Solved SIP Trunk Going over non 5060 port

Discussion in '3CX Phone System - General' started by theMightyMacBoy, Apr 12, 2017.

Thread Status:
Not open for further replies.
  1. theMightyMacBoy

    Joined:
    Mar 21, 2017
    Messages:
    31
    Likes Received:
    3
    So I have been having issues with SIPTRUNK.com and 3CX. I setup the trunk to go over 5060, but it seems that 3CX is wanting to use 1027 for SIP. Anyone have any ideas? Below is the reply from SIPTRUNK.com support. I took out our account numbers for security reasons.

    Thank you for any help.

    --------------------------
    Their response:


    Your 3CX seems to indicate that it believes itself to be at port 1027, but that is not a standard 3CX port. Further when the packets get here they are actually sourced on port 5060 (which we would expect). However your 3CX seems to insist via it's CONTACT header on all attempts that it is at port 1027, which causes it to reject our ACKs to it's 200 OK messages on inbound calls. Thus the call times out exactly like you are seeing.

    Here is the "REGISTER" message and our response:


    16:25:16.377227 IP (tos 0x0, ttl 54, id 5331, offset 0, flags [DF], proto UDP (17), length 885)
    50-249-197-5-static.hfc.comcastbusiness.net.sip > gw1.siptrunk.com.sip: SIP, length: 857
    REGISTER sip:gw1.siptrunk.com:5060 SIP/2.0
    Via: SIP/2.0/UDP 50.249.197.5:5060;branch=z9hG4bK-524287-1---282c224f3ff60c7b;rport
    Max-Forwards: 70
    Contact: <sip:#####@50.249.197.5:1027;rinstance=a35d1af57f9fea2a>
    To: <sip:#####@gw1.siptrunk.com:5060>
    From: <sip:#####@gw1.siptrunk.com:5060>;tag=66c36900
    Call-ID: 8UHUlNHgT3hF0firDqihnQ..
    CSeq: 38 REGISTER
    Expires: 60
    Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE
    Supported: replaces
    User-Agent: 3CXPhoneSystem 15.0.62928.5 (62928)
    Authorization: Digest username="#####",realm="gw1.siptrunk.com",nonce="WO075ljtOY5HVuSdV4Fu7DLIogKA6GVZux0uro2asGpdzcmkt2n002s90UnB",uri="sip:gw1.siptrunk.com:5060",response="27bed1f447de8ffb9fa0763b131c9034",cnonce="e8889d4253b5ff40265ee2a0f61a0f69",nc=0000000b,qop=auth,algorithm=MD5
    Content-Length: 0


    16:25:16.379918 IP (tos 0x10, ttl 64, id 60118, offset 0, flags [none], proto UDP (17), length 490)
    gw1.siptrunk.com.sip > 50-249-197-5-static.hfc.comcastbusiness.net.sip: SIP, length: 462
    SIP/2.0 200 OK
    Via: SIP/2.0/UDP 50.249.197.5:5060;branch=z9hG4bK-524287-1---282c224f3ff60c7b;rport=5060;received=50.249.197.5
    To: <sip:#####@gw1.siptrunk.com:5060>;tag=14575c43173f48ab35024af4364ef5fa.e6c4
    From: <sip:#####@gw1.siptrunk.com:5060>;tag=66c36900
    Call-ID: 8UHUlNHgT3hF0firDqihnQ..
    CSeq: 38 REGISTER
    Contact: <sip:#####@50.249.197.5:1027;rinstance=a35d1af57f9fea2a>;q=0;expires=60;received="sip:50.249.197.5:5060"
    Content-Length: 0


    And here is your 200 OK to our INVITE, and our subsequent ACK:


