I have elastix pbx setup (freepbx 18.104.22.168) and running with no problems and have 3 grandstream gxp2000 phones to test with. The way its setup now Elastix is sitting behind a symantec firewall/vpn 200 appliance.
Ports 5004-20000 UDP fowarded to elastix 10.25.18.60
2 VPN Tunnels to 10.25.19.0/255.255.255.0 & 10.25.20.0/255.255.255.0
Im using voicepulse as my provider and i used their freepbx module to get everything setup and activated and its registered and i can make and recieve calls. I have 2 grandstream gxp2000 phones inside this network (one at 10.25.18.80 and the other at 10.25.18.81) and they are registered and i can make and recieve calls using them with no problems.
Im trying to setup the third gxp2000 phone at one of the remote sites thats connected thru VPN to the elastix site. So i configured the phone with 10.25.19.80/255.255.255.0
I changed the sip.conf file and this is what it now looks like (/var/www/html/admin/modules/core/etc/sip.conf):
bindport = 5060 ; Port to bind to (SIP is 5060)
bindaddr = 0.0.0.0 ; Address to bind to (all addresses on machine)
The remote phone is connecting to elastix.rrwds.net and it registers and you can call it and it rings but you only hear 1way audio. You can hear the caller on the phone but the calling party cant hear the person on remote phone. I looked in debug and its calling and ringing and i dont see errors but im not sure what im looking for. Ive set the phone to connect to 10001 on the rtp because it had the local rtp port set to 5004. It use to not have any audio until i changed that setting. Ive checked the phone and for the “Use NAT IP” i set the phones ip address in there. As shown below…
local RTP port: 10001 (1024-65535, default 5004)
Use random port: No
keep-alive interval: 20 (in seconds, default 20 seconds)
Use NAT IP: 10.25.19.80 (if specified, this will be used in SIP/SDP message)
STUN server: (URI or IPort)
What is possibly wrong? Should i change the elastix.rrwds.net to the public IP? We have dynamic dns and i have dynamic address from no-ip.com for the public ip but since the sites are connected thru VPN it shouldnt have to use the public ip address.