Hello guys. I'm very new to the Juniper world and have an issue that I just can't resolve. I have a static NAT set up for my pbx using public SIP trunks. The NAT is public-pbx any, any port. SIP ALG is off. Security rule is Internet (SIP PROVIDER) to Internal (pbx) application 5060,UDP, ignore alg. All working fine. We can use SIP clients on our pbx but they need to use UDP port 5059. I can get the SIP clients to connect and make a call but can't hear voice. Also when you end the call the dialled number doesn't know. I hope this makes sense. Thanks in advanced.
Hi spuluka, I have the SIP ALG off. I'm using static nat with the SIP 5060 and RTP ports open but only from the SIP trunk provider to the PBX. If I want to use SIP clients these use port 5059 to connect and the connection is ok but I'm not getting audio. Could I create a custom application with no alg?
If you want to leave the alg disabled then your reverse security policy allowing in the high audio ports need to be to any ip address that the phones would be coming from. So for internet voip that is generally any internet address allowed in on those ports.
Using the alg just requires creating the custom application and associating the alg to that in the policy.
Steve Puluka BSEET - Juniper Ambassador IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP) http://puluka.com/home