Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


aw



273 posts

Ultimate Geek


# 155962 14-Nov-2014 14:46
Send private message

I have the following setup:


Internet <-> VDSL <-> WxC MP264 router with DMZ enabled <-> Desktop PC running Wireshark and 2x bridged LAN for testing this issue <-> pfSense Firewall <-> Asterisk Box

Using OpenVFX.

Starting today, I'm getting this weird behaviour where the MP264 appears not to be passing RTP packets, and despite its VoIP not being provisioned, it sends out bad REGISTER packets to pan.wxnz.net, who then replies with "404 not found" which ends up going to my Asterisk box - these keep coming in:

 

'CE{<9SwXSIP/2.0 404 Not found

 

From: <sip:0000000001@pan.wxnz.net>;tag=826220-3a1c9f21-13c4-50029-1e60c35-3e2c1861-1e60c35

 

To: <sip:0000000001@pan.wxnz.net>;tag=1528941087-1415929491340

 

Call-ID: 834270-3a1c9f21-13c4-50029-1e60c35-636e1493-1e60c35

 

CSeq: 1 REGISTER

 

Via: SIP/2.0/UDP 192.168.3.3:5060;branch=z9hG4bK-1e60c35-6a9fb008-51d2e9f;rport=5060

 

Content-Length: 0

 



I think this is happening because where I'm packet-sniffing to try to fault-find this, I'm seeing "404 Not Found" replies continually come in from pan.wxnz.net to the Asterisk box despite no outbound traffic, ie even when Asterisk is stopped. This issue persists across reboots. This is in addition to an issue I sporadically have where the MP264 stops forwarding SIP (5060) traffic too, although that is usually solved with a reboot.

I'm trying to diagnose the issue using a remote extension as follows:

Blink softphone and Wireshark on laptop <-> 3G* <-> Internet <-> VDSL <-> WxC MP264 router with DMZ enabled <-> Wireshark <-> pfSense Firewall <-> Asterisk Box

* same on either 3G and via other the UFB internet connection at my office - both used to work until today.

I see the RTP packets going out fine on 3G and all specified vs actual ports look correct, but those same RTP packets are *not* seen on my home network at the other end - unexpected, as with DMZ switched on everything should be forwarded from the MP264 to the pfSense firewall so the intercepting PC running Wireshark should be seeing something...

Any ideas? Any help much appreciated.

Thanks,

Andrew

Filter this topic showing only the reply marked as answer Create new topic
5595 posts

Uber Geek


  # 1176182 15-Nov-2014 07:40
One person supports this post
Send private message

If you are not using the VoIP stack in the MP264, why not just replace it with a Draytek 130 straight to the pfSense box?

aw



273 posts

Ultimate Geek


  # 1177365 17-Nov-2014 14:22
Send private message

Originally I got it free because I was a VDSL test customer. Might look into replacing it if I don't hear anything. I tried Xnet support but because it involves OpenVFX they just directed me here (the first time that's happened too).

 
 
 
 


5595 posts

Uber Geek


  # 1177368 17-Nov-2014 14:30
Send private message

It's fairly normal for an all-in-one device to direct SIP / RTP traffic to it's built in VoIP stack - can you set up the MP264 in a full bridge mode and do the authentication from your firewall?

aw



273 posts

Ultimate Geek


  # 1177387 17-Nov-2014 14:53
Send private message

Ok turned off all ALG stuff on the MP264 (hard to find: go to Security > Advanced Filtering > untick anything ALG related.

28369 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 1177389 17-Nov-2014 15:00
Send private message

The first thing to do on any router when you plan to use VoIP is look for a SIP ALG / SIP transformations and disable it.


266 posts

Ultimate Geek


  # 1177728 18-Nov-2014 08:24
Send private message

RunningMan: It's fairly normal for an all-in-one device to direct SIP / RTP traffic to it's built in VoIP stack - can you set up the MP264 in a full bridge mode and do the authentication from your firewall?


While this is achievable, it also means that the phone lines on the mp264 will not function while in full bridge mode.

5595 posts

Uber Geek


  # 1178030 18-Nov-2014 16:24
Send private message

grudge:
RunningMan: It's fairly normal for an all-in-one device to direct SIP / RTP traffic to it's built in VoIP stack - can you set up the MP264 in a full bridge mode and do the authentication from your firewall?


While this is achievable, it also means that the phone lines on the mp264 will not function while in full bridge mode.


Fairly sure that the OP is using an Asterisk box, so bypassing the phone lines on the MP264 may be exactly what it trying to be achieved. Certainly not what the average user would want though ;-)

 
 
 
 


aw



273 posts

Ultimate Geek


  # 1178089 18-Nov-2014 19:42
Send private message

Yeah turning off the various ALGs on the MP264 was easy once I knew where it was. Finding those settings is the hard part, with the MP264 not having much Googlable information about it.

Might give full bridge mode a try (again, just have to find it!!) While all the other issues are now resolved, the Asterisk box keeps receiving unsolicited 404 Not Found SIP responses for requests to register sip:0000000001@pan.wxnz.net, probably in response to outgoing requests from the MP264. I get about half a dozen of these every minute.

Filter this topic showing only the reply marked as answer Create new topic



Switch your broadband provider now - compare prices


Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Chorus to launch Hyperfibre service
Posted 18-Nov-2019 15:00


Microsoft launches first Experience Center worldwide for Asia Pacific in Singapore
Posted 13-Nov-2019 13:08


Disney+ comes to LG Smart TVs
Posted 13-Nov-2019 12:55


Spark launches new wireless broadband "Unplan Metro"
Posted 11-Nov-2019 08:19


Malwarebytes overhauls flagship product with new UI, faster engine and lighter footprint
Posted 6-Nov-2019 11:48


CarbonClick launches into Digital Marketplaces
Posted 6-Nov-2019 11:42


Kordia offers Microsoft Azure Peering Service
Posted 6-Nov-2019 11:41


Spark 5G live on Auckland Harbour for Emirates Team New Zealand
Posted 4-Nov-2019 17:30


BNZ and Vodafone partner to boost NZ Tech for SME
Posted 31-Oct-2019 17:14


Nokia 7.2 available in New Zealand
Posted 31-Oct-2019 16:24


2talk launches Microsoft Teams Direct Routing product
Posted 29-Oct-2019 10:35


New Breast Cancer Foundation app puts power in Kiwi women's hands
Posted 25-Oct-2019 16:13


OPPO Reno2 Series lands, alongside hybrid noise-cancelling Wireless Headphones
Posted 24-Oct-2019 15:32


Waikato Data Scientists awarded $13 million from the Government
Posted 24-Oct-2019 15:27


D-Link launches Wave 2 Unified Access Points
Posted 24-Oct-2019 15:07



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.