Solving port blocking issue @ softphone
Experts, I have a customer who travels a lot and uses our softphone offering, I need a solution to overcome the situations when the port 5060 is blocked. Is there any work around to solve the port blocking problems? We use standard 5060 on the SBC and my switch vendor is Broadsoft. Thanks for all the help and advices, Feby Francis
If the port cannot be changed try going with transport type tcp instead of udp on the Softphone , if possible. Some firewalls dont police TCP like the UDP - for sip Ujjval K
On Jun 26, 2014, at 8:34 AM, "Feby Francis" <feby.francis at crosstel.com> wrote:
<image001.gif> Experts,
I have a customer who travels a lot and uses our softphone offering, I need a solution to overcome the situations when the port 5060 is blocked.
Is there any work around to solve the port blocking problems? We use standard 5060 on the SBC and my switch vendor is Broadsoft.
Thanks for all the help and advices, Feby Francis
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
I added port 8060 to my SBC config and have the customer connect to either 5060 or 8060. Port 8060 will by pass a SIP ALG. My SBC (Acme Packet) still communicated to Broadsoft on 5060. It is an easy change to the acme sip-interface config sip-interface state enabled realm-id accessBWORKS description sip-port address A.B.C.D port 5060 transport-protocol UDP tls-profile allow-anonymous registered ims-aka-profile sip-port address A.B.C.D port 5060 transport-protocol TCP tls-profile allow-anonymous registered ims-aka-profile sip-port address A.B.C.D port 8060 transport-protocol UDP tls-profile allow-anonymous registered ims-aka-profile [?] -- Matthew S. Crocker President Crocker Communications, Inc. PO BOX 710 Greenfield, MA 01302-0710 E: matthew at crocker.com P: (413) 746-2760 F: (413) 746-3704 W: http://www.crocker.com On Jun 26, 2014, at 10:34 AM, Feby Francis <feby.francis at crosstel.com> wrote:
<image001.gif> Experts,
I have a customer who travels a lot and uses our softphone offering, I need a solution to overcome the situations when the port 5060 is blocked.
Is there any work around to solve the port blocking problems? We use standard 5060 on the SBC and my switch vendor is Broadsoft.
Thanks for all the help and advices, Feby Francis
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
Add 2 or 3 more seemingly random ports for the SBC to listen on. Also add them in TCP. have the softphone use DNS naptr records to order UDP then TCP srv records, and in each SRV record offer the same proxy with different ports. This will cause the softphone to try multiple ports on UDP then multiple ports on TCP until it finds success. If the softphone doesn't support NAPTR, then you can use SRV only but you lose the ability to try different transports. If it doesnt support SRV records, find another softphone. -Ryan On 6/26/2014 7:34 AM, Feby Francis wrote:
Experts,
I have a customer who travels a lot and uses our softphone offering, I need a solution to overcome the situations when the port 5060 is blocked.
Is there any work around to solve the port blocking problems? We use standard 5060 on the SBC and my switch vendor is Broadsoft.
Thanks for all the help and advices,
Feby Francis
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
Do you think "Seemingly random" is really important? I've had good luck with TCP/443 for SIP.
mark at ecg.co +1-229-316-0013 http://ecg.co/lindsey
On Jun 26, 2014, at 11:57 , Ryan Delgrosso <ryandelgrosso at gmail.com> wrote:
Add 2 or 3 more seemingly random ports for the SBC to listen on. Also add them in TCP.
have the softphone use DNS naptr records to order UDP then TCP srv records, and in each SRV record offer the same proxy with different ports. This will cause the softphone to try multiple ports on UDP then multiple ports on TCP until it finds success.
If the softphone doesn't support NAPTR, then you can use SRV only but you lose the ability to try different transports. If it doesnt support SRV records, find another softphone.
-Ryan
On 6/26/2014 7:34 AM, Feby Francis wrote:
<Mail Attachment.gif> Experts,
I have a customer who travels a lot and uses our softphone offering, I need a solution to overcome the situations when the port 5060 is blocked.
Is there any work around to solve the port blocking problems? We use standard 5060 on the SBC and my switch vendor is Broadsoft.
Thanks for all the help and advices, Feby Francis
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
Ditto.. We use TCP/443 without any real issues.. On Thu, Jun 26, 2014 at 10:20 AM, Mark R Lindsey <lindsey at e-c-group.com> wrote:
Do you think "Seemingly random" is really important? I've had good luck with TCP/443 for SIP.
mark at ecg.co +1-229-316-0013 http://ecg.co/lindsey
On Jun 26, 2014, at 11:57 , Ryan Delgrosso <ryandelgrosso at gmail.com> wrote:
Add 2 or 3 more seemingly random ports for the SBC to listen on. Also add them in TCP.
have the softphone use DNS naptr records to order UDP then TCP srv records, and in each SRV record offer the same proxy with different ports. This will cause the softphone to try multiple ports on UDP then multiple ports on TCP until it finds success.
If the softphone doesn't support NAPTR, then you can use SRV only but you lose the ability to try different transports. If it doesnt support SRV records, find another softphone.
-Ryan
On 6/26/2014 7:34 AM, Feby Francis wrote:
<Mail Attachment.gif> Experts,
I have a customer who travels a lot and uses our softphone offering, I need a solution to overcome the situations when the port 5060 is blocked.
Is there any work around to solve the port blocking problems? We use standard 5060 on the SBC and my switch vendor is Broadsoft.
Thanks for all the help and advices, Feby Francis
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
443 for sip over TCP works pretty well, but for UDP i usually just pick a few random port numbers. The more common the more likely you are to get a ALG for another protocol inspecting them and maybe doing silly things. I prefer it to go un-inspected if possible. On 6/26/2014 10:20 AM, Mark R Lindsey wrote:
Do you think "Seemingly random" is really important? I've had good luck with TCP/443 for SIP.
/>>> mark at ecg.co <mailto:mark at ecg.co> +1-229-316-0013 http://ecg.co/lindsey/
On Jun 26, 2014, at 11:57 , Ryan Delgrosso <ryandelgrosso at gmail.com <mailto:ryandelgrosso at gmail.com>> wrote:
Add 2 or 3 more seemingly random ports for the SBC to listen on. Also add them in TCP.
have the softphone use DNS naptr records to order UDP then TCP srv records, and in each SRV record offer the same proxy with different ports. This will cause the softphone to try multiple ports on UDP then multiple ports on TCP until it finds success.
If the softphone doesn't support NAPTR, then you can use SRV only but you lose the ability to try different transports. If it doesnt support SRV records, find another softphone.
-Ryan
On 6/26/2014 7:34 AM, Feby Francis wrote:
<Mail Attachment.gif> Experts, I have a customer who travels a lot and uses our softphone offering, I need a solution to overcome the situations when the port 5060 is blocked. Is there any work around to solve the port blocking problems? We use standard 5060 on the SBC and my switch vendor is Broadsoft. Thanks for all the help and advices, Feby Francis
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org> https://puck.nether.net/mailman/listinfo/voiceops
participants (6)
-
feby.francis@crosstel.com -
jackson.tim@gmail.com -
lindsey@e-c-group.com -
matthew@corp.crocker.com -
ryandelgrosso@gmail.com -
ujjval@simplesignal.com