Koozali.org: home of the SME Server

Opening ports

Offline andyjlund

  • 7
  • +0/-0
Opening ports
« on: October 29, 2012, 03:53:53 PM »
Hi,

I am trying to open some ports in SME server 8 but i can't find any documentation on how to do this.

Basically i have a SIP phone which uses ports 3478, 5004 and 5060.  The SIP phone doesn't work properly an i can't hear the call at the other end.  On research, documents generally point out that the above ports are not open.  I have used port forwarding in the server manager, but no difference.  I have also used a port scanner to see if the ports are open, and it appears that they are not, even though port forwarding has been set up.

So my question is how to open specific ports on SME server so i can get my SIP phone working

Many thanks
Andy

Offline Jean-Philippe Pialasse

  • *
  • 2,746
  • +11/-0
  • aka Unnilennium
    • http://smeserver.pialasse.com
Re: Opening ports
« Reply #1 on: October 29, 2012, 07:58:28 PM »
Hi,

all ports from internal to external are open by default.


Access from Internet to internal device require you first set your device mac in Hostnames and addresses in server-manager with a static IP ( or manually configure your device), then you need to Configure Port Forwarding in server-manager to this device.

but basically this is absolutely not necessary and moreover useless for any SIP device, all you need to do is to configure properly authentication and SIP proxy AND STUN server / port.

« Last Edit: October 29, 2012, 08:00:07 PM by unnilennium »

Offline andyjlund

  • 7
  • +0/-0
Re: Opening ports
« Reply #2 on: October 30, 2012, 11:05:12 AM »
Thanks for that.

That is basically what i have already done, but doesn't work.  What is confusing me is that a website that checks for open ports say that the ones i need are closed, but checking a port like 80 is open.  Sipgate say the three ports must be open to get the voice back in (unless they are fobbing me of as skype works a treat)

Thanks
Andy

Offline janet

  • ****
  • 4,812
  • +0/-0
Re: Opening ports
« Reply #3 on: October 30, 2012, 01:46:31 PM »
andyjlund

Quote
Basically i have a SIP phone which uses ports 3478, 5004 and 5060..... I have used port forwarding in the server manager, but no difference.  I have also used a port scanner to see if the ports are open, and it appears that they are not, even though port forwarding has been set up.

You should post here your exact configuration & steps that you use when setting up the port forwarding in server manager, maybe you are making an error.
If the scanner says the ports are closed, then they are likely to be closed, so something is wrong somewhere.
Also give us details of the IP etc for the SIP device.

Do not tell us the theoretical values & settings you believe you should use, tell us exactly what you actually used & tested with.
Please search before asking, an answer may already exist.
The Search & other links to useful information are at top of Forum.

Offline Jean-Philippe Pialasse

  • *
  • 2,746
  • +11/-0
  • aka Unnilennium
    • http://smeserver.pialasse.com
Re: Opening ports
« Reply #4 on: October 30, 2012, 02:57:02 PM »
except for your password and logins ;)

Offline ricks1950

  • *
  • 40
  • +0/-0
Re: Opening ports
« Reply #5 on: October 31, 2012, 04:35:47 PM »
SIP normally will not work over a simple NAT router like SME.  The voice call will set up, but the media transfer will not take place.

This is why:

Media transfer is done using a protocol called RTP, a point to point, low latency UDP protocol.  The information to set this up is sent in the data portion of the SIP packets.  The far end is attempting to communicate with your internal device, using its non-routable, internal address.

The long and short of it is, you have to use a SIP-aware gateway that, using deep packet inspection, grabs the internal address in your SIP packets and subs the outside address of the gateway, and intercepts the incoming RTP packets, rips out the gateway address, and subs your internal address.

This is not a port issue at all.  SIP session set-up works as expected over NAT, but RTP media, in this case voice, will fail.