SOLVED 'internal' SIP profile assigning random port instead of 5060

[stin]

<thought>
Hmmmm...

I could try putting my FS server into my DMZ, then I should only need STUN to work as the random ports chosen by the STUN server would be in the DMZ.

I could also try a different STUN server.

Still can't explain why ext_rtp_ip is not evaluating the stun:... URL when it states it should do in the manual.
</thought>

Bed time...

 

[DigitalDaz]

Just stop using stun, we'll work out the other problems from there, there should be no need to use stun.

 

[Adrian Fretwell]

Agree with @DigitalDaz Stop using STUN (as I said earlier).

STUN is fine for endpoints behind NAT, but is not a good solution for the PBX itself.

Just to be clear, STUN does NOT choose random ports, it merely reports back to you the source IP and source ports that the STUN request came from. In other words, it reportss back to you what you look like from the public internet.

Your public dynamic IP address is the root of most of your issues here. Having a dynamic public IP is not a problem UNLESS you want to register endpoints that are from the public internet.

Even if you do cobble together some sort of mechanism to update FreeSwitch when your pubic IP changes, what is going to happen to the pubic endpoints registered to the old public IP address?

The settings for ext_sip_ip and ext_rtp_ip only affect what FreeSwitch puts in its Contact headers and SDP body respectively.

Port forwarding or DMZ should work just fine as long as your public IP does not change (too often).

 

[stin]

STUN does NOT choose random ports

Thank you Adrian. I know. I shouldn't read-up on stuff when I'm tired.

Agree with @DigitalDaz Stop using STUN (as I said earlier).

Aye. I think I'd already decided that STUN is not an option. No STUN. Bad STUN. Sit! Stay!

Even if you do cobble together some sort of mechanism to update FreeSwitch when your pubic IP changes, what is going to happen to the pubic endpoints registered to the old public IP address?

The endpoints are registered via dynamic domain name. As far as I can tell, a DNS query happens prior to registration, so as long as the DDNS IP propagates, it should then register on the newly resolved IP. Not perfect, I know.

The settings for ext_sip_ip and ext_rtp_ip only affect what FreeSwitch puts in its Contact headers and SDP body respectively.

Yes and they have to match my router's port-forwarding config to reach the PBX. The problem is that I can't dynamically allocate port forwarding with FreeSWITCH as it doesn't speak my router's dialect of UPnP. If it did, I wouldn't have had to try S**N.

Port forwarding or DMZ should work just fine as long as your public IP does not change (too often).

I am considering DMZ as I can override it via specific port definitions so using it won't break anything else on the inside. But that's mainly for ports. I 'just' need to keep FreeSWITCH up-to-date with the public IP :/

BTW, Adrian and Daz, I'd like to hear your thoughts on using UPnP in these kinds of difficult environments. Have you ever needed to use it before?

If this ends up paying for itself, I'll look into getting a VPS to sit it in. I'm also going to have to bite the IP6 bullet - I've left it far too long already.