107DF03B
CSeq: 103 BYE
Call-ID: [email protected]:5060
User-Agent: PolycomVVX-VVX_310-UA/4.1.6.4835
Accept-Language: en
Content-Length: 0

"!5Wß
B B lñeE )&Ú E 4(ô@ @<{À¨Z0lNe_"ºñ”á…ÑoQw€õ>
>Ú’#!5WD? )&Ú lñeE E (Ž@ 4E lNeÀ¨Z0"º_ÑoQwñ”á…€(ëÆˆ
’Œ >ÚINVITE sip:[email protected]:7775;user=phone;transport=tcp SIP/2.0
Via: SIP/2.0/TCP 192.168.1.24;branch=z9hG4bK70c404a0A91D59BB
From: “231” sip:[email protected]:7775;tag=9DB70BD0-F13C678B
To: sip:[email protected];user=phone
CSeq: 1 INVITE
Call-ID: [email protected]
Contact: sip:[email protected];transport=tcp
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, INFO, MESSAGE, SUBSCRIBE, NOTIFY, PRACK, UPDATE, REFER
User-Agent: PolycomVVX-VVX_310-UA/4.1.6.4835
Accept-Language: en
Supported: 100rel,replaces
Allow-Events: conference,talk,hold
Max-Forwards: 70
Content-Type: application/sdp
Content-Length: 336

v=0
o=- 307 307 IN IP4 192.168.1.24
s=Polycom IP Phone
c=IN IP4 192.168.1.24
t=0 0
a=sendrecv
m=audio 2228 RTP/AVP 9 102 0 8 18 127
a=rtpmap:9 G722/8000
a=rtpmap:102 G7221/16000
a=fmtp:102 bitrate=32000
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:127 telephone-event/8000
#!5Wa? B B lñeE )&Ú E 4(õ@ @<zÀ¨Z0lNe_"ºñ”á…ÑoUO€õøy
CS’Œ#!5WÍA m m lñeE )&Ú E _(ö@ @:NÀ¨Z0lNe_"ºñ”á…ÑoUO€õ×¦
CT’ŒSIP/2.0 401 Unauthorized
Via: SIP/2.0/TCP 192.168.1.24;branch=z9hG4bK70c404a0A91D59BB;received=4.4.4.4;rport=8890
From: “231” sip:[email protected]:7775;tag=9DB70BD0-F13C678B
To: sip:[email protected];user=phone;tag=as0fef1952
Call-ID: [email protected]
CSeq: 1 INVITE
Server: FPBX-13.0.115(13.7.0)
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce=“51da419e”
Content-Length: 0

#!5W§å r r )&Ú lñeE E d(@ 4F°lNeÀ¨Z0"º_ÑoUOñ”ã°€(ëÙ®
’ CTACK sip:[email protected]:7775;user=phone;transport=tcp SIP/2.0
Via: SIP/2.0/TCP 192.168.1.24;branch=z9hG4bK70c404a0A91D59BB
From: “231” sip:[email protected]:7775;tag=9DB70BD0-F13C678B
To: sip:[email protected];user=phone;tag=as0fef1952
CSeq: 1 ACK
Call-ID: [email protected]
Contact: sip:[email protected];transport=tcp
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, INFO, MESSAGE, SUBSCRIBE, NOTIFY, PRACK, UPDATE, REFER
User-Agent: PolycomVVX-VVX_310-UA/4.1.6.4835
Accept-Language: en
Max-Forwards: 70
Content-Length: 0

#!5W×
B B lñeE )&Ú E 4(÷@ @<xÀ¨Z0lNe_"ºñ”ã°ÑoW€õóÇ
C¦’#!5W&¨
Û Û )&Ú lñeE E Í(@ 4DFlNeÀ¨Z0"º_ÑoWñ”ã°€(ëeH
’• C¦INVITE sip:[email protected]:7775;user=phone;transport=tcp SIP/2.0
Via: SIP/2.0/TCP 192.168.1.24;branch=z9hG4bKbc48301b964BCB10
From: “231” sip:[email protected]:7775;tag=9DB70BD0-F13C678B
To: sip:[email protected];user=phone
CSeq: 2 INVITE
Call-ID: [email protected]
Contact: sip:[email protected];transport=tcp
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, INFO, MESSAGE, SUBSCRIBE, NOTIFY, PRACK, UPDATE, REFER
User-Agent: PolycomVVX-VVX_310-UA/4.1.6.4835
Accept-Language: en
Supported: 100rel,replaces
Allow-Events: conference,talk,hold
Authorization: Digest username=“231”, realm=“asterisk”, nonce=“51da419e”, uri=“sip:[email protected]:7775;user=phone;transport=tcp”, response=“a36dcb4cfa0428f97a500de19106dfd4”, algorithm=MD5
Max-Forwards: 70
Content-Type: application/sdp
Content-Length: 336

