05-07-2014 11:24 AM
Hello, wondering if someone can help. feel free to move the post to a better location. this is the only location i could connect to that seemed relavent.
moved into an AT&T u-verse neighborhood this past August. Brand new home with Fiber connection right to the side of the house. The internet connection seems good, but i am still having some issues.
From time to time I try to work from home. My office has a VoIP system, so of course the first thing i tried to do was connect my desk phone to my home network. while the phone did connect, and the display came on and told me the status of every phone in my office, initial testing showed that my side of the conversation was not going through. i learned this by calling into the voice mail system and trying to leave myself a message. i could hear the VM system just fine, but the system could not hear me. this was also confirmed when i tried to call my cell phone.
so i logged into my home network switch, figured out which LAN IP my phone was using and reconfigured that connection to the DMZ+ system.
that didnt help either
the only thing i was able to get to work at the time was a 3rd party SIP app on my AT&T Wireless Samsung Note 3 via WiFi. but initially that didnt work. i couldnt get that to work with the public IP at my office. i finally had to use an SSL VPN app to connect to my network, then use the SIP app, and the internal LAN IP of my phone system.
but since the kitkat upgrade that no longer works either.
it appears that the standard SIP ports, UDP 5060-5061 and possibly UDP 5070 are either being blocked or something, and are not allowing standard SIP traffic to go through. when i connect to a public hotspot, via WiFi, this SSL VPN connection works fine.
I have tried contacting AT&T wireless about the cellular connection problem, They say it is a Samsung problem, and that Samsung might be blocking the ports
Samsung says they dont have the ability to block the ports, and that i need to reset my cell to factory defaults to get it to work (that is their solution to everything)
i also tried to contact u-verse tech support, and they say i need to pay to call Connectech to get help.
This seems pretty straight forward to me. i have done some online research on this and there only seem to be 2 possible answers. 1) the SIP ports are being blocked, and i am not given access in my home router to unblock them, or 2) the SIP-ALG feature, which cannot be de-activated by the consumer is re-writting SIP traffic so my home phone line works better with AT&T service.
if its option 2... i dont really use my home phone line. i only got a home phone line for my alarm system, and the alarm system is not even compatible since it is a digital phone line. i am happy to get rid of the line.
if its option 1, how do we get it unblocked. i only use a SIP phone once in a while. it does not eat up a lot of bandwith.
any help our guidance would be apprecaited on this one. i have tried everything i can think of, but i dont really want to spend money on tech support for something that idealy AT&T regular support should be aware of and able to troubleshoot.
- edited 05-07-2014 2:10 PM
What kind of office phone system do you have? Please be as specific as posible. Something like NEC SV8100, or Toshiba CTX100 as an example. Also, list the model number of the phone your trying to connect at your residence. I have the exact set up your trying to do here at my home. I had to go in and create some pin holes in the Residential Gateway to get mine to work. I have an NEC SV8100 phone system.
05-22-2014 2:33 PM
MItel 5000, but I am using a SIP extension in this case. Any SIP app will work. This also limits the ports that are needed in the firewall (not that this should matter with a VPN connection anyway.) i dont care about the desk phone as much. if i can get the SIP app working i will be happy. but for argument sake, the phone is a Mitel 5340 IP phone. (system supports digital phones as well, but this one is IP for sure.)
my cell is a Samsung Note3.
05-30-2014 2:26 PM
Just got confirmation from my office Firewall provider, SonicWall. when using a SSLVPN, like i am, all ports are forwarded from the remote location to the office, and nothing is blocked. Sonicwall ran a few tests with me and determined that the SIP ports are being blocked by AT&T or otherwise channing the data.
on the U-Verse side of things, there is apparently a SIP-ALG function that is permanently turned on the reconfigures the data. which is apparenty a good thing if you use an AT&T u-verse phone line but may be part of the problem i am having at home on my home connection, but the same thing is happening on my cell phone as well. even with the SSL VPN connection the connection of my SIP app is being blocked so i cant even log onto the Mitel phone system.
works fine on a Time Warner or Verizon Fios connection which is amazing when you consider that Verizon is supposedly blocking the same traffic.
07-08-2014 12:25 PM
never saw further responce on this. still looks like UDP 5060 is being flat out blocked on uverse. worked for a few months, but in the last 2-3 i can no longer conect to my office phone system either directly with port 5060, or with any kind of VPN. i have tried using DMZ Plus, but this port is just flat out blocked. can anyone offer a suggestion on how to get this to work. AT&T just gives a blanket "we are not blocking anything".
- edited 07-08-2014 1:03 PM
Maybe not blocking, but it is quite possible that your RG is intercepting it, as it is capable of processing SIP packets for U-verse Voice VOIP service.
However, a properly constituted VPN tunnel would make it impossible for any intervening device to remove the SIP packets from the stream. How did you set up your VPN tunnel?
11-06-2014 10:58 AM
oh, it is definantly blocking.
using Sonic Wall NetExtender app, which creats an SSL VPN on port 4430
regardless if i use the VPN connection or not the result is the same, i can ping into my network, and even RDP into servers, but SIP traffic is blocked.
it worked fine until the firmware upgrade on my Note 3 to 4.4.2
I had my phone system tech connect with a softphone to my system via open ports in my firewall for SIP traffic, and it worked fine and he was using a COX Communications internet connection (WiFi on a similar Android drive, the same app and the same process on my Note 3 via cellualar, or WiFi remotely on public WiFi = no conection.
It is the same problem i have with my laptop on my home Uverse connection. in the case of Uverse, There is a SIP ALG in the AT&T firewall that is recoding the SIP traffic to optomize it to their Uverse phone lines, which pretty much kills any chance of using a commercial VoIP system to work from home.
my office firewall is designed to handle this type of traffic.
you would think that a "properly constituted VPN tunnel would make it impossible for any intervening device to remove the SIP packets from the stream" but they are doing it both on Wireless and on Uverse.
11-06-2014 11:25 AM
you would think that a "properly constituted VPN tunnel would make it impossible for any intervening device to remove the SIP packets from the stream" ...
Yep. I sure would, which is about the only thing in your whole diatribe that made any sense whatsoever.
A true VPN tunnel is an securely encryped tunnel. Nothing can change or intercept traffic between the two VPN tunnel endpoints. Thus, things are not passing through the routes you think they are.
01-22-2015 1:23 PM
I am having the same issue but in our offices. We just signed on with AT&T and only half our phones work in the office. I have bem working on this issue for months!!!
We are using Digium D40 and D70 phones and even giving the phones direct ip's they still will not connect. We have taken them off the firewall and still no luck. Out of 6 phones 3 work, they go through PoE switches one connected to firewall one as a test not going through the firewall. I have spent hours on the phone with Digium and the guy that runs our firewall. There is something in the middle blocking the access AT&T is the only thing in the middle.
02-15-2015 12:41 PM