cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10512
Views
15
Helpful
43
Replies

Open port 5060 udp

moman62
Level 1
Level 1

Hello, I have a cisco 2921 router and I would like to know how to enable port 5060 so that my ITSP can send information so I can perform outbound/inbound calls.

43 Replies 43

Gregory Brunn
Spotlight
Spotlight

If you don't have any access list applied to an interface all you need to do is properly configure the voice session voip and cube commands to enable it. Note the trust list below would be to be the source of the traffic. 

What is your true topology look like that might help with a better answer.

 

 

voice service voip
allow-connections sip to sip
ip address trusted list
     ipv4 <ipv4-address> [<ipv4 network-mask>]

 

 

Who is your ITSP? If any of the major players you can find sample configuration here. 

https://www.cisco.com/c/en/us/solutions/enterprise/interoperability-portal/networking_solutions_products_genericcontent0900aecd805bd13d.html

 

SIP dial peers on the router are UDP by default I believe you can change them to TCP if you want.

 

In addition to great response (+5), port 5060 is the default SIP port and you don't need to change anything on Cisco IOS device when pointing to a SIP destination unless you are using different port or if you need to use TCP instead of UDP in which case you would change session transport setting either globally or at a dial-peer level.

How would I do that? I'm showing that udp port 5060 is opened, when I do scans? is there a firewall acl that needs to be in place? or a dial-peer list? how can I tell since I cannot call outbound or recieve inbound? I really can't do a wireshark trace because everything is just extension to extension?

trusted list from 2020-03-25 11-24-29.png

 

My ITSP is 1Voip and they require udp access.

5060 add from 2020-03-30 11-22-15.png5060 not showing from 2020-03-30 11-24-36.png

I think we need to see a schematic, or at least a description of the path from your CUBE to the ITSP.   If you connect to the ITSP over the Internet it would be unusual (and worrying) to have a CUBE directly connected to the Internet without any sort of firewall configuration in place.

My dial peer setup:

When I do a debug ccsip messages and then term mon, the debug will not show messages.

 

Inbound Dial Peers:

dial-peer voice 101 voip
description Incoming LAN From CUCM
incoming called-number 9T
session protocol sipv2
codec g711ulaw
dtmf-relay rtp-nte
no vad

dial-peer voice 102 voip
description Outgoing LAN calls to CUCM
destination-pattern [2-9]
session protocol sipv2
session target ipv4:100.215.95.100
codec g711ulaw
dtmf-relay rtp-nte
no vad


Outgoing Dial Peers:

dial-peer voice 201 voip
description Incoming From ITSP To Router
incoming called-number [2-9]
session protocol sipv2
codec g711ulaw
dtmf-relay rtp-nte
no vad

dial-peer voice 202 voip
description Outgoing calls to ITSP
destination-pattern 9[2-9]
session protocol sipv2
session target ipv4:200.100.390.22
codec g711ulaw
dtmf-relay rtp-nte
no vad

I'm not sure I can get a sense of your numbering plan, and I suspect your dial peers are not correct.  As written incoming numbers from ITSP are expected to be only one digit, and outbound calls two digits starting with 9.   I think these need to be reviewed.

However what I was getting at was the actual network path between your gateway and the ITSP.  How does it route to 200.100.390.22, and what other devices are in the path.  Assuming it's permitted can you ping 200.100.390.22 from the CUBE?

 

If you don't get any output from the debug please check if you have no logging monitor set in our router. Also to check if the call is actually hitting the gateway at all you can do a debug voip dialpeer.

 



Response Signature


This is what my ITSP is getting when trying to send information:

I can only dial from extension to extension, cannot call outbound or receive inbound. My ITSP tries to dial in using one of my DIDs and informs me that port 5060udp is not open.

 

I am also using CUCM 11.5?

Please post "debug ccsip messages"

I am attaching snapshots of when I added the udp port and am wondering why it won't show?

port not configured?