UCM 6104 - No voice if External Host is set with IP. Drop after 30 seconds if no IP Set


#1

I have a UCM 6104 for quite some time and when I bought and set it up, everything was working great, however, after a firmware upgrade (I don’t remember the firmware number) the external extensions stoped working. Basically Whenever I made a call from an external extention the calls were muted in both ends, calling from one extension another, or calling external numbers using the my SIP provider. I changed all external extensions to TLS but due to some company policy changes I will have to leave external extensions connect through UDP only.
These are the ports forwarded to UCM
image

All internal extensions are working fine. But whenever I dial from a external extension the call stay muted in both ends.
When I remove my external IP from PBX Setttings< SIP Settings < NAT < External Host the extensions work normally for about 32 seconds and them the call drops, when I add my external IP Address to the option mentioned I face the muted call problem. However when the call is muted but the external IP address is configured, the call doesn’t drop after the 32 seconds…

I wanted to reset the UCM and start from scratch but right now this is not an option. Any ideas of what is causing this issue?
I’ve read in some threads that some people had issues when the Use IP address in SDP check box was checked, I tried on and off with external ip and no external IP and nothing…
this is my UCM INFO
Model

UCM6104 V1.5B
Boot

1.0.18.1

Core

1.0.18.1

Base

1.0.18.12

Lang

1.0.18.12

Program

1.0.18.12

Recovery

1.0.18.1

Thank you in advance.


#2

It is a NAT issue.

When communicating to the UCM, it can only listen to a couple of ports (5060&5061). As you will have to use 5060-UDP, this is the only port for messaging needed at the UCM site. When you input the SIP server address into the phone, it should have been the UCM’s public IP and port XXX.xxx.xxx.xxx:5060. I suspect that the other ports above are the “local sip port” settings in the phone. The RTP ports are also needed, but you might consider closing this down in the UCM and router to lesser range as it will never use all of these.

If each of the remote phones is behind its own firewall, then they can also use 5060 or other common port as well. It is only when you have multiple remote phones behind a common firewall that each phone is best served to use a different local SIP port and RTP port as well.

You will need to have your external Public IP set in NAT as well as the SDP box being checked. This tells the remote extensions how to find the UCM for both the SIP messaging as well as the the RTP streams.

In the UCM extension settings the NAT box should be enabled and the can direct media box set to no.

In the remote phones, you should try STUN for the network NAT traversal first and enable keep alive in the SIP settings.

If you have control of the remote routers, then you can set-up port forwarding to the reserved phone IP and if the remote phones also have the luxury of a static public IP, you can put in their respective public IP in the NAT IP field and disable the STUN setting and change to keep-alive, If they have a static public IP, then this is no different than the UCM having its external host/IP in its NAT setting.

Make sure that the SIP, NAT settings of the UCM that only the local LAN is defined and does not contain any of the remote phones.

You should check your security settings in the UCM, Phone and routers to minimize and SIP scanning activity (ghost calls).

While a stretch, a VPN would eliminate also all of the headaches.


#3

Hi lpnetblett, I’ve double-checked my configs and unfortunately the problem still persists. here is the check list.
1- Closed all ports in the firewall apart from 5060~5061 and 10000~20000 UDP
2- Checked the public ip is set on NAT and checked SDP box.
3 - In the UCM extensions I left the NAT Box enabled and unchecked direct media box
4 - Remote phones were set to STUN for NAT and Keep alive was enabled
5 - Made sure NAT settings on UCM had only my local lan defined (172.x.x.x)

The result is the same, no voice between external extensions, but not 30 second call drop.

Just a few notes, I will eventually reduce the number of RTP ports, I just want to make sure everything works first, I even tried to redirect all the ports from 10000 above to UCM at some point.
Right now I am running tests with soft phones on two mobiles with GS Wave. they are on 4g, so there is no firewall/NAT/Router behind the conection for external extensions.
I agree VPN would solve all the problems, however for the majority of the softphone users, connecting to a VPN on the phone every time they need to make a call or keep an eye to see if the connection is not lost from time to time is just not doable.

Thank you for the help, I will keep trying some different configurations to try making it work.


#4

OK, is SIP ALG/helper in routers disabled?


#5

Did you try disabling Keep-Alive on the extensions? Leaving NAT on.

I had this problem when I first configured my UCM6202 and as soon as I disabled Keep-Alive on the extensions, it started working correctly.

I can’t tell why, but it worked, so maybe giving it a try isn’t a bad idea!


#6

It was enabled, I disabled as a test (keeping both the exxternal IP and SDP check box. Still muted


#7

Hi fmarcox96, did a test just now, unfortunately it didn’t work, but thanks for the suggestion .


#8

Do a network capture at UCM


#9

When upgrading a 61xx series UCM the system will sometimes lose the address set in PBX–SIP–NAT
If this was lost it could easily cause this issue.

It doesn’t sound like this was the case.

When upgrading from very old versions you would have had the NAT checkbox checked on the SIP trunk.
Be sure that is now unchecked and only “use external host in SDP” is checked in PBX–SIP–NAT instead.

as @lpneblett said, a packet capture would be the next step.


#10

This is a remote phone to UCM scenario and the trunk would not be involved to the remote phone.

If the phone is not dropping the call after 30 seconds, then the NAT for the SIP messaging would appear to be correct; otherwise the T1 timer would expire and force the call to drop.

Something somewhere is:

Re-writing the source port packets. What type of router is at both the UCM and remote sides? Are you using a SIP provider or PSTN or ?


#11

I’ve started the network capture and then I called from one external extension to another ( both through 4g, so there is no router in between).
I left the call go for about 1 minute and 20 seconds (as usual no audio with ip set on NAT and SDP box checked).
The UCM is behind a CISCO RV325, dual balance is disabled, only using 1 interface with a FIX external IP address and the ports forwarded to UCM at the moment are 5060~5061 and 10000~20000 UDP

The capture from the UCM is below


#12

The ports are being re-written. It appears that both external phones were behind the same router. The router or something in-between is re-writing the source ports. The INVITE that the UCM sees is a source port of 43XXX and I assume that this is not the local port you have set in Zoiper.


#13

Ops, my bad, I didn’t disconnect the phones from the wifi before running the network capture. I will do run it again, nevertheless. the only thing configured in one mobile is the zoiper app with sip to my external IP, protocol UDP on port 5060, the other phone is running grandstream wave with the same settings


#14

If they were on Wi-Fi, then I assume that both cells were using the remote router to get to the Internet and would therefore be subject to however the remote router is set. What make and model router?