If you are using a Cisco ASA Router which is known to have a quality SIP ALG (sometimes referred to as SIP Helper) implementation that works well generally then enabling the SIP ALG/SIP Helper will generally work and not cause any issues. Should I configure SIP or NAT traversal technologies on my firewall? While there are some perfectly valid circumstances where configuring NAT traversal technologies on your local device is desired, unless you have a concrete reason to do so and clearly understand what you are doing, we strongly recommend that you disable all NAT traversal technologies including, but not limited to, STUN, ICE, and hard coding external addresses. Should I set NAT traversal technologies such as STUN and ICE on my phones? OnSIP Hosted PBX service utilizes a remote "server side" solution to this technical issue. One of the technical challenges to implementing a SIP based VoIP solution is making everything work when a firewall and/or NAT is deployed between devices exchanging data. I suppose it could work if all the extensions were analog.NAT (Network Address Translation) is a technology most commonly used by firewalls and routers to allow multiple devices on a LAN with 'private' IP addresses to share a single public IP address. I'm currently on a quest to find out if it's possible to bring in SIP trunks to a 3300 without an MBG, but no luck so far. It would be a terrible idea of a deployment of 100s of phones. Keep in mind that doing so will result in more demand on the phone system. Some phone systems, like Asterisk, let you keep the phone system in the audio path. If there were some way for the 3300 to stay in the audio path then you could probably get away without an outbound proxy. In your case, the other end point is the service provider. When a call is up, a phone will send it's voice packets directly to the endpoint that it's trying to communicate with. You can try port forwarding the appropriate ports to the 3300 for SIP and RTP, but you will have one-way audio problems. Or you could make a DMZ on your firewall and put it in there. If the SIP trunks are coming in over the internet then you would need an MBG in Server-gateway mode with one interface on the LAN and other on the internet. I realize that I am late to the party, but here are my 2 cents.Īn MBG (or some sort of Outbound SIP Proxy) should be used. Is there anything else we could possibly be missing? I know that ports were opened in the firewall for 5060 and the recommended RTP ports. Once we switched from SIP back to PRI, all our problems disappeared.Ĭan anyone give me any idea of what to do to resolve this? I'm not familiar with Watch Guard firewalls. Subnet 2 can receive inbound external calls but cannot make outbound external calls. Twinned calls answered on a cell phone have no audio on subnet 1. Some calls in progress were reported to have dropped one side of the audio stream during the call. Sip trunks would go out of service intermittently for no more than 4 minutes, then return to service automatically. Inbound and outbound calls with 2 way audio worked on subnet 1. By the time we got on site, this was our list. We switched to SIP trunking this morning and everything worked.for about 10 minutes. Under these circumstances, all services and calls work perfectly with 0 issues. I don't know what type the 2nd building has. Users have desk phones and some are multi device twinning to a cell phone. System is currently hooked to a PRI circuit for trunking. 50 IP phones on 2 different subnets with 2 different buildings.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |