Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




35 posts

Geek


# 175671 7-Jul-2015 20:56
Send private message

We have a Linksys Pap2t hooked up to a DD-WRT router, which is performing nat, which is in turned hooked up to a Ubiquity radio (from our ISP). I know that the radio is performing NAT aswell, and isn't forwarding any ports by default.
The PAP2t is being provisioned by http://voipzone.co.nz/spaconfig.cfg

The issue we have is that when we receive a call, most times, the first time they call, we can not hear anything (they can hear us fine), however, if they hang up, and call right back, then the call works fine.

This was working fine a while ago when we had a Trango that was in bridging mode instead of the Ubiquity radio doing NAT, we're not 100% sure, but we think that coincides with when the problem started.

I should be able to get some ports opened up on the radio, and the DD-WRT router if I wanted to do port forwarding (if that would help).

What do people suggest I do to test, verify, or help track down this annoying issue.

Cheers 

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
27877 posts

Uber Geek
+1 received by user: 7371

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 1338914 7-Jul-2015 21:28
Send private message

One way calling is caused by NAT issues 99.9% of the time. Double NAT will always typically break VoIP.





35 posts

Geek


  # 1338915 7-Jul-2015 21:31
Send private message

Why does it work though if they call straight back?

 
 
 
 


27877 posts

Uber Geek
+1 received by user: 7371

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 1338921 7-Jul-2015 21:41
Send private message

Probably a NAT pinhole in place allowing it. Without a full SIP debug it's not really possible to know exactly why.






35 posts

Geek


  # 1338943 7-Jul-2015 22:23
Send private message

If I could get port forwarding on the Ubiquity radio, and on the DD-WRT router, would that more than likely solve the issue, if so, what ports would I need for WXC's service, from my reading I see that for SIP it would be 5060 and 5061 (UDP), but what is the port range for RTP?

Thanks



Mr Snotty
8672 posts

Uber Geek
+1 received by user: 4563

Moderator
Trusted
Lifetime subscriber

  # 1338954 7-Jul-2015 23:00
Send private message

I wouldn't recommend simply forwarding ports - it can come with several consequences if you don't have a properly secured device.

Off the top of my head the Ubiquiti radio won't be running NAT - it'll be the device on the other end. If you simply get private IP addresses from the radio I'd start with disabling the routing functions on your AP so it passes over the DHCP from the ISP itself. Some routers also have SIP-ALG enabled that can in some cases cause voice issues, check if your router has this and try turning it off.






35 posts

Geek


  # 1338996 8-Jul-2015 07:28
Send private message

DD-wrt has the SPI firewall enabled, and currently the only other ports are being forwarded are SSH and HTTP.

I was present when the ubiquity kit was installed, and I can confirm it is doing NAT. It's external IP is 202.x.x.x and it's internal address is 192.168.5.1 and my router was modified to have the external IP address of 192.168.5.2, and allocates DHCP addresses on my LAN in the 10.0.1.x range.

I must admit I'm not overly keen on changing the router function to that of just a switch, and moving DHCP, and firewall etc to the ubiquity device as I have no control over the device.

Unfortunately the PaP2t is over 200m from the ubiquity kit, the ddwrt is co-located with the radio though...the joys of broadband in rural Wairarapa, so I couldn't have a switch between the radio and the router and put the pAp2t off that...
Hm, that has me thinking, I might be able to do it by installing a switch at the radio, this will enable me to hook up both wifi bridges to my house and the neighbours (I give free broadband to an elderly couple who can't get adsl), then at my house on the other end of the wifi bridge, the IP address will still be on the 192.168.5 range, and at which point I could have another switch, and run the pap2t off that and it will be in the single natted range. If I still wanted to I could then have the ddwrt box and then my internal network.

How secure am I hiding behind a ubiquity device with NAT enabled? For the last 15 years I've always had control of my firewall, and passing it off just seems odd, but then for that period, I've always just had a device that has a internet visible IP address to look after.

I might try that tomorrow during my day off.

Thanks.

27877 posts

Uber Geek
+1 received by user: 7371

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 1338997 8-Jul-2015 07:29
Send private message

Port forwards should never ever be used with VoIP unless you're fully aware of the consequences. They also won't necessarily solve the problem. As I said without a full SIP debug it's not possible to know the exact cause, but it sounds very much like double NAT. The typical issue with double NAT is that SIP headers end up with the wrong IP address when double NAT occurs so can't be correctly routed.

