dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1915
share rss forum feed

DocLarge
Premium
join:2004-09-08
kudos:1

3 edits

CISCO 871w Blocking Possibly Freepbx Protocols

I reformatted my freepbx the other day thinking I'd corrupted the OS somehow. Turns out that my 871w is blocking something which in turn is causing the pbx to "partially" come up. Basically, "none" of my phones will register and the left side of the logon screen is not displaying "any" of the asterisk update information you normally see.

Furthermore, once I logon, none of my trunks (online, registration) or my ip phones register. However, if I move my server back behind my business-consumer router (Linksys WRVS4400n Gigabit Security VPN router), the logon page comes up like it should and everything registers. I've forwarded ports 5060 and 5065 on my 871w, but that's not rectifying the problem.

Has anyone else come up against this?

Jay


DocLarge
Premium
join:2004-09-08
kudos:1

BAAAAAAAA-BUUUUUMMMMMP!!!!


hardly
Premium
join:2004-02-10
USA
reply to DocLarge

You would probably have more luck in the Cisco forum.
Not much help here with IOS configs.


DocLarge
Premium
join:2004-09-08
kudos:1
reply to DocLarge

I'd thought about it, but the familiarity
of the application (freepbx) with regards to this issue
is what I'm after for the moment. Should no one respond, I'll
take it there next...


CMSIPGP

join:2010-10-15
Marietta, GA
reply to DocLarge

Jay,

Could you post the config of your Cisco router? You might not be NATting all the ports needed.

--
Carlos


Stewart

join:2005-07-13
kudos:25
reply to DocLarge

A common problem with Cisco and VoIP is fixed by turning off the SIP ALGs that are on by default. Add to your config:


no ip nat service sip udp port 5060
no ip nat service sip udp port 5061

However, from your symptoms it seems that something is blocking freepbx from initializing. I would expect that if you had no Internet connection at all, your trunks would of course not be registered, but the local extensions should be able to register and call other extensions. (By hooking up to the Linksys and disconnecting its WAN port, you could easily test that.) Possibly, you have some static IP assignments conflicting with DHCP or with some ACLs on the Cisco router.

DocLarge
Premium
join:2004-09-08
kudos:1
reply to DocLarge

CMSIPGP and Stewart,

thanks for chiming in. Something is definitely keeping from initializing when running from behind my 871w. I opened a few more ports (5004 - 5082, 10000 - 20000) and that still didn't work either. I'm thinking this issue is at the protocol level of some sort...

The good news out of all of this is that I've "FINALLY" got a good working FreePBX box!!! Yep, my Linksys WIP-330 registers to my pbx via Sipgate, and my Grandstream GXV3140 registers to my pbx via VoipTalk (UK provider). Unfortunately, the grandstream drops phonecalls "precisely" 20 seconds into the call everytime (I'm still trying to find what's making it do that).

I'm burned after denying myself sleep for the last four days getting this to work, so I'm turning in early, but I'll be all over the site tomorrow working on this issue (I'm running it from behind my Linksys box at the moment).

Jay


CMSIPGP

join:2010-10-15
Marietta, GA

Not initializing could be caused by the ethernet interface of your server not coming up. Can you confirm that the switchport in the cisco router is up?

Also, what type of NATting are you configuring (if any)? single public IP or multiple public IPs with one dedicated to your SIP Server?

--
Carlos


DocLarge
Premium
join:2004-09-08
kudos:1

I'm running a single public IP... The port is up... I've been on both phones all morning; they're running on the Linksys right now. As soon as I move things to the 871w, both phones stop registering, and the splash page comes up minus the aterisk details on the left...

Jay


CMSIPGP

join:2010-10-15
Marietta, GA

1 edit

Something like this should work...

access-list 101 permit ip (inside networks) any
route-map Outbound-NAT permit 1
match ip address 101
ip nat inside source route-map Outbound-NAT interface (outside interface) overload
!
ip nat inside source static tcp (PiaF IP) 5060 interface (outside interface) 5060
!
ip access-list extended UDP-RTP
permit udp host (PiaF IP) any range 10000 20000
!
route-map Inbound-SIP permit 10
match ip address UDP-RTP
!
ip nat inside source static (PiaF-IP) (Outside-IP) route-map Inbound-SIP


CMSIPGP

join:2010-10-15
Marietta, GA
reply to DocLarge

So a single public IP will require port mappings if you are using it to access multiple internal systems.

One of the challenges of Cisco is to get port-range mappings, in the linksys is rather easy.

look at this page:

»www.voip-blog.co.uk/index.php/20···c500-cme

that's what you need to get external devices registered.

--
Carlos


DocLarge
Premium
join:2004-09-08
kudos:1

3 edits
reply to DocLarge

Click for full size
Click for full size
Click for full size
Still having no luck... I'd prefer to have my 871w running so I don't have to keep bouncing back and forth. Additionally, I like to keep my cisco gear online when it's close to my taking a certification exam (I'm taking route the first week of November).

Worst case, I'll just practice with GNS3, but I'll still like to figure out what this problem is...

Jay


nunya
Premium,MVM
join:2000-12-23
O Fallon, MO
kudos:12
reply to DocLarge

I'm not clear. Are your phones on the same LAN as your * server? If so, do you have static IP addresses assigned to them, or is your router assigning IP's? If so, is the Cisco aware of the IP's it's supposed to be assigning to the devices?



battleop

join:2005-09-28
00000
reply to DocLarge

Where is the Asterisk box in relation to the phones?


DocLarge
Premium
join:2004-09-08
kudos:1
reply to DocLarge

It's all fixed now. CMSIPIG and I worked through it. Turns out although I was using my 4400n as a switch (no modem connection to the WAN port) it was "still" trying to act as the default gateway (at least, it was to my pbx server). Neither CMSIPIG or I had ever seen that before *shrug*

Anyway, as opposed to using DHCP, we eventually assigned a static ip address to the box from the command line using the "netconfig" command (I've got zero linux skills). That was the answer!!

Time to fully learn Linux, I guess; other than that problem solved. Thanks for hanging in everybody...

Jay