right. proper firewall configuration...
On Wed, Sep 8, 2010 at 11:01 AM, Stiles Watson <wat...@datatek-net.com>wrote:
> Thanks Tony!
>
> I already had consistent NAT enabled, but not SIP Transformations (turning
> that on with Trixbox resulted in the Sonicwall being pegged at 100% - which
> is why I had not tried it with sipX). I enabled transformations and made my
> call again and after 2min it was still up so that seems to have done the
> trick.
>
> I'll keep testing.
>
> Stiles
>
> Tony Graziano wrote:
>
> I think in sonicwall it is called consistent nat.
>
>
> To enable Consistent NAT, select the Enable Consistent NAT setting and
> click Apply. This checkbox
> is disabled by default.
>
>
> On Wed, Sep 8, 2010 at 10:31 AM, Tony Graziano <
> tgrazi...@myitdepartment.net> wrote:
>
>> your firewall is a REALLY important pice of the puzzle. Thanks for finally
>> telling us what it is.
>>
>> In the sonicwall:
>>
>>
>> 1. Open web administration interface
>> 2. Select VoIP from the left menu
>> 3. Check/uncheck Enable SIP Transformations
>> 4. Click Accept
>>
>>
>> Then try your call again and see if it disconnects at the 90 second call
>> timer. The call is because both sides have never agreed the connection is
>> "OK". So, the FIRST thing to do is make sure your firewall is configured to
>> disable the SIP ALG and provide symmetric nat.
>>
>> 1. DISABLE SIP ALG (see above).
>> 2. Make sure the NAT is "SYMMETRIC" NAT on the sonicwall.
>>
>> Sonicwall lovers feel free to share "how-to" on the sonicwall,
>> especially how to deploy symmetric nat
>>
>>
>> On Wed, Sep 8, 2010 at 10:22 AM, Tony Graziano <
>> tgrazi...@myitdepartment.net> wrote:
>>
>>> I think you need to disable the sip alg on the sonicwall.
>>>
>>>
>>> On Wed, Sep 8, 2010 at 10:19 AM, Stiles Watson
>>> <wat...@datatek-net.com>wrote:
>>>
>>>> That was my initial sipX setup as well (except I had Auth User set
>>>> equal to User).
>>>>
>>>> On the Teliax side under device settings did you do either of the
>>>> following?
>>>>
>>>> - enable DNIS so they send the number instead of the user in the SIP
>>>> INVITE?
>>>> - enter your pubilc IP
>>>>
>>>> The reason I ask is because the "User part of INVITE SIP URI is a phone
>>>> number" checkbox under the sipX ITSP Account settings defaults to
>>>> 'enabled',
>>>> but unless you enable DNIS on the Teliax side, this is not the case (unless
>>>> I'm misunderstanding the something works).
>>>>
>>>> Firewall:
>>>>
>>>> I'm using a Sonicwall NSA 240. I have NAT policies which forward ports
>>>> UDP 5080, UDP&TCP 5060-5061 & UDP 30000-31000 untranslated to the sipX
>>>> server (we're a small shop so everything is running on one server). Are you
>>>> saying that the invite actually comes to UDP port 37678?
>>>>
>>>>
>>>> Stiles
>>>>
>>>> Dave Redmore wrote:
>>>>
>>>> My settings for the gateway are all default - Under "Configuration", I
>>>> defined "Address" as "den.teliax.net" - Under "CallerID" I set the
>>>> "Default Caller ID" to my incoming phone number - under "ITSP Account" I
>>>> defined "Username" ("Authentication Username" is left blank), "Password"
>>>> and
>>>> checked "Register on Initialization". Everything else is defaulted.
>>>>
>>>> When I do a packet capture on the WAN port of the pfSense - I see Teliax
>>>> sending me OPTION pings to the NAT'd port number (37678 in this case).
>>>> When
>>>> I look at the State table I see active states from sipX:5080 ->
>>>> pfSense:37678 -> den.teliax.net:5060. Incoming Invite is to the
>>>> external port (37678).
