Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

RTP Ports - Please Help! 1

Status
Not open for further replies.

Voyto

IS-IT--Management
Sep 3, 2022
4
GB
Hi All,

I have recently just replaced our office router for something more substantial for our network size (ASUS Merlin -> OPNsense)

I have copied over all port-forwards from the old router to the new. There was a NAT Passthrough section on the old which doesn't exist on the new - possibly my issue?

1597613552796-png.25492_zrfnii.png


Anyway, since the switchover - our H.323 remote IP phones can connect, dial out, receive calls.....but no sound.

I've tested going overboard with the port-forwards and was able to get one-way audio, but the port range I used was way too big for production use.

My new router allows me to monitor the firewall activity and it's confusing me massively! I can't seem to spot a pattern. Below is the firewall output when I try calling a remote worker....

Code:
INTERFACE     SOURCE            DESTINATION       PROTOCOL
WAN           REMOTE_IP:49658   OFFICE_IP:45496   UDP
WAN           REMOTE_IP:49659   OFFICE_IP:45497   UDP
WAN           REMOTE_IP:50510   OFFICE_IP:65340   UDP
WAN           REMOTE_IP:50511   OFFICE_IP:65341   UDP
WAN           REMOTE_IP:49244   OFFICE_IP:51673   UDP
WAN           REMOTE_IP:52470   OFFICE_IP:1967    UDP

I assume these are the RTP ports - but they aren't following the range specified in System > LAN > VoIP (49152-49410)

The only variable that's changed is the router - so I obviously don't have my firewall configured correctly...but based on the above, my previous rules aren't working. Here are the port forwards I have....

2023-02-16_09_54_32-Port_Forward___NAT___Firewall___OPNsense.localdomain_-_Brave_rifpjp.png


Please help! [cry]
 
Fixed myself! Thought I'd post in case anyone is to stumble upon this in the future....

In OPNsense, I simply had to create an OUTBOUND NAT rule, with the IP Office as the source and everything else as any. Those random ports above are now a thing of the past and the original port forwards are working great.
 
have a star for posting the solution and thinking of others.

Joe
FHandw, ACSS, ACIS

"Dew knot truss yore Spell Cheque
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top