v=0
o=- 307 307 IN IP4 192.168.1.24
s=Polycom IP Phone
c=IN IP4 192.168.1.24
t=0 0
a=sendrecv
m=audio 2228 RTP/AVP 9 102 0 8 18 127
a=rtpmap:9 G722/8000
a=rtpmap:102 G7221/16000
a=fmtp:102 bitrate=32000
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:127 telephone-event/8000
#!5W3¨
B B lñeE )&Ú E 4(ø@ @<wÀ¨Z0lNe_"ºñ”ã°Ño\€õï
C¯’•#!5W˜±
A A lñeE )&Ú E 3(ù@ @:wÀ¨Z0lNe_"ºñ”ã°Ño\€õ×z
C²’•SIP/2.0 100 Trying
Via: SIP/2.0/TCP 192.168.1.24;branch=z9hG4bKbc48301b964BCB10;received=4.4.4.4;rport=8890
From: “231” sip:[email protected]:7775;tag=9DB70BD0-F13C678B
To: sip:[email protected];user=phone
Call-ID: [email protected]
CSeq: 2 INVITE
Server: FPBX-13.0.115(13.7.0)
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Contact: sip:[email protected]:5060;transport=TCP
Content-Length: 0

#!5WRk B B )&Ú lñeE E 4(‘@ 4HÞlNeÀ¨Z0"º_Ño\ñ”å¯€(ëÆ"
’› C²$!5WØj Q Q lñeE )&Ú E C(ú@ @:fÀ¨Z0lNe_"ºñ”å¯Ño\€õ×Š
Dø’›SIP/2.0 180 Ringing
Via: SIP/2.0/TCP 192.168.1.24;branch=z9hG4bKbc48301b964BCB10;received=4.4.4.4;rport=8890
From: “231” sip:[email protected]:7775;tag=9DB70BD0-F13C678B
To: sip:[email protected];user=phone;tag=as79fe8cba
Call-ID: [email protected]
CSeq: 2 INVITE
Server: FPBX-13.0.115(13.7.0)
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Contact: sip:[email protected]:5060;transport=TCP
Content-Length: 0

$!5Wè~ B B )&Ú lñeE E 4(’@ 4HÝlNeÀ¨Z0"º_Ño\ñ”ç¾€(ëÂ±
’· Dø$!5Wù? Q Q lñeE )&Ú E C(û@ @:eÀ¨Z0lNe_"ºñ”ç¾Ño\€õ×Š
Ep’·SIP/2.0 180 Ringing
Via: SIP/2.0/TCP 192.168.1.24;branch=z9hG4bKbc48301b964BCB10;received=4.4.4.4;rport=8890
From: “231” sip:[email protected]:7775;tag=9DB70BD0-F13C678B
To: sip:[email protected];user=phone;tag=as79fe8cba
Call-ID: [email protected]
CSeq: 2 INVITE
Server: FPBX-13.0.115(13.7.0)
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Contact: sip:[email protected]:5060;transport=TCP
Content-Length: 0

$!5WèW B B )&Ú lñeE E 4(“@ 4HÜlNeÀ¨Z0"º_Ño\ñ”éÍ€(ëÀ
’Ã Ep%!5W• ‚ ‚ lñeE )&Ú E t(ü@ @93À¨Z0lNe_"ºñ”éÍÑo\€õØ»
Ha’ÃSIP/2.0 200 OK
Via: SIP/2.0/TCP 192.168.1.24;branch=z9hG4bKbc48301b964BCB10;received=4.4.4.4;rport=8890
From: “231” sip:[email protected]:7775;tag=9DB70BD0-F13C678B
To: sip:[email protected];user=phone;tag=as79fe8cba
Call-ID: [email protected]
CSeq: 2 INVITE
Server: FPBX-13.0.115(13.7.0)
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Contact: sip:[email protected]:5060;transport=TCP
Content-Type: application/sdp
Content-Length: 277

