Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

IP Routes for Asterisk PBX

Posted on 2007-03-17
14
Medium Priority
?
513 Views
Last Modified: 2013-12-21
Dear all,

the problem that I am experiencing might be a pretty simple for you. I have a local network, which consists of an ADSL modem (Allied Data CopperJet 1612), a DSL/Cable Firewall (Netgear Prosafe/Firewall FR3285) and a Netgear Gigabit switch. Also, I have purchased a range of dedicated IPs (8 IP Addresses).

In a local server, I have installed Asterisk PBX. All internal SIP phones work smoothly and call eachother without any problems. However, it is impossible to receive incoming calls from the service providers, which are declared in the system. I suppose that we have to create a route, which will get over the ADSL modem, the firewall and connect to the server.

How can I create such an route?

Thank you in advance.
0
Comment
Question by:LazaroWolf
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +1
14 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 18741912
Have you configured your firewall to allow inbound traffic as needed?
0
 

Author Comment

by:LazaroWolf
ID: 18742868
Thanks for your reply. Unfortunately, Allied Data Copperjet & Netgear Firewall include two separate firewalls, which have to appropriately be configured. Hence, this issue becomes extremely complicated. From which firewall should I start..? Any particular advice? Thank you.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 18743191
You need to do both.  You need to figure out which protocols (TCP vs. UDP) and ports (example H.232 uses 1720 and 1721) you are going to be using.

Then on each firewall you need to allow the protocol and ports to/from your Asterisk server.  The IP addresses you use for the Asterisk server will depend on where you are doing your NAT.
0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 
LVL 40

Expert Comment

by:noci
ID: 18768126
besides these ports, the protocols also negitiate other ports to transport the data, which optionaly need natting & opening up ..., you might need a modem/firewall  with sip proxy functionality.
0
 

Author Comment

by:LazaroWolf
ID: 18769435
Well, there is no extra financing to additional equipment, so we have to deal with the situation as is. Could you help on which ports should I direct to that particular Asterisk server? Thanks!
0
 
LVL 57

Accepted Solution

by:
giltjr earned 252 total points
ID: 18771332
If you are doing SIP over the Intenet you need to verify how Asterisk uses it.

SIP uses TCP and/or UDP port 5060, so you can start by forwarding these to the Asterisk server.
0
 
LVL 40

Assisted Solution

by:noci
noci earned 248 total points
ID: 18774043
And SIP uses RTP to transmit/receive sound etc.
The RTP ports are negotiated using SIP.
It's the RTP that makes it difficult, not SIP.
So you need something that create dynamic NAT rules for RTP.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 18774656
He could setup the one PC to be a "DMZ" PC and all inbound connection requests go to it.
0
 
LVL 40

Expert Comment

by:noci
ID: 18775505
isn't RTP allowed to go from one end point to the other directly without passing the chain of SIP handling? So traffic from Phone P dials through asterisk server A to target T, SIP follows that line, but RTP goes from P to T directly?
0
 
LVL 40

Expert Comment

by:noci
ID: 27649171
Solution of giltjr is incomplete. RTP doesn't need to go the same path as SIP per se...
0
 
LVL 20

Expert Comment

by:Venabili
ID: 27699247
Yeah but it gets the asker started on the solution pretty nicely and without the asker it is as good as it can go - I wondered between delete and accept but still think that is a good enough solution... Although reading this again - it should be a split I suspect.

Can you object so the mods can restart it properly?
0
 
LVL 40

Expert Comment

by:noci
ID: 27700004
See above comments.
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today sees the launch of a new case study, focusing on BYOD technologies we have been working with for some time now.  But with the advent of 802.11ac wireless technologies and the story behind our landmark developments, we would like to share this …
This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question