Nailed it! TCPdump on Trixbox 2.4 (Asterisk 1.4.17-1) going out and public side of firewall (Linksys WRT54G running Sveasoft) Firewall is configued NOT to NAT (public addressing on internal network.
I stop asterisk (amportal stop). wait 30 min to insure timeout. Start both tcpdumps. Start Asterisk (amportal start). Get into Asterisk cli to insure registration was successful. Stop everything. Look at dumps with Wireshark. It very first SIP packet is a REGISTER coming from TB heading for Broadvoice (Only a SIP extension and Broadvoice SIP trunk defined). The UDP ports are SRC=5060 DST=5060. Length is different 5 bytes were added by the firewall, inside the SIP packet. From TB the Contact content is [EMAIL PROTECTED], while going out the firewall it is [EMAIL PROTECTED]:5060 And this works. For calling from Broadvoice into TB. But if I run a firewall that does NOT mangle the SIP content it does NOT work. sip.broadvoice.com is really a Proxy server, and the INVITE coming from it has content that directs the RTP server over to a different Broadvoice server. That is when the Linksys box is there mangling the SIP content. With the regular firewall, TB gets an INVITE without the redirect content and tries to set up the RTP call with their proxy server which ICMP rejects the RTP packets. So..... What do I do so that without a mangling firewall this works? Is Broadvoice "broken" and can only work through a NAT? Will simply adding NAT=yes result in the [EMAIL PROTECTED]:5060 in the first place? thank you all. _______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users