danielrm26
New Member
- Joined
- Jan 19, 2009
- Messages
- 4
- Reaction score
- 0
Configuration
PBXinaFlash behind a Check Point firewall. I have passed all ports from my VOIP provider to my Asterisk box and have disabled the iptables on the Asterisk box itself. I've also opened the proper range (10K-60K) in my rtp.conf file and defined my external host and internal network paramaters in my sip-nat configuration file.
Problem
I am only able to receive incoming calls immediately after I start/restart Asterisk (or make an outbound call). After that I just get my provider's message that the number can't be reached.
Troubleshooting
While sniffing the connection, I notice:
1. Incoming high-numbered UDP connections are being initiated by my provider when the incoming call is being attempted. These attempts are being rejected via ICMP Port Unreachable messages by my Asterisk box--not my firewall.
2. The incoming UDP packets from my provider are destined for my Asterisk box's INTERNAL address, not my firewall's EXTERNAL address. So, on my firewall's external interface I'm seeing the incoming RTP connections from my provider destined for my internal 10 address.
Questions
1. Shouldn't my provider be sending RTP connections to my external (NAT) IP and not my 10 address behind the firewall?
2. What do I need to check on my side to ensure that I'm publishing the correct external IP?
3. Why do you think my PBXinaFlash box is rejecting (ICMP Unreachable) the high-level UDP connections from my provider if 1) rtp.conf has 10K-60K defined, and 2) there's no firewall enabled on the system?
** Just as a side note, how they are getting 10-routed packets all the way from them to me is somewhat interesting.
Anyway, any ideas would be greatly appreciated. I am really looking forward to getting my incoming calls working consistently. I feel like this is a NAT issue at this point, and just need to figure out this last piece.
Thanks!
PBXinaFlash behind a Check Point firewall. I have passed all ports from my VOIP provider to my Asterisk box and have disabled the iptables on the Asterisk box itself. I've also opened the proper range (10K-60K) in my rtp.conf file and defined my external host and internal network paramaters in my sip-nat configuration file.
Problem
I am only able to receive incoming calls immediately after I start/restart Asterisk (or make an outbound call). After that I just get my provider's message that the number can't be reached.
Troubleshooting
While sniffing the connection, I notice:
1. Incoming high-numbered UDP connections are being initiated by my provider when the incoming call is being attempted. These attempts are being rejected via ICMP Port Unreachable messages by my Asterisk box--not my firewall.
2. The incoming UDP packets from my provider are destined for my Asterisk box's INTERNAL address, not my firewall's EXTERNAL address. So, on my firewall's external interface I'm seeing the incoming RTP connections from my provider destined for my internal 10 address.
Questions
1. Shouldn't my provider be sending RTP connections to my external (NAT) IP and not my 10 address behind the firewall?
2. What do I need to check on my side to ensure that I'm publishing the correct external IP?
3. Why do you think my PBXinaFlash box is rejecting (ICMP Unreachable) the high-level UDP connections from my provider if 1) rtp.conf has 10K-60K defined, and 2) there's no firewall enabled on the system?
** Just as a side note, how they are getting 10-routed packets all the way from them to me is somewhat interesting.
Anyway, any ideas would be greatly appreciated. I am really looking forward to getting my incoming calls working consistently. I feel like this is a NAT issue at this point, and just need to figure out this last piece.
Thanks!
Phone System 