With recent versions of core and sipsettings modules in fpbx 15 and 16, it is now possible to define an external sip signaling port which differs from the internal signaling port for each pjsip transport. The value of this is for PBXs behind a NAT router when there is a necessity to port forward for sip signaling. Setting the external port to a high random number, while not a security precaution in and of itself, does keeps logs cleaner.
To anyone who may be using Asterisk conf files for setting these parameters directly, it’s likely your solution will continue to work, but highly recommended that you now move to the GUI for this setting.
Why is this a use case for people with NAT routers? Why don’t you just change what port the transport is listening on in the first place? I don’t setup any of my servers like this so I don’t understand the need for a proxy port or translation.
Just to make sure if I am understanding this correctly, if you use this and you have an off-site extension using an IP phone or VoIP adapter or softphone, etc. you would change the port number in the sip account settings on that device/softphone from 5060 to the specified port number (to 47368 if following the examples above) and then would also have to make certain your router’s firewall forwards traffic on that port to your Asterisk server’s local IP address, correct? And this would only affect devices that come into your system from outside your local network?
When I updated FreePBX this morning I found that SIP settings had added external signaling port 5061 to my UDP transport and ext signaling port 5161 to my TLS transport. Hmm, thanks but no thanks! I don’t know where it got these defaults but I don’t want them.