>>>>
>>>> So, it looks like FreeSwitch on Teliax end is doing its NAT compensation
>>>> magic and pfSense is staying out of the way.
>>>>
>>>> Interestingly, when I looked at the packet capture and state tables - in
>>>> addition to the connection from sipXbridge on port 5080 - there is also a
>>>> connection maintained from sipXecs on port 5060 (which in this case is
>>>> being
>>>> NAT'd to port 5041). So, I am getting OPTION pings to port 37678
>>>> (translated to 5080), to which sipXbridge respondes "406 Not Acceptable"
>>>> and
>>>> OPTION pings to port 5041 (translated to 5060) to which sipX responses "200
>>>> Okay". The "Request URI" for the OPTION ping to sipXbridge looks like
>>>> "sip:teliaxusername@(Ext.
>>>> IP Address):37678;transport=udp;fs_nat=yes". The "Request URI" for the
>>>> OPTION ping to sipX looks like "sip:s@(Ext IP Address):5041;fs_nat=yes".
>>>>
>>>>
>>>> Dave
>>>>
>>>>
>>>> ----- Original Message -----
>>>> From: "Tony Graziano"
>>>> <tgrazi...@myitdepartment.net><tgrazi...@myitdepartment.net>
>>>> To: sipx-users@list.sipfoundry.org
>>>> Sent: Tuesday, September 7, 2010 6:20:04 PM GMT -06:00 US/Canada Central
>>>> Subject: Re: [sipx-users] Call drops after 1 min & 29 secs
>>>>
>>>> Then it would be good to have a template for them. Can you detail an
>>>> example
>>>> of your gateway? Are they sending on port 5080? What did you have to do
>>>> to
>>>> get them to send on port 5080?
>>>> ============================
>>>> Tony Graziano, Manager
>>>> Telephone: 434.984.8430
>>>> Fax: 434.984.8431
>>>>
>>>> Email: tgrazi...@myitdepartment.net
>>>>
>>>> LAN/Telephony/Security and Control Systems Helpdesk:
>>>> Telephone: 434.984.8426
>>>> Fax: 434.984.8427
>>>>
>>>> Helpdesk Contract Customers:
>>>> http://www.myitdepartment.net/gethelp/
>>>>
>>>> ----- Original Message -----
>>>> From: sipx-users-boun...@list.sipfoundry.org
>>>> <sipx-users-boun...@list.sipfoundry.org><sipx-users-boun...@list.sipfoundry.org>
>>>> To: Discussion list for users of sipXecs software
>>>> <sipx-users@list.sipfoundry.org> <sipx-users@list.sipfoundry.org>
>>>> Sent: Tue Sep 07 19:17:14 2010
>>>> Subject: Re: [sipx-users] Call drops after 1 min & 29 secs
>>>>
>>>> I can report that I have 4.2.1 installed and working very nicely with
>>>> Teliax. I have configured a gateway using very "plain vanilla" settings
>>>> and
>>>> it worked pretty much "right out of the box". Incoming calls and
>>>> outgoing.
>>>> MOH and transfers all seem to work fine. I currently have a Grandstream
>>>> GXP-2020 and Polycom 301 on that system for testing/evaluation and will
>>>> probably put it into "production" in the next day or two. I have sipX
>>>> sitting behind a pfSense firewall. I am using the Denver proxy for
>>>> incoming
>>>> calls and outgoing route to their Chicago proxy.
>>>>
>>>>
>>>> I am limited in choices for ITSPs that can provide local DIDs and have
>>>> been
>>>> working with Teliax for about 4-5 years. I personally find them to be
>>>> pretty
>>>> good and a decent value when using the PAYG services.
