im_chandave
join:2005-07-28
Cleveland, OH
| reply to degauss1
"Turning off SPI" on the DLink DI series of routers entails enabling Game mode. "Game mode" on that router series just means that any Internet host can send data through the pinhole established by an outbound connection from behind the LAN side of the router.
Also, due to a bug in the firmware, you will notice that your DI-624 will be more stable with UPnP enabled...even if you don't use UPnP to control your Internet Gateway Device (IGD--i.e the DI-624 in UPnP terminology).
The DI-series does not honor source-port preservation. As a result, if your SPA uses UDP port 5060 as a source port for SIP communication, there's a 100% chance that when your SIP packet exits your router, it will use a different (high 63,000 range) port number.
My suggestion:
- Goto your SPA's SIP > NAT Support Parameters and
- Set "STUN Enable" to "yes"
- Set "STUN Server" to "stun.vtnoc.net"
- Set "STUN Test Enable" to "no"
- Set "NAT Keep Alive Intvl" to 30 seconds
- Set "Send Resp To Src Port" to "yes"
- Ignore the "VIA received", "VIA rport", and "VIA Addr" stuff for now.
- Look at SPA' SIP > RTP Parameters and
- Note the "RTP Port Min" and "RTP Port Max" numbers. This range represents the UDP port forwarding range you might need to setup on your DI-624...might if STUN is not resolving your call issues.
- Goto your Line 1 > NAT Settings and
- Set "NAT Mapping Enable" to "yes"
- Set "NAT Keep Alive Enable" to "yes"
- Goto your Line 1 > SIP Settings and
- Set "SIP Port" to "5060"
- Set "Restrict Source IP" to "no"
- Make sure "EXT SIP Port" and "SIP Proxy-Require" are blank
- Take your SPA OUT OF the DMZ zone. Give it a static IP address within your LAN subnet.
- Remove any port forwarding for UDP port 5060 and the UDP ports range found in "RTP Port Min" to "RTP Port Max" inclusive.
- Turn off your SPA.
- Reboot your DI-624.
- After your DI-624 is fully up and running, get to a computer and retrieve the following file using the URL:
http://192.168.0.1/natlist.txt (assuming your DI-624's LAN IP address is 192.168.0.1). This is your NAT mappings on the router.
- Start up your SPA.
- Once the SPA is fully up, check your SPA's INFO > Line 1 Status:
- Look at the "Mapped SIP Port" and take note of the number. It would probably be in the high 60K range.
- Look at the "Registration State". Is it registered?
- Get the NATLIST again from your router via http://192.168.0.1/natlist.txt.
- In the NATLIST.TXT, you should have a line listing your internal IP address of your SPA with port 5060 mapped to the port corresponding to "Mapped SIP Port" from your SPA. For example, if the "Mapped SIP Port" was 63456 and your SPA has the address of 192.168.0.2, you might see the following line in your NATLIST.TXT
If you don't have a line like that in your NATLIST.TXT, then make sure "Game mode" is still enabled on your DI-624.
If at this point everything has been going as I presented above, then try making an outbound call. While making the call, look at your SPA's INFO > Line 1 Status > Call 1 Mapped RTP Port. Grab a copy of the NATLIST.TXT from your DI-624 while the call is in progress. Is there a NATLIST UDP entry whose out_port matches the "Mapped RTP Port"? If not, then I can get back to you about how to enable Syslogging and then interpreting the SIP packet dumps that will appear in the Syslog server.
See ya...
d.c. |
.
·
·
·