Discussion:
xlite issue with unmanaged gateway.
Sven Evensen
2012-08-27 13:49:00 UTC
Permalink
I am using sipx 4.4 in Amazon EC2 with a unmanaged GW (SIP trunk does not
support re-invite). So all media is unanchored in sipx (except VM and conf
of course). Can some one recommend how we set up sipx for this. And how we
set up soft phones/ip phones. They may be at home office with no real
firewall or maybe be at a office with corporate firewall.

One thing we found out is we must use STUN server setting on sipx. What
about soft phones? Should SP also use the same STUN?

Worth mentioning that we are using "secret high port" from soft phones to
connect to sipx with iptables converting to 5060. That way we dont have to
worry about soft phone moving around with varying ip adresses etc. Could
this affect media?
--
*Sven Evensen, Operations Consultant*

*OnRelay*

Elizabeth House │ 39 York Road, London SE1 7NQ, UK │ +44 (0) 207 902 8123 │
mailto:***@onrelay.com <***@onrelay.com> │ www.onrelay.com


This electronic message transmission contains information from OnRelay,
Ltd., that may be confidential or privileged. The information is intended
solely for the recipient and use by any other party is not authorised. If
you are not the intended recipient, be aware that any disclosure, copying,
distribution or use of the contents of this information or any attachment,
is prohibited. If you have received this electronic transmission in error,
please notify us immediately by electronic mail (***@onrelay.com) and
delete this message, along with any attachments, from your computer.
Registered in England No 04006093 Š Registered Office 1st Floor, 236 Gray's
Inn Road, London WC1X 8HB
Tony Graziano
2012-08-27 14:39:18 UTC
Permalink
No Stun if the UA is registering directly to sipx and sipx is anchoring
media (in other words, unless a SBC or other software is managing remote
users, no changes to the UA should be in place). UA needs to send internal
ip address, no stun or nat, sipxrelay does that.

ONLY need to use STUN on sipx if the DNS SRV records do not point to the
elastic IP (or you failed to configure with one). Ideally, Elastic IP is
configured on EC2 and DNS SRV point to it for the UA. Your "secret high
port" can be configured via DNS also as the SRV record.

