How to allow RTP traffic in (UDP 10000 to 30000)in firewall


Our client using Asterisk Free PBX and when he connect to our softswich they got error “unsupported media type” and after we do trace find that he should allow all RTP traffic in his firewall

The termination carrier advice as below :

We send the RTP data to the IP address in the SIP SDP that comes from your gateway
to our switch.

Below are the IP ranges that we use for signaling and media traffic.

IPNetwork NetMask InverseMask CIDR /26 /19 /22 /18 /18 /16 /16 /22

We don’t recommend that you lock down the RTP (media) traffic on your

We recommend that you just open your RTP to the internet. i.e. allow RTP
traffic from any source IP address on our side (UDP 10000 to 30000) in
your firewall.

Anyone can help us ?

iptables -A INPUT -p udp --dport 10000:30000 -j ACCEPT

Thanks Sir, but unfortunately our client doesn’t accept to open RTP for Internet .

Can you help us to open ports for IP ranges listed above

Uh? The last sentence its a joke? In which scenario do you think we can open the ports in your client’s side? Or I’m Misunderstanding the question.

A joke? Do you mean that if we add for example /26 IP Block we’ve to add the 61 usable IP range manually ? Is that the only method ?