    16:25:16.918981 IP (tos 0x0, ttl 54, id 5364, offset 0, flags [DF], proto UDP (17), length 992)
    50-249-197-5-static.hfc.comcastbusiness.net.sip > gw1.siptrunk.com.sip: SIP, length: 964
    SIP/2.0 200 OK
    Via: SIP/2.0/UDP 63.247.69.226;branch=z9hG4bK6a53.815980287fa62b711026dbf9a892b9c5.0
    Via: SIP/2.0/UDP 67.231.1.110:5060;branch=z9hG4bK00Bc9f43b9a6b805986
    Record-Route: <sip:63.247.69.226;lr=on;ftag=gK00670702;vsf=AAAAAB8BAAUNAw0EBAZwAncYBR0DHQAAAB8BMTA-;dlgcor=f861.0d05>
    Contact: <sip:15746519310@50.249.197.5:1027>
    To: <sip:+15746519310@63.247.69.226>;tag=906e1d38
    From: "SIP.US" <sip:4045964204@67.231.1.110>;tag=gK00670702
    Call-ID: 541077866_131984825@67.231.1.110
    CSeq: 146048 INVITE
    Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE
    Content-Type: application/sdp
    Supported: replaces
    User-Agent: 3CXPhoneSystem 15.0.62928.5 (62928)
    Content-Length: 234

    v=0
    o=3cxPS 22287736534728704 20132112027877377 IN IP4 50.249.197.5
    s=3cxPS Audio call
    c=IN IP4 50.249.197.5
    t=0 0
    m=audio 9028 RTP/AVP 0 101
    a=rtpmap:0 PCMU/8000
    a=rtpmap:101 telephone-event/8000
    a=fmtp:101 0-15
    a=sendrecv

    16:25:16.940773 IP (tos 0x10, ttl 64, id 60119, offset 0, flags [none], proto UDP (17), length 445)
    gw1.siptrunk.com.sip > 50-249-197-5-static.hfc.comcastbusiness.net.1027: SIP, length: 417
    ACK sip:15746519310@50.249.197.5:1027 SIP/2.0
    Via: SIP/2.0/UDP 63.247.69.226;branch=z9hG4bK6a53.1a9b23650321dcf51476a4fed820351f.0
    Via: SIP/2.0/UDP 67.231.1.110:5060;branch=z9hG4bK00Bd3b7d33f6dff6346
    From: "SIP.US" <sip:+14045964204@67.231.1.110>;tag=gK00670702
    To: <sip:+15746519310@63.247.69.226>;tag=906e1d38
    Call-ID: 541077866_131984825@67.231.1.110
    CSeq: 146048 ACK
    Max-Forwards: 32
    Content-Length: 0

    Eventually you send us a BYE because you do not accept our ACK.

    16:25:33.158836 IP (tos 0x0, ttl 54, id 7004, offset 0, flags [DF], proto UDP (17), length 572)
    50-249-197-5-static.hfc.comcastbusiness.net.sip > gw1.siptrunk.com.sip: SIP, length: 544
    BYE sip:+14045964204@67.231.1.110:5060 SIP/2.0
    Via: SIP/2.0/UDP 50.249.197.5:5060;branch=z9hG4bK-524287-1---b6d5fd619bc6a72c;rport
    Max-Forwards: 70
    Route: <sip:63.247.69.226;lr;ftag=gK00670702;vsf=AAAAAB8BAAUNAw0EBAZwAncYBR0DHQAAAB8BMTA-;dlgcor=f861.0d05>
    Contact: <sip:15746519310@50.249.197.5:1027>
    To: "SIP.US" <sip:4045964204@67.231.1.110>;tag=gK00670702
    From: <sip:+15746519310@63.247.69.226>;tag=906e1d38
    Call-ID: 541077866_131984825@67.231.1.110
    CSeq: 2 BYE
    User-Agent: 3CXPhoneSystem 15.0.62928.5 (62928)
    Content-Length: 0




    I have input a work-around onto your trunk. NOTE: THIS IS NOT A PERMANENT SOLUTION. You need to reach out to 3CX and see if they can help you figure out why 3CX thinks it is at port 1027 when it sends traffic from port 5060. Once they have that sorted out we can remove the NAT fixup workaround.
     