>>>>
>>>>
>>>> Dave
>>>>
>>>> ----- Original Message -----
>>>> From: "Tony Graziano"
>>>> <tgrazi...@myitdepartment.net><tgrazi...@myitdepartment.net>
>>>> To: "Discussion list for users of sipXecs software"
>>>> <sipx-users@list.sipfoundry.org> <sipx-users@list.sipfoundry.org>
>>>> Sent: Tuesday, September 7, 2010 5:40:35 PM GMT -06:00 US/Canada Central
>>>> Subject: Re: [sipx-users] Call drops after 1 min & 29 secs
>>>>
>>>> That still references using port 5060 and ip authentication. He would
>>>> need
>>>> to ensure they support using the public IP at port 5080. It sounds like
>>>> he
>>>> may have to get them to do that for him manually.
>>>>
>>>>
>>>> On Tue, Sep 7, 2010 at 6:29 PM, Todd Hodgen < thod...@verizon.net >
>>>> wrote:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> There have been some discussions about this ITSP on the list in the
>>>> past.
>>>>
>>>>
>>>>
>>>> I did find this one.
>>>>
>>>> http://forum.sipfoundry.org/index.php?t=msg&goto=44468&S=9a2fe924342a700db212b8481e97cc22#msg_44468
>>>>
>>>>
>>>>
>>>> Not sure if this fixes your problems, but it does reference a dashboard
>>>> that
>>>> you may want to access for some configuration options. I’d search more
>>>> of
>>>> the archives as well for people that have referenced this ITSP and have
>>>> successfully gotten it working.
>>>>
>>>>
>>>>
>>>>
>>>> From: sipx-users-boun...@list.sipfoundry.org [mailto:
>>>> sipx-users-boun...@list.sipfoundry.org ] On Behalf Of Tony Graziano
>>>> Sent: Tuesday, September 07, 2010 3:16 PM
>>>>
>>>> To: Discussion list for users of sipXecs software
>>>>
>>>> Subject: Re: [sipx-users] Call drops after 1 min & 29 secs
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> If your firewall has a packet capture facility, you can do a pcap on the
>>>> WAN
>>>> interface and see what they are sending.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> I would suspect if anyone has a working teliax config they will share
>>>> it.
>>>>
>>>>
>>>> On Tue, Sep 7, 2010 at 6:15 PM, Tony Graziano <
>>>> tgrazi...@myitdepartment.net
>>>> > wrote:
>>>>
>>>> I think unless you are wed to them, it would be easier to switch to a
>>>> "normal" provider. Supported providers in the templates usually take 5
>>>> minutes to setup. I HOPE your firewall is doing manual versus automatic
>>>> NAT.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> I looked at Teliax and they seem "residentially" focused, and really
>>>> expensive for business plans.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Tue, Sep 7, 2010 at 6:12 PM, Stiles Watson < wat...@datatek-net.com>
>>>> wrote:
>>>>
>>>>
>>>> Unfortunately, there is no way in the Teliax portal to even see if you
>>>> are
>>>> registered, much less what port.
>>>>
>>>> The reason I had 5060 forwarded to sipx was this was how I had Trixbox
>>>> CE
>>>> setup and working. There is nothing in my Teliax setup which I changed
>>>> to
>>>> force 5060.
>>>>
>>>> Thanks for the pdf. With the exception of the SIP port, I think I have
>>>> everything setup correctly. I changed my NAT rules to forward 5080
>>>> instead
>>>> of 5060 and the call acted exactly the same.
>>>>
>>>> I've also asked Teliax if they have config info for sipX and they said
>>>> no,
>>>> but many are using the two together successfully. Here is their exact
>>>> response:
>>>>
>>>> "We do not have a have a configuration for them. However, I know that
>>>> many
>>>> customers have used SIPXECS without a problem. The main information you
>>>> need
>>>> is the username, secret, and host that you are registering to."
>>>>
>>>> I've asked them what port they are sending the INVITE on and am waiting
>>>> on a
>>>> response.
>>>>
>>>> Any other suggestions/thoughts?
>>>>
>>>> Stiles
>>>>
>>>> Tony Graziano wrote:
>>>>
>>>>
>>>>
>>>> It means they are not acking the call. I suspect this is because
>>>> sipxbridge
>>>> may not be involved in the call, and only sipxproxy is, which would be
>>>> problematic for a lot of call scenarios (like transfers).