Media is on different ports, but realize xlite is very limited and no MOH,
etc. is supported by the MFR. You have not provided a description really of
what "doesn't" work in particular.
Post by Sven Evensen
I am using sipx 4.4 in Amazon EC2 with a unmanaged GW (SIP trunk does not
support re-invite). So all media is unanchored in sipx (except VM and conf
of course). Can some one recommend how we set up sipx for this. And how we
set up soft phones/ip phones. They may be at home office with no real
firewall or maybe be at a office with corporate firewall.
One thing we found out is we must use STUN server setting on sipx. What
about soft phones? Should SP also use the same STUN?
Worth mentioning that we are using "secret high port" from soft phones to
connect to sipx with iptables converting to 5060. That way we dont have to
worry about soft phone moving around with varying ip adresses etc. Could
this affect media?
--
*Sven Evensen, Operations Consultant*
*OnRelay*
Elizabeth House │ 39 York Road, London SE1 7NQ, UK │ +44 (0) 207 902 8123
www.onrelay.com
This electronic message transmission contains information from OnRelay,
Ltd., that may be confidential or privileged. The information is intended
solely for the recipient and use by any other party is not authorised. If
you are not the intended recipient, be aware that any disclosure, copying,
distribution or use of the contents of this information or any attachment,
is prohibited. If you have received this electronic transmission in error,
delete this message, along with any attachments, from your computer.
Registered in England No 04006093 Š Registered Office 1st Floor, 236 Gray's
Inn Road, London WC1X 8HB
_______________________________________________
sipx-users mailing list
List Archive: http://list.sipfoundry.org/archive/sipx-users/
--
~~~~~~~~~~~~~~~~~~
Tony Graziano, Manager
Telephone: 434.984.8430
sip: ***@voice.myitdepartment.net
Fax: 434.465.6833
~~~~~~~~~~~~~~~~~~
Linked-In Profile:
http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4
Ask about our Internet Fax services!
~~~~~~~~~~~~~~~~~~

Using or developing for sipXecs from SIPFoundry? Ask me about sipX-CoLab
2013!
<http://sipxcolab2013.eventbrite.com/?discount=tony2013>
--
LAN/Telephony/Security and Control Systems Helpdesk:
Telephone: 434.984.8426
sip: ***@voice.myitdepartment.net

Helpdesk Customers: http://myhelp.myitdepartment.net
Blog: http://blog.myitdepartment.net
Sven Evensen
2012-08-27 14:56:57 UTC
Permalink
Thanks for the info Tony. I have not really used sipx with unmanaged GW
before, so I was a bit unsure of a few settings.

We use elastic IP of course, so STUN is not needed on sipx as you say.

The main problem we have now is my xlite at home has no media issues, while
the customers (behind firewall) xlite has no media, incoming or outgoing. I
see in wireshark media is sent to correct ip:port, but nothing arrives So I
was wondering if it is the xlite setup (stun, global vs local ip etc) or
the firewall setting. I know from earlier posts "* The local firewall to
your PC needs to have any SIP helper or Application Layer Gateway "turned
off". ". We will check that tomorrow.*
*
*
*
*
Post by Tony Graziano
No Stun if the UA is registering directly to sipx and sipx is anchoring
media (in other words, unless a SBC or other software is managing remote
users, no changes to the UA should be in place). UA needs to send internal
ip address, no stun or nat, sipxrelay does that.
ONLY need to use STUN on sipx if the DNS SRV records do not point to the
elastic IP (or you failed to configure with one). Ideally, Elastic IP is
configured on EC2 and DNS SRV point to it for the UA. Your "secret high
port" can be configured via DNS also as the SRV record.
Media is on different ports, but realize xlite is very limited and no MOH,
etc. is supported by the MFR. You have not provided a description really of
what "doesn't" work in particular.
Post by Sven Evensen
I am using sipx 4.4 in Amazon EC2 with a unmanaged GW (SIP trunk does not
support re-invite). So all media is unanchored in sipx (except VM and conf
of course). Can some one recommend how we set up sipx for this. And how we
set up soft phones/ip phones. They may be at home office with no real
firewall or maybe be at a office with corporate firewall.
One thing we found out is we must use STUN server setting on sipx. What
about soft phones? Should SP also use the same STUN?
Worth mentioning that we are using "secret high port" from soft phones to
connect to sipx with iptables converting to 5060. That way we dont have to
worry about soft phone moving around with varying ip adresses etc. Could
this affect media?
--
*Sven Evensen, Operations Consultant*
*OnRelay*
Elizabeth House │ 39 York Road, London SE1 7NQ, UK │ +44 (0) 207 902 8123│
This electronic message transmission contains information from OnRelay,
Ltd., that may be confidential or privileged. The information is intended
solely for the recipient and use by any other party is not authorised. If
you are not the intended recipient, be aware that any disclosure, copying,
distribution or use of the contents of this information or any attachment,
is prohibited. If you have received this electronic transmission in error,
delete this message, along with any attachments, from your computer.
Registered in England No 04006093 Š Registered Office 1st Floor, 236 Gray's
Inn Road, London WC1X 8HB
_______________________________________________
sipx-users mailing list
List Archive: http://list.sipfoundry.org/archive/sipx-users/
--
~~~~~~~~~~~~~~~~~~
Tony Graziano, Manager
Telephone: 434.984.8430
Fax: 434.465.6833
~~~~~~~~~~~~~~~~~~
http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4
Ask about our Internet Fax services!
~~~~~~~~~~~~~~~~~~
Using or developing for sipXecs from SIPFoundry? Ask me about sipX-CoLab
2013!
<http://sipxcolab2013.eventbrite.com/?discount=tony2013>
Telephone: 434.984.8426
Helpdesk Customers: http://myhelp.myitdepartment.**net<http://myhelp.myitdepartment.net>
Blog: http://blog.myitdepartment.net
_______________________________________________
sipx-users mailing list
List Archive: http://list.sipfoundry.org/archive/sipx-users/
--
*Sven Evensen, Operations Consultant*

*OnRelay*

Elizabeth House │ 39 York Road, London SE1 7NQ, UK │ +44 (0) 207 902 8123 │
mailto:***@onrelay.com <***@onrelay.com> │ www.onrelay.com


