ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

VOIP issue

https://mail.forum.configserver.com/viewtopic.php?t=7578

Page 1 of 1

VOIP issue

Posted: 06 Mar 2014, 04:46
by call2sun
hi all

i istalled csf and everything is normal but when i turn media proxy on for voip then the sound not passing and dead air hear i even opened all the ports but still the same

waiting for reply

Re: VOIP issue

Posted: 11 Mar 2014, 19:41
by Sergio
Have you tried to add the port in TCP/UDP IN/OUT to see if that works? and adding the port in IP4 and IP6?

Re: VOIP issue

Posted: 16 Mar 2014, 18:09
by call2sun
yes i even opened all tcp and udp ports

with 1:65535 for tcp and udp ports but no success

Re: VOIP issue

Posted: 16 Mar 2014, 20:25
by Sergio
Have you added the IP of the connection on the white list?
Have you checked media proxy info about firewalls?

I have reviewed some VOIP info and found the following related configs:
How can I Configure my Firewall/Router to use VoIP Telephony?
When we use firewall to protect your network but the same time we need to use the voip technology you must have open some necessary Ip ports
Port 5060 TCP and UDP
Port 5004 UDP
Port 3478/9 UDP for stun Server
Ports 16348 - 32768 UDP (RTP, RTCP multimedia Streaming)

Dont Forget that the VoIP Quality has to do also with the Traffic of your Network. We Suggest you enable the Quality of Service (QoS) for the Sip Packets. The most Routers/Firewalls now Support this Feature.
Another:
This is an example on how to configure a Linux IPTables firewall for Asterisk:

# SIP on UDP port 5060. Other SIP servers may need TCP port 5060 as well
iptables -A INPUT -p udp -m udp --dport 5060 -j ACCEPT

# IAX2- the IAX protocol
iptables -A INPUT -p udp -m udp --dport 4569 -j ACCEPT

# IAX - most have switched to IAX v2, or ought to
iptables -A INPUT -p udp -m udp --dport 5036 -j ACCEPT

# RTP - the media stream
# (related to the port range in /etc/asterisk/rtp.conf)
iptables -A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT

# MGCP - if you use media gateway control protocol in your configuration
iptables -A INPUT -p udp -m udp --dport 2727 -j ACCEPT
One more:
Enable the firewall and create a firewall policy:
enable firewall
create firewall policy=voip
enable firewall policy=voip icmp_f=all
Enable the SIP ALG agent within the firewall:
enable firewall sipalg
Add your firewall policy to the public side of
the interface. The Intern
et-facing interface of
the router is a public (not tr
usted) interface on the firewall.
add firewall policy=voip int=eth1 type=public
Add the firewall policy to the private side of
the interface. The LAN-fa
cing interface of the
router is the private (trusted) interface on the firewall.
add firewall policy=voip int=eth0 type=private
Enable NAT for any general traffic
that passes through the firewall.
add firewall policy=voip nat=enhanced interface=eth0 gblint=eth1
On the other hand, if you are using BOGON in your CSF configuration, check LF_BOGON_SKIP and add there the ETH related.

Sergio

Re: VOIP issue

Posted: 18 Mar 2014, 04:18
by call2sun
a question is when i allow the ip in firewall then all ports will open for that ip am i right?as i already allowed the ip
if i do signaling only sound will hear but if i do media proxy only dead air comming and this is so strange
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited