- This topic is empty.
-
Posts
-
I see on the forum a lot of messages about voip problems configuration, a lot with a sound problem in voip communication. The messages are disordered, almost all without an answer. The documentation about a typical voip configuration of zeroshell there isn’t. I can confirm that respect other simple router, zeroshell make some difficulties in voip configuration. Is there a people that can help a lot of us to understand well how to configure basically zeroshell when you have a voip pbx connected to it? Particularly the nat configuration and the rtp ports because a lot of users have a sound problem Thank you very much to all! ๐
Making some generic affirmations will not fix your issue. There are many messages because there are different PBX networking setup. Here are most common:
1) PBX Inetrnet ZS NAT SIP Clients — zhis is what I use, should be no setup / config however you can check conntrack and sip kernel module options. However I found that I need to do a contrack – f command every time I reboot ZS, else some SIP clients will not register.
2) SIP Client Internet ZS NAT PBX . Here u should forward ports or place PBX into a DMZ zone. ZS doesn’t have a DMZ section like a cheap router you will have to create it.
Can you elaborate a bit more about sip kernel options?
That may be what I am missing – my ATA keeps losing connection which it is not able to re-register in UDP mode, but it works in TCP mode as port# keeps changing randomly.Not sure if I can help. First you should identify the networking issue.
tcpdump and conntrack are your friends. Here is some help: https://community.sophos.com/kb/en-us/120352As for kernel modules
#list kernel modules:
lsmod |grep sip
nf_nat_sip 7701 0
nf_nat 10000 7 nf_nat_masquerade_ipv4,nf_nat_ipv4,nf_nat_pptp,nf_nat_proto_gre,nf_nat_sip,nf_nat_ftp,nf_nat_h323
nf_conntrack_sip 18245 1 nf_nat_sip# get module info:
modinfo nf_conntrack_sip
filename: /lib/modules/4.4.13-ZS/kernel/net/netfilter/nf_conntrack_sip.ko
alias: nfct-helper-sip
alias: ip_conntrack_sip
description: SIP connection tracking helper
author: Christian Hentschel
license: GPL
depends:
intree: Y
vermagic: 4.4.13-ZS SMP mod_unload modversions PENTIUMIII
parm: ports:port numbers of SIP servers (array of ushort)
parm: sip_timeout:timeout for the master SIP session (uint)
parm: sip_direct_signalling:expect incoming calls from registrar only (default 1) (int)
parm: sip_direct_media:Expect Media streams between signalling endpoints only (default 1) (int)This module accept 4 param (ports, sip_timeout etc).. Here is how you can change port number:
modprobe ip_conntrack_sip ports=5060, 5061 [,up to 8 ports]Unfortunately sip modules are still buggy and you may need to check for bugs and eventually recompile.
Here is an example bug: https://bugs.centos.org/view.php?id=2310Got it, this is something to start with.
In more detail, I used to have PAP2T ATA that over almost 10 years lost registration every about 6 months give or take a couple months.
Once registration was lost, nothing at all would restore registration but a change in port number. If I changed port from 5060 to 5061 it would register and work fine for another 4-6 months.
Over those 10 years I changed ISP and VOIP providers but the issue was always there. The only constant was Zeroshell router, which I gradually upgraded from 1.0 to 3.5 and somewhere in the middle rebuilt profile from scratch a couple of times.
Now I have Grandstream HT702 ATA and it loses registration almost daily.
I tried a few things and ended up switching from UDP to TCP and suddenly it works fine. It still loses registration every once in a while, but now with TCP it automatically re-registers and every time it does, it uses a different random port number (as I can see from the VOIP provider control panel), ignoring the 5060 kind of port that it used with UDP.
It’s not that I am hard pressed to or eager to go back to UDP, just curious what could have caused this.@DrmCa wrote:
Got it, this is something to start with.
In more detail, I used to have PAP2T ATA that over almost 10 years lost registration every about 6 months give or take a couple months.
Once registration was lost, nothing at all would restore registration but a change in port number. If I changed port from 5060 to 5061 it would register and work fine for another 4-6 months.
Over those 10 years I changed ISP and VOIP providers but the issue was always there. The only constant was Zeroshell router, which I gradually upgraded from 1.0 to 3.5 and somewhere in the middle rebuilt profile from scratch a couple of times.
Now I have Grandstream HT702 ATA and it loses registration almost daily.
I tried a few things and ended up switching from UDP to TCP and suddenly it works fine. It still loses registration every once in a while, but now with TCP it automatically re-registers and every time it does, it uses a different random port number (as I can see from the VOIP provider control panel), ignoring the 5060 kind of port that it used with UDP.
It’s not that I am hard pressed to or eager to go back to UDP, just curious what could have caused this.Had similar issue, with PAP, on alix witn an updated 3.6 works ok while on APU2 with 3.6 new image lost registration after every single reboot.
running `conntrack -f` fixed my issue but you will need to track your issue.
As a side note, csipsimple (android sip client) with same provider doesn’t have any issue.If you decide to use other ports then 5060 or 5061 I suggest you should register them into the kernel module.
A completely different approach would be to get rid of kernel modules
rmmod nf_nat_sip && rmmod nf_conntrack_sip
Then forward all necessary ports to your device like here: http://www.3cx.com/blog/docs/draytek-firewall-voip/
However this will not work if you want to use csipsimple and pap in the same time like me.@iulyb wrote:
Making some generic affirmations will not fix your issue. There are many messages because there are different PBX networking setup. Here are most common:
1) PBX Inetrnet ZS NAT SIP Clients — zhis is what I use, should be no setup / config however you can check conntrack and sip kernel module options. However I found that I need to do a contrack – f command every time I reboot ZS, else some SIP clients will not register.
2) SIP Client Internet ZS NAT PBX . Here u should forward ports or place PBX into a DMZ zone. ZS doesn’t have a DMZ section like a cheap router you will have to create it.
Thank you Iulyb. I didn’t made a specific questions because from the forum I see that a lot of us not super specialists have generical basic problems setting zeroshell for VOIP (I use GUI zeroshell interface). I attach my freepbx peer report with a linksys WRT54GL. You see that the registered external VOIP users have their real pubblic IP: voip communications are OK. I attach the freepbx report with zeroshell where you see that the external registered VOIP users have my private router IP. In zeroshell I putted in NAT both external and internal lan interface and I have port forwarding on RTP and SIP port like in WRT54Gl and I have audio problems. I think that something miss in the BASIC zeroshell setting, something that is automatically solved in linksys WRT54GL with DDWRT v24 VPN generic firmware or other similar routers. How I upload an image here? ๐ [/img]
ZS fills the niche above tomato / wrt and is getting close to a real biz / production router. However the expectation in knowledge, is in the same place, there are not so much help pages. ZS shines when u use multiple internet connections, ex a DSL and an LTE connection in the same time.
I putted in NAT both external and internal lan interface
Only interfaces used to go to internet should be on NAT box.
I have port forwarding on RTP and SIP port like in WRT54Gl and I have audio problems
Usually sip should be deal only by kernel modules as long as it use 5060 or 5051, my sip works with no setup (no firewall). However you need more ports forwarded on firewall. http://www.3cx.com/blog/docs/draytek-firewall-voip/
I use csipsimple on android and a pap device in the same time without any issues. (except the conntrack that affect only pap device@iulyb wrote:
I putted in NAT both external and internal lan interface
Only interfaces used to go to internet should be on NAT box.
SOLVED PARTIALLY. Thank you iulyB. I set only the wan interface as NAT and not WAN and LAN. Now the VOIP and INTERNET access are OK using port forwarding for sip and RTP but I created the problem accessing from internal to internal server using pubblic address or domain. This problem didn’t existed with internal and external interface in NAT. It is an open problem if someone want to help https://www.zeroshell.org/forum/viewtopic.php?t=5746&highlight=
- You must be logged in to reply to this topic.