This electronic message transmission contains information from OnRelay,
Ltd., that may be confidential or privileged. The information is intended
solely for the recipient and use by any other party is not authorised. If
you are not the intended recipient, be aware that any disclosure, copying,
distribution or use of the contents of this information or any attachment,
is prohibited. If you have received this electronic transmission in error,
please notify us immediately by electronic mail (***@onrelay.com) and
delete this message, along with any attachments, from your computer.
Registered in England No 04006093 Š Registered Office 1st Floor, 236 Gray's
Inn Road, London WC1X 8HB
Tony Graziano
2012-08-27 15:50:25 UTC
Permalink
Right. That needs to be off. If there is a proxy helper on the firewall
where the UA is it is mangling the media ports and breaking it.

I have found some home routers horrible (like a lot of the dlinks). So your
mileage may vary depending on the quality of the device.
--
~~~~~~~~~~~~~~~~~~
Tony Graziano, Manager
Telephone: 434.984.8430
sip: ***@voice.myitdepartment.net
Fax: 434.465.6833
~~~~~~~~~~~~~~~~~~
Linked-In Profile:
http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4
Ask about our Internet Fax services!
~~~~~~~~~~~~~~~~~~

Using or developing for sipXecs from SIPFoundry? Ask me about sipX-CoLab
2013!
Post by Sven Evensen
Thanks for the info Tony. I have not really used sipx with unmanaged GW
before, so I was a bit unsure of a few settings.
We use elastic IP of course, so STUN is not needed on sipx as you say.
The main problem we have now is my xlite at home has no media issues,
while the customers (behind firewall) xlite has no media, incoming or
outgoing. I see in wireshark media is sent to correct ip:port, but nothing
arrives So I was wondering if it is the xlite setup (stun, global vs local
ip etc) or the firewall setting. I know from earlier posts "* The local
firewall to your PC needs to have any SIP helper or Application Layer
Gateway "turned off". ". We will check that tomorrow.*
*
*
*
*
On Mon, Aug 27, 2012 at 3:39 PM, Tony Graziano <
Post by Tony Graziano
No Stun if the UA is registering directly to sipx and sipx is anchoring
media (in other words, unless a SBC or other software is managing remote
users, no changes to the UA should be in place). UA needs to send internal
ip address, no stun or nat, sipxrelay does that.
ONLY need to use STUN on sipx if the DNS SRV records do not point to the
elastic IP (or you failed to configure with one). Ideally, Elastic IP is
configured on EC2 and DNS SRV point to it for the UA. Your "secret high
port" can be configured via DNS also as the SRV record.
Media is on different ports, but realize xlite is very limited and no
MOH, etc. is supported by the MFR. You have not provided a description
really of what "doesn't" work in particular.
Post by Sven Evensen
I am using sipx 4.4 in Amazon EC2 with a unmanaged GW (SIP trunk does
not support re-invite). So all media is unanchored in sipx (except VM and
conf of course). Can some one recommend how we set up sipx for this. And
how we set up soft phones/ip phones. They may be at home office with no
real firewall or maybe be at a office with corporate firewall.
One thing we found out is we must use STUN server setting on sipx. What
about soft phones? Should SP also use the same STUN?
Worth mentioning that we are using "secret high port" from soft phones
to connect to sipx with iptables converting to 5060. That way we dont have
to worry about soft phone moving around with varying ip adresses etc. Could
this affect media?
--
*Sven Evensen, Operations Consultant*
*OnRelay*
Elizabeth House │ 39 York Road, London SE1 7NQ, UK │ +44 (0) 207 902
www.onrelay.com
This electronic message transmission contains information from OnRelay,
Ltd., that may be confidential or privileged. The information is intended
solely for the recipient and use by any other party is not authorised. If
you are not the intended recipient, be aware that any disclosure, copying,
distribution or use of the contents of this information or any attachment,
is prohibited. If you have received this electronic transmission in error,
delete this message, along with any attachments, from your computer.
Registered in England No 04006093 Š Registered Office 1st Floor, 236 Gray's
Inn Road, London WC1X 8HB
_______________________________________________
sipx-users mailing list
List Archive: http://list.sipfoundry.org/archive/sipx-users/
--
~~~~~~~~~~~~~~~~~~
Tony Graziano, Manager
Telephone: 434.984.8430
Fax: 434.465.6833
~~~~~~~~~~~~~~~~~~
http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4
Ask about our Internet Fax services!
~~~~~~~~~~~~~~~~~~
Using or developing for sipXecs from SIPFoundry? Ask me about sipX-CoLab
2013!
<http://sipxcolab2013.eventbrite.com/?discount=tony2013>
Telephone: 434.984.8426
Helpdesk Customers: http://myhelp.myitdepartment.**net<http://myhelp.myitdepartment.net>
Blog: http://blog.myitdepartment.net
_______________________________________________
sipx-users mailing list
List Archive: http://list.sipfoundry.org/archive/sipx-users/
--
*Sven Evensen, Operations Consultant*
*OnRelay*
Elizabeth House │ 39 York Road, London SE1 7NQ, UK │ +44 (0) 207 902 8123
www.onrelay.com
This electronic message transmission contains information from OnRelay,
Ltd., that may be confidential or privileged. The information is intended
solely for the recipient and use by any other party is not authorised. If
you are not the intended recipient, be aware that any disclosure, copying,
distribution or use of the contents of this information or any attachment,
is prohibited. If you have received this electronic transmission in error,
delete this message, along with any attachments, from your computer.
Registered in England No 04006093 Š Registered Office 1st Floor, 236 Gray's
Inn Road, London WC1X 8HB
_______________________________________________
sipx-users mailing list
List Archive: http://list.sipfoundry.org/archive/sipx-users/
--
LAN/Telephony/Security and Control Systems Helpdesk:
Telephone: 434.984.8426
sip: ***@voice.myitdepartment.net

