RTP packets sent to remote LAN IP instead of remote WAN IP



I have this problem where there is no audio when calling from remote extension (ata or GS Wave). A packet capture shows RTP packets going to the remote LAN IP address instead of the remote WAN IP address. I have read many threads having the same symptoms and I have tried most configuration scenarios/options, but the problem is still the same.

Right now, my setup looks like this :

Network method : switched (was routed before I gave switched a try)
External host : set
Local network address : set (of course, LAN subnet is different from remote LAN)
NAT on extensions : enabled (tried enabled/disabled)
RTP Ports : 10000-11000

I tried forwarding SIP and RTP ports from the firewall to the UCM but no RTP packets ever get to the firewall. The PBX works fine with local phones and the SIP trunk for external calls works fine as well. Since the PBX is in production, I can’t really mess with the options too much or reset it to factory defaults. This has to be something with the way the call is setup but I just can’t see it ! I tried setting up the external IP parameter on the remote ATA as well, but it didn’t work. The same ATA works flawlessly on an Asterisk PBX.

Thanks !


Ok, nevermind, it is fixed now. If it can help others, my mistake was the nat rules order on my local router. Placing the dst-nat RTP forwarding rule first, before the src-nat masquerading rule, took care of the problem. The router brand is Mikrotik and the sip helper/alg feature is disabled.


if you forward the ports from your firewall to the UCM and on UCM you see that the packets do not arrive it would seem that the firewall is not set correctly.
Rather, it publishes the UCM screens.

n.b.: I advise you not to put public ip on UCM or you will receive continuous external attacks.


resolved posts should be labeled as “resolved”.


Thanks for your input. I love the UCM so far but the only thing I miss is the ability to just ssh into the pbx with total shell access to diagnose problems such as this one. In this particular case, RTP packets were sent from the UCM to the remote extension’s LAN IP, which led me to think that the firewall setup was fine.

Thanks !


You can use syslog for this.


Or do a network capture using the embedded capture tool.