Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SIP trunk - no audio

Status
Not open for further replies.

Diya Freahat

Technical User
Aug 22, 2017
12
JO
I have a sip trunk configured with a sip provider in IP Office v2 R11.1 behind a Meraki firewall

No signal issues for incoming and outgoing calls, but no audio in both directions when answering call, and system status shows 100% packet loss with media IP even though there is a ping from IPO

I set and ran a STUN address for Google in the LAN1 network topology which provides the full cone NAT & public IP, and fixes the audio issue for only a few hours

Firewall engineer advised me that the Meraki doesnt do sip alg inspection.
and I should use either :
STUN server,
Is there a free STUN server that runs permanently without any restrictions or does it require a subscription?

Or

Configre IPO to correctly send the public IP in its header, how is it done?

Any advice appreciated.
 
Last edited:
I have a sip trunk configured with a sip provider in IP Office v2 R11.1 behind a Meraki firewall

No signal issues for incoming and outgoing calls, but no audio in both directions when answering call, and system status shows 100% packet loss with media IP even though there is a ping from IPO

I set and run a STUN address for Google in the LAN1 network topology which provides the full cone NAT & public IP, and fixes the audio issue for only a few hours

Firewall engineer advised me that the Meraki doesnt do sip alg inspection.
and I should use either :
STUN server,
Is there a free STUN server that runs permanently without any restrictions or does it require a subscription?

Or

Configre IPO to correctly send the public IP in its header, how is it done?

Any advice appreciated.
 
Sorry I just reread the post. Forget that question.
Sorry.
 
If you have to send your public IP you need to set up your network Topology. But if you have no audio in both directions it looks like the firewall blocks traffic in both directions.

Is it a trunk with registration?
 
Its usually related to setting the NAT Type correctly, and/or RTP range not being setup properly in the firewall.
 
If you have to send your public IP you need to set up your network Topology. But if you have no audio in both directions it looks like the firewall blocks traffic in both directions.

Is it a trunk with registration?
No authentication in SIP trunk, SIP provider shared with me only IP details, 5060 UDP, and RTP 20000-40000 which are opened in IPO & in firewall,
They told me that the call coming from SIPTrunk having media IP as the local IP instead of the public

I believe this happens when SIP alg is enabled on the firewall, but ALG functionality is not available on the client firewall
 
Its usually related to setting the NAT Type correctly, and/or RTP range not being setup properly in the firewall.

What is the correct NAT type?
Full cone NAT in network topology & in firewall?

Google stun server discovers the full cone NAT with the public IP, and fixes the audio issues shortly.
The audio problem remains if NAT type & public IP if are set manually in network topology.
Should they be set to the firewall as well?
 
What is the correct NAT type?
Full cone NAT in network topology & in firewall?

Google stun server discovers the full cone NAT with the public IP, and fixes the audio issues shortly.
The audio problem remains if NAT type & public IP if are set manually in network topology.
Should they be set to the firewall as well?
I've always struggled with this myself. Using an external firewall woth port forwarding the signaling and RTP, I've used Open Internet.
 
No authentication in SIP trunk, SIP provider shared with me only IP details, 5060 UDP, and RTP 20000-40000 which are opened in IPO & in firewall,
They told me that the call coming from SIPTrunk having media IP as the local IP instead of the public

I believe this happens when SIP alg is enabled on the firewall, but ALG functionality is not available on the client firewall
The port range 20000-40000 is on their side and must be open outbound. Inbound you have to ensure that the port range configured in your IPO (LAN interface) is open as the IPO tells rhe provider to send RTP to those ports.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top