Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > UK VOIP > Router settings with VoIP - any explanatory documentation?

Reply
Thread Tools

Router settings with VoIP - any explanatory documentation?

 
 
Ed
Guest
Posts: n/a
 
      07-11-2005
When I first started to use a softphone (X-lite) with VoIP, I was told
that my router needed to be set with particular parameters to get it
to work. The parameters I was told to use were:
SIP port 5060
RTPLang port 5004
Voice, ports 8000..8012
STUN, port 3478

This mean that I had to ditch dhcp and set my PC to a fixed IP
address. Although my set-up works with X-lite, I got no explanation as
to just as to what exactly all these parameters mean and why there are
necessary. The problem now is that I have added an ATA in addition to
my softphone and I heed to know if I need to set up yet another set of
parameters to handle my ATA. As I have no documentation whatever, the
whole process is a black art to me. Can someone please point me to
some documentation showing me what exactly all these parameters are
and how to use them. Do I have to go through the same pain with my
ATA?
 
Reply With Quote
 
 
 
 
Tony
Guest
Posts: n/a
 
      07-11-2005

"Ed" <a.@.invalid> wrote in message
news:1121112865.3c626b862f27123b1918ff40db8abde9@t eranews...
> When I first started to use a softphone (X-lite) with VoIP, I was told
> that my router needed to be set with particular parameters to get it
> to work. The parameters I was told to use were:
> SIP port 5060
> RTPLang port 5004
> Voice, ports 8000..8012
> STUN, port 3478
>
> This mean that I had to ditch dhcp and set my PC to a fixed IP
> address.


Why? Hasn't your modem/router got an option to reserve IP addresses? Most
have an option under DHCP to reserve IP addresses for certain
devices/computers etc.

Although my set-up works with X-lite, I got no explanation as
> to just as to what exactly all these parameters mean and why there are
> necessary. The problem now is that I have added an ATA in addition to
> my softphone and I heed to know if I need to set up yet another set of
> parameters to handle my ATA. As I have no documentation whatever, the
> whole process is a black art to me. Can someone please point me to
> some documentation showing me what exactly all these parameters are
> and how to use them. Do I have to go through the same pain with my
> ATA?


If you have an modem/router with DMZ, just enter the IP address of the ATA
into the DMZ option of the modem/router
That will open up all ports to the ATA's IP address and you will be fine.

Tony




 
Reply With Quote
 
 
 
 
Ed
Guest
Posts: n/a
 
      07-11-2005
On Mon, 11 Jul 2005 21:29:51 +0100, Tony wrote:

>
>"Ed" <a.@.invalid> wrote in message
>news:1121112865.3c626b862f27123b1918ff40db8abde9@ teranews...
>> When I first started to use a softphone (X-lite) with VoIP, I was told
>> that my router needed to be set with particular parameters to get it
>> to work. The parameters I was told to use were:
>> SIP port 5060
>> RTPLang port 5004
>> Voice, ports 8000..8012
>> STUN, port 3478
>>
>> This mean that I had to ditch dhcp and set my PC to a fixed IP
>> address.

>
>Why? Hasn't your modem/router got an option to reserve IP addresses? Most
>have an option under DHCP to reserve IP addresses for certain
>devices/computers etc.


Sure, so as I've said, I've had to ditch dhcp for my PC and go through
the pain of setting up a static IP address.

>If you have an modem/router with DMZ, just enter the IP address of the ATA
>into the DMZ option of the modem/router
>That will open up all ports to the ATA's IP address and you will be fine.


I don't have DMZ.

In any case, I'm not looking for a quick answer like that. As
explained, I'm looking to find out what the following parameters mean
and how they're used:.

SIP port 5060
RTPLang port 5004
Voice, ports 8000..8012
STUN, port 3478

Can you refer me to some documentation that explains these? That's the
only way I will learn about setting up the parameters.


 
Reply With Quote
 
Tony
Guest
Posts: n/a
 
      07-11-2005

"Ed" <a.@.invalid> wrote in message
news:1121115066.4539bb9570ccb08425d5ddd18f52156e@t eranews...
> On Mon, 11 Jul 2005 21:29:51 +0100, Tony wrote:
>
>>
>>"Ed" <a.@.invalid> wrote in message
>>news:1121112865.3c626b862f27123b1918ff40db8abde9 @teranews...
>>> When I first started to use a softphone (X-lite) with VoIP, I was told
>>> that my router needed to be set with particular parameters to get it
>>> to work. The parameters I was told to use were:
>>> SIP port 5060
>>> RTPLang port 5004
>>> Voice, ports 8000..8012
>>> STUN, port 3478
>>>
>>> This mean that I had to ditch dhcp and set my PC to a fixed IP
>>> address.

>>
>>Why? Hasn't your modem/router got an option to reserve IP addresses?
>>Most
>>have an option under DHCP to reserve IP addresses for certain
>>devices/computers etc.

