Great! Thank you, Tony! So, if I understand correctly, this means that I can take NAT off of 10000-20000 and 30000-31000 on my router but leave those ports unblocked. Taking the NAT off won't inhibit functionality and, is probably better from the perspective of minimizing external vulnerabilities.
-Paul Paul Herron, Principal Sage Craftsmen, LLC [email protected] | direct 202-570-7030 www.sagecraftsmen.com Happy is the home that shelters a friend. -- RALPH WALDO EMERSON -----Original Message----- From: Tony Graziano [mailto:[email protected]] Sent: Saturday, February 26, 2011 1:16 PM To: Paul Herron Cc: [email protected] Subject: Re: [sipx-users] Change RTP NAT ports to 10000-20000 for Vitelity SIP trunk conflicts with Java port Yes... ITSP offers/anwers rtp for calls (sipxbridge). In media relay for remote users, 30000-31000 are for remote users, and since sipx is in charge of both ends, it is able to dictate the rtp and why it is "adjustable/settable" in sipx. ============================ Tony Graziano, Manager Telephone: 434.984.8430 Fax: 434.984.8431 Email: [email protected] LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 Fax: 434.984.8427 Helpdesk Contract Customers: http://www.myitdepartment.net/gethelp/ ----- Original Message ----- From: Tony Graziano <[email protected]> To: [email protected] <[email protected]> Cc: [email protected] <[email protected]> Sent: Sat Feb 26 13:02:01 2011 Subject: Re: [sipx-users] Change RTP NAT ports to 10000-20000 for Vitelity SIP trunk conflicts with Java port Outbound call to the itsp also occur over 5060 like remote users. Currently, only inbound calls come in udp/5080 from an itsp. ============================ Tony Graziano, Manager Telephone: 434.984.8430 Fax: 434.984.8431 Email: [email protected] LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 Fax: 434.984.8427 Helpdesk Contract Customers: http://www.myitdepartment.net/gethelp/ ----- Original Message ----- From: Paul Herron <[email protected]> To: [email protected] <[email protected]> Cc: [email protected] <[email protected]> Sent: Sat Feb 26 13:00:20 2011 Subject: Re: [sipx-users] Change RTP NAT ports to 10000-20000 for Vitelity SIP trunk conflicts with Java port For my own edification, is the reason ports 10000-20000 do not need to be NATed because RTP ports are negotiated during the invite, which occurs over port 5080 and, SIPx opens the negotiated RTP port with outbound communication? Is this how it works on both inbound and outbound calls from/to the ITSP? Does this also hold true for remote user RTP over ports 30000-31000, with the exception of the invite occurring over port 5060? Tony Graziano wrote: if you are using a standard setup where ITSP sends you calls on port 5080, yes. If you not support remote users, yes. On Sat, Feb 26, 2011 at 12:55 AM, Tim Ingalls <[email protected]> wrote: > Thanks Tony. I just removed the port forwarding rule on my router and > changed the RTP ports back to 30000-31000 and everything is working > fine now. > > Can I also remove the port forwarding rule for SIP (5060 and 5061) and > have it work fine, too? I'd like to have a test sipXecs server running > behind the NAT as well as my main sipXecs server. I want to use the > same carrier (Vitelity) but with a different account or sub-account > that the gateways on each sipXecs server registers to without having > the calls going to the wrong server. Ideally you would use a different public facing ip address for that... > > Thanks, > > Tim > > > Tony Graziano wrote: >> No changes should be necessary at all. >> >> Rtp 30000-31000 are for remote user rtp. >> >> I "don't nat" 10000-20000 but I don't restrict them from going out. >> That's all you should need. >> ============================ >> Tony Graziano, Manager >> Telephone: 434.984.8430 >> Fax: 434.984.8431 >> >> Email: [email protected] >> >> LAN/Telephony/Security and Control Systems Helpdesk: >> Telephone: 434.984.8426 >> Fax: 434.984.8427 >> >> Helpdesk Contract Customers: >> http://www.myitdepartment.net/gethelp/ >> >> ----- Original Message ----- >> From: [email protected] >> <[email protected]> >> To: Discussion list for users of sipXecs software >> <[email protected]> >> Sent: Fri Feb 25 21:00:39 2011 >> Subject: Re: [sipx-users] Change RTP NAT ports to 10000-20000 for >> Vitelity SIP trunk conflicts with Java port >> >> I'm wondering if changing FreeSwitch's 15060 port will really be all >> that needs to be changed. Does anyone have a reliable list of all >> ports being used on the sipXecs server? >> >> On a side note, it would be really great to have some kind of a >> config page in sipXconfig that would list all of the ports listed in >> all config files, etc., and allow someone to type in different values >> to accommodate for various SIP trunking providers or other needs. >> >> from a grep for "RTP" I find the following other conflicts: >> >> >> freeswitch/conf/autoload_configs/switch.conf.xml: <param >> name="rtp-start-port" value="11000"/> >> freeswitch/conf/autoload_configs/switch.conf.xml: <param >> name="rtp-end-port" value="12998"/> >> >> It also appears that sipxacd uses port 10000. >> _______________________________________________ >> sipx-users mailing list >> [email protected] >> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > -- ====================== Tony Graziano, Manager Telephone: 434.984.8430 sip: [email protected] Fax: 434.326.5325 Email: [email protected] LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 sip: [email protected] Helpdesk Contract Customers: http://support.myitdepartment.net Blog: http://blog.myitdepartment.net Linked-In Profile: http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4 -Paul Sage Logo Paul Herron Principal Sage Craftsmen, LLC [email protected] | 202-570-7030 www.sagecraftsmen.com Happy is the home that shelters a friend. -- RALPH WALDO EMERSON _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