v=0
o=root 2049664613 2049664613 IN IP4 1.1.1.1
s=Asterisk PBX 13.7.0
c=IN IP4 1.1.1.1
t=0 0
m=audio 11242 RTP/AVP 0 8 127
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:127 telephone-event/8000
a=fmtp:127 0-16
a=ptime:20
a=maxptime:150
a=sendrecv
%!5Wà, B B )&Ú lñeE E 4(”@ 4HÛlNeÀ¨Z0"º_Ño\ñ”í
€(ëº
( Ha&!5WãH lñeE )&Ú E (ý@ @:%À¨Z0lNe_"ºñ”í
Ño\€õ×È
Na(OPTIONS sip:[email protected];transport=tcp SIP/2.0
Via: SIP/2.0/TCP 1.1.1.1:5060;branch=z9hG4bK712333b3;rport
Max-Forwards: 70
From: “Unknown” sip:[email protected];tag=as73d55cc7
To: sip:[email protected];transport=tcp
Contact: sip:[email protected]:5060;transport=TCP
Call-ID: [email protected]:5060
CSeq: 102 OPTIONS
User-Agent: FPBX-13.0.115(13.7.0)
Date: Fri, 13 May 2016 00:34:46 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Content-Length: 0

&!5W´Z B B )&Ú lñeE E 4(•@ 4HÚlNeÀ¨Z0"º_Ño\ñ”ïZ€(ë±
(Ÿ Na&!5W¨É )&Ú lñeE E ó(–@ 4FlNeÀ¨Z0"º_Ño\ñ”ïZ€(ëÕ¸
(¡ NaSIP/2.0 200 OK
Via: SIP/2.0/TCP 1.1.1.1:5060;branch=z9hG4bK712333b3;rport
From: “Unknown” sip:[email protected];tag=as73d55cc7
To: “231” sip:[email protected];transport=tcp;tag=D7ED1B80-C6DEA4DB
CSeq: 102 OPTIONS
Call-ID: [email protected]:5060
Contact: sip:[email protected];transport=tcp
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, INFO, MESSAGE, SUBSCRIBE, NOTIFY, PRACK, UPDATE, REFER
Supported: 100rel,replaces,100rel,timer,replaces,norefersub,sdp-anat
User-Agent: PolycomVVX-VVX_310-UA/4.1.6.4835
Accept-Language: en
Accept: application/sdp,text/plain,message/sipfrag,application/dialog-info+xml
Accept-Encoding: identity
Content-Length: 0

&!5W0c B B lñeE )&Ú E 4(þ@ @<qÀ¨Z0lNe_"ºñ”ïZÑo^×€õÕ

NP(¡)!5Wýla ë ë lñeE )&Ú E Ý(ÿ@ @8ÇÀ¨Z0lNe_"ºñ”ïZÑo^×€õÙ$
Y‡(¡INVITE sip:[email protected];transport=tcp SIP/2.0
Via: SIP/2.0/TCP 1.1.1.1:5060;branch=z9hG4bK3f930e8e;rport
Max-Forwards: 70
From: “232” sip:[email protected];tag=as4d6ca0e6
To: sip:[email protected];transport=tcp
Contact: sip:[email protected]:5060;transport=TCP
Call-ID: [email protected]:5060
CSeq: 102 INVITE
User-Agent: FPBX-13.0.115(13.7.0)
Date: Fri, 13 May 2016 00:34:49 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Content-Type: application/sdp
Content-Length: 329

v=0
o=root 543939044 543939044 IN IP4 1.1.1.1
s=Asterisk PBX 13.7.0
c=IN IP4 1.1.1.1
t=0 0
m=audio 17690 RTP/AVP 0 8 3 111 101
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:3 GSM/8000
a=rtpmap:111 G726-32/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=ptime:20
a=maxptime:150
a=sendrecv
)!5W°Óa é é )&Ú lñeE E Û(—@ 4G1lNeÀ¨Z0"º_Ño^×ñ”ó€*¿g(
)Ç Y‡SIP/2.0 100 Trying
Via: SIP/2.0/TCP 1.1.1.1:5060;branch=z9hG4bK3f930e8e;rport
From: “232” sip:[email protected];tag=as4d6ca0e6
To: “231” sip:[email protected];transport=tcp;tag=1096433B-5AA7B5F0
CSeq: 102 INVITE
Call-ID: [email protected]:5060
Contact: sip:[email protected];transport=tcp
User-Agent: PolycomVVX-VVX_310-UA/4.1.6.4835
Accept-Language: en
Content-Length: 0

