SIP Ports incoming and outgoing

I want to have a better understanding how asterisk port work

I know SIP Authenticate on 5060 UDP/TCP and RTP on port 10,000-20,000

Im trying to understanding which ports need incoming and which ports need outgoing…

From the Server perspective,

I need incoming for sure on port 5060 tcp/udp for authentication for clients
Do I need 10,000 - 20,000 port or is that just for “outgoing”

How about SIP Server providers, do they also need 5060 incoming but do i need to open 10,000-20,000 for them?

I need incoming for sure on port 5060 tcp/udp for authentication for clients
– it’s correct. every client know that server expects them on port 5060

Do I need 10,000 - 20,000 port or is that just for “outgoing”
– not nonly for outgoing. those ports (randomly selected), used for bi-directional RTP packets between you and client, you and provider. UDP two ways. not used for authentication

about SIP Server providers, do they also need 5060 incoming but do i need to open 10,000-20,000 for them?
– providers waits for your SIP register, invite, bye (and more) messages on theirs’ port 5060 (if other port not defined). 10000-20000 will be used for pass voice . Need to be opened, in other case you will hear silence

1 Like

This isn’t specific to Asterisk; it relates to any SIP user agent.

By default, you need 5060 incoming on at least one of TCP and UDP (strictly speaking you always need UDP). You need the range of port numbers incoming and UDP that is listed in rtp.conf, for RTP media and RTCP. You may need 5061 TCP incoming for secure signalling. You need to enable all port numbers for outgoing UDP, unless you know something about your peers to the contrary. If using TCP or TLS signalling, you need to enable all TCP ports as outgoing destinations, unless your knowledge of the peers indicates otherwise.

In general, you only have control of the local port numbers; the peer gets to choose the remote ones.

2 Likes

so let me understand this correctly for one call between 2 people
Asterisk uses 5 ports?
5060 UDP or TCP
Client A: 2 RTP UDP Port
Client B: 2 RTP UDP Port

Generally correct, if not using encryption, and not overriding defaults. However it is actually one RTP and one RTCP, not two RTPs. The ports are corresponding on and even numbers. Asterisk uses the same port as the source for outgoing RTP as it uses for the sink for incoming RTP. The nature of SIP means that, during certain transitions, the remote source port may not even be on the same IP as the current destination for that peer.

Note that ports should be treated as reserved for about a minute after a call leg is terminated.