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> I'm confused though, because it seems you are breaking "rule #1" when
>>>> using
>>>> sipxbridge... you are having the calls sent to port 5060 instead of
>>>> 5080.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> When you register with teliax, can you see on their portal what port you
>>>> are
>>>> registering on? Can you confirm they are sending to you on a specific
>>>> port?
>>>> If so, what port?
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> You should peek at this:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> http://blog.myitdepartment.net/wp-content/uploads/2009/11/Call-Setup-Example-sipXecs-through-ITSP1.pdf
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Somehow I don't believe you are doing it quite like that.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Tue, Sep 7, 2010 at 5:18 PM, Stiles Watson < wat...@datatek-net.com>
>>>> wrote:
>>>>
>>>>
>>>> Running
>>>>
>>>> • sipXecs v 4.2.1
>>>> • ITSP is Teliax
>>>> • SIP ports 5060 & 5061 are routed to sipX server
>>>> • RTP ports 30000-31000 are routed to sipX server
>>>> • Polycom IP 335 hardphone
>>>>
>>>>
>>>> I'm able to place incoming and outgoing calls through Teliax, but calls
>>>> consistently drop after 1 min. 29 sec.
>>>>
>>>> Teliax device config change attempts:
>>>>
>>>> • Enable DNIS (teliax sends number in sip invite instead of user)
>>>>
>>>>
>>>>
>>>>
>>>> • result: calls still drop after 1 min. 29 sec., but made call
>>>> routing easier via a custom DID!
>>>>
>>>> • Entered public IP under "Your IP"
>>>>
>>>>
>>>>
>>>> • This is optional and resulted in not being able to make
>>>> inbound
>>>> calls (I read in the archives that this is recommended with Teliax - is
>>>> there a sipX config change needed to make this work?)
>>>>
>>>> sipX config for teliax SIP trunk Gateway:
>>>>
>>>> • Configuration
>>>>
>>>>
>>>>
>>>>
>>>> • Enabled: yes • Name: teliax
>>>> • SBC Route: sipXbridge-1
>>>> • Address: den.teliax.net (this has to match with the proxy
>>>> setting
>>>> in your teliax account)
>>>> • Port: 0
>>>> • Transport protocol: Auto
>>>> • Location: all
>>>> • Shared: yes
>>>>
>>>>
>>>> • Caller ID
>>>>
>>>>
>>>>
>>>> • Default Caller ID: set this to the number from Teliax
>>>> •
>>>> use default for all other settings
>>>>
>>>>
>>>> • Dial Plan
>>>>
>>>>
>>>>
>>>> • Enabled and added both Local & Long Distance dial plans to
>>>> this
>>>> gateway
>>>>
>>>> • ITSP Account
>>>>
>>>>
>>>>
>>>> • Username: use teliax username • Authentication
>>>> Username:
>>>> same as Username
>>>> • Password: use teliax device password
>>>> • Register on init: yes
>>>> • ITSP server address: same as Config-->Address above
>>>> • Use public address for call setup: yes (I tried both yes and
>>>> no,
>>>> calls completed either way and did not effect disconnect problem)
>>>> • Strip private headers: default
>>>> • Use default asserted identity: default
>>>> • Asserted identity: default
>>>> • Use default preferred identity: default
>>>> • Preferred identity: default
>>>> • User part of INVITE SIP URI is a phone number: NO
>>>> • ITSP Registrar Address: default
>>>> • ITSP Registrar Port: default
>>>> • Registration interval: default
>>>> • Session Timer Interval: default
>>>> • Method to use for SIP keepalive: Empty SIP message (also tried
>>>> None)
>>>> • Method to use for RTP keepalive: Replay last sent packet (also
>>>> tried None)
>>>> • Route by To Header: default
>>>>
>>>>
>>>> Any thoughts as to why the calls would drop after 1 min. 29 sec.?
