Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 821
  • Last Modified:

SIP default port 5060 is not being listened

Hi experts

The problem i am facing right now with my asterisk server is that its not being listen the SIP port at 5060. But if i changed the port from 5060 to something different then i am able to register the extensions at that port.

My server is behind a firewall and on the firewall UDP,TCP,RTP, and SIP services are allowed.

what exactly should i look into to to resolve this issue. your help in this regards will be highly appriciated.

Thanks
0
nocinfospan
Asked:
nocinfospan
  • 5
  • 2
  • 2
  • +2
1 Solution
 
nomorefuzzylogicCommented:
Really the question is - where is the blockage?
Have you tried an extension on the server side of the firewall? Does it still not register?
Work from the Server segment outwards to identify where the problem lies.
When you have found this point check the config for port 5060 - specifically add 5060 if necessary.
0
 
nociSoftware EngineerCommented:
Another question, does the modem/firewall support VOIP itself? It can both forward and handle that port at the same time.
Does it change when you disable it there, if it handles VOIP that is.

Some ALG (application level gateway) implementations on firewalls don't exactly help either. If it is enabled then please try without the ALG. (But you will need port forwarding for 5060 as well as the RTP port range to your asterisk server).
Some VOIP servers are very capable w.r.t. passing NAT. (or even better try to remove NAT from the equation
using a public address on your asterisk server)
0
 
José MéndezCommented:
Try <netstat -aun> and analyze the output. if you see something like the following, then your asterisk server is definitely listening on port 5060:

ast@box:~$ netstat -aun
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State                              
udp              0            0  0.0.0.0:5060              0.0.0.0:*

Local Address 0.0.0.0 means the machines is listening on any IP configured (loopbacks, eth0, ipv6, so forth)

Foreign Address will be populated with a specific address on TCP connections where you can see the STATE also. UDP connections are non-session oriented so...

Hope it helps.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
nocinfospanAuthor Commented:
Thanks guys for all your help but the problem is within firewall ... for some reason its not working properly .. after rebooting the firewall solve the problem ....
0
 
nociSoftware EngineerCommented:
That might indicate trouble with your firewall software, you might need to look for new firmware ((or reboot after you change something to your firewall in the future).
0
 
darrickhartmanCommented:
If your firewall has a "SIP Helper" or otherwise similarly named feature, disable it.  Many of these helpers do nothing to help and in some cases can prevent SIP from working properly.

If you specified which firewall you were using, we might be able to give you more specific advise.
0
 
José MéndezCommented:
Hey there Noc,

Was the netstat command suggested some how useful in determining if Asterisk was listening to port 5060?
0
 
nociSoftware EngineerCommented:
yes, or  whatever else is using port 5060...
adding a p to the options will show process id's/names on linux, a b will show the process on windows.

There is a listening udp port 5060.....
0
 
darrickhartmanCommented:
That's not his problem though.  He stated that the problem happens after some period of time and is fixed by restarting the firewall device.  I kindly asked for the name and model number of the firewall device, but wasn't provided that information.

It's very likely that some 'sip helper' in the firewall should really be disabled.
0
 
nociSoftware EngineerCommented:
Sip Helper = ALG (Application Level Gateway) which was also mentioned before
0
 
nociSoftware EngineerCommented:
An ALG especialy doesn't work if the VOIP exchange actualy handles FENT (Far End NAT correctly) then anything arranged by the VOIP Exchange is corrupted by ALG or 'sip helper' support.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 5
  • 2
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now