SIP and Router Configuration For Remote Extension

Could anyone suggest and explain what SIP and Router configuration should be for a remote extension to work with the asterisk server being a router?



Are you trying to connect a local IP phone to a remote Asterisk server?

(NJ)-[Asterisk]---------(internet cloud)-------(NYC)-[YourHouse]-{phone}

or something along those lines… ?

In sip.conf you must set:
as well as set the value to:

On your router forward ports 5060-5090 and 10000-20000 all UDP to your server.

also need to define localnet= as well as externip=.

also dovid what do ports 5061-5090 do? I have heard many people recommending large ranges of SIP ports (the range changes every time) yet I can find nothing anywhere suggesting these ports are required, what do they do?

“On your router forward ports 5060-5090 and 10000-20000 all UDP to your server.”

I have Cisco 2851 router. How can such a huge range of ports i.e. 10000-20000 be forwarded? They use something called access list and with which we can only forward one port at a time. That would take 10000 entries. Any suggestions, please?



Is this even a NAT issue? Explain what youre trying to do a little better ketan.

The higher end ports are used after a call is setup, the source port for sip registration is 5060 but when calls are established the upper layers create their own higher destination port, 10,000-35,000 UDP to forward datagrams…

I’ve even seen NAT setups trying to register on ports such as 32767 because 5060 was ineligible

My setup is as follows:

Asterisk server behind Cisco Router with NAT.

Remote Analog Phone is connected to FXS port on the router.

Forwarding 5060 and few other ports, I know how to do that. But I am stumbled on how to go about forwarding such a range of ports.



If you are behind NAT then you have to forward ports 10k-20k. If you will not be handling many calls you can lower the amount of ports that asterisk will use in (I believe the file name is - too tired to check). If you can configure the router via ssh write a script to create all the allows and then paste it in.

well said, i’d also look into using a STUN server