Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Sip Trunking with NAT

Status
Not open for further replies.
Bkpagos

Bkpagos

Technical User
Sep 26, 2006
38
GR
Hello.Please help me.
I have configured a SIP Line with all details right but my problem is NAT.My client has only one static ip and the whole network is behind the router with NAT.
For example : ADSL Modem/Router with a static public IP, and a local IP 192.168.1.254 .IP Office 500 is 192.168.1.253 on LAN1 and all PC's and IP Phones are on 192.168.1.1-200.When i run Stun, i get Blocking Firewall and no Public IP and port.Is there something else i need to do?Do i need to port forward 5060 on my router to IP Office?Do i need anything else?Or it can't work like this and i have to buy another public IP for LAN2 of the IPO?
 
Sort by date Sort by votes
I would suggest your cfg is not correct.

You need an ip route that gets you on to the internet.

As an example.

406v2 192.168.77.1
ADSL Router 192.168.77.77

IPRoute
0.0.0.0 255.255.255.0 192.168.77.77

When you run stun because the stun ip address is not on the same subnet as the IPO (its a public address) the ip route shold pick it up and point it the adsl router and into the internet.

The whole idea of stun is that i auto negotiates the issues that NAT introduces to SIP.
 
Upvote 0 Downvote
Bkpagos,

We've been testing a couple of sip providers and we are behind a nat firewall too. It's been hit and miss. More miss actually.

Which provider for sip trunking are you using?
Am I correct in saying you are using the built in firewall in the DSL modem? If so, you will need to get access to open ports, or contact your DSL provider and ask them.

You want to make certain of three things:

1. Your Firewall can do SIP transformations, otherwise when the traffic leaves the IP Office and goes through the firewall, it will carry the 192.168.1.253 address. Since 192.168.1.x is a non-routable address, the packets will never come back. SIP transformation is when the firewall "rewrites" the packets from the IP Office so they have the public IP and not private.

2. Port 5060 (SIP) is open from the internet (WAN) to the IP office (LAN). This should be quite simple to do, as long as you can get in to the configuration of your router.

3. You will also want to make sure you have RTP ports open. A sign that RTP is not open would be things like DTMF not working. Some routers are smart enough to automatically open RTP when you enable SIP transformations and/or open up port 5060.

GOOD LUCK!

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

somewacko2
  • Question
SIP Trunking and hunt groups
Replies
2
Views
222
Menniss
Menniss
S
  • Locked
  • Question
SIP Trunk configuration with STC
Replies
10
Views
737
derfloh
derfloh
tetratech
  • Locked
  • Question
2 SIP trunks with 911 Dialing
Replies
4
Views
332
tetratech
tetratech
Imran555
  • Locked
  • Question
Incoming caller ID with SIP server IP over SIP Trunks
Replies
1
Views
518
ipohead
ipohead
4thright
  • Question
IP Office 500 v2 - T1 Trunking
Replies
14
Views
609
derfloh
derfloh

Part and Inventory Search

Sponsor

Back
Top