Great! Thank you, Tony! So, if I understand correctly, this means that I can take NAT off of 10000-20000 and 30000-31000 on my router but leave those ports unblocked. Taking the NAT off won't inhibit functionality and, is probably better from the perspective of minimizing external vulnerabilities.
-Paul Paul Herron, Principal Sage Craftsmen, LLC p...@sagecraftsmen.com | direct 202-570-7030 www.sagecraftsmen.com Happy is the home that shelters a friend. -- RALPH WALDO EMERSON -----Original Message----- From: Tony Graziano [mailto:tgrazi...@myitdepartment.net] Sent: Saturday, February 26, 2011 1:16 PM To: Paul Herron Cc: sipx-users@list.sipfoundry.org Subject: Re: [sipx-users] Change RTP NAT ports to 10000-20000 for Vitelity SIP trunk conflicts with Java port Yes... ITSP offers/anwers rtp for calls (sipxbridge). In media relay for remote users, 30000-31000 are for remote users, and since sipx is in charge of both ends, it is able to dictate the rtp and why it is "adjustable/settable" in sipx. ============================ Tony Graziano, Manager Telephone: 434.984.8430 Fax: 434.984.8431 Email: tgrazi...@myitdepartment.net LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 Fax: 434.984.8427 Helpdesk Contract Customers: http://www.myitdepartment.net/gethelp/ ----- Original Message ----- From: Tony Graziano <tgrazi...@myitdepartment.net> To: p...@sagecraftsmen.com <p...@sagecraftsmen.com> Cc: sipx-users@list.sipfoundry.org <sipx-users@list.sipfoundry.org> Sent: Sat Feb 26 13:02:01 2011 Subject: Re: [sipx-users] Change RTP NAT ports to 10000-20000 for Vitelity SIP trunk conflicts with Java port Outbound call to the itsp also occur over 5060 like remote users. Currently, only inbound calls come in udp/5080 from an itsp. ============================ Tony Graziano, Manager Telephone: 434.984.8430 Fax: 434.984.8431 Email: tgrazi...@myitdepartment.net LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 Fax: 434.984.8427 Helpdesk Contract Customers: http://www.myitdepartment.net/gethelp/ ----- Original Message ----- From: Paul Herron <p...@sagecraftsmen.com> To: tgrazi...@myitdepartment.net <tgrazi...@myitdepartment.net> Cc: sipx-users@list.sipfoundry.org <sipx-users@list.sipfoundry.org> Sent: Sat Feb 26 13:00:20 2011 Subject: Re: [sipx-users] Change RTP NAT ports to 10000-20000 for Vitelity SIP trunk conflicts with Java port For my own edification, is the reason ports 10000-20000 do not need to be NATed because RTP ports are negotiated during the invite, which occurs over port 5080 and, SIPx opens the negotiated RTP port with outbound communication? Is this how it works on both inbound and outbound calls from/to the ITSP? Does this also hold true for remote user RTP over ports 30000-31000, with the exception of the invite occurring over port 5060? Tony Graziano wrote: if you are using a standard setup where ITSP sends you calls on port 5080, yes. If you not support remote users, yes. On Sat, Feb 26, 2011 at 12:55 AM, Tim Ingalls <t...@sharedcom.net> wrote: > Thanks Tony. I just removed the port forwarding rule on my router and > changed the RTP ports back to 30000-31000 and everything is working > fine now. > > Can I also remove the port forwarding rule for SIP (5060 and 5061) and > have it work fine, too? I'd like to have a test sipXecs server running > behind the NAT as well as my main sipXecs server. I want to use the > same carrier (Vitelity) but with a different account or sub-account > that the gateways on each sipXecs server registers to without having > the calls going to the wrong server. Ideally you would use a different public facing ip address for that... > > Thanks, > > Tim > > > Tony Graziano wrote: >> No changes should be necessary at all. >> >> Rtp 30000-31000 are for remote user rtp. >> >> I "don't nat" 10000-20000 but I don't restrict them from going out. >> That's all you should need. >> ============================ >> Tony Graziano, Manager >> Telephone: 434.984.8430 >> Fax: 434.984.8431 >> >> Email: tgrazi...@myitdepartment.net >> >> LAN/Telephony/Security and Control Systems Helpdesk: >> Telephone: 434.984.8426 >> Fax: 434.984.8427 >> >> Helpdesk Contract Customers: >> http://www.myitdepartment.net/gethelp/ >> >> ----- Original Message ----- >> From: sipx-users-boun...@list.sipfoundry.org >> <sipx-users-boun...@list.sipfoundry.org> >> To: Discussion list for users of sipXecs software >> <sipx-users@list.sipfoundry.org> >> Sent: Fri Feb 25 21:00:39 2011 >> Subject: Re: [sipx-users] Change RTP NAT ports to 10000-20000 for >> Vitelity SIP trunk conflicts with Java port >> >> I'm wondering if changing FreeSwitch's 15060 port will really be all >> that needs to be changed. Does anyone have a reliable list of all >> ports being used on the sipXecs server? >> >> On a side note, it would be really great to have some kind of a >> config page in sipXconfig that would list all of the ports listed in >> all config files, etc., and allow someone to type in different values >> to accommodate for various SIP trunking providers or other needs. >> >> from a grep for "RTP" I find the following other conflicts: >> >> >> freeswitch/conf/autoload_configs/switch.conf.xml: <param >> name="rtp-start-port" value="11000"/> >> freeswitch/conf/autoload_configs/switch.conf.xml: <param >> name="rtp-end-port" value="12998"/> >> >> It also appears that sipxacd uses port 10000. >> _______________________________________________ >> sipx-users mailing list >> sipx-users@list.sipfoundry.org >> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > _______________________________________________ > sipx-users mailing list > sipx-users@list.sipfoundry.org > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > -- ====================== Tony Graziano, Manager Telephone: 434.984.8430 sip: tgrazi...@voice.myitdepartment.net Fax: 434.326.5325 Email: tgrazi...@myitdepartment.net LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 sip: helpd...@voice.myitdepartment.net Helpdesk Contract Customers: http://support.myitdepartment.net Blog: http://blog.myitdepartment.net Linked-In Profile: http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4 -Paul Sage Logo Paul Herron Principal Sage Craftsmen, LLC p...@sagecraftsmen.com | 202-570-7030 www.sagecraftsmen.com Happy is the home that shelters a friend. -- RALPH WALDO EMERSON _______________________________________________ sipx-users mailing list sipx-users@list.sipfoundry.org List Archive: http://list.sipfoundry.org/archive/sipx-users/
