No audio - Incorrect SIP 200 Invite from PBX for remote extension

ip-communications

#1

I have setup a remote extension for a work from home employee. Extension registers fine including presence/status. Calls to/from remote extension ring but no audio. I ran a Wireshark trace and discovered the SIP 200 Invite from PBX for remote extension contains an incorrect SIP200 INVITE IP address doe the PBX. Raised a support ticket with Grandstream… crickets… they closed it 7 weeks later without resolution. :frowning: Hoping the community can help me :slight_smile:

Setup for remote ext is as follows:
UCM6104 <-> Modem/Router <-> Internet <-> Modem/Router <-> GXP1630 (Remote)

Example call progress from Remote Extension to Local LAN Extension:

  1. INVITE (from remote ext to pbx)
  2. 100 TRYING (from pbx to ext)
  3. 180 RINGING (from pbx to remote ext)
  4. 200 OK (from pbx to remote ext)
  • SIP 200 packet contains (wrong?) Contact SIP address (PBX@Private-IP)
  1. Remote Ext attempts to establish RTP session with the PBX@Private-IP, packets are lost (no audio) and the call times-out/fails.

PBX

  • 1.0.18.12 Code Base
  • Private IP 10.1.1.11:5060
  • Public IP XXX.XXX.XXX.XXX:5080
  • 3 x VoIP Trunks (NAT disabled)
  • 0 x Analogue Trunks
  • SIP/NAT Settings
  • External Host address: public_pbx@com.au
  • Use External IP Address in SDP (Enabled)
  • External TCP Port: 5080
  • External UDP Port: 5080
  • External TLS Port: 5081 (not used)

Remote Extension

  • GXP1630
  • XXX.XXX.XXX.XXX:5080
  • NAT Traversal STUN

Router/Modem/Firewall Port mapping

  • TCP/UDP Port 5060->5060 PBX (for ISP VoIP Trunks)
  • TCP/UDP Port 5080->5060 PBX (for Remote Ext)
  • UDP Ports 15000:16000->15000:16000 PBX (for RTP)
  • SIP ALG disabled

Tried various combinations, caused major disruptions in the office and improved by reputation no end! What am I missing?


#2

There are a few items that you may want to consider/check-

If the system is sitting behind a router/firewall, which it appears to be based upon the SIP ALG comment, then run the system in switch mode - Network Settings, method.

Am uncertain if the FQDN is real or not, but you should be able to ping it and it should resolve to your public IP. If there is no need for the FQDN (you have a static IP and no other failover method), then input your public IP. It was not clear to me why a FQDN in the UCM, but a public IP in the phones. Ideally, if using one type (FQDN or IP) , stick with it everywhere.

In the network settings where you have the IP and port, remove the port from the Private IP settings. Keep in mind that the setting here also allows DHCP.

Add the local subnets at the bottom of the SIP Settings, NAT page.

Ignore my other settings as I have a number of PBXs running at the same time behind the same NAT and each uses different ports.

Eliminate the translation in the router of 5080 to 5060.As you already have 5080 set and in use in both the remote and local devices, then just forward 5080 to 5080 and remove 5060 altogether as it is not in use by any device or provider. When you send to the provider, you are sending to their port 5060, but because you set the external port to 5080, they too are using this to reach you just as the phones are using 5080.

What make and model of router?


#3

Thanks for you help Larry. In answer to comments/questions:

  • Router/Firewall - Yes UCM is sitting behind a router/firewall and the UCM is set to switch mode.
  • External Host setting - I have a static Public IP address but using a FQDN pbx.mycompany.com.au for the External Host setting. pbx.mycompany.com.au resolves to the correct IP. Of interest I have previously tried the static Public IP address in the External Host setting. I had the exact same symptoms (no audio) for remote extension to local extension call. But the change from FQDN to a static IP brings on a different problem where the VoIP Trunks fail to register and the business owner gets irate. Returning the External Host setting to the FQDN results in the VoIP trunks registering. Given the FQDN resolves to the static IP address this new issue defies networking logic in my limited experience, but I have not had the system time to resolve and the FQDN works fine.
  • Eliminate the translation in the router of 5080 to 5060 - Sorry my post had a typo in Router/Modem/Firewall Port mappings. Actual is as follows:
  • TCP/UDP Port 5060->5060 PBX (for ISP VoIP Trunks)
  • TCP/UDP Port 5080->5080 PBX (for Remote Extensions)
  • UDP Ports 15000:16000->15000:16000 PBX (for RTP)
    I am using SIP Port 5060 for VoIP Trunk (service provider mandated) and locking it down to the service providers IP address to help prevent hacking attempts on Port 5060, we have been targeted before and this
    measure seems to be effective. For remote extensions, I have opened firewall Port 5080 to the internet, mapped to Port 5080 and forwarded to UCM’s LAN IP address at 10.1.1.11. This combination seems to work just fine for SIP signalling for both internal, external and service provider. I am open to alternatives.
  • Network Settings - The local subnets at the bottom of the SIP Settings, NAT page seem correct. For LAN IP settings I have a static LAN IP with no port specified.
  • Router - I have tried 2 routers, both with the same problem. 1. Technicolor TG789 2. ASUS DSL-AC68U
    The ASUS proved to be unreliable with random internet drops so we are currently using the stable Technicolor.

Any additional commentary welcome.


#4

And in the trunk settings, is NAT checked or unchecked?