)!5WÀÓa B B lñeE )&Ú E 4) @ @<oÀ¨Z0lNe_"ºñ”óÑo~€õÃC Y¡)Ç)!5W< )&Ú lñeE E (˜@ 4GlNeÀ¨Z0"º_Ño~ñ”ó€*¿>%
)Ð Y¡SIP/2.0 180 Ringing
Via: SIP/2.0/TCP 1.1.1.1:5060;branch=z9hG4bK3f930e8e;rport
From: “232” sip:[email protected];tag=as4d6ca0e6
To: “231” sip:[email protected];transport=tcp;tag=1096433B-5AA7B5F0
CSeq: 102 INVITE
Call-ID: [email protected]:5060
Contact: sip:[email protected];transport=tcp
User-Agent: PolycomVVX-VVX_310-UA/4.1.6.4835
Allow-Events: conference,talk,hold
Accept-Language: en
Content-Length: 0

)!5W< B B lñeE )&Ú E 4)@ @<nÀ¨Z0lNe_"ºñ”óÑobJ€õÁ
Yþ)Ð*!5W±w m m )&Ú lñeE E _(™@ 4E«lNeÀ¨Z0"º_ÑobJñ”ó€*¿?y
* YþSIP/2.0 200 OK
Via: SIP/2.0/TCP 1.1.1.1:5060;branch=z9hG4bK3f930e8e;rport
From: “232” sip:[email protected];tag=as4d6ca0e6
To: “231” sip:[email protected];transport=tcp;tag=1096433B-5AA7B5F0
CSeq: 102 INVITE
Call-ID: [email protected]:5060
Contact: sip:[email protected];transport=tcp
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, INFO, MESSAGE, SUBSCRIBE, NOTIFY, PRACK, UPDATE, REFER
Supported: 100rel,replaces
User-Agent: PolycomVVX-VVX_310-UA/4.1.6.4835
Allow-Events: conference,talk,hold
Accept-Language: en
Content-Type: application/sdp
Content-Length: 197

v=0
o=- 313 313 IN IP4 192.168.1.24
s=Polycom IP Phone
c=IN IP4 192.168.1.24
t=0 0
a=sendrecv
m=audio 2230 RTP/AVP 0 101
a=rtpmap:0 PCMU/8000
a=rtpmap:101 telephone-event/8000
a=sendrecv
!5WÆw B B lñeE )&Ú E 4)@ @<mÀ¨Z0lNe_"ºñ”óÑoeu€õºg
]0*!5WÀy ô ô lñeE )&Ú E æ)@ @:ºÀ¨Z0lNe_"ºñ”óÑoeu€õ×-
]1*ACK sip:[email protected];transport=tcp SIP/2.0
Via: SIP/2.0/TCP 1.1.1.1:5060;branch=z9hG4bK591c8d26;rport
Max-Forwards: 70
From: “232” sip:[email protected];tag=as4d6ca0e6
To: sip:[email protected];transport=tcp;tag=1096433B-5AA7B5F0
Contact: sip:[email protected]:5060;transport=TCP
Call-ID: [email protected]:5060
CSeq: 102 ACK
User-Agent: FPBX-13.0.115(13.7.0)
Content-Length: 0

!5Wñ+a B B )&Ú lñeE E 4(š@ 4HÕlNeÀ¨Z0"º_Ñoeuñ”ôµ€¿à
*’ ]10!5W»È lñeE )&Ú E )@ @:À¨Z0lNe_"ºñ”ôµÑoeu€õ×È
u8*'OPTIONS sip:[email protected];transport=tcp SIP/2.0
Via: SIP/2.0/TCP 1.1.1.1:5060;branch=z9hG4bK5a33129d;rport
Max-Forwards: 70
From: “Unknown” sip:[email protected];tag=as783a1d2f
To: sip:[email protected];transport=tcp
Contact: sip:[email protected]:5060;transport=TCP
Call-ID: [email protected]:5060
CSeq: 102 OPTIONS
User-Agent: FPBX-13.0.115(13.7.0)
Date: Fri, 13 May 2016 00:34:56 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Content-Length: 0