  2. theMightyMacBoy

    Joined:
    Mar 21, 2017
    Messages:
    31
    Likes Received:
    3
  3. YiannisH_3CX

    YiannisH_3CX Support Team
    Staff Member 3CX Support

    Joined:
    May 10, 2016
    Messages:
    6,016
    Likes Received:
    421
    Hello @theMightyMacBoy

    Please let us know of have you passed the firewall checker of the PBX? Are you using the default sip port of 5060?
     
  4. theMightyMacBoy

    Joined:
    Mar 21, 2017
    Messages:
    31
    Likes Received:
    3
    • resolving 'stun.3cx.com'... done
    • resolving 'stun2.3cx.com'... done
    • resolving 'stun3.3cx.com'... done
    • testing 3CX SIP Server... done
      • stopping service... done
      • testing port 5060... done
        • testing port 5060... done
      • starting service... done
    • testing 3CX Tunneling Proxy... failed (How to resolve?)
      • stopping service... done
      • testing port 5090... failed
        • testing port 5090... full cone test failed
      • starting service... done
    • testing 3CX Media Server... failed (How to resolve?)
      • stopping service... done
      • testing ports [9000..9255]... failed
        • testing port 9000... full cone test failed
        • 9000 - 9255 failed... took those out...
        • testing port 9255... full cone test failed
      • starting service... done

    Do I need to port forward all of these ports if I don't plan to use phones outside LAN?
     
  5. cobaltit

    cobaltit Active Member

    Joined:
    Mar 22, 2012
    Messages:
    944
    Likes Received:
    154
    If you will have no phones or other remote access for the PBX you don't need 5090 but you definitely need 9000-9255 for audio.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. theMightyMacBoy

    Joined:
    Mar 21, 2017
    Messages:
    31
    Likes Received:
    3
    We currently have audio. Let me put in a port forward for 9000-9255 UDP and see if that fixes it.
     
  7. theMightyMacBoy

    Joined:
    Mar 21, 2017
    Messages:
    31
    Likes Received:
    3
    Firewall 100% passed and still on my SIPTRUNK.com dashboard, it's showing the trunk on port 1027. I even changed the PW to force 3CX to disconnect and have to reauth with them... Still same port. Thoughts?
     
  8. JasonNadeau

    JasonNadeau Member

    Joined:
    Oct 14, 2015
    Messages:
    262
    Likes Received:
    46
    This is almost certainly not a 3cx issue. Firewall is off on the PC running the 3cx server ? At this point, it's most likely your is router messing with the ports, or a setting in your siptrunks.com account.

    Edit : and since siptrunks.com seems to have properly looked on their end (very cool supplying packet captures), I'm really thinking your router.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. cobaltit

    cobaltit Active Member

    Joined:
    Mar 22, 2012
    Messages:
    944
    Likes Received:
    154
    SIP ALG is off correct?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. datamerge

    datamerge New Member

    Joined:
    Nov 19, 2014
    Messages:
    176
    Likes Received:
    22
    Definitely sounds like ALG in the router. The source port is 5060 when it arrives at the SIP trunk, which would indicate it is not being transformed and why the firewall check passes. However, ALG for some reason appears to be rewriting the headsers with contact source port of 1027. ALG is such a kludge.
     
  11. theMightyMacBoy

    Joined:
    Mar 21, 2017
    Messages:
    31
    Likes Received:
    3
    It was not ALG in the router. A clean install of 3CX fixed the issue. Not sure what's was going on, but another install fixed it. Been going good since Friday.

    Edit: Didn't have to touch my router.
     
    craigreilly likes this.
  12. YiannisH_3CX

    YiannisH_3CX Support Team
    Staff Member 3CX Support

    Joined:
    May 10, 2016
    Messages:
    6,016
    Likes Received:
    421
    Glad to hear the issue is resolved, although we did not identify what the issue was.
     
Thread Status:
Not open for further replies.