Evil ISP blocking VoIP

Dear Forum,

I’m absolutely new in this forum - maybe you can help.

I’m living in an advanced country where our beloved monopoly- ISP is blocking all VoIP traffic since yesterday. The first victim has been Skype.

Does somebody have a slight idea how to solve this problem by e.g. bypassing the proxy or using different ports?

Thank you very much for your help. We’re stranded in the middle of non- communication…

HuberUAE :imp:

The first thing you should do is complain to your government or PUC. Explain that they are abusing their power and it is driving up your cost of business, making it difficult for you to compete with other companies in different countries. Tell them that if your company/nation is to remain competitive in the international community, behavior such as this must be actively discouraged if not prohibited. Encourage other business leaders to do the same.

Also if your ISP is a typical monopoly and is ripping people off, then assuming it isn’t a government supported monopoly you might be able to find someone willing to start a competing ISP. Deoending on how bad they rip people for, you may be able to provide double the service at half the cost and still make a profit.

But anyway, getting around them-
First, are we talking SIP or IAX2? They may be blocking SIP but not IAX, give that a shot. You might also be able to get your provider to open up another SIP port, ie not 5060. That might get around it.

If they are blocking by packet contents (less likely as it takes much CPU power), then you are screwed, see the below.

However, the most foolproof way to get around blocking is with a tunnel. Lease a dedicated (or virtual) server in the USA or another non-blocked country. A virtual server should be about $40/mo and get a few IPs. Install on it a copy of OpenVPN, and put a few of those IPs on the OpenVPN network. Put another box in your country, also running OpenVPN. The two will create an encrypted tunnel across the Internet, safe from ISP inspection. This tunnel can be TCP or UDP and operate on any port you want it to. If set up correctly, the box in your country will allow your * server to use one of the USA IP addresses, thus making it free of any blocking.

Keep in mind this will add latency to your connection.

Dear Iron Helix,

I’m more than impressed - I will try VPN and will keep you informed.

Thank you very much!

Huber United Arab Emeirates

Hi Iron Helix,

what will be if I would install Asterisk completely on a virtual server e.g. in the US, will make all SIP traffic to the VoIP provider from this server, will use my own, local Linux server with Asterisk for all calls, communicating with the main server with IAX2?

Will that work? At least it would eliminate all potential bandwidth problem e.g. by tunneling.

What do you think?

Thanks again!


It is quite possible to do this. Such a setup is recommended if you have offices in the USA- callers get an IVR from your hosted server so it does not use bandwidth at a branch office. Then once it is selected where their call will go, that server routes it to the correct office or division.

It won’t remove bandwidth problems, but it will remove port blocking problems (assuming they do not block iax2 or whatever VPN you use to run iax2 on)

The other thing it would remove is the requirement to forward IP addresses over OpenVPN…

So your two options are

UAE SIP phones – UAEasterisk == iax2 possibly over vpn == Hosted * box --sip-- SIP provider


UAE SIP phones – UAEasterisk == sip over network tunnel == Hosted non-* box – SIP provider

Hi HuberUAE,

Did u solve this issue? I am also searching for a solution.



I have had the misfortune of dealing with Etsilate for some years now, and they are the most difficult company to deal with especially when it comes to VoIP services.

I have to caution you in a very big way, in that YES there are a number of ways to bypass Etsilate and their blocking of VoIP packets, the way they do it is quite primitive really and is quite simple to get passed.

But… Here is where the problem exists, if you get caught you my friend are in a world of big problems, and i have seen too many people get thrown into Prison because of it, or fined heavily.

I had to work hard for 2 years with them to get a VoIP license in the UAE, and that license only works in the free trade zones, kind of pointless really but it was a start.

If you want to bypass their Blocking just change the part in which Etsilate are blocking, which is ports 5060 and also the ones that Skype use which i cant remember which ones they are, but there are about 6 of them.

Do not waste your time with a VPN, they have worked out ways to stop VoIP traffic over them, and that alone would get you into more trouble if they decided to hunt you down for that.

You should also try to use IAX2 where ever possible, they do not block it because of the Port it uses and also cause the VoIP packet overheads are not the same as SIP and H.323, their software on their routers are designed to sniff out SIP and H.323. However it wont be long before they start to block IAX2 as well.

What ever you do good luck, i hope nothing goes bad for you.



Etisalat blocks SIP but IAX works fine !

lol get satelite!

…and wait 2 or 3 seconds to hear the reply from the other end!

seriously, satellite sucks for voip because of the huge latency. the signal has to go up, then down, then the reply goes back up and down again, all this adds at least 800-1000ms to your latency. which means when you say something you will have to wait a second or two to hear the response…

WHAT ? WHAT? im going to get hit by a car? MAN NICE DELAY!!

. Sprint wireless cards suck too!.

We made successful probes with IAX.
But as mentioned above - if this will go wider, then problems with law could appear.
If you use for your own purposes - I don’t expect problems.
IAX could use different ports - 80 also.

They can’t monitor your VPN - it is encrypted.
But they can come and check your servers.
Of course you can offer to your clients direct VPN connection to USA.
You can keep everything outside.
Etisalat can’t block VPN. And they should go after single clients - not after a company.