[SOLVED]Trunk - Registration

Hi,
i’m new with this Voice software and i’d like your help with my setup of 2 sip trunk with my provider.
My network is the following:
192.168.x.x/24 pbx
192.168.x.x and 192.168.y.y firewall
192.168.y.y modem

In the sip setting i enable NAT with my public IP and in the firewall i enable source NAT. Then i set up the trunk with the following configuration:

outgoing:
host=provider host
username=+39xxxxxxxxx
secret=“secret”
type=friend
qualify=yes
outboundproxy=outgoingproxy1
insecure=invite,port
fromdomain=provider host
fromuser=+39xxxxxxxxx
callreinvite=no
trustrpid=yes
sendrpid=yes
transport=UDP

Registration String:

[email protected] host::[email protected] [email protected]:5060

in the beginning it was all ok (it gives registered and OK (xx ms)), after a random time the registrations of both trunk became “Request Sent” and the trunk unreachable.
the notice it gives me is:

NOTICE[10741] chan_sip.c: – Registration for ‘[email protected]’ timed out, trying again (Attempt #5)

from that point on is impossible to call and the only way to reconnect to trunk is to switch from outboundproxy1 to outbounproxy2 (or viceversa). The trunk return OK and so on until it unregister again.

Am I doing something wrong?

Your router/firewall is probably timing your connections out. Check these out (and search for ‘15 minutes’ for more) and see if any of these sound familiar.

i’m not sure that’s the case. in the first example the disservice is 1-2 min then it automaticly turn on, in my case i have to change the configuration with the other outboundproxy and my disconnection is not timed every 15 min but can happen to a minimun of 6 hour to a maximum of a couple days. But i can try installing the pbx directly in the lan of the modem and see if it change.

I’m not sure it’s the case either, but it sounds amazingly like the same problem lots of people have with their NAT sessions timing out and their phones not maintaining the registration properly. We’ve discussed both of these issues many, many times in the forums, and there are very few cases where the problem is not in the intervening routers or proxies.

Yeah i also read a lot about this type of issue and I’ll surely give it a try and let you know, but in the meantime, is the configuration of my trunk correct?

Ty

There are some things that I don’t do, but they may be necessary in your situation.

First, I’m not sure the proxy stuff is correct, but on the other hand, I also don’t know how your double-NATted network is going to react. Also, different flavors of NAT are still NAT (even one-for-one) so you need to take that into account when you are setting up your network. Also, the standard warning “turn off all SIP-ALG and SIP hell-pers in all of your routers and firewalls” is assumed.

So, my first inclination would be to make sure that traffic from the outside to the PBX is actually getting to your PBX. This means redirecting traffic from the Internet into your 192.168.y.y network, and the redirecting it again to the 192.168.x.x network. It is was my setup, I’d have an “external” interface (eth0, for example) for the inbound and outbound trunks set up on the 192.168.y.y network with it’s own interface. On a second interface (eth1) set up the 192.168.x.x network and default route everything through the 192.168.y.y interface. This way, the only traffic on the second port is your phones, and maybe a management console on the inside.

In this scenario, the eth0 interface would act as the server’s primary gateway. NAT would be set up and the firewall would be set up to only allow traffic to port 5060 from very specific IP addresses. Anyone that needs to communicate with the box needs to be allow in specifically (yes, I know there are ways to make this less strict…)

This way, you get rid of all of the proxy stuff and you avoid the double-NAT that you have now. It also simplifies the router setup, since the routers configuration is basically “Well, hello!” and the firewall on the PBX server is doing the heavy lifting.

Other than that, the ‘from-domain’ setting should be your information, not your provider’s.

You should be able to do a PJ-SIP debug and capture the traffic to see where your traffic is failing. Watch for addresses that don’t make sense (like 192.168.xy.xy addresses) leaking out into the Internet.

hello,
first i thank you for the advice. You have indeed the right guess, it is a nat problem, the second pbx in the same network of the modem works fine with the same configuration. Now i agree with your advice and i’ll try it but this is more a network problem so i’m setting this thread as solved.
Ty again and best wishes for a happy new year.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.