I've seen many references to "port forwarding" in these forums.

What exactly is this?

Why use it?

Are there instructions somewhere detailing how to do it?

Thanks
Jeff

I've seen many references to "port forwarding" in these forums.

What exactly is this?

Why use it?

Are there instructions somewhere detailing how to do it?

Thanks
Jeff

You don't need to have any port forwarding at all.

I'm not sure I would say you don't need any port forwarding at all. Port forwarding is used when your VoIP adapter is behind a router and calls are having difficulty navigating their way through your network to reach the adapter. You router allows you to direct packets aimed at a particular port on your public ip address to the private ip address of a device behind the router. So, for example, a packet aimed at 24.213.102.11:5060 (port 5060 of your public ip address) can be forwarded to 192.168.100.25:5060 (port 5060 of your VoiP adapter's private ip address).

If you are having problems (one-way audio, dropped calls, no ringing, etc.), contact support and they will tell you which ports to forward and help you do it.

I agree with the purpose of port forwarding.

If your ATA works directly connected to the modem, and not behind a router, I would question your network, or the quality of the router. Port forwarding in that case can be a bandaid to overcome your network issues.

People may sometimes forward Port 80 to an internal web server. This allows a web server to be reachable from an otherwise unreachable NAT address. These are techniques to overcome the normal rules of the router.

In SPI firewalling, the ATA will send a packet on a regular interval to the VoIP provider. The SPI firewall blocks all uninitiated communication to the router. Same as when your browser requests network data, there is a short interval where replies can come back via the outbound info sent. The response must be quick enough or the whole deal is over and the SPI firewall opening is again closed. The registration interval of an ATA must be compatible with the window of opportunity the SPI firewall allows.

No dial tone for example, can be the effect of loss of this registration. Poor ISP connectivity can also muddy this scenario. Port forwarding allows a limited way in to the ATA to establish communications. Beyond the Port 5060 port being forwarded, I would hazard a guess that the network traversal by the modem is doing a poor job. I would seriously think about replacing the router if it works fine directly connected to the modem.

It would be an interesting statistic, to learn about what modem combinations need port forwarding, and if more than the key port needs to be forwarded.

I too, am from the no port forwarding school in order to make the basics work.

If what you all say is true, then we would all have to use DMZ and forwarding, etc.
I don't choose to use the ATA or my DSL modem, for that matter, to do any other functions than I believe it to be designed to do. I have a router for PPPoE as well as routing for my VOIP ATA.
I think that when these isolated problems occur, they are as a result of mis-management on the users setup, and these work-arounds should only be necessary in rare cases when a diagnosis is not available or perhaps when there are esoteric setups that fall outside the realm of provider supplied and provisioned ATAs. This may even extend to unique arrangements with the users ISPs as well.
Just my opinion...

It would be an interesting statistic, to learn about what modem combinations need port forwarding, and if more than the key port needs to be forwarded.Good idea usa2k- Ive just started a post with mine...


http://forums.voipo.com/showthread.php?p=14664#post14664


I have multiple systems at the office and of coarse Voipo here. Im constantly moving and testing things and never need any port forwarding. But I believe that some manufacturers just don't have enough knowledge to properly handle voip through their devices.

My firewall does not like to allow incoming calls unless they originate from the carriers port 5060 (or whatever my device is pointing at) so I simply give the carrier server a firewall rule to allow all ports and problem solved.

Sometimes port forwarding is needed no matter how well designed your network and equipment are. For example, I have three and sometimes four VoIP adapters operating behind my router (plus soft phones), and some of them are reached directly -- i.e., without using proxies. There would be no way a call could reach myadapter@mypublicipaddress:port without forwarding that particular port to my adapter.

Edit: the smiley should be a colon and a "p."

I have three and sometimes four VoIP adapters operating behind my router (plus soft phones), and some of them are reached directly -- i.e., without using proxies.

Are you saying the provider system refuses to recognize NAT? Or that your ATA is unable to be set to recognize its behind NAT??

I know on one of my ATA's, I believe its A Grandstream, that one setting can influence that behavior at the carrier side...

My firewall does not like to allow incoming calls unless they originate from the carriers port 5060 (or whatever my device is pointing at) so I simply give the carrier server a firewall rule to allow all ports and problem solved.

I had a voice gateway I left 5060 open to pretty much every connection. That was a mistake! Basically someone could enter phonenumber@my ip address and the call would go through. Not good! I have since locked it down so don't go getting any ideas! ;)

I had a voice gateway I left 5060 open to pretty much every connection. That was a mistake! Basically someone could enter phonenumber@my ip address and the call would go through. Not good! I have since locked it down so don't go getting any ideas! ;)

Your running a sip server?

My rule is setup as-

174.37.45.134 - UDP - all ports > lan address all ports (I do this for each of Voipo's servers.)

So unless sip-*.voipwelcome.com gets hacked or someone spoofs one of their addresses, ect... I should be safe...

Are you saying the provider system refuses to recognize NAT? Or that your ATA is unable to be set to recognize its behind NAT?? For those calls, there is no "provider." For example, I can forward an IPKall number or Gizmo5 directly to my adapter without the need to register that adapter to a particular provider or to use a SIP proxy. Or I can call from one adapter directly to another adapter across the internet without using a provider. Also, the adapter can register to one provider (e.g., VOIPo) but still receive incoming calls directly from IPKall or G5 or another adapter. Some adapters and soft phones have a specific setting to support receiving calls without registering, whereas others don't. My point is that port forwarding is necessary to receive calls that go directly to the adapter.

I have two PAP2 adapters (one for VOIPo and one for NextAlarm), plus two old AzaCall/UTStarcom adapters from Lingo. I also sometimes use an XLite soft phone. Most of this is just for fooling around.

For those calls, there is no "provider." For example, I can forward an IPKall number or Gizmo5 directly to my adapter without the need to register that adapter to a particular provider or to use a SIP proxy. Or I can call from one adapter directly to another adapter across the internet without using a provider. Also, the adapter can register to one provider (e.g., VOIPo) but still receive incoming calls directly from IPKall or G5 or another adapter. Some adapters and soft phones have a specific setting to support receiving calls without registering, whereas others don't. My point is that port forwarding is necessary to receive calls that go directly to the adapter.

I have two PAP2 adapters (one for VOIPo and one for NextAlarm), plus two old AzaCall/UTStarcom adapters from Lingo. I also sometimes use an XLite soft phone. Most of this is just for fooling around.


Ah- yep, that makes sense.. Your ata is more like a web or mail server in the sense that it doesnt know where its next flow of traffic is coming from, and therefore you have to provide the route to it...

Thanks for the explanation... :)

I hope we are not getting too far off the track, and I hope that not too many plain vanilla users are trying to understand what this is all about.

My original comments were in reference to those who have nothing but a provisioned ATA and simply want to plug it in and talk and listen.

Perhaps a separate thread for the special hook-ups would less confuse those who are asking the basic questions.

I hope we are not getting too far off the track, and I hope that not too many plain vanilla users are trying to understand what this is all about.

My original comments were in reference to those who have nothing but a provisioned ATA and simply want to plug it in and talk and listen.

Perhaps a separate thread for the special hook-ups would less confuse those who are asking the basic questions.

Yes that is true. I was just curious because the ATA disconnected the other day and I had to power cycle to get it back. It was on, but the phone line lights were not.

I have this RT31P2 device behind my router and was wondering if was something that would factor in.

Jeff

Yes that is true. I was just curious because the ATA disconnected the other day and I had to power cycle to get it back. It was on, but the phone line lights were not.

I have this RT31P2 device behind my router and was wondering if was something that would factor in.

Jeff

Sorry for the hijack attempt.. Im good at that. ;)

As for the RT31P2- No that is not something port forwarding should fix.

The ATA tries to re-register at a specified time period. If that registration does not make it to the server and back, the lights will go out.

Sorry for the hijack attempt.. Im good at that. ;)

As for the RT31P2- No that is not something port forwarding should fix.

The ATA tries to re-register at a specified time period. If that registration does not make it to the server and back, the lights will go out.

Interesting, do you have any idea what time that may be?
Is that daily?

Jeff

If VOIPo is provisioning your ATA, then only they can set it or change it...be sure to describe your problem when you submit a ticket..

I think that when these isolated problems occur, they are as a result of mis-management on the users setup, and these work-arounds should only be necessary in rare cases when a diagnosis is not available or perhaps when there are esoteric setups that fall outside the realm of provider supplied and provisioned ATAs.

I can think of one other cause - the crap that router vendors peddle to unsuspecting end users.

I fought a Linksys RVL200 VPN router for over a year. It would do VPN semi-decently, but that was about it. Even though it offered the ability to do port forwarding (among other 'features') in the setup menus, the feature didn't consistently work, and trying to run an ATA behind it was almost impossible. I could forward a port and verify that it worked one day, only to find it closed a few days later, with nothing changed in the setup. And this was while running the latest available firmware. It was a complete joke of a router.

I finally flashed a WRT54GS with Tomato (with OpenVPN), and that was the end of my problems. Port forwarding was no longer needed for either of my ATA's, and the VPN feature is like night and day compared to the junk RVL200. Even my data throughput is better.

I suppose this could be classified as 'mis-management on the users setup', but it was caused by the design of the manufacturer. I often wonder how many others are victims of absolute junk foisted on the public by manufacturers that expect us to do their beta testing.

Gary Sanders

Gary..

You certainly made a good point..