Hi guys,
Firstly, apologies for the long post. I wanted to be as detailed as possible in hopes that someone may be able to help with my issue.
We appear to be having issues with ports being re-mapped during forwarding and for the last three days this has brought our phone system down.
Current configuration has been working for a couple of years without issue but our VOIP provider has done a software update and now strictly only provides services on port 5060.
I have forwarding rules which I think should work but for some reason they aren't.
Firstly a bit about my network setup.
We have the WAN link that connects via PPPoE to our ISP on a static IP of 10.100.X.X but our public IP is 45.124.X.X. The XG105 Appliance sits behind a D-Link router that is in bridge mode with the XG making the PPPoE connection. The Dlink is connected to Port 3 on our XG, Ports 4 and 2 are a Bridge and LAN zone.
The internal IP address of our phone system is 172.16.16.138 and requires ports 5060 TCP/UDP to be forwarded to it along with some other ports such as 5090 etc. What appears to be happening though is that traffic from the PBX to the VOIP provider is continually changing ports and not entering/exiting via port 5060.
I have spent a considerable amount of time on the phone to the Voip provider and they have confirmed with their logs that the connection keeps being made via different ports but not 5060, which is what it needs to be.
Also just for the record, i have disabled SIP ALG by the Console with system system_modules sip unload
Firstly below is the screenshot of my Business Application Rules. I have the same rule for TCP also. Overwrite source address and MASQ on. Same for port 5090.
Next is a snapshot of the Log of some of the traffic 172.16.16.138 is the IP address of the 3CX system
Next is the result of the 3CX firewall checker, each time the test is run it comes back with different port mappings. This was confirmed by the voip provider who saw in their logs the same issues. Their guess is that its a NAT issue or incorrect port forwarding.
I have very limited knowledge of NAT and what could be causing this issue, so i'd be super appreciative if anyone has any ideas as to what's going on. I've tried changing the use outbound address to my WAN IP of 45.124.X.X and even the IP the ISP Gives of 10.100.X.X but no luck. So what's happening is the PBX is not receiving an ACK from the Voip provider and the calls are just dropped after 30 seconds.
The provider told me the essentially it has worked previously because they used to just match whatever port the traffic was sent out from back to but now they insist on 5060, they said they could make an exception but because the port changes every call there's nothing they can do to assist.
This thread was automatically locked due to age.
