Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
739
Views
0
Helpful
5
Replies

RV016 How to enable Port Forwarding + Firewall Access Rules

mikelindj
Level 1
Level 1

‎10-28-2014 08:04 PM

Hi,

I've got a SIP or VOIP server hosted in my network and I want to allow extensions who are outside of the network to register as 'local extensions'

 

I've forwarded ports:

5060   [Source WAN2]    [From ANY]     [TO 192.168.76.150]

10001 ~ 20000 [Source WAN2]    [From ANY]     [TO 192.168.76.150]

 

Permitted firewall services:

AllowVOIP UDP [5060]WAN2Any192.168.76.150 ~ 192.168.76.150Always
AllowVOIP UDP 2 [10000]WAN2Any192.168.76.150 ~ 192.168.76.150Always

 

 

Port checks says that port 5060 is still closed.

 

Similar settings for port 80 work fine.

 

ISP does not block the port 5060

Labels:
0 Helpful
5 Replies 5

Mehdi Boukraa
Cisco Employee
Cisco Employee

‎10-29-2014 02:55 AM

Hi Mike, 

 

First the configuration look ok and you tested already with port 80 , in that case please install wireshark on 192.168.76.150 and capture the traffic, if you cannot do it from this server by any reason please put another PC connected to RV and forward the SIP to the PC and run Wireshark 

 

If we can see on packet capture SIP message so there is no problem with the router

but if you cannot see them please capture the WAN interface if you have the possiblity like hub or switch with port mirroring and you can verify first if the SIP packet are coming to the WAN interface of the RV

 

Those test can confirm because the Port checks is very hard to verify port in UDP protocol 

 

Please share with us wireshark file we can help you with it 

 

Please rate this post or mark as answered to help other Cisco Customers

 

Greetings

Mehdi

0 Helpful

mikelindj
Level 1
Level 1
In response to Mehdi Boukraa

‎10-29-2014 04:32 AM

Wireshark file attached.

 

I've used SIP filters and identified that the packets are coming through i think.

See 401 authorization failure.

wireshark_0.zip
0 Helpful

Mehdi Boukraa
Cisco Employee
Cisco Employee
In response to mikelindj

‎10-29-2014 05:58 AM

Hi Mike,

yes the SIP packet are coming to the LAN to your Voice Server but the voice server responding with 401 Unauthorized.

the Router is not blocking the SIP port

anyhow, 

I saw you are using AsteriskNow 11.13.0 and you have some softphone are registred locallyw with port 5062 and from External phone are sending to 5060 , this just what i'm seeing because i don't know the configuration on Asterisk, may this cause the problem

 

or we can check the SIP ALG option on RV042 on the browser https://IPaddress_of_rv016/f_general_hidden.htm

and please enable SIP ALG and test again, otherwhise please check the asterisk setting

Please rate this post or mark as answered to help other Cisco Customers

Thanks

Mehdi

0 Helpful

mikelindj
Level 1
Level 1
In response to Mehdi Boukraa

‎10-30-2014 12:38 AM

I enabled SIP ALG as you suggested but is it possible there is an error blocking outgoing request?

0 Helpful

Mehdi Boukraa
Cisco Employee
Cisco Employee
In response to mikelindj

‎10-30-2014 12:51 AM

Hi Mike,

 

I don't think so because by default from LAN to WAN is allow all traffic of course if you don't have any rule created manually to block from LAN to WAN 

 

Regards

Mehdi

0 Helpful
Customers Also Viewed These Support Documents