We can accomplish the same - Page 2

Gabriel Braga · ‎02-27-2015

I'm having trouble running a SIP trunk on a 2911 behind a firewall / NAT. My carrier only works with sip trunking and does not have the authentication option, they require a public IP for it. We had this SIP trunk working a long time with the link from our internet connected directly to the router. Now our policies require that the public IP stay directly on the firewall, and so the SIP trunking does not work, I created a loopback interface on the router with the public IP and set the sip bind control and media so it put this information on SDP in SIP package in order that my carrier accept the trunking, the calls connect, but stay muted, the problem is not in the firewall because putting a panasonic PBX with NAT support to make the trunking it works perfectly. To put this trunk to work when the ip was on the router we just need to allow sip to sip, configure ip address trusted list e point the dial-peer for the ipv4 destination of the carrier.

Gabriel Braga · ‎03-02-2015

If I put the ICMP service on NAT rule in my firewall works... I have configured only the services I need to reach the router, which are SIP and RTP... To better explain, I only translate these services (ports) to my router, everything else ends up on my firewall.

Francisco Granados · ‎03-02-2015

We can accomplish the same test by "debug ip rtp protocol". This will show any RTP traffic incoming. If you do not show anything, then it's confirmed the traffic is dying at the firewall.

Edit: You can also confirm the router shows the SIP call establish by doing "show sip-ua calls summary"

Total SIP call legs:43, User Agent Client:21, User Agent Server:22

Thanks,

FG

SIP Trunk behind a firewall/NAT