Solved

SIP default port 5060 is not being listened

Posted on 2010-11-26
11
802 Views
Last Modified: 2012-08-14
Hi experts

The problem i am facing right now with my asterisk server is that its not being listen the SIP port at 5060. But if i changed the port from 5060 to something different then i am able to register the extensions at that port.

My server is behind a firewall and on the firewall UDP,TCP,RTP, and SIP services are allowed.

what exactly should i look into to to resolve this issue. your help in this regards will be highly appriciated.

Thanks
0
Comment
Question by:nocinfospan
  • 5
  • 2
  • 2
  • +2
11 Comments
 
LVL 5

Expert Comment

by:nomorefuzzylogic
ID: 34221785
Really the question is - where is the blockage?
Have you tried an extension on the server side of the firewall? Does it still not register?
Work from the Server segment outwards to identify where the problem lies.
When you have found this point check the config for port 5060 - specifically add 5060 if necessary.
0
 
LVL 39

Expert Comment

by:noci
ID: 34222081
Another question, does the modem/firewall support VOIP itself? It can both forward and handle that port at the same time.
Does it change when you disable it there, if it handles VOIP that is.

Some ALG (application level gateway) implementations on firewalls don't exactly help either. If it is enabled then please try without the ALG. (But you will need port forwarding for 5060 as well as the RTP port range to your asterisk server).
Some VOIP servers are very capable w.r.t. passing NAT. (or even better try to remove NAT from the equation
using a public address on your asterisk server)
0
 
LVL 20

Expert Comment

by:José Méndez
ID: 34222293
Try <netstat -aun> and analyze the output. if you see something like the following, then your asterisk server is definitely listening on port 5060:

ast@box:~$ netstat -aun
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State                              
udp              0            0  0.0.0.0:5060              0.0.0.0:*

Local Address 0.0.0.0 means the machines is listening on any IP configured (loopbacks, eth0, ipv6, so forth)

Foreign Address will be populated with a specific address on TCP connections where you can see the STATE also. UDP connections are non-session oriented so...

Hope it helps.
0
 
LVL 1

Author Comment

by:nocinfospan
ID: 34222355
Thanks guys for all your help but the problem is within firewall ... for some reason its not working properly .. after rebooting the firewall solve the problem ....
0
 
LVL 39

Expert Comment

by:noci
ID: 34222430
That might indicate trouble with your firewall software, you might need to look for new firmware ((or reboot after you change something to your firewall in the future).
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 7

Accepted Solution

by:
darrickhartman earned 500 total points
ID: 34222921
If your firewall has a "SIP Helper" or otherwise similarly named feature, disable it.  Many of these helpers do nothing to help and in some cases can prevent SIP from working properly.

If you specified which firewall you were using, we might be able to give you more specific advise.
0
 
LVL 20

Expert Comment

by:José Méndez
ID: 34276376
Hey there Noc,

Was the netstat command suggested some how useful in determining if Asterisk was listening to port 5060?
0
 
LVL 39

Expert Comment

by:noci
ID: 34277618
yes, or  whatever else is using port 5060...
adding a p to the options will show process id's/names on linux, a b will show the process on windows.

There is a listening udp port 5060.....
0
 
LVL 7

Expert Comment

by:darrickhartman
ID: 34277627
That's not his problem though.  He stated that the problem happens after some period of time and is fixed by restarting the firewall device.  I kindly asked for the name and model number of the firewall device, but wasn't provided that information.

It's very likely that some 'sip helper' in the firewall should really be disabled.
0
 
LVL 39

Expert Comment

by:noci
ID: 34278006
Sip Helper = ALG (Application Level Gateway) which was also mentioned before
0
 
LVL 39

Expert Comment

by:noci
ID: 34278017
An ALG especialy doesn't work if the VOIP exchange actualy handles FENT (Far End NAT correctly) then anything arranged by the VOIP Exchange is corrupted by ALG or 'sip helper' support.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now