Helpdesk Customers: http://myhelp.myitdepartment.net
Blog: http://blog.myitdepartment.net
Sven Evensen
2012-08-27 17:34:13 UTC
Permalink
Another issue I have on this server maybe due to unmanaged gateway is this
- Our product uses port 5560 and receives calls to some or all sipx users
and relays the call out to a mobile phone.
- On this specific server when B leg answers, 200 OK is relayed back to A
leg via our server on port 5560.
- Then A leg relays ACK back to B leg again via 5560
- But here the external IP address of sipx is used internally

Please see lie 76 in pcap. I have spent hours understanding (NOT) why that
is, whether it is something in sipx or in our application.

Sven
Post by Tony Graziano
Right. That needs to be off. If there is a proxy helper on the firewall
where the UA is it is mangling the media ports and breaking it.
I have found some home routers horrible (like a lot of the dlinks). So
your mileage may vary depending on the quality of the device.
--
~~~~~~~~~~~~~~~~~~
Tony Graziano, Manager
Telephone: 434.984.8430
Fax: 434.465.6833
~~~~~~~~~~~~~~~~~~
http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4
Ask about our Internet Fax services!
~~~~~~~~~~~~~~~~~~
Using or developing for sipXecs from SIPFoundry? Ask me about sipX-CoLab
2013!
Post by Sven Evensen
Thanks for the info Tony. I have not really used sipx with unmanaged GW
before, so I was a bit unsure of a few settings.
We use elastic IP of course, so STUN is not needed on sipx as you say.
The main problem we have now is my xlite at home has no media issues,
while the customers (behind firewall) xlite has no media, incoming or
outgoing. I see in wireshark media is sent to correct ip:port, but nothing
arrives So I was wondering if it is the xlite setup (stun, global vs local
ip etc) or the firewall setting. I know from earlier posts "* The local
firewall to your PC needs to have any SIP helper or Application Layer
Gateway "turned off". ". We will check that tomorrow.*
*
*
*
*
On Mon, Aug 27, 2012 at 3:39 PM, Tony Graziano <
Post by Tony Graziano
No Stun if the UA is registering directly to sipx and sipx is anchoring
media (in other words, unless a SBC or other software is managing remote
users, no changes to the UA should be in place). UA needs to send internal
ip address, no stun or nat, sipxrelay does that.
ONLY need to use STUN on sipx if the DNS SRV records do not point to the
elastic IP (or you failed to configure with one). Ideally, Elastic IP is
configured on EC2 and DNS SRV point to it for the UA. Your "secret high
port" can be configured via DNS also as the SRV record.
Media is on different ports, but realize xlite is very limited and no
MOH, etc. is supported by the MFR. You have not provided a description
really of what "doesn't" work in particular.
Post by Sven Evensen
I am using sipx 4.4 in Amazon EC2 with a unmanaged GW (SIP trunk does
not support re-invite). So all media is unanchored in sipx (except VM and
conf of course). Can some one recommend how we set up sipx for this. And
how we set up soft phones/ip phones. They may be at home office with no
real firewall or maybe be at a office with corporate firewall.
One thing we found out is we must use STUN server setting on sipx. What
about soft phones? Should SP also use the same STUN?
Worth mentioning that we are using "secret high port" from soft phones
to connect to sipx with iptables converting to 5060. That way we dont have
to worry about soft phone moving around with varying ip adresses etc. Could
this affect media?
--
