[Spce-user] Call setup rejected behind NAT

B Davis bjd503 at gmail.com
Mon Dec 2 13:02:07 EST 2019 

Forgive me if I am a little off here, 
But I had the damnedest time getting devices behind NAT to connect to the sip wise server, while maintaining external clients.
There is a process for adding new RPT ports, found here. https://www.sipwise.org/doc/mr7.5.1/carrier/ar01s10.html <https://www.sipwise.org/doc/mr7.5.1/carrier/ar01s10.html>, 
The concept seemed to be for allowing multiple ‘alternative’ ports. To listen to so that those rules would be handled differently.
e.g. Internal hosts behind the firewall, connecting directly to the sipwise, and those external to the firewall connecting to the public NATTED IP address.

Truth be told this was not 100% successful. We only were able to get one side or the other to work correctly not both.

In the end what worked for us was turning on NAT Reflection on the firewall and using only the single public IP for everything.
This happened to work correctly. Doing so allowed us to keep the sipwise server NAT’ed and allowed for both internal systems to access it as well as external.
Should be noted that we tried just redirecting the domain internally to the internal IP and it did not work, 


> On Dec 2, 2019, at 2:23 AM, spce-user-request at lists.sipwise.com wrote:
> 
> Send Spce-user mailing list submissions to
> 	spce-user at lists.sipwise.com <mailto:spce-user at lists.sipwise.com>
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://lists.sipwise.com/mailman/listinfo/spce-user_lists.sipwise.com <http://lists.sipwise.com/mailman/listinfo/spce-user_lists.sipwise.com>
> or, via email, send a message with subject or body 'help' to
> 	spce-user-request at lists.sipwise.com <mailto:spce-user-request at lists.sipwise.com>
> 
> You can reach the person managing the list at
> 	spce-user-owner at lists.sipwise.com <mailto:spce-user-owner at lists.sipwise.com>
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Spce-user digest..."
> Today's Topics:
> 
>   1. Re: ***SPAM*** Call setup rejected behind NAT (Reagan Kizanga)
> 
> From: Reagan Kizanga <Reagan.Kizanga at core2extreme.co.za <mailto:Reagan.Kizanga at core2extreme.co.za>>
> Subject: Re: [Spce-user] ***SPAM*** Call setup rejected behind NAT
> Date: December 2, 2019 at 2:20:51 AM PST
> To: Oscar Rodriguez <oscaredmu at gmail.com <mailto:oscaredmu at gmail.com>>
> Cc: "spce-user at lists.sipwise.com <mailto:spce-user at lists.sipwise.com>" <spce-user at lists.sipwise.com <mailto:spce-user at lists.sipwise.com>>
> 
> 
> Afternoon Oscar,
>  
> I have done that already, I can telnet to all the ports required 5060 UDP/TCP, 5061 TCP/TLS, 1443 Web , RTP 30000-40000, 1080.
> When I add my Public IP  to Eth0 which has my LAN IP I see that call setup for sip invites come through.
>  
> What I what to archive is to have multiple incoming sip and rtp
>  
>  
>  
>  
> Kind Regards
>  
> Core2Extreme IT Solution
>  
> Director
>  
> Reagan Kizanga
>  
> Cell : 078 081 7307
>  
> Cell : 083 809 2272
>  
>  
> Tel  : 010 045 3647
>  
> Email: reagan.kizanga at core2extreme.co.za <mailto:reagan.kizanga at core2extreme.co.za>
>  
> www.core2extreme.co.za <http://www.core2extreme.co.za/>
>  
> <image001.png>
> This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager at info at core2extreme.co.za <mailto:info at core2extreme.co.za>
>  
>  
>  
> From: Oscar Rodriguez <oscaredmu at gmail.com <mailto:oscaredmu at gmail.com>> 
> Sent: Friday, 29 November 2019 5:42 PM
> To: Reagan Kizanga <Reagan.Kizanga at core2extreme.co.za <mailto:Reagan.Kizanga at core2extreme.co.za>>
> Cc: spce-user at lists.sipwise.com <mailto:spce-user at lists.sipwise.com>
> Subject: Re: [Spce-user] ***SPAM*** Call setup rejected behind NAT
>  
> Hi Reagan, 
>  
> Check your firewall rules, you should start by allowing all traffic to/from that VM
>  
> El jue., 28 nov. 2019 a las 22:13, Reagan Kizanga (<Reagan.Kizanga at core2extreme.co.za <mailto:Reagan.Kizanga at core2extreme.co.za>>) escribió:
> Morning guys can someone please help me.
> I am running sipwise 7.5 ce on a VM.
> Setup 1:1 NAT.
> When I run SNGREP I see that sip invites are rejected. But once I add my public IP to eth0 sipwise then sip invites start coming through.
> 
> 
> Can some one please show me how to add sip and rpt to the same interface or guid me on how to receive multiple sip invites
> 
> 
> Sent with AquaMail for Android
> https://www.mobisystems.com/aqua-mail <https://www.mobisystems.com/aqua-mail>
> 
> -- 
> Spce-user mailing list
> Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
> http://lists.sipwise.com/mailman/listinfo/spce-user_lists.sipwise.com <http://lists.sipwise.com/mailman/listinfo/spce-user_lists.sipwise.com>
> 
> Spce-user mailing list
> Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
> http://lists.sipwise.com/mailman/listinfo/spce-user_lists.sipwise.com <http://lists.sipwise.com/mailman/listinfo/spce-user_lists.sipwise.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20191202/dc1cb080/attachment-0001.html>

More information about the Spce-user mailing list