>>>>
>>>> Stiles
>>>>
>>>>
>>>> _______________________________________________
>>>> sipx-users mailing list
>>>> sipx-users@list.sipfoundry.org
>>>> List Archive: http://list.sipfoundry.org/archive/sipx-users/
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> ======================
>>>> Tony Graziano, Manager
>>>> Telephone: 434.984.8430
>>>> sip: tgrazi...@voice.myitdepartment.net
>>>> Fax: 434.984.8431
>>>>
>>>> Email: tgrazi...@myitdepartment.net
>>>>
>>>> LAN/Telephony/Security and Control Systems Helpdesk:
>>>> Telephone: 434.984.8426
>>>> sip: helpd...@voice.myitdepartment.net
>>>> Fax: 434.984.8427
>>>>
>>>> Helpdesk Contract Customers:
>>>> http://www.myitdepartment.net/gethelp/
>>>>
>>>> Why do mathematicians always confuse Halloween and Christmas?
>>>> Because 31 Oct = 25 Dec.
>>>>
>>>> _______________________________________________ sipx-users mailing list
>>>> sipx-users@list.sipfoundry.org List Archive:
>>>> http://list.sipfoundry.org/archive/sipx-users/
>>>>
>>>>
>>>> _______________________________________________
>>>> sipx-users mailing list
>>>> sipx-users@list.sipfoundry.org
>>>> List Archive: http://list.sipfoundry.org/archive/sipx-users/
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> ======================
>>>> Tony Graziano, Manager
>>>> Telephone: 434.984.8430
>>>> sip: tgrazi...@voice.myitdepartment.net
>>>> Fax: 434.984.8431
>>>>
>>>> Email: tgrazi...@myitdepartment.net
>>>>
>>>> LAN/Telephony/Security and Control Systems Helpdesk:
>>>> Telephone: 434.984.8426
>>>> sip: helpd...@voice.myitdepartment.net
>>>> Fax: 434.984.8427
>>>>
>>>> Helpdesk Contract Customers:
>>>> http://www.myitdepartment.net/gethelp/
>>>>
>>>> Why do mathematicians always confuse Halloween and Christmas?
>>>> Because 31 Oct = 25 Dec.
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> ======================
>>>> Tony Graziano, Manager
>>>> Telephone: 434.984.8430
>>>> sip: tgrazi...@voice.myitdepartment.net
>>>> Fax: 434.984.8431
>>>>
>>>> Email: tgrazi...@myitdepartment.net
>>>>
>>>> LAN/Telephony/Security and Control Systems Helpdesk:
>>>> Telephone: 434.984.8426
>>>> sip: helpd...@voice.myitdepartment.net
>>>> Fax: 434.984.8427
>>>>
>>>> Helpdesk Contract Customers:
>>>> http://www.myitdepartment.net/gethelp/
>>>>
>>>> Why do mathematicians always confuse Halloween and Christmas?
>>>> Because 31 Oct = 25 Dec.
>>>> _______________________________________________
>>>> sipx-users mailing list
>>>> sipx-users@list.sipfoundry.org
>>>> List Archive: http://list.sipfoundry.org/archive/sipx-users/
>>>>
>>>>
>>>>
>>>> --
>>>> ======================
>>>> Tony Graziano, Manager
>>>> Telephone: 434.984.8430
>>>> sip: tgrazi...@voice.myitdepartment.net
>>>> Fax: 434.984.8431
>>>>
>>>> Email: tgrazi...@myitdepartment.net
>>>>
>>>> LAN/Telephony/Security and Control Systems Helpdesk:
>>>> Telephone: 434.984.8426
>>>> sip: helpd...@voice.myitdepartment.net
>>>> Fax: 434.984.8427
>>>>
>>>> Helpdesk Contract Customers:
>>>> http://www.myitdepartment.net/gethelp/
>>>>
>>>> Why do mathematicians always confuse Halloween and Christmas?
>>>> Because 31 Oct = 25 Dec.
