Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


aw

aw

273 posts

Ultimate Geek


#155962 14-Nov-2014 14:46
Send private message

I have the following setup:


Internet <-> VDSL <-> WxC MP264 router with DMZ enabled <-> Desktop PC running Wireshark and 2x bridged LAN for testing this issue <-> pfSense Firewall <-> Asterisk Box

Using OpenVFX.

Starting today, I'm getting this weird behaviour where the MP264 appears not to be passing RTP packets, and despite its VoIP not being provisioned, it sends out bad REGISTER packets to pan.wxnz.net, who then replies with "404 not found" which ends up going to my Asterisk box - these keep coming in:

 

'CE{<9SwXSIP/2.0 404 Not found

 

From: <sip:0000000001@pan.wxnz.net>;tag=826220-3a1c9f21-13c4-50029-1e60c35-3e2c1861-1e60c35

 

To: <sip:0000000001@pan.wxnz.net>;tag=1528941087-1415929491340

 

Call-ID: 834270-3a1c9f21-13c4-50029-1e60c35-636e1493-1e60c35

 

CSeq: 1 REGISTER

 

Via: SIP/2.0/UDP 192.168.3.3:5060;branch=z9hG4bK-1e60c35-6a9fb008-51d2e9f;rport=5060

 

Content-Length: 0

 



I think this is happening because where I'm packet-sniffing to try to fault-find this, I'm seeing "404 Not Found" replies continually come in from pan.wxnz.net to the Asterisk box despite no outbound traffic, ie even when Asterisk is stopped. This issue persists across reboots. This is in addition to an issue I sporadically have where the MP264 stops forwarding SIP (5060) traffic too, although that is usually solved with a reboot.

I'm trying to diagnose the issue using a remote extension as follows:

Blink softphone and Wireshark on laptop <-> 3G* <-> Internet <-> VDSL <-> WxC MP264 router with DMZ enabled <-> Wireshark <-> pfSense Firewall <-> Asterisk Box

* same on either 3G and via other the UFB internet connection at my office - both used to work until today.

I see the RTP packets going out fine on 3G and all specified vs actual ports look correct, but those same RTP packets are *not* seen on my home network at the other end - unexpected, as with DMZ switched on everything should be forwarded from the MP264 to the pfSense firewall so the intercepting PC running Wireshark should be seeing something...

Any ideas? Any help much appreciated.

Thanks,

Andrew

Filter this topic showing only the reply marked as answer Create new topic
RunningMan
6139 posts

Uber Geek


  #1176182 15-Nov-2014 07:40
Send private message

If you are not using the VoIP stack in the MP264, why not just replace it with a Draytek 130 straight to the pfSense box?

aw

aw

273 posts

Ultimate Geek


  #1177365 17-Nov-2014 14:22
Send private message

Originally I got it free because I was a VDSL test customer. Might look into replacing it if I don't hear anything. I tried Xnet support but because it involves OpenVFX they just directed me here (the first time that's happened too).

 
 
 
 


RunningMan
6139 posts

Uber Geek


  #1177368 17-Nov-2014 14:30
Send private message

It's fairly normal for an all-in-one device to direct SIP / RTP traffic to it's built in VoIP stack - can you set up the MP264 in a full bridge mode and do the authentication from your firewall?

aw

aw

273 posts

Ultimate Geek


  #1177387 17-Nov-2014 14:53
Send private message

Ok turned off all ALG stuff on the MP264 (hard to find: go to Security > Advanced Filtering > untick anything ALG related.

sbiddle
29277 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  #1177389 17-Nov-2014 15:00
Send private message

The first thing to do on any router when you plan to use VoIP is look for a SIP ALG / SIP transformations and disable it.


grudge
266 posts

Ultimate Geek


  #1177728 18-Nov-2014 08:24
Send private message

RunningMan: It's fairly normal for an all-in-one device to direct SIP / RTP traffic to it's built in VoIP stack - can you set up the MP264 in a full bridge mode and do the authentication from your firewall?


While this is achievable, it also means that the phone lines on the mp264 will not function while in full bridge mode.

RunningMan
6139 posts

Uber Geek


  #1178030 18-Nov-2014 16:24
Send private message

grudge:
RunningMan: It's fairly normal for an all-in-one device to direct SIP / RTP traffic to it's built in VoIP stack - can you set up the MP264 in a full bridge mode and do the authentication from your firewall?


While this is achievable, it also means that the phone lines on the mp264 will not function while in full bridge mode.


Fairly sure that the OP is using an Asterisk box, so bypassing the phone lines on the MP264 may be exactly what it trying to be achieved. Certainly not what the average user would want though ;-)

 
 
 
 


aw

aw

273 posts

Ultimate Geek


  #1178089 18-Nov-2014 19:42
Send private message

Yeah turning off the various ALGs on the MP264 was easy once I knew where it was. Finding those settings is the hard part, with the MP264 not having much Googlable information about it.

Might give full bridge mode a try (again, just have to find it!!) While all the other issues are now resolved, the Asterisk box keeps receiving unsolicited 404 Not Found SIP responses for requests to register sip:0000000001@pan.wxnz.net, probably in response to outgoing requests from the MP264. I get about half a dozen of these every minute.

Filter this topic showing only the reply marked as answer Create new topic





News »

Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS16211+
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13


Teletrac Navman launches integrated multi-camera solution for transport and logistics industry
Posted 8-Oct-2020 10:57


Farmside hits 10,000 RBI customers
Posted 7-Oct-2020 15:32


NordVPN starts deploying colocated servers
Posted 7-Oct-2020 09:00


Google introduces Nest Wifi routers in New Zealand
Posted 7-Oct-2020 05:00


Orcon to bundle Google Nest Wifi router with new accounts
Posted 7-Oct-2020 05:00


Epay and Centrapay partner to create digital gift cards
Posted 2-Oct-2020 17:34


Inseego launches 5G MiFi M2000 mobile hotspot
Posted 2-Oct-2020 14:53









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.