Norman Zhang <[EMAIL PROTECTED]> writes: > May I ask what ports are necessary for SIP communication through a > firewall? I read somewhere that UDP/5060 alone is enough. Some > recommends more ports to be opened for RTP.
For outgoing call establishment, you must pass traffic out from your device to UDP port 5060 on the target address, or, if you need to be able to call any system, UDP port 5060 on any address. For incoming call establishment, you likewise need to allow your communication partners (or the world at large) to reach your UDP port 5060. Then, there's RTP. The RTP communication will be set up between a UDP port on each system, the numbers of which are determined at run time. Since both ends will start transmitting RTP packets, and each sends *to* the port that the other sends *from*, all that's needed is that your firewall allows outgoing UDP traffic from your SIP device to your communication partners (or the world), and "keeps state", as it is known in the parlance, so that packets coming back in from the address and port you're sending to will be allowed through. My home firewall allows my Asterisk PBX to send any UDP traffic to anyone, and keeps state, so they can answer. It also specifically allows anyone to connect to UDP port 5060 on the PBX. -tih -- Tom Ivar Helbekkmo, Senior System Administrator, EUnet Norway Hosting www.eunet.no T +47-22092958 M +47-93013940 F +47-22092901 FWD 484145 _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