0!5W’: B B )&Ú lñeE E 4(›@ 4HÔlNeÀ¨Z0"º_Ñoeuñ”÷€*¿s’
,Œ u80!5W_J )&Ú lñeE E ó(œ@ 4FlNeÀ¨Z0"º_Ñoeuñ”÷€*¿e
, u8SIP/2.0 200 OK
Via: SIP/2.0/TCP 1.1.1.1:5060;branch=z9hG4bK5a33129d;rport
From: “Unknown” sip:[email protected];tag=as783a1d2f
To: “231” sip:[email protected];transport=tcp;tag=37D82990-CD290DCB
CSeq: 102 OPTIONS
Call-ID: [email protected]:5060
Contact: sip:[email protected];transport=tcp
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, INFO, MESSAGE, SUBSCRIBE, NOTIFY, PRACK, UPDATE, REFER
Supported: 100rel,replaces,100rel,timer,replaces,norefersub,sdp-anat
User-Agent: PolycomVVX-VVX_310-UA/4.1.6.4835
Accept-Language: en
Accept: application/sdp,text/plain,message/sipfrag,application/dialog-info+xml
Accept-Encoding: identity
Content-Length: 0

0!5W!ä B B lñeE )&Ú E 4)@ @<jÀ¨Z0lNe_"ºñ”÷Ñoh4€õ˜è
u,

billsimon · May 13, 2016, 7:26pm

Share your Asterisk NAT settings here, please.

Asterisk is advertising its external IP in the SDP and the phone is advertising its RFC1918 IP (expected). If they can talk to each other directly on the internal network, then Asterisk should be advertising its internal IP.

Your Asterisk NAT settings should include all the locally-routable networks in the localnets section.

dicko · May 13, 2016, 7:32pm

Can you confirm whether you are using chan_pjsip or chan_sip please.

stevensedory · May 13, 2016, 7:47pm

NAT is on in SIP settings and extension. Box is behind Cisco ASA w/ 1:1 NAT and appropriate ACLs through. Note that making ACLs wide open still have same issues when using other than 5060 for tcpbindaddr port.

Endpoints are offsite, different internet provider, two or three behind a sonicwall with default settings (other than “bad” VoIP stuff turned off). I’ve also tested behind other firewalls, such as an ASA, and two different consumer linksys routers.

stevensedory · May 13, 2016, 7:49pm

Chan. Set to Chan only in advance settings (pj disabled). Also, Chan up bind port set to 5060 in chan sip settings (for UDP), and tcpbindaddr=7775

dicko · May 13, 2016, 7:59pm

I don’t think that

tcpbindaddr=7775

is valid, It is should be address (presumably 0.0.0.0) and not a port.

perhaps

tcpbindaddr=0.0.0.0:7775

?

(ref chan_sip.c, but seems to be a TODO still)

stevensedory · May 13, 2016, 8:27pm

My bad. I do have it set correctly as you show above.

dicko · May 13, 2016, 8:35pm

As I said it might be still a todo, perhaps a redirection of tcp/5060 (the default tcp transport port) needs an appropriate translation setting on your firewall also. But I am shooting in the dark, good luck though.

stevensedory · May 13, 2016, 8:43pm

Hmm. So based on the tcpdump, it doesn’t look like it’s anything I can change in asterisk?

dicko · May 13, 2016, 8:53pm

That might be a question to ask in the Asterisk Fora.

stevensedory · May 14, 2016, 7:03am

So a quick update: everything works correctly when bypassing the Cisco ASA and the box is given a Public IP. And using iptables, I restricted traffic the same way I had it restricted on the ASA.

stevensedory · May 14, 2016, 4:37pm

Still wish we could figure out the issue behind the ASA, as I feel much more secure that way, but this will work for now I suppose.

el_es · May 16, 2016, 8:15am

There was recently a topic about Comcast here (Anyone Using Comcast SIP Service?, especially post 8, I believe) - one of the suggestions there was, that some gateways/routers can have NO editable options for disabling SIP ALG - wonder if this would be the case here.

stevensedory · May 17, 2016, 10:29pm

Very possible. Thanks for bringing that into consideration.