>>>>
>>>>
>>>> _______________________________________________ sipx-users mailing list
>>>> sipx-users@list.sipfoundry.org List Archive:
>>>> http://list.sipfoundry.org/archive/sipx-users/
>>>> _______________________________________________
>>>> sipx-users mailing list
>>>> sipx-users@list.sipfoundry.org
>>>> List Archive: http://list.sipfoundry.org/archive/sipx-users/
>>>>
>>>> ------------------------------
>>>>
>>>> _______________________________________________
>>>> sipx-users mailing listsipx-us...@list.sipfoundry.org
>>>> List Archive: http://list.sipfoundry.org/archive/sipx-users/
>>>>
>>>>
>>>> _______________________________________________
>>>> sipx-users mailing list
>>>> sipx-users@list.sipfoundry.org
>>>> List Archive: http://list.sipfoundry.org/archive/sipx-users/
>>>>
>>>
>>>
>>>
>>> --
>>> ======================
>>> Tony Graziano, Manager
>>> Telephone: 434.984.8430
>>> sip: tgrazi...@voice.myitdepartment.net
>>> Fax: 434.984.8431
>>>
>>> Email: tgrazi...@myitdepartment.net
>>>
>>> LAN/Telephony/Security and Control Systems Helpdesk:
>>> Telephone: 434.984.8426
>>> sip: helpd...@voice.myitdepartment.net
>>> Fax: 434.984.8427
>>>
>>> Helpdesk Contract Customers:
>>> http://www.myitdepartment.net/gethelp/
>>>
>>> Why do mathematicians always confuse Halloween and Christmas?
>>> Because 31 Oct = 25 Dec.
>>>
>>>
>>
>>
>> --
>> ======================
>> Tony Graziano, Manager
>> Telephone: 434.984.8430
>> sip: tgrazi...@voice.myitdepartment.net
>> Fax: 434.984.8431
>>
>> Email: tgrazi...@myitdepartment.net
>>
>> LAN/Telephony/Security and Control Systems Helpdesk:
>> Telephone: 434.984.8426
>> sip: helpd...@voice.myitdepartment.net
>> Fax: 434.984.8427
>>
>> Helpdesk Contract Customers:
>> http://www.myitdepartment.net/gethelp/
>>
>> Why do mathematicians always confuse Halloween and Christmas?
>> Because 31 Oct = 25 Dec.
>>
>>
>
>
> --
> ======================
> Tony Graziano, Manager
> Telephone: 434.984.8430
> sip: tgrazi...@voice.myitdepartment.net
> Fax: 434.984.8431
>
> Email: tgrazi...@myitdepartment.net
>
> LAN/Telephony/Security and Control Systems Helpdesk:
> Telephone: 434.984.8426
> sip: helpd...@voice.myitdepartment.net
> Fax: 434.984.8427
>
> Helpdesk Contract Customers:
> http://www.myitdepartment.net/gethelp/
>
> Why do mathematicians always confuse Halloween and Christmas?
> Because 31 Oct = 25 Dec.
>
> ------------------------------
>
> _______________________________________________
> sipx-users mailing listsipx-us...@list.sipfoundry.org
> List Archive: http://list.sipfoundry.org/archive/sipx-users/
>
>
> _______________________________________________
> sipx-users mailing list
> sipx-users@list.sipfoundry.org
> List Archive: http://list.sipfoundry.org/archive/sipx-users/
>
--
======================
Tony Graziano, Manager
Telephone: 434.984.8430
sip: tgrazi...@voice.myitdepartment.net
Fax: 434.984.8431
Email: tgrazi...@myitdepartment.net
LAN/Telephony/Security and Control Systems Helpdesk:
Telephone: 434.984.8426
sip: helpd...@voice.myitdepartment.net
Fax: 434.984.8427
Helpdesk Contract Customers:
http://www.myitdepartment.net/gethelp/
Why do mathematicians always confuse Halloween and Christmas?
Because 31 Oct = 25 Dec.
_______________________________________________
sipx-users mailing list
sipx-users@list.sipfoundry.org
List Archive: http://list.sipfoundry.org/archive/sipx-users/
