Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Panasonic NCP500 Sip Extension Connection Issue

Status
Not open for further replies.
MickieD

MickieD

Technical User
Apr 24, 2012
11
GB
Hi,

I have a NCP500 that I can connect the SIP app (SMobile iPhone app) to over the local lan and also a VPN perfectly.

However, when I try to give it the WAN IP of my router and port forward 5060 to the PBX it says forbidden?

I have a SIP licence and as mentioned I can get it to work perfectly when on the office WIFI, and Also work perfectly when on 4G and connected to the office via VPN.

But I just cannot get it to connect to the PBX via the WAN IP.

I should mention the following setup.

NCP 500
Dreytek 2380n Router.
Port 5060 forwarded to PBX IP.

FYI, I also tried to DMZ the whole IP (all ports open) to the PBX IP but still nothing (forbidden).

Cheers and thanks for any support.

Mick
 
Sort by date Sort by votes
have you tried using a stun server. you would have to have NAT traversal setup on the router and port translation of 5060 to 35060 for the dsp card plus other settings.
 
Upvote 0 Downvote
That sounds like a good idea.

Never used a stun server before, but it would seem that it is common for Sip and UDP issues.

Is that the only way to get a dreytek to pass the sip extension through?

Cheers
Mick
 
Upvote 0 Downvote
I actually do not mind a VPN, but the problem is Apple iPhones disconnect the VPN when the phones go into autolock, which is stupid to not have a keep alive option.

Mick

 
Upvote 0 Downvote
you can set up nat-t on the router and do some port translations and it should work. depends on the router, not sure about the dreytek routers config
 
Upvote 0 Downvote
I did open ports on NAT to the PBX

I opened ports 5060 to IP 192.168.1.209 (PBX ip)

But it just says forbidden when I try and connect.

Is that what you meant?

Thank you.
 
Upvote 0 Downvote
that is port forwarding and 5060 is only the port to register and setup the calls, there is other ports that need to be open and forwarded to the dsp card like the udp ports for voice. I think it is in the 12000 port range.
 
Upvote 0 Downvote
Ok so port forwarding is not enough

The PBX ip is 192.168.1.209
The DSP IP is 192.168.1.210

I did DMZ (open everything) on the PBX ip?

I appreciate your support thank you.
 
Upvote 0 Downvote
Here is info about nat-t, it referring to sip trunks but sip extensions have the same principal

NAT Traversal When NAT/NAPT (Network Address Port Translation) is enabled, the router translates a local IP address from the PBX into a global IP address. However, the router with NAT enabled does not translate local IP addresses stored in SIP messages into global IP addresses.
Therefore, the address which the SIP Server recognises as the destination IP address to reply to is actually the local IP address of the PBX, not the global IP address of the router. Therefore, if the SIP Server receives a SIP message from the PBX and sends a message back to the PBX using the address stored in the SIP message, the packet information will not reach the PBX.
STUN Servers function to solve the global IP address problem under certain NAT conditions, for example, in case of full duplex communication. A STUN Server, used alongside the SIP Server, finds out the global IP address of the router with NAT enabled. With the STUN feature enabled, the packet information sent by the SIP Server is able to "traverse" NAT and reach the PBX
 
Upvote 0 Downvote
Ahhh I see!

The PBX thinks the PBX is talking to itself as it's coming from the wan port.

So would a stun server be put on the local domain? (Ie 192.168.1.211)

There is a windows 2012 DNS server on the network already could I use the same box?

I will install a centos box tonight if that is right.

Thanks again for your help

Mick
 
Upvote 0 Downvote
there are free stun servers on the web, just google one, some are free
 
Upvote 0 Downvote
Thank you.

I will look into a stun server on the weekend see if I can get something configured on the win server box.

Have you set one up before? any thoughts, tips even?

Cheers for your help.

Mick
 
Upvote 0 Downvote
The problem is most likely on your Dreytek 2380n Router. I got a similar problem while setting up trunks on a VoIP switch in USA. There was Forbidden and FAS.

Later figure out the problem and sorted it out.

Mine was a different model and not Draytek

Contact Draytek support, they could be of help

 
Upvote 0 Downvote
That is a good idea, I never thought of that.

I will contact draytek on Monday, setting up another server seems a bit much.

Thanks
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

S
  • Question
Panasonic NS700 SIP Busy
Replies
9
Views
580
Scott_Cloud
S
Peter Kolbe
  • Locked
  • Question
Panasonic NS500, SIP Phones, Automatic Callback Busy
Replies
1
Views
345
kizo
kizo
S
  • Question
Panasonic KX-NT546
Replies
5
Views
445
Smileincap
S
Patrick84
  • Locked
  • Question
Replaced Cisco Router now Panasonic NS700 SIP not working
Replies
2
Views
150
Patrick84
Patrick84
ctamir
  • Locked
  • Question
panasonic ntv160
Replies
1
Views
114
Mike_K
Mike_K

Part and Inventory Search

Sponsor

Back
Top