asked on
NO AUDIO ON VOICEFLEX SIP TRUNK WITH ALCATEL OMNI PCX (WATCHGUARD X750e)
Hello all - I have an annoying problem with SIP calls. the call goes through but no audio in both directions. Apparently you cant add a stun setting on the omni PCX? Apparently the PABX is passing the local 192.168.1.x address to the SIP provider, however noone seems to know a resolution! Will give 500 points as rtearing my hair out now!
Thanks
Thanks
Networking ProtocolsRoutersIP Telephony
Last Comment
dpk_wal
Place/Enable Session Border Controller in between Provider and your PBX.
I know cisco has device for SBC.
HTH
I know cisco has device for SBC.
HTH
Do you get any deny messages in the System Manager->Traffic monitor when this happens; this would help understand if firewall is blocking any traffic.
Few questions:
1. Is NAT configured for PBX.
2. If yes, then what type, dynamic or 1-1.
3. Which policy is configured on firewall.
If feasible for testing configure ANY policy and 1-1 NAT and check if this helps.
Thank you.
Few questions:
1. Is NAT configured for PBX.
2. If yes, then what type, dynamic or 1-1.
3. Which policy is configured on firewall.
If feasible for testing configure ANY policy and 1-1 NAT and check if this helps.
Thank you.
ASKER
Hi,
Yes - tried ANY first - calls come up but no Audio. Tried Dynamic & 1 to 1 NAT...
have set logging but nothing seems to get allowed or denied in traffic manager.
Thanks
Yes - tried ANY first - calls come up but no Audio. Tried Dynamic & 1 to 1 NAT...
have set logging but nothing seems to get allowed or denied in traffic manager.
Thanks
If possible put PBX outside the firewall and then check the behavior.
Thank you.
Thank you.
ASKER
Hi,
Not really possible. Voiceflex are saying the PABX is advertising its internal IP & this is clearly what the problem is... What I need to know is how to get it to display the external IP.
However, Alcatel doesnt have a STUN setting & Watchguard say this isnt possible?
Any one any ideas?
Not really possible. Voiceflex are saying the PABX is advertising its internal IP & this is clearly what the problem is... What I need to know is how to get it to display the external IP.
However, Alcatel doesnt have a STUN setting & Watchguard say this isnt possible?
Any one any ideas?
Sorry dont think this comment is of much help to you but still putting it:
As you said PABX is on private IP; so it must be using firebox external interface IP by default; if you setup 1-1 NAT then it would advertise the 1-1 NAT public IP.
Am not sure if this is an option; but can you open web browser on PABX and go to http://www.whatismyip.com; this would show the public IP of PABX as seen to everyone. OR may be initiate any session from PABX and do packet capture on external interface of firebox and see what the packets have as the source IP for the specific port/protocol/destination.
Thank you.
As you said PABX is on private IP; so it must be using firebox external interface IP by default; if you setup 1-1 NAT then it would advertise the 1-1 NAT public IP.
Am not sure if this is an option; but can you open web browser on PABX and go to http://www.whatismyip.com; this would show the public IP of PABX as seen to everyone. OR may be initiate any session from PABX and do packet capture on external interface of firebox and see what the packets have as the source IP for the specific port/protocol/destination.
Thank you.
ASKER
ASKER
When I change to 1 to 1 NAT it no longer makes or receives calls....
Do not configure policy based NAT. Revert to "Use Network NAT Settings".
Current policy only allows outbound traffic from internal host 192.168.1.246 to external host 146.x.x.x.
Assuming you wish to allow all inbound traffic from 146.x.x.x to 217.y.y.202, add 1-1 NAT and add one more ANY service and configure as below:
Enabled and allowed; from 146.x.x.x; to 217.y.y.202
To ensure 1-1 NAT is configured properly, please look at link below:
http://watchguard.custhelp.com/app/answers/detail/a_id/1545/kw/1-1%20NAT/p/214%2C215/sno/1
Finally make sure that 217.y.y.202 IP is not listed under external alias [used for static NAT]:
http://watchguard.custhelp.com/app/answers/detail/a_id/1497/kw/adding%20external%20alias
Thank you.
Current policy only allows outbound traffic from internal host 192.168.1.246 to external host 146.x.x.x.
Assuming you wish to allow all inbound traffic from 146.x.x.x to 217.y.y.202, add 1-1 NAT and add one more ANY service and configure as below:
Enabled and allowed; from 146.x.x.x; to 217.y.y.202
To ensure 1-1 NAT is configured properly, please look at link below:
http://watchguard.custhelp.com/app/answers/detail/a_id/1545/kw/1-1%20NAT/p/214%2C215/sno/1
Finally make sure that 217.y.y.202 IP is not listed under external alias [used for static NAT]:
http://watchguard.custhelp.com/app/answers/detail/a_id/1497/kw/adding%20external%20alias
Thank you.
ASKER
202 is the main IP address - i.e. not an alias. Is this what you mean?
ASKER
So I have created a separate outbound policy as below... with 1 to 1 NAT
nat-SIPRTP.JPG
nat-SIPRTP.JPG
ASKER
Policy
sip-RTP.JPG
sip-RTP.JPG
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Are you saying I need a spare IP that is not an alias? I dont have any spare.
ASKER
Great! Thanks for that. I think it was just the alias thing I hadnt tried... works fine with an aliased IP.
Thanks for your help!
Thanks for your help!
Welcome; Happy to be of assistance.
Thank you.
Thank you.
Please show the netwrork topology...