Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 28 subscribers
  • Views 2644 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

sip forwarding

TarekHalloun

hello

i am still facing issues with my grandstream ip pbx when i try to use phones over the internet

i have a public static ip on my xg125 and a forwarding rule for the sip and rtp ( for my internal ip pbx lan )

 

what can i check other than disabling sip from firewall which i already tried ? i had the same problem with a soft phone app and it is still no resolved

is my rule correct ?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Eli

    hi Eli i did not understand your post , i dont have a rule like this - my pbx forwarding rule is in my first post

  • 0 in reply to TarekHalloun

    Hello  

    hmmm... as I understand ATM is that there is only a NAT Rule active?! You need a FW Rule as well.

    Standard PBX Setup from my other Post. ;)

    had a similar experiance with a PBX from a german provider.

    What I needed to to was the following:
    - Disable SIP Module under CLI
    - Create a Host Object in the XG for the PBX
    - Collect all Information about Open Ports needed. (Provider dependant)
    - Create Service Objects for Ports needed by the PBX
    - Create a dedicated Firewall Rule with Enabled NAT Masq for the PBX that does not have IDS/IPS enabled since some Rules drop SIP connections.

    LAN, PBX Host-> WAN, (Provider IP) -> Services (Provider Service Ports needed or if not documented well "Any" for testing and logging)

    No Webfilter, No IDS / IPS, No SSL Inspection

    Sincerely
    Eli.

  • 0 in reply to Eli

    hello Eli 

    this is already done - please check the pictures of the firewall rule and tell me if i am missing something 

    What do you mean with this : - Create a dedicated Firewall Rule with Enabled NAT Masq for the PBX that does not have IDS/IPS enabled since some Rules drop SIP connections.

    i disabled SIP module from CLI

    Summary

    Source

    Source zones : LAN,WAN
    Allowed client networks : Any
    Blocked client networks :

    Destination

    Destination host/network : #Port2-102.68.58.74

    Forward to

    Protected server(s) : PBX
    Protected zone : LAN