This issue was due to stupid PACE FTTN modem/router firmware that doe not know the meaning of DMZ mode.
I have old asterisk 11 setup and few sip clients that connect to external server. It was working fine on 18.06.01 on Asus RT-N13UB1. The wan port on that died so I moved to..
TP-Link TL-WDR3600 v1 OpenWrt 18.06.5 r7897-9d401013fc / LuCI openwrt-18.06 branch (git-19.309.48729-bc17ef6) and It is not working.
The asterisk server shows registration on two out of 6 providers but incoming and outgoing calls have stopped working. SIP softphone from Grandstream seems to work fine in the same subnet. How do I debug?
Based on multiple postings on openwrt forum I have tried installing following
What are the flow requirements for Asterisk? Do you need to forward some ports or just outgoing traffic will do?
Post here also the following for troubleshooting. Use Preformatted text for the console output (the </> button) uci export network; uci export firewall
If the softphone works then Asterisk should work as well, assuming same transport protocol is used. No additional modules or configuration should be required on the router. Sounds like Asterisk configuration issue.
I'd assume that the soft phone is actively keeping the SIP connection open (just like UDP hole punching), by sending SIP pings in regular intervals (e.g. every 30s) - which is necessary in NAT environments to allow incoming calls. Asterisk should support this as well, but you probably have ti configure that.
IT IS STUPID AT&T. Their PACE modem/router update broke DMZ mode for my OPENWRT router. It appears to be working but it is not. There is a lot of discussion on AT&T boards about it. Current solution is to give fix IP to my openwrt router and forward all ports. Yes, it is double NAT but the VOIP server seems to cope with it. I will eventually yell at somebody and get the modem/router replaced or go to other ISP. Thank you for all the replies.