The first question if why you have a double NAT setup. If this is what your ISP requires by default it's an extremely sub optimal setup.


 
 
 
 




35 posts

Geek


  # 1338999 8-Jul-2015 07:35
Send private message

The reason for double NAT is that my ISP had a bridged network and they are now switching to a routed network, and are allocating all the consumer side equipment to have private addresses instead of the public address. Because I had a personal router configured from before this change, I ended up with double NAT, ( my neighbours who also get broadband off my link) have ended up with triple NAT!!)
In my last post I think I have worked out how to reorganise the network to remove the double NAT for the PAP2t device, and I might just abandon my router altogether based on advice here.

3594 posts

Uber Geek
+1 received by user: 79

Trusted
WorldxChange

  # 1339004 8-Jul-2015 07:45
Send private message

Mr Bibble will be right .. the nat isn't so much the problem its the pinhole being opened, this will occur when your device makes an outbound registration or make a call.

What is happening is that that outbound traffic opens a pin hole to allow sip traffic to work in both directions, what is then  happening after a period of time the pinhole is closed and inbound sip traffic is getting blocked, this is an issue for UDP traffic , TCP shouldn't be a problem as it will keep the connection open

What is your registration timer set to ?





Yes I am a employee of WxC (My Profile) ... but I do have my own opinions as well Wink

             

https://www.facebook.com/wxccommunications



35 posts

Geek


  # 1339013 8-Jul-2015 07:58
Send private message

The "registration expires" is set to 3600.

3594 posts

Uber Geek
+1 received by user: 79

Trusted
WorldxChange

  # 1339019 8-Jul-2015 08:05
Send private message

try setting this to 180




Yes I am a employee of WxC (My Profile) ... but I do have my own opinions as well Wink

             

https://www.facebook.com/wxccommunications



35 posts

Geek


  # 1339026 8-Jul-2015 08:21
Send private message

All done, I'll get my wife to call me later this morning to test it.... Certainly will be easier than rearranging the hardware!



35 posts

Geek


# 1339076 8-Jul-2015 09:15
Send private message

Well, we've received one phone call already, and audio was both ways.  Looking good (well with a sample size of 1 anyway ;-) )

3594 posts

Uber Geek
+1 received by user: 79

Trusted
WorldxChange

  # 1339079 8-Jul-2015 09:16
Send private message

well i wont say anything until you have done a few then wink




Yes I am a employee of WxC (My Profile) ... but I do have my own opinions as well Wink

             

https://www.facebook.com/wxccommunications

k14

587 posts

Ultimate Geek
+1 received by user: 76


  # 1339114 8-Jul-2015 09:49
Send private message

Funny you should say this. I have a PAP2T running on slingshot voip and have the same exact thing. I don't have any double NAT settings (well I don't think I do anyway) but quite often if I call someone I can hear them but they can't hear me, call back and all good. I have always blamed slingshot but maybe it is the PAP2T or router? I will see if changing the registration expires field to 180 does anything. We so infrequently use the phone that it never really has bothered me much.

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Anyone can broadcast with Kordia Pop Up TV
Posted 13-Jun-2019 10:51


Volvo and Uber present production vehicle ready for self-driving
Posted 13-Jun-2019 10:47


100,000 customers connected to fibre broadband network through Enable
Posted 13-Jun-2019 10:35


5G uptake even faster than expected
Posted 12-Jun-2019 10:01


Xbox showcases 60 anticipated games
Posted 10-Jun-2019 20:24


Trend Micro Turns Public Hotspots into Secure Networks with WiFi Protection for Mobile Devices
Posted 5-Jun-2019 13:24


Bold UK spinoff for beauty software company Flossie
Posted 2-Jun-2019 14:10


Amazon Introduces Echo Show 5
Posted 1-Jun-2019 15:32


Epson launches new 4K Pro-UHD projector technology
Posted 1-Jun-2019 15:26


Lenovo and Qualcomm unveil first 5G PC called Project Limitless
Posted 28-May-2019 20:23


Intel introduces new 10th Gen Intel Core Processors and Project Athena
Posted 28-May-2019 19:28


Orcon first to trial residential 10Gbps broadband
Posted 28-May-2019 11:20


Video game market in New Zealand passes half billion dollar mark
Posted 24-May-2019 16:15


WLG-X festival to celebrate creativity and innovation
Posted 22-May-2019 17:53


HPE to acquire supercomputing leader Cray
Posted 20-May-2019 11:07



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.