Aastra 57i behind pfsense 1.2.3 R1

Discussion in 'IP Phones' started by MST, Jan 25, 2010.

  1. MST

    MST

    Joined:
    Sep 25, 2009
    Messages:
    317
    Likes Received:
    0
    Hello ALl,

    Here is the situation

    Aatra 57i---pfsense-------INTERNET CLOUD---Endian----Elastix-----Polycom502

    Aastra has 4 different lines configured to 4 different Elastix's. 2 lines that are connected to Cisco ASA which behind are 2 Elastix's are working perfect(has both way audio)
    However, One line that is registered with Elastix behind Endian 2.3 has no audio at all, but extension is registerd on Elastix.
    Also one line that Elastix is behind Cisco PIX has only one way audio. All Firewalls have default ports open 5060-5080 TCP/UDP and RTP UDP 10000-20000.

    Aastra 57i all 4 lines have 5060 and there is RTP port that is default to 3000 - is that port should match 10000-20000? I have tried to do that but it did not help.

    I am trying to focus only on connection to Elastix behind Endian FW. As far as I know SIP is good only to be max behind 2 NATS so this should be ok. However, it is not becasue there is no audio....

    MST
     
  2. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    I don't believe it is an Aastra issue, (or a pfsense one),

    These problemns are usually a misconfigured Firewall/router or sip_nat.conf on the server, UDP 10-20000 must be passed both ways without rewriting the port number, just the IP by the firewall for audio to pass bidirectionally.

    First off I must ask how many of those "Elastix" servers are Elastix and how many are actually TrixBox?

    Maybe you should be registering the phones against the sip proxy on the Endian firewall not the Server itself.
     
  3. MST

    MST

    Joined:
    Sep 25, 2009
    Messages:
    317
    Likes Received:
    0
    This scenario is with Elastix only. I am sure sip_nat has right info in it. I can only asume problem may be with pfsense or configuration on it or endian since they are software firewalls. Still working on problem.

    Regards,
     
  4. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    I agree, it is a configuration issue, but currently I am sitting at a desk with a 57i registered successfully to 9 different VOIP machines most Elastix, many behind firewall/NAT, this phone, this whole network, is also behind a pfsense box, so I'm pretty sure it's neither pfsense nor aastra configuration that eludes you, I suggest you post again in fora more appropriate to your specific firewall misconfigurations.
     
  5. MST

    MST

    Joined:
    Sep 25, 2009
    Messages:
    317
    Likes Received:
    0
    OK thank you for advice. When I figure it out the problem, I will post my findings.

    Aloha
     
  6. wanted8000

    Joined:
    Oct 9, 2008
    Messages:
    4
    Likes Received:
    0
    i think i have found the way to solve it between asterisk and Endian Firewall
    first go to services > trafic shaping and create the services in high for udp 5060
    and udp from 10000 to 20000 you only need only 2 per sip line

    2nd
    firewall > port fowarding >rules
    do the port foward in the firewall from your uplink main to your elastix box to ports 5060 and 10000 - 20000 rdp

    3
    firewall > outgoing trafic >
    crate the rules that allow from green to red ports 5060 and 10000 to 20000

    4
    proxy > sip > enable > transparent
    sip port: 5060
    rtp low :10000
    rtp high: 20000
    outbound proxy: the ip address of your voip supply the same in the host parameter in the trunk
    port:5060

    try it work for me
     

Share This Page