cancel
Showing results for 
Search instead for 
Did you mean: 

When calling they can't hear me

daveyb
Grafter
Posts: 128
Registered: 04-08-2007

When calling they can't hear me

Hi,

Since being given some free minutes I thought I'd give VoIP a whirl and am now banging my head against the wall - I can hear the other end clearly, but they can't hear me at all unless I grant my PC unrestricted outbound access on my firewall.

I'm using X-Lite through a Netgear DG834G (latest firmware) and ordinarily I have the following ports set for outbound access: 3478 (STUN), 5060 (SIP), 8000-8019 (Xlite RTP), 10000 (STUNsig) and 5004 (SIPsig) - initially just for UDP but now for either UDP/TCP. In this configuration, no-one can hear me but I can hear them.

The bit that has me banging my head is that if I enable all outbound ports with logging (to see what's actually being used) everything works fine (they can hear me, as well as me hear them) but in the logs it's only ports 8000-8001 (UDP) that's showing up as in use during the call. So why doesn't the above rules work?

Looking at the PlusTalk Help section I did try setting Obey Reverse UDP Mapping Rules to No (it's usually Yes) but that seemed to make no difference at all.

Does anyone else have this setup working through a DG834G without allowing all outbound ports?

Thanks, David
5 REPLIES
N/A

Re: When calling they can't hear me

Quote
The bit that has me banging my head is that if I enable all outbound ports with logging (to see what's actually being used) everything works fine (they can hear me, as well as me hear them) but in the logs it's only ports 8000-8001 (UDP) that's showing up as in use during the call. So why doesn't the above rules work?


Definately sounds like your firewall dropping or mangling the outbount RTP traffic. What firewall are you using? Can you ask it to log the packets it drops when it's not working?

Is your firewall doing NAT? This could be mangling the port numbers.

Maybe try running Ethereal and see if anything looks odd (are the IP addresses and port numbers right?)
daveyb
Grafter
Posts: 128
Registered: 04-08-2007

When calling they can't hear me

Thanks rivendell2,

The firewall is built into the DG834G and yes, I use NAT.

Getting the DG834G to log the dropped packets is interesting - it's claiming to drop packets on port 8000, but I've just double-checked - I have a rule that allows outbound traffic on 8000 - so something is clearly screwed up here. I guess I'll delete all the rules relating to VoIP and then re-enter them to see if that sorts it out.

Thanks, David.
daveyb
Grafter
Posts: 128
Registered: 04-08-2007

When calling they can't hear me

Well I'm a bit stuck now as the DG834G just seems to completely ignore any rule I create to allow the use of ports 8000-8001 (unless I enable all ports).

......the firewall seems to work with other ports (for example SIP traffic across 5060 obeys the rules fine) so what is it about ports 8000-8001 ? I've even deleted some other rules just to see if I'd reached some sort of limit - but it makes no difference.

Has anyone got PlusTalk working with a DG834G without enable all outbound ports?

Thanks, David
N/A

When calling they can't hear me

Quote
......the firewall seems to work with other ports (for example SIP traffic across 5060 obeys the rules fine) so that is it about ports 8000-8001 ? I've even deleted some other rules just to see if I'd reached some sort of limit - but it makes no difference.


Are you _sure_ you allowed UDP on those ports (not TCP)? If that's ok, it really sounds like a bug in the firewall - you could look on the manufacturer's website to see if there's a firmware update available.
daveyb
Grafter
Posts: 128
Registered: 04-08-2007

When calling they can't hear me

ummm.......definately UDP (but even setting the rule to allow either TCP or UDP makes no difference).

I'm running the latest firmware and I've had a look in the Netgear forums tonight and can't find this specific problem, but there are lots of other people who seem to have had seemingly inexplicible firewall rule problems with the latest version.

I've even tried splitting the rules (eg. a RTP-A rule for 8000 and a separate RTP-B rule for 8001) but it still doesn't work.

I even wonder whether I'd somehow written rules that overlaped in port ranges but I've been through them all and it certainly doesn't seem to be the case.

I'm prepared to accept that it is something stupid I've done, as I don't have a problem with any other rules I've set up and I do only open ports I'm expecting to use so I do have quite a few rules, but I've been starring at it for hours now and can't see it what it is. I suspect most users of the DG834G won't have this problem as it the factory defaults allows outbound traffic on any port (and it works fine with this rule) but, as I say, I block everything and then only open what I expect to be used.

Ah well, perhaps I'll go to bed and maybe spot something tomorrow!

Thanks for your input anyway.

David