*Sven Evensen, Operations Consultant*
*OnRelay*
Elizabeth House │ 39 York Road, London SE1 7NQ, UK │ +44 (0) 207 902
www.onrelay.com
This electronic message transmission contains information from OnRelay,
Ltd., that may be confidential or privileged. The information is intended
solely for the recipient and use by any other party is not authorised. If
you are not the intended recipient, be aware that any disclosure, copying,
distribution or use of the contents of this information or any attachment,
is prohibited. If you have received this electronic transmission in error,
delete this message, along with any attachments, from your computer.
Registered in England No 04006093 Š Registered Office 1st Floor, 236 Gray's
Inn Road, London WC1X 8HB
_______________________________________________
sipx-users mailing list
List Archive: http://list.sipfoundry.org/archive/sipx-users/
--
~~~~~~~~~~~~~~~~~~
Tony Graziano, Manager
Telephone: 434.984.8430
Fax: 434.465.6833
~~~~~~~~~~~~~~~~~~
http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4
Ask about our Internet Fax services!
~~~~~~~~~~~~~~~~~~
Using or developing for sipXecs from SIPFoundry? Ask me about sipX-CoLab
2013!
<http://sipxcolab2013.eventbrite.com/?discount=tony2013>
Telephone: 434.984.8426
Helpdesk Customers: http://myhelp.myitdepartment.**net<http://myhelp.myitdepartment.net>
Blog: http://blog.myitdepartment.net
_______________________________________________
sipx-users mailing list
List Archive: http://list.sipfoundry.org/archive/sipx-users/
--
*Sven Evensen, Operations Consultant*
*OnRelay*
Elizabeth House │ 39 York Road, London SE1 7NQ, UK │ +44 (0) 207 902 8123│
This electronic message transmission contains information from OnRelay,
Ltd., that may be confidential or privileged. The information is intended
solely for the recipient and use by any other party is not authorised. If
you are not the intended recipient, be aware that any disclosure, copying,
distribution or use of the contents of this information or any attachment,
is prohibited. If you have received this electronic transmission in error,
delete this message, along with any attachments, from your computer.
Registered in England No 04006093 Š Registered Office 1st Floor, 236 Gray's
Inn Road, London WC1X 8HB
_______________________________________________
sipx-users mailing list
List Archive: http://list.sipfoundry.org/archive/sipx-users/
Telephone: 434.984.8426
Helpdesk Customers: http://myhelp.myitdepartment.**net<http://myhelp.myitdepartment.net>
Blog: http://blog.myitdepartment.net
_______________________________________________
sipx-users mailing list
List Archive: http://list.sipfoundry.org/archive/sipx-users/
--
*Sven Evensen, Operations Consultant*

*OnRelay*

Elizabeth House │ 39 York Road, London SE1 7NQ, UK │ +44 (0) 207 902 8123 │
mailto:***@onrelay.com <***@onrelay.com> │ www.onrelay.com


This electronic message transmission contains information from OnRelay,
Ltd., that may be confidential or privileged. The information is intended
solely for the recipient and use by any other party is not authorised. If
you are not the intended recipient, be aware that any disclosure, copying,
distribution or use of the contents of this information or any attachment,
is prohibited. If you have received this electronic transmission in error,
please notify us immediately by electronic mail (***@onrelay.com) and
delete this message, along with any attachments, from your computer.
Registered in England No 04006093 Š Registered Office 1st Floor, 236 Gray's
Inn Road, London WC1X 8HB
Loading...