Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1407
  • Last Modified:

Which ports to unblock for VOIP?

I have a Motorola SBG900 modem/router.  I'm running Vista with majicJack.   When I shutdown the router's firewall, MJ works fine.   I have the firewall configured custom.   H.323 Call Setup on port 1720 is included in the custom configuration.  I can make/receive MJ calls but can't hear anything.  Any ideas on which other ports I need to open for getting voice on MJ?
0
brettr
Asked:
brettr
  • 10
  • 9
  • 2
  • +1
2 Solutions
 
PugglewuggleCommented:
You should just enable SIP connections/passthrough. Most IP phones uses SIP and won't work without that being allowed.
0
 
devangshroffCommented:
is your router voice enabled
0
 
harbor235Commented:
magicJack uses ports UDP 5061, TCP 80 and TCP 443

harbor235 ;}
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
brettrAuthor Commented:
@harbor235
MJ doesn't use 5061.  It uses 5060 & 5070 per MJ support.  I opened 5061 anyway but no luck.

@devangshroff
How do I check if the router is voice enabled?
0
 
PugglewuggleCommented:
It should have been listed in the specs when you bought the router. Cisco will often call them "Integrates Services Routers".
0
 
harbor235Commented:

The router does not have to be vocie enabled to pass majicjack traffic becuase its a softphone and/or corded phone that connects to the majicjack. You connect the majicjack device to a USB port on your internet connected computer, correct? Then any corded phones plug into the majicjack? You just need to make sure that the traffic is allowed to pass through your firewall.

Ok, so you openned ports UDP 5060 and 5070, right, not TCP? Also, try the 5060-5070 range of ports.

harbor235 ;}

harbor235 ;}
0
 
PugglewuggleCommented:
Yes harbor is right. It doesn't have to be a voice router if you're using MJ.
Here is an article from Magic Jack's website confirming those port numbers:
http://service.liveperson.net/hc/s-73335289/cmd/kbresource/kb-3700767606832751810/view_question!PAGETYPE?sc=8&sf=101133&documentid=334776&action=view 
0
 
brettrAuthor Commented:
Thanks.  You are correct harbor235.

So those two ports are open (UDP) but not the range of ports.  The problem is definitely the router's firewall.  It works fine on my previous router.   Is there a way that I can tell which ports are hitting the firewall from inside (trying to get out) unsuccessfully?  Guess the router log should tell me that.   It would have to mean that something besides 5060 & 5070 are trying to get out.
0
 
PugglewuggleCommented:
Does your firewall have a logging feature? This is usually under the administration or status section.
0
 
brettrAuthor Commented:
When trying to make a call, I found three ports being blocked.  I opened all three but still no voice.
0
 
PugglewuggleCommented:
Hmmm... Do those ports go to the IP of the computer you're using? Also, all outgoing ports should work by default.
Call MagicJack and see if their support can help... that's really weird.
0
 
brettrAuthor Commented:
Yes and MJ doesn't have support you can call.  They only have really bad chat support.
0
 
PugglewuggleCommented:
Hmmm... did they provide any info? According to what you're saying it should be working. Your modem doesn't have a firewall does it?
0
 
brettrAuthor Commented:
I noticed when using MJ that ports involved range between 10000 and 20000.   Never really the same port.   If I open ports 10000 - 20000 on the modem/router, it works fine.   That seems like a sizeable compromise though.
0
 
PugglewuggleCommented:
Very interesting... I wonder what those are. That is a sizeable compromise...
I'm glad it works, but again, try getting in touch with MJ and ask what's up with the crazy port range.
0
 
brettrAuthor Commented:
yeah - will give them a try and post back.
0
 
PugglewuggleCommented:
ok!
0
 
brettrAuthor Commented:
After about an hour long conversation with MJ tech support, here's the final parts of that dialogue:

Bridgette: May I know if you have windows firewall?

brett: yes

Bridgette: Please disable your firewall and do not open your 1000-2000 ports.

brett: ok. Back to my original question: why do I have to open those ports?

Bridgette: You have to open only ports UDP 5060 and 5070 and TCP 443 and 80 and not the whole ports that you are referring with because you are using a firewall on your router.

brett: As we have seen, all of those ports must be open. Not just 5060 & 5070.

Bridgette: If you will disable your windows firewall, no need to open all the ports.

brett: You are saying MJ works best without a firewall?

Bridgette: It can work with firewall but some features of mJ are being blocked.

brett: Ok.  You also mentined that the browser cache and cookies should be cleared...

brett: ...does MJ use the browser cache and cookies?

Bridgette: It should be cleared because it not, it will blocked again the mJ.

brett: ok, thanks.
------------------------

So, you have to disable the firewall for MJ to work and for what ever reason it uses the browser cache and cookies.  I think these people have no idea what's going on.
0
 
PugglewuggleCommented:
I agree - I think they're full of crap.
If you have a hardware fiewall (aka router w/firewall or other security device) then it's okay to turn off Windows Firewall.
Just try it and see what happens.
I don't think cookies and cache have anything to do with it. That's what everyone says when their product doesn't work like it's supposed to - "It's the cookies!!! They're evil!!!" lol
Cheers!
0
 
brettrAuthor Commented:
You're right - I turned off the Vista Firewall but still a no go unless I open those ports.  Windows Defender is still running through (didn't see an option for turning it off).   What do you think about leaving that port range open?  Can't use MJ unless it is open.
0
 
PugglewuggleCommented:
Defender doesn't block ports - it just protects from malware. Make sure the Vista firewall is ALL the way off. You actually have to disable it in two places sometimes:
1) Control Panel >> Windows Firewall
2) Control Panel >> Administrative Tools >> Windows Firewall with Advanced Security
As far as leaving that range open I'm completely against it. When you can close ports close them, but if you can't, open them. If it's necessary that these be open to make it work then I guess it's okay - just make sure you have your computers patched fully!
0
 
brettrAuthor Commented:
Still no luck turning it off in both places.  Guess I will go with leaving the ports open since I want to use MJ.  Thanks.
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 10
  • 9
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now