>
> Sure, so as I've said, I've had to ditch dhcp for my PC and go through
> the pain of setting up a static IP address.
>
>>If you have an modem/router with DMZ, just enter the IP address of the ATA
>>into the DMZ option of the modem/router
>>That will open up all ports to the ATA's IP address and you will be fine.

>
> I don't have DMZ.
>
> In any case, I'm not looking for a quick answer like that. As
> explained, I'm looking to find out what the following parameters mean
> and how they're used:.
>
> SIP port 5060
> RTPLang port 5004
> Voice, ports 8000..8012
> STUN, port 3478
>
> Can you refer me to some documentation that explains these? That's the
> only way I will learn about setting up the parameters.


>

Port 5060 is the SIP (Session Initiation Protocol) control port. This is
used for connecting to the SIP proxy server. This communicates with the
provider and then It opens other ports for the streams of voice data
(commonly ports in the range of either 8000-8012 or 16348-32768 provider
dependant) Service suppliers and/or devices differ in their choice of port
ranges to use for the voice streams, these are the high numbered ones
normally.

Port 5004 is used for SIP signalling, this is used to start the handshaking
procedure and define the ports which are to be used for the carriage of
voice data once the session is started.

Ports 8000-8012 These ports are used to carry the voice data by some
providers, technically known as RTP (Real-time Transport Protocol), and RTCP
(Real-time Control Protocol) multimedia streaming ports.

Ports 16348-32768 UDP These ports are used to carry the voice data by some
providers, technically known as RTP, and RTCP multimedia streaming (again
they are provider dependant)

Ports 3478 and 3479 STUN service; (Port 10000 UDP is also used by some
providers for the STUN)

The STUN server ((S)imple (T)raversal of (U)DP through (N)ATs), along with
help of the proxy/registrar at your SIP provider should normally do
everything else for you. Basically STUN enables a device to find out its
public IP address and the type of NAT service its sitting behind. The
problems in STUN have to do with the lack of standardized behaviors and
controls in NATs. The result of this lack of standardization has been a
proliferation of devices whose behavior is highly unpredictable, extremely
variable, and uncontrollable. STUN does the best it can in such a hostile
environment. Ultimately, the solution is to make the environment less
hostile, and to introduce controls and standardized behaviors into NAT.
However, until such time as that happens, STUN provides a good short term
solution given the terrible conditions under which it is forced to operate.

The best way to discover what ports your provider uses, is to define these
port ranges above into your modem/router firewall rules (services) and then
keep a watch of the log files to see which ports are active (being logged)
during a session of service use.

The use of a DMZ server, means you don't need to worry about opening any
ports individually, as the DMZ opens up all ports to the IP address of the
ATA unit only, ensuring that whatever ports your provider uses, they will be
open to the ATA only. This is a quick way of ensuring the needed ports are
open for cummunication to the internet.

I hope that makes things a bit clearer Ed.

Tony


 
Reply With Quote
 
Paul D.Smith
Guest
Posts: n/a
 
      07-12-2005
You've been told wrong. If you're using STUN and a proxy server (and most
SIP service providers do), then you should not need to change ANYTHING on
your router.

Paul DS.


 
Reply With Quote
 
Tony
Guest
Posts: n/a
 
      07-12-2005

"Paul D.Smith" <(E-Mail Removed)> wrote in message
news:42d3ccb3$0$6484$(E-Mail Removed) et...
> You've been told wrong. If you're using STUN and a proxy server (and most
> SIP service providers do), then you should not need to change ANYTHING on
> your router.
>
> Paul DS.
>


It did clearly say in my post:

The STUN server ((S)imple (T)raversal of (U)DP through (N)ATs), along with
help of the proxy/registrar at your SIP provider should normally do
everything else for you.

This pretty much covers what you commented about.

It was 'Ed' who wanted the more in-depth description for the ports etc.

Was it any good for you Ed?



 
Reply With Quote
 
Ed
Guest
Posts: n/a
 
      07-12-2005
On Tue, 12 Jul 2005 19:33:59 +0100, Tony wrote:

>Was it any good for you Ed?


Yes Tony, it certainly helped to make things a little clearer. Thanks
to your explanation and doing a bit further reading elsewhere, I've
now got my ATA fully (fingers crossed) working for 2 lines! Phew what
a palaver getting all those scores of optional parameters set.

A few queries:

These names (like "RTPLang" or "Voice") I was told to use in my router
configuration, I had assumed they were some kind of reserved names for
particular functions. I'm beginning now to think they're not reserved
names but I can use whatever name for these services that I like, as
long as I can understand them. Is that right?

Then regarding DMZ, which my router doesn't have as an option. From my
reading of DMZ is nothing more than a particular device with an IP
address on my LAN which has all ports open. If so, can I not achieve
the identical thing to DMZ by just defining all ports on that IP
address as open? Is there anything else that the "proper" DMZ function
does which is over an above my simply opening all ports on that IP
address?

