On my home network, I have a Linksys WRT 32X which has an extremely basic Web Interface/UI and I'm trying to set-up work/office VoIP phone which is a Polycom handset. I've set a static LAN IP 192.168.1.161 for the Polycom, I've set the device to high priority for QoS however I'm having both QoS and routing issues, I can receive calls however audio is clipping so difficult to hear what people are saying, however, cannot dial out and the VoIP provider has said the reason for this is..
“It appears on the traces that the IP is changing and thus we receive a 403 lookup failed back from our AS when we send you a 200 OK”
They’ve also said that I needed to disable SIP ALG which I think I've done using a command I was provided...
opkg remove siproxd opkg remove libosip2
and…
Firewalls should be set with Consistent NAT switched on (where available). NAT time out values should be set to a minimum of 5 minutes to prevent issues with device registrations and Busy Lamp monitoring.
For security reasons we recommend that SIP traffic on port 5060 and port 5070 are restricted to our platform only. Below is the list of IP Addresses that will require access:
• For Synergy UC
o 185.70.192.0/24
• For Polycom Auto-Provisioning
o 52.0.183.240
o 52.2.100.162
o 52.21.73.34
o 54.86.39.219
o 54.152.105.93
o 54.210.194.27
• For NTP Time Server domain
o 0.uk.pool.ntp.org
RTP ports required; Synergy: 11,000 - 65,535.
DHCP (Dynamic Host Configuration Protocol) should be used to simplify network configuration and administration.
All equipment should be certified to meet current industry standards. Key feature to be considered are QOS support (802.1p), VLAN (802.1q) STP (802.1d), IEEE 802.3af for POE network switch.
If VLANs are configured for Voice and Data, you will need to add the following option string to the Data scope: Option 128 – VLAN-A=xxx; (xxx is the VLAN ID for the Voice VLAN)
So I've started to try and create rules for this...
config redirect
option name '5060-5070'
option proto 'tcp udp icmp'
option target 'DNAT'
option src 'wan'
option src_ip 185.70.192.0/24
option dest 'lan'
option dest_port '5060-5070'
option src_dport '5060-5070'
option dest_ip '192.168.1.161'
option enabled '1'
config redirect
option name '11000-65535'
option proto 'tcp udp icmp'
option target 'DNAT'
option src 'wan'
option dest 'lan'
option dest_port '11000-65535'
option src_dport '11000-65535'
option dest_ip '192.168.1.161'
option enabled '1'
So I think the above should forward ports 5060-5070 to the Polycom on 192.168.1.161 if the source is 185.70.192.0/24 and the second rule should forward ports 11000-65535 as well.
Can anyone confirm the above is OK and also advise me on how to set-up the other things that they are stating is needed?