I have never been able to get SIP phones to successfully register and work when behind a firewall/router.
I have a FreePBX system on an external routable IP address.
I want to have a SIP phone at another location that is behind a firewall/router with an internal IP.
What tricks do I have to do to allow this type of setup work? I always seem to have issues because the SIP messages do not get properly routed with the necessary information for the FreePBX to route return messages.
It seems like this should be something so basic to allow SIP phone to work that there simple instructions.
Most of the time the voice traffic is lost or something.
I have 4 phones remote to my central system. On your router at the main site, make sure you have UDP/TCP ports 5060-5080 forwarded to your PIAF box. Also UDP ports 10000 to 20000 must be forwarded to the Asterisk box.
The remote router settings are not too important since the phones will reach out to main location. Be sure the phones have the static IP address of the remote server or the fully qualified domain name of the server. This generally requires manual setup of the phones at the remote location.
I use Tomato firmware on both routers. A variety of inexpensive routers can run this firmware. It provides intelligent QOS for better VOIP calls.
I have never been satisfied with VPN tunnels between locations.
Kenn, I’m not sure why you’re opening up a range for SIP session control. All you need is UDP 5060. For the streaming portion, you don’t need the entire range of UDP 10000 - 20000. All you need is enough to satisfy the maximum number of concurrent calls. If you want 10 concurrent calls, then limit the range to 10000 - 10009.
Double, Triple, essentially the number of NATs in a row aren’t an issue, what is is wether they play nice.
Ultimately, if you want to sleep well at nights, do youself a favor and setup a VPN. There really isn’t a good reason to poke holes in your firewall if you don’t need to. =0)