Finally relating to STUN. That is configured on my ATA (which has 2
lines) as a global parameter rather than as a parameter per line. I
find that a bit confusing, since my 2 lines are attached to 2 totally
different providers. From your explanation it seems that STUN is a
provider-specific facility so I would have assumed that I would put a
separate parameter in for each line.
 
Reply With Quote
 
Paul D.Smith
Guest
Posts: n/a
 
      07-13-2005
Tony,

You're talking about configuring DMZs and hard-coded IP addresses in your
original post, neither of which should be required. For example, a fully
hardened router (all inbound ports closed, no DMZ, DHCP addresses etc.) will
still work completely with a STUN enabled ATA/softphoine without any
configuration changes at all.

Paul DS.


 
Reply With Quote
 
Paul D.Smith
Guest
Posts: n/a
 
      07-13-2005
Tony may disagree (see our earlier exchanges) but see below...

Paul DS

"Ed" <a.@.invalid> wrote in message
news:1121203776.26690ab196d5cb1c0ebc59bc7efd462d@t eranews...
> On Tue, 12 Jul 2005 19:33:59 +0100, Tony wrote:
>
> >Was it any good for you Ed?

>
> Yes Tony, it certainly helped to make things a little clearer. Thanks
> to your explanation and doing a bit further reading elsewhere, I've
> now got my ATA fully (fingers crossed) working for 2 lines! Phew what
> a palaver getting all those scores of optional parameters set.
>
> A few queries:
>
> These names (like "RTPLang" or "Voice") I was told to use in my router
> configuration, I had assumed they were some kind of reserved names for
> particular functions. I'm beginning now to think they're not reserved
> names but I can use whatever name for these services that I like, as
> long as I can understand them. Is that right?
>


PDS> Probably but for SIP with STUN you can ignore these. Services such as
Yahoo Messenger and MS Messenger need you to open various holes through your
security (i.e. open ports on your router) which is exactly why I don't use
them. SIP does not require you do anything like this.

> Then regarding DMZ, which my router doesn't have as an option. From my
> reading of DMZ is nothing more than a particular device with an IP
> address on my LAN which has all ports open. If so, can I not achieve
> the identical thing to DMZ by just defining all ports on that IP
> address as open? Is there anything else that the "proper" DMZ function
> does which is over an above my simply opening all ports on that IP
> address?
>


PDS> A DMZ usually an area between a weakened firewall (to the outside) and
a fully hardened firewall (to your internal network) where servers such as
mail or web servers are placed. They have to be in a weakened area because
you have to allow people from the outside world to get to them, but you
don't want these same people into your internal LAN.

So you can do something like...

Internet -- weak firewall -- DMZ -- strong firewall -- Internal network

On the weak firewall you open whatever ports you need to direct traffic to
the machines located in the DMZ.

Now there is sometimes a "DMZ options" which basically says "unless told
otherwise, an inbound connection is sent to this specific machine. This is
fine apart from one problem. If your "DMZ machine" is a WinDoze machine,
odds are it can be compromised and unless it is separated from your internal
network by a good firewall, the WinDoze machine can sometimes be used to
relay attacks to your internal network.

So, the strong firewall is really required although with careful
configuration you might be able to get away with using a software firewall
such as ZoneAlarm _PROVIDING_ you mark the DMZ machine as "I wouldn't trust
it as far as I could throw it"!

Bottom line though - you don't need a DMZ or any specially opened ports.

> Finally relating to STUN. That is configured on my ATA (which has 2
> lines) as a global parameter rather than as a parameter per line. I
> find that a bit confusing, since my 2 lines are attached to 2 totally
> different providers. From your explanation it seems that STUN is a
> provider-specific facility so I would have assumed that I would put a
> separate parameter in for each line.


PDS> I _think_ (and I have to read some more on STUN) that you should be OK.
My understanding is that a STUN server allows your client to find out
answers to "I'm behind a NAT, but what does the outside world think my IP
address is"? The answer won't change between the two SIP service providers
so a single STUN server _might_ be able to satisfy both.


 
Reply With Quote
 
Ivor Jones
Guest
Posts: n/a
 
      07-13-2005
Paul D.Smith wrote:
> Tony,
>
> You're talking about configuring DMZs and hard-coded IP addresses
> in your original post, neither of which should be required. For
> example, a fully hardened router (all inbound ports closed, no DMZ,
> DHCP addresses etc.) will still work completely with a STUN enabled
> ATA/softphoine without any configuration changes at all.


In theory yes, in practice not always. I have a Sipura 2000 that flatly
refuses to connect without DMZ set.

Ivor


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
OT self explanatory Consultant MCSE 2 12-30-2003 05:14 PM
Self explanatory Consultant MCSE 0 12-18-2003 04:10 PM



Advertisments