RTP ports firewall confusion

Discussion in 'Windows' started by dsummer, Dec 11, 2010.

Thread Status:
Not open for further replies.
  1. dsummer

    Joined:
    Dec 6, 2010
    Messages:
    13
    Likes Received:
    0
    Hi,

    Pretty new to 3CXPhone and have a question about the RTP ports setting under Preferences. I use 3CXPhone (5.0.14900.0) with 4 external VoIP providers, a mix for inbound and long distance outbound.

    I've always understood that the RTP ports to forward were dependent on the SIP device/agent. In the case of 3CXPhone, they are 40000-40049 UDP by default. This port range is purposely compatible with the 3CX PBX product. But I don't use 3CX, so I simply forward this range in my router firewall, along with 5060-5080 UDP (SIP).

    But according to this blog post (http://blog.cqvoip.net/2010/05/3cxphone-softphone-configuring-it-with.html), the correct RTP ports are dependent on the provider! The blogger says they should be in the range of 10000-20000 UDP. He mentions this is definitely the case for provider Callcentric.

    But in the CC support section, this page (http://www.callcentric.com/faq.php?s_go=1&search=ports&go=Search#226) states that the ports depend on the user agent. It has no mention of a preferred range.

    The reason I ask is because I'm confused and having call quality issues with two providers that I did not have when using Express Talk.

    I even asked the provider Localphone for help and they said just to run the router in DMZ mode or turn off the firewall entirely. I obviously don't want to do that.

    As a side question, do I need to forward the STUN port (3478 UDP) as well?
     
  2. gpsjeff717

    Joined:
    Jun 5, 2008
    Messages:
    31
    Likes Received:
    0
    Hi dsummer,

    I posted the blog article you are referring to.
    I too have the 3CXPhone softphone configured with various VoIP providers direct.
    I use the same RTP ports for all my SIP VoIP providers.
    Because I also use SPA504G and SPA2102 ATA's and IP-Phones on my local network, which by default use RTP ports 16384-16583, then I also set my softphones, including 3CXPhone softphone, to use the RTP port range of 16384-16538.

    I contacted Callcentric support directly in years past to confirm that their servers utilize the RTP port range between 10000-20000. They confirmed this is the range their servers support.

    I use my 3CXPhone softphone behind a WRT54G NAT-Router. I set the WRT54G to Port Trigger on RTP ports 16384-16538.
    As well, I have it Trigger on SIP ports 5060-5070, as well as Triggering on port 3478 for STUN support.

    I also enable QOS on the WRT54G to limit upload bandwidth to something less than my ISP allows.
    When using softphones on laptop or PC using a wireless link to the WRT54G, I enable WMM support for wireless QOS (enabled on both NAT-Router and the wireless device).

    Another tip I learned from having conflicts between my VoIP ATA's, IP-phones, and my softphones is to set the 3CXPhone softphone to use a specific SIP port that is not being used by the ATA's or IP-Phone. For example, I currently have my 3CXPhone set to use SIP port 5067 only... and it is working fine with ALL my different SIP VoIP services I use it with.

    Regards,
     
  3. dsummer

    Joined:
    Dec 6, 2010
    Messages:
    13
    Likes Received:
    0
    Thank you, gpsjeff, for your reply and informative blog!

    Setting the port range to 16384-16482 UDP solved the problems with both providers. So I conclude it's as you say and that their servers can't connect to clients on ports outside 10000-20000 (for RTP). A bizarre limitation; I wish they would document this in their setup guides. Callcentric should too!
     
  4. gpsjeff717

    Joined:
    Jun 5, 2008
    Messages:
    31
    Likes Received:
    0
    Glad to hear this info was useful and it helped solve your connection problems.

    The 3CXPhone really is the best user-configurable softphone I have used, which is why I dubbed it my top-pick for configurable softphones on my blog.

    I had the same initial issues you had when I first tested the 3CXPhone. But, after sorting out a few configuration quirks, it is a great reliable softphone for VoIP users connecting to BYOD VoIP services.

    Thanks to 3CX Corp. for providing this sofphone for free.
     
  5. albertc

    Joined:
    Nov 21, 2011
    Messages:
    89
    Likes Received:
    0
    If you are not hosting a PBX in your local network, you really dont need to forward any port at all in your firewall. When your 3CX Phone or any other sip clients (Hard phone or soft phone) register with the provider, it will negotiate the RTP port to be use and your NAT firewall will handle all the translation. The only time you need to forward those ports is when you have a PBX inside your network and the sip clients are outside of your local network.
     
Thread Status:
Not open for further replies.