Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Siproxd configuration with Grandstream HT-502

    Scheduled Pinned Locked Moved pfSense Packages
    3 Posts 2 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rgeddes
      last edited by

      Hello,

      I installed siproxd, and after much futsing with the settings, I got the device to work somewhat, so I have a few questions

      Inbound Interface: LAN
      Outbound Interface: WAN
      Listening Port: 5060
      Enable RTP Proxy: Enable
      RTP Port Range (lower): 5004
      RTP Range Port (upper): 5009
      Enable Fix Bogus Via Networks Plugin: checked
      Bogus Via Networks: 192.168.1.1/24

      With just this setup, I couldn't get the ATA to ring (incoming SIP was blocked).. I assumed siproxd doesn't automatically open the ports on the firewall.

      I allowed 5060 udp incoming and 5004-5009 udp incoming to pass through the firewall

      SIP comes in now… rings the ATA, but RTP is not present (after I pick up the phone, there is no sound)

      Generally, I followed what most posts about configuring siproxd.  Except for I didn't ssee my ATA on the list of "Registered Phones".

      At this point, I thought maybe, the ATA should know about siproxd, and there is a setting in my ATA I hadn't noticed before which was blank, and I pointed that to the pfsense box:

      Outbound Proxy: 192.168.1.1

      Now, my ATA is listed as a "Registered Phone" with some other details.

      I used Google voice to call my ATA and everything seems to work normally.

      When I make an outgoing call, and I capture packets at the WAN, there is SIP invite to my provider (callwithus.com), the response is a 407 Proxy Authentication Required. 
      My system sends a new SIP INVITE with a Proxy-Authorization in the message header, and callwithus responds with SIP 100 trying
      I noticed that in the new SIP INVITE it specifies RTP port 5006... but my ATA listens on 5004.

      To see if I could force siproxd to use RTP port 5004, I changed RTP Range Port (upper): 5005.  Now the second INVITE does specify udp 5004 for rtp, but for some reason, it doesn't get to my ATA... like the proxy doesn't forward the rtp packets

      Is siprxd aware that my ATA listens only on udp port 5004?

      Is there a way of sending the initial INVITE with the correct config info(Proxy-Authorization), instead of forcing the 407 Proxy Authentication Required?

      Thanks,
      Richard

      1 Reply Last reply Reply Quote 0
      • chpalmerC
        chpalmer
        last edited by

        Your ATA connects starting on 5004 (as I found on mine).

        My Siproxd has 5004-5059 as my RTP ports and the ATA works flawlessly.

        Also- Ive never added an outbound proxy.  Though I might try sometime.  I always start everything in order ending with the ATA's if I start from scratch. Siproxd should intercept. If the ATA already has a connection when you start Siproxd, locate all the existing states to your ATA and delete them. Then reboot the ata.

        Yes- you need firewall rules.

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        1 Reply Last reply Reply Quote 0
        • chpalmerC
          chpalmer
          last edited by

          UDP 6x.x8.x2.x 5060 (SIP) WAN address 5060 (SIP) * none        -my provider sip server

          UDP 174.36.46.0/25  *         WAN address 5004 - 5059 * none - where my RTP connects to.

          Triggering snowflakes one by one..
          Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.