VoIP over NAT issues: Ring but no audio; disconnects

cancel
Showing results for 
Search instead for 
Did you mean: 

VoIP over NAT issues: Ring but no audio; disconnects

L1 Bithead

I have our VoIP PBX set up with an IP on our external side via NAT. The policy is a simple static NAT from the internal IP to the external. I also have the correct security policies in place to allow SIP/RTP traffic to pass freely to and from the external IP address. The PBX server can be accessed via HTTP from outside our network, and my cell phone (using BRIA) can successfully register to the PBX.

However, whenever I make a call from outside, it will disconnect after seven (7) seconds when picked up. This happens every time without fail. I have tried tweaking around security policies, enabling application override, and altering the NAT rules.. nothing seems to help.

Can anyone give me suggestions? This setup worked perfectly fine on our old Juniper SRX-240B with the PA-500 in vWire. Ever since I swapped the PA-500 into being our gateway/firewall, it just won't do it.

More information can be provided upon request.

Thanks,

Logan

15 REPLIES 15

Yesterday i have sesion with support from LA and waiting for solusion.

Hi

did u resolve problem

regards


I had the same problem and finally pointed the outside interface of the VOIP PBX to the internet bypassing the PAN. It has a built in firewall that's satisfactory for it's purpose. I created a zone on the PAN to get to he voice subnet for secure management of the VOIP PBX and also to keep the voice subnet off my internel network. It works for now.

L1 Bithead

yes, my problem is resolved. support offered  in my case to use application ovverride for sip application, and it's work.

Not applicable

Hi

I'm experiencing the same problem.  Could you provide details of the application override fix please?

Mine looks like this, but is not working;

AppOver.jpg

The 10. address is our PBX, the 80. address is the remote PBX and the 5. address is our external IP.

Over three hours on the phone to PA support this morning got it sorted.

My applictation override rules were not working, as they were pointing at predefined applications.  Custom Apps for both SIP and RTP were created which then started to allow some RTP through.

We were still getting quite a few calls with no audio (some were coming through).  The PA engineer discovered that this was due to us using the dynamic-ip-and-port option in our outgoing source translation.  Changing this to static-ip fixed it.

Here's what my working setup looks like;

Security Rules;

Security.jpg

NAT Rules;

NAT.jpg

Application Override Rules;

AppOver.jpg

Custom SIP Application;

SIP.jpg

Custom RTP/RTCP Application;

RTP.jpg

Hope this helps anybody experiencing similar problems.  PA have taken a support dump, so may have a more elegant fix at some point.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!