Can anybody help with setting up SIP trunking for Draytel (www.draytel.org) on UC540? The draytel website recommends the following settings:
Outgoing Proxy : nat.draytel.org:5065
I have edited an XML template and have imported into the SIP trunk configuration using CCA 3.0.
I can make outgoing calls, but cannot receive calls
Checking SIP Trunk Status in Diagnostics shows that the line is not registered:
----------- show sip-ua register status -----------
Line peer expires(sec) registered P-Associ-URI
================================ ========== ============ ========== ============
0208******* 20007 41 no
8****** -1 2322 yes
----------- End CLI Output -----------
I have set the WAN port behind a Netgear router, however I have set the WAN port as a DMZ Host so all in bound trafic should hit the UC540 WAN port.
My question is really whether I need to set an inbound Cisco firewall route for 5065 and if so to which internal address? Also does a NAT entry have to be made for thr 5065 port on the UC540?
The xml file that I have set up has the following settings (has the 5065 port entry been enetred in the right place?):
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<FieldName>Secondary Proxy Server</FieldName>
<FieldName>Outbound Proxy Server</FieldName>
<FieldName>SIP Domain Name</FieldName>
<FieldName>Call Admission Controls</FieldName>
Any guidance would be most appreciated as I am starting to tear my hair out on this one.
there are lot of resource regarding this issue: would suggest you go through this link first
could you please share your dial peer configuration...
Also I have noticed that the following entries are in the access list 104:
access-list 104 permit udp host 192.168.40.1 eq 5060 any
access-list 104 permit udp host 192.168.40.1 any eq 5060
access-list 104 permit udp host 18.104.22.168 eq 5060 any
access-list 104 permit udp host 22.214.171.124 any eq 5060
Should there also be entries for port 5065 as the outgoing nat.draytel.org communicates on this port?
can you try removing the " permission term" from the dial peer 1000
dial-peer voice 1000 voip
permission term---- delete it
description ** Incoming call from SIP trunk (DrayTel) **
session protocol sipv2
session target sip-server
incoming called-number .%
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
ip qos dscp cs3 signaling
First of all try this:
under config t
dial-peer voice 1000 voip
no permission term
then give do show dial-peer voice 1000 it should show "permission:both" and
I see here that in dial-peer you are using g729 codec and in the XML
conifugration file you have configured G711ulaw for the SIP provider do you
have transcoder resources to be invoked here...
Many thanks for your support, I have tried changing to permission:both, still no joy, with regards codec of g729, thats interesting, I can make outgoiung calls with no problem, so am assuming that that will be using g729, even though configured for G711ulaw. However what keeps bugging me is the port no: 5065 - why is this not acknowleged in any of the configs, or am I on a red herring?
can you attach the output of
1. "debug ccsip all" for an inbound call then clear the screen and make an
outbound call do not forget to do term mon
and access list that you mentioned where is it applied exactly.
check the dial peer which is being used when makin outgoing calls is that
too g729 or g711..
since the incoming dial peer is g729 and incoming calls from pstn are like
to 64kbps PCm ie g711.
Have had no time this week - was working!! Anyway, Ive done a little more testing and have applied a few more debugs and have found something interesting that may help get to the bottom of this. with debugs trurned on a I am making incomming call and notice this error in the output:
034265: Feb 10 17:33:28.713: //27723/000000000000/SIP/Msg/ccsipDisplayMsg:
SIP/2.0 403 Forbidden auth ID
Via: SIP/2.0/UDP 192.168.8.100:5060;rport=5060;received=126.96.36.199;branch=z9hG4bK21BA2178
CSeq: 7331 REGISTER
Server: OpenSIPS (1.5.1-notls (x86_64/linux))
The 403 error indicates that the dryatel server which looks like it is asterisk does not like the way I am authenticating, I have attached the whole debug log in case you spot something I can't.
Looked up 403 and got:
The server understood the request, but is refusing to fulfill it.
Authorization will not help, and the request SHOULD NOT be repeated.
With regards batting, this could be an issue. At the moment the wan port of the uc540 is connected to the lan port of a netgear router. The Wan address for the UC540 is 192.168.8.100. The Router gateway address is 192.168.8.1. This then has a Public RIPE Address. The Router is set such that the DMZ host is 192.168.8.100 so all traffic will hit the 192.168.8.100 address.
Is the problem that the Cisco is using a non routable address while registering? Is there anyway of making it use the RIPE address. I cannot connect the wan port of the cisco directly to the internet as the connection is adsl. I am now going to investigate if I can use PPPoE with the netgear DG834.