|
|
Joined: Sep 2004
Posts: 4,214 Likes: 2
Member
|
Member
Joined: Sep 2004
Posts: 4,214 Likes: 2 |
Get wireshark and see if the problem is the remote end or your end blocking UDP ports.
|
|
|
|
Joined: Sep 2008
Posts: 4
Member
|
Member
Joined: Sep 2008
Posts: 4 |
Well I've run wireshark on a laptop that is directly connected to the switch that also has the UGW on it. Should I be looking somewhere else?
The only traffic I see on wireshark is the initial address resolution request (the ARP) when the phone first initializes.
Here's the weird thing: -When I plug one of the phones into the same switch as the UGW I get sync and voice no problem. -When I test a phone that is inside our network (and behind our router/firewall) I get sync but no voice. -When I have a tadiran technician set one of his phones to use my CA (outside of our firewall) he also gets sync but no voice.
I have contacted our provider (Cox Cable) and they insist that they do not block any ports.
Still stumped.
|
|
|
|
Joined: Jul 2006
Posts: 728
Member
|
Member
Joined: Jul 2006
Posts: 728 |
turn Diffserv off on your UGW.
|
|
|
|
Joined: Sep 2008
Posts: 4
Member
|
Member
Joined: Sep 2008
Posts: 4 |
Originally posted by TadiranTechTexas: turn Diffserv off on your UGW. on both signaling and the media?
|
|
|
|
Joined: Sep 2008
Posts: 4
Member
|
Member
Joined: Sep 2008
Posts: 4 |
Originally posted by Coral Tech: Get wireshark and see if the problem is the remote end or your end blocking UDP ports. Ok while I cannot see any traffic from any phone, I ran wireshark while making a call with a softphone on the same PC, I was able to see all of the traffic with that, but not any traffic from another softphone on a different PC.
|
|
|
|
Joined: Jul 2006
Posts: 728
Member
|
Member
Joined: Jul 2006
Posts: 728 |
yes... Sometimes the provider (comcast) doesn't have this turned on and it will stop the diffserv packets thru.
|
|
|
|
Joined: Oct 2007
Posts: 62
Member
|
Member
Joined: Oct 2007
Posts: 62 |
Had this issue when first got UGW, figured could NAT to public so could use inside and outside. Gave phones 192 address space as well as Sig/Media then NAT'd Public, didn't work - always one way conversation. Used PIX/Checkpoint still did not work properly. End result put it in front of FW, however have ACL on L3 switch ports which restrict the only ports allowed to connect to it. For internal users had to go with 2nd card.
there is however an "outside the box" work around...on your router set up an ACL (sorry only familiar with Cisco on router/switches) denying bad ip addresses, (porno sits or any other destinations that are denied/restricted)
on the switch assign the IP phones (those IP addresses that are bad). Use sticky MAC one address then use shutdown if someone tries to set up computer to bypass company policies - make sure router/switch does not hand out DHCP)
example your UGW has 2 public IP's 1.2.3.4 Signal 5.6.7.8 Media
IP phones 100.100.100.1 100.100.100.2
and so forth (don't use those they are just examples they belong to Arin)
Adrian
|
|
|
|
Joined: Jun 2005
Posts: 84
Member
|
Member
Joined: Jun 2005
Posts: 84 |
I just wound up putting it in front of FW and manually assigned some public Ip's to the phones I have out in the wild.
|
|
|
|
Joined: Jun 2004
Posts: 1,367
Member
|
Member
Joined: Jun 2004
Posts: 1,367 |
Wireshark reminder. You either need a manged switch that you can do port mirroring in order to see the traffic or you need an old fashioned HUB. I switch will NOT allow directed traffic to be seen on another port. You will only see broadcast traffic such as ARP
|
|
|
|
Joined: Jun 2009
Posts: 25
Member
|
Member
Joined: Jun 2009
Posts: 25 |
Currently Im trying to add T209 MGCP (setup with public IP no firewall) from external and I had been reading all this discussion but still no luck for me. My IPXOffice is installed behind Checkpoint Firewall (no Sentinel) with 192.168.10.200 for signaling and 192.168.10.201 for media. The signal working but not the voice.
From wireshark I seen signaling go through public IP and forwarding to 192.168.10.200 port 2427 but the voice is trying to reach internal ip 192.168.10.200 16400 (RTP G729) instead of the public ip. Is this normal? or Did I do wrong setting on the UGW? I use port mirroring to tap the T209M activity
Is anybody able to work on those discussion
Thanks a lot Dendiko
|
|
|
Forums84
Topics94,428
Posts639,501
Members49,821
|
Most Online5,661 May 23rd, 2018
|
|
0 members (),
343
guests, and
31
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
|
|
|