I understand that we are supposed to forward port 5060 from ITSP's to port 5080 so have set up a separate IP for ITSP's. However, there are some things I am not clear on, as follow.
The requirement is for two IP's so I took advantage and created three SipX servers. uc70.mydomain.com 192.168.1.70 Primary (Trunks) Registered uc71.mydomain.com 192.168.1.71 Secondary (Users) Registered vo80.mydomain.com 192.168.1.80 Voicemail Server (VMware 162) Registered So, on DNS, we'll connect users to uc71 for example and ITSP's are going to connect to uc70. On uc70, we have Sip Trunking, Conferencing, Management and Primary SIP Router enabled. On uc71, we have Conferencing and Redundant SIP Router enabled. It is not clear if we should leave SIP Trunking and Redundant server turned on, on uc71. On vo80, we only have Voicemail. Not clear if we should also use this as a redundant server or not. Have not learned enough to know these parts yet. On the firewall, I have ITSP's only, incoming port 5060 from ITSP translated to port 5080 so that sipxbridge can receive the information. This is pointing to uc70. On outgoing, it goes back to the ITSP over port 5060. It is not clear however if this needs to be both TCP and UDP? Some of the ITSP's require that 0-65535 UDP ports be opened so that they can provide us the trunks. So what I did was to create a set of policies on the firewall which does the following; So, I created the following service; UDP src port: 0-65535, dst port: 0-5059 UDP src port: 0-65535, dst port: 5061-5079 UDP src port: 0-65535, dst port: 5081-65535 We did see it working to the point of having calls and audio both ways incoming and calls and audio one way outgoing, or maybe it was the reverse. And for users, a second IP is used which does only the users phones; TCP src port: 0-65535, dst port: 5060-5060 UDP src port: 0-65535, dst port: 5060-5060 UDP src port: 0-65535, dst port: 30000-31000 This is pointing to uc71 only. Aside from the questions above... After an ITSP initially communicates with us over port 5060>5080 to establish the SIP Trunks, does it then continue to use this port forwarding for anything else, keep alives, etc, that might conflict with their requiring ports 5060 for anything else? This is also why I'm wondering if this should only be TCP because once the 5060 connection takes place, the RTP is going to be over UDP, therefore, there would be no conflict. Sure would appreciate some input and sure as heck I'm explaining this correctly :). Mike _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users sipXecs IP PBX -- http://www.sipfoundry.org/
