- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- WAN Routing
- >
- Re: Outbound SIP calls failing with MSR2004 router...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-28-2018 11:18 AM
05-28-2018 11:18 AM
Outbound SIP calls failing with MSR2004 router and nat
Hi,
I set up an MSR 2004 router for one of my customers. Generally speaking, I'm super happy with the router. However, I can't get the outbound telephony to work. When I dial a number on one of the sip phones, the call ususally just times out without being created at all. Inbound calls are working, so I think it might be a problem with nat, not translating the udp ports properly. But I have no idea how to fix it. I already tried to enable nat alg for sip without success. I need to fix this asap, so any suggestion would be much appreciated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-31-2018 11:36 AM - edited 05-31-2018 12:31 PM
05-31-2018 11:36 AM - edited 05-31-2018 12:31 PM
Re: Outbound SIP calls failing with MSR2004 router and nat
I tested another router with which everything works fine. So now I'm sure that the MSR2004 is to blame.
I did some more digging and it looks like UDP packets in general are somehow mistreated by the nat. Is there any additional option I need to configure to mimic 'stateful' routing/nating if my UDP packets?
Here is the sanitized config that's currently active:
#
version 7.1.064, Release 0605P20
#
sysname gw-1
#
ip icmp source 192.168.100.1
#
nat address-group 0
address xxx.91.227.170 xxx.91.227.170
#
nat mapping-behavior endpoint-independent
#
dhcp enable
#
dns proxy enable
dns server 8.8.8.8
dns server 8.8.4.4
#
password-recovery enable
#
vlan 1
#
vlan 10
name Management VLAN
#
vlan 11
name Internal VLAN
#
vlan 12
name Guest Wifi VLAN
#
vlan 20
name Sublet 1 VLAN
#
qos map-table dscp-lp
import 6 export 6
#
traffic classifier highprio operator and
if-match acl name sip
#
traffic behavior communication
#
traffic behavior highprio
remark local-precedence 7
#
qos policy communication
classifier highprio behavior highprio
#
stp mode rstp
stp global enable
#
dhcp server ip-pool guest
gateway-list 192.168.210.1
network 192.168.210.0 mask 255.255.255.0
address range 192.168.210.10 192.168.210.200
dns-list 192.168.210.1
expired day 0 hour 4
#
dhcp server ip-pool internal
gateway-list 192.168.200.1
network 192.168.200.0 mask 255.255.254.0
address range 192.168.200.10 192.168.201.200
dns-list 192.168.200.1
expired day 0 hour 8
#
controller Cellular0/0
#
interface Aux0
#
interface NULL0
#
interface Vlan-interface10
ip address 192.168.100.1 255.255.255.0
#
interface Vlan-interface11
ip address 192.168.200.1 255.255.254.0
packet-filter 3000 inbound
qos apply policy communication inbound
#
interface Vlan-interface12
ip address 192.168.210.1 255.255.255.0
packet-filter 3000 inbound
packet-filter 3001 inbound
qos apply policy communication inbound
#
interface Vlan-interface20
packet-filter 3000 inbound
#
interface GigabitEthernet0/0
port link-mode route
ip address xxx.91.227.170 255.255.255.248
tcp mss 1460
packet-filter name external inbound
nat outbound address-group 0 port-preserved
#
interface GigabitEthernet0/1
port link-mode route
#
interface GigabitEthernet0/2
port link-mode route
#
interface GigabitEthernet0/27
port link-mode route
#
interface GigabitEthernet0/3
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 12 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/4
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 12 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/5
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 12 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/6
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 12 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/7
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 12 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/8
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 12 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/9
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 12 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/10
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 12 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/11
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/12
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/13
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/14
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/15
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/16
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/17
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/18
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
port hybrid pvid vlan 10
#
interface GigabitEthernet0/19
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/20
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 12 tagged
port hybrid vlan 1 untagged
port hybrid pvid vlan 10
#
interface GigabitEthernet0/21
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
port hybrid pvid vlan 10
#
interface GigabitEthernet0/22
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/23
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/24
port link-mode bridge
port link-type hybrid
port hybrid vlan 10 to 11 tagged
port hybrid vlan 1 untagged
#
interface GigabitEthernet0/25
port link-mode bridge
port access vlan 11
#
interface GigabitEthernet0/26
port link-mode bridge
port access vlan 10
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line aux 0
user-role network-admin
#
line vty 0
user-role network-operator
#
line vty 1
authentication-mode scheme
user-role network-operator
#
line vty 2 63
user-role network-operator
#
ip route-static 0.0.0.0 0 xxx.91.227.169
#
ssh server enable
ssh user admin service-type all authentication-type password
#
ssh2 algorithm cipher aes256-cbc
#
ntp-service unicast-server ptbtime1.ptb.de
#
acl advanced 3000
rule 0 deny tcp destination 192.168.100.0 0.0.0.255
rule 1 deny udp destination 192.168.100.0 0.0.0.255
#
acl advanced 3001
rule 0 deny ip destination 192.168.100.0 0.0.0.255
rule 1 deny ip destination 192.168.200.0 0.0.0.255
#
acl advanced name external
rule 0 permit icmp
rule 5 permit tcp established
rule 15 permit udp source-port eq dns
rule 20 permit udp destination-port gt 1024
rule 21 permit udp
rule 25 permit 115
rule 9999 deny ip
#
acl advanced name sip
rule 0 permit tcp destination-port range 5060 5061
rule 5 permit udp destination-port range 5060 5061
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user admin class manage
password hash xxx
service-type ssh telnet terminal http
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
cwmp
cwmp enable
#
return
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-16-2020 01:20 AM - edited 03-16-2020 01:21 AM
03-16-2020 01:20 AM - edited 03-16-2020 01:21 AM
Re: Outbound SIP calls failing with MSR2004 router and nat
Well, this looks like a huge issue and I don't really know how to fix this. But I have a friend, a friend that is working in an Internet provider company and as far as I know, he was always telling me that, if I have issues with my router or with the internet connection I should seek for the answer on the internet for the first time, before calling the provider, as many of the issues could be solved very easy. Also, my friend told me that everybody should read this article about high-speed internet connections if you want to understand how does an internet connection work. Maybe you will find a solution for your problem after reading this article, I will be honest with you, this is the greatest article I ever read and I found out a lot of new features and tips that are very useful on a day by day basis.