It's normally quite difficult to do tracing/sniffing on the WAN side of a
firewall. So my advice would be to dig into the SIP protocol and understand
I think that your monowall closes inbound ports due to timeouts in the nat
translation table. One solution is to do port forwarding to your internal
SIP client. However, a lot of effort has been put into devoloping protocols
to enable seemless NAT traversal. My advice is that you use these protocols
1) Disable any SIP related portforwarding that you've set up in your
firewall -if any.
2) Enable STUN on your SIP client
3) Enable keep-alive packages from your SIP client
4) Enable "rport" on your SIP client if possible
5) reset the nat firewall state table (the simple way is to reboot the
6) Reset your SIP client to force a re-registration
Now you should be up and running again. If not, then let me know.
Søren Vanggaard Jensen
>From: Matthias Kessler <Matthias dot Kessler at RZ dot Uni dash Augsburg dot DE>
>To: m0n0wall at lists dot m0n0 dot ch
>Subject: [m0n0wall] SIP Problem
>Date: Wed, 01 Mar 2006 17:33:56 +0100
>-----BEGIN PGP SIGNED MESSAGE-----
>I have a problem with my SIP account. It does register without a
>problem. I can also make outgoing calls.
>But when another person with the same SIP registrar wants to call me he
>always gets an timeout. In the firewall log i can see incoming UDP
>packets from the sip-server (e.g. sip0.schlund.de) to my monowall. The
>NAT rules must work too because is also see incoming UDP packets from
>there to my internal fritzbox.
>But all these packets get blocked. I also can't see the source and
>destination port of those packets. What can I do to see why those
>packets get blocked?
>Thanks for every help,
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.2 (MingW32)
>Comment: GnuPT 2.5.5 by EQUIPMENTE.DE
>-----END PGP SIGNATURE-----
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch