View Poll Results: Have you had this problem, or similar?

Voters
3. You may not vote on this poll

  • Yes

    1 33.33%

  • No

    2 66.67%
Results 1 to 10 of 18

Thread: No Ring

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. 12-31-2017 08:11 PM #1
    chpalmer
    chpalmer is offline Senior Member
    Join Date
    Feb 2007
    Location
    Kitsap County, WA.
    Posts
    734

    Default Re: No Ring

    In my commercial routers I never port forward anything. Simply open firewall rules to allow incoming traffic.. But yes.

    SIP can be 5078-5079 from Voipo usually. Mine are all 5060 as that is what Ive asked.

    RTP depends on device. Grandsteam by default starts at 5004. My firewall rules are 5004-5059 (Grandsteam)

    Linksys devices by default are 16384-16482 way overkill. When I have a Linksys/Cisco i mirror these in the firewall.


    In normal operation, a gateway/access point is not in bridge mode. Hence my correct statement.
    If the public IP is on the Calix device then anything behind it is behind NAT. If the Gargoyle device is in standard router mode then it is also a NAT device. Anything behind it is double NAT'd.

    Not sure what I am missing?

    If you look at your Voipo dashboard there is a page that shows connected devices.. https://account.voipo.com/features/devices

    In my case-

    3455551212

    Username:3455551212

    Received:sip:9x.1xx.1xx.1xx:5060

    Contact:sip:3455551212@172.25.125.20:5060;user=pho ne

    Expires:2017-12-31 18:04:04
    User Agent:Grandstream HT-502 V1.2A 1.0.3.10
    Connected To:VOIPo Central



    Notice the Recieved IP address (which Ive obfuscated) is my public IP address. Received however contains my private space IP address. This is in the return SIP header. This is how the Voipo servers know where I am and where my device is behind NAT and why I do not need to port forward to get to them. This is also why I can run more than one ATA on port 5060 on my system. If I port forward 5060 to one ATA I cannot port it to another.

    The reason Voipo and other companies tell you to port forward on a SOHO router is because this also opens up the corresponding firewall rule on that router as there is no way to do it separately. Im not sure if your running into the problem of trying to use more than one ATA or not but figured Id mention it. I do here. Only one of my customers also do.

    When your double NAT'd your device and their servers can get very confused.

    Based on your comment- "The Calix Access Point is the only device on a public IP" Im still assuming that your ATA(s) are double NAT'd.

    I Void Warranties.
    Reply With Quote Reply With Quote
  2. 02-19-2018 01:03 PM #2
    VOIPuser
    VOIPuser is offline Member
    Join Date
    Aug 2017
    Posts
    32

    Default Re: No Ring

    Double NAT increases security.?.
    Reply With Quote Reply With Quote
  3. 02-26-2018 10:56 AM #3
    GreenLantern
    GreenLantern is offline Senior Member
    Join Date
    Jul 2010
    Posts
    369

    Default Re: No Ring

    Quote Originally Posted by VOIPuser View Post
    Double NAT increases security.?.
    No, not really. NAT was created to artificially add more IP addresses, since IPv4 is running out quickly.

    One can argue that NAT adds a layer of "obfuscation" (difficulty by complexity), but NAT is only a trivial obstacle for any hacker that has already penetrated a network to that point.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules