Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

RV042G - Port Forwarding Not Working. Ideas?

Hi Guys,

Hopefully someone can help me on this. I'm in the process of deploying an RV042G in our office and have an issue with port forwarding for our VOIP PBX. The setup/issue is as follows:

I have a 3CX IP PBX with a LAN IP of 192.168.51.49. The PBX is using SIP trunks for inbound/outbound calls. The RV042 has been configured under the 'Forwarding' section to forward SIP and RTP ports (5060, and 9000-9049 respectively) to the PBX (192.18.51.49) with seperate entries for both TCP and UDP. Outgoing connections work fine, however incoming connections (which the port forwarding is obviously for) are refused/no response. So I can only come to the conclusion that the ports are not fowarding correctly?

If I place the PBX in the DMZ everything works fine.

Could anyone shed any light on why port forwarding isn't working? And more importantly, how do I resolve this?

Thanks in advance, hoping someone can help me out here!

24 REPLIES
Green

RV042G - Port Forwarding Not Working. Ideas?

Hi Stuart, you may be running in to an odd limitation of the product. To the best of my recollection the RV0xx routers have an embedded SIP ALG in the firewall which cannot be disabled.That being the case, I would speculate your PBX would require no SIP ALG functionality.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
New Member

RV042G - Port Forwarding Not Working. Ideas?

Hi Tom,

Thanks for the quick response. I don't doubt you at all, just need to work the logic through in my head(!). As I understand it the 'undesired' effects of ALG are that it can modify SIP packets resulting in corruption and similar issues, resulting in failed calls. My SIP trunk provider has been quite helpful in asssiting with this, and they say that the relevant ports (5060, 9000-9049) required are not in fact open. I have validated that this is the case with various online tools also.

So, is that still symptomatic of ALG, and would the fact that outbound calls work (ie, my PBX initiating comms with the SIP trunk) also point to this? Or is it in fact a port forwarding issue?

Once again, thanks.

Stu

Green

RV042G - Port Forwarding Not Working. Ideas?

Hi Stuart, it may be an interesting idea to modify the state table of the router firewall. The first contention may be to disable the router firewall to see if everything works as expected. If that's the case, we can change the router state table to be more specific to your needs.

If you notice there is a default firewall rule to permit all outbound connection while deny inbound connection. We can make that work in your favor.

Please disable the router firewall and see if it works as expected, if so, I'll provide an example how to change the state table to work in your favor.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
New Member

RV042G - Port Forwarding Not Working. Ideas?

Hi Tom, Marty,

Tom, I've tried with firewall disabled, which did work. Drilling down specifically it was disabling one of the elements of the firewall that worked (can't remember which, not at office right now). Was a type of packet inspection from memory. Will post back later with details of the actual setting - might be helpful for others who may have this issue in the future, which is what these forums are all about

Marty, Now that looks very interesting. I'm going to head into the office now to try that - Being pre-occupied with getting the phones working before monday has meant I overlooked creating a QVPN user to do it remotely!

Guys, thanks for your help. Much appreciated and will post back with outcome.

Cheers

Stu

Gold

RV042G - Port Forwarding Not Working. Ideas?

Stuart,

You can test with SIP ALG disabled. See the URL in the screenshot:

- Marty

New Member

RV042G - Port Forwarding Not Working. Ideas?

Hi Marty,

Just had a look at this. I can get that hidden page, however there is no facility to disable SIP ALG. I assume this is down to different firmware version?

To clarify, my unit is running on V4.2.1.02

What version is running in that screengrab?

Cheers

Stu

New Member

RV042G - Port Forwarding Not Working. Ideas?

Me again Marty,

Scrap that - Just upgraded to 4.2.2.08. Disabling SIP ALG was then available and I have disabled. Still no incoming calls though.

So I think we've eliminated SIP ALG being an issue, as ports still appear to be closed despite there being port forwarding rules.

Anything else to try?

Thanks

Stu

Green

RV042G - Port Forwarding Not Working. Ideas?

Hi Stuart, please try to disable the router's firewall entirely and let us know how that works out, if there is the same problem or not.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
New Member

RV042G - Port Forwarding Not Working. Ideas?

Hi Tom,

With firewall completely disabled the issue continues. Ports appear to be closed.

Stu

Green

RV042G - Port Forwarding Not Working. Ideas?

Hi Stuart, what type of internet connection do you have? What is the modem vendor and model number? Can you provide a screenshot of your port forwarding rules as well?

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
New Member

RV042G - Port Forwarding Not Working. Ideas?

Hi Tom,

The connection is Ethernet First Mile (EFM). Modem is provided by our service supplier. Its a RAD EtherAccess LA-210. It appears to be locked down and I haven't been able to access any config pages for this. However, I believe it is setup as a bridge.

Screenshot of port forwarding:

Cheers

Stu

New Member

RV042G - Port Forwarding Not Working. Ideas?

Bit of an update: Been on the phone to Cisco and had a webex session so they could go through the router. Definately no issues as far as the configuration is concerned. However, I was told that there is a known issue which means what we've tried so far is possibly all in vain anyway! Its been left with them now and they'll be coming back to me, possibly with a firmware fix. We shall see.. In the mean time, Tom, if you have any other suggestions I'm willing to give them a try!

Stu

Green

RV042G - Port Forwarding Not Working. Ideas?

Hi Stuart, try to modify the state table. This is an example

Action Deny

Service All

Source interface WAN

Source IP any

Destination IP any

Save

Action Permit

Service SIP - 5060

Source interface WAN

Source IP -xx.xx.xx.xx

Destination IP - xx.xx.xx.xx

Save

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
New Member

RV042G - Port Forwarding Not Working. Ideas?

Hi Tom,

Still nothing I'm afraid...Thanks for sticking with this though!

Stu

Green

RV042G - Port Forwarding Not Working. Ideas?

Hi Stuart, this does not make sense. I do not remember this router model ever having a port forwarding issue.

Can you try to downgrade to the earliest version 3 firmware?

Whatever it is surfaced in the last year or so... may be sooner.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
New Member

RV042G - Port Forwarding Not Working. Ideas?

Hi Tom,

Agreed, it is strange. You would've thought such a basic function as port forwarding would be pretty easy to get right by now.

I'll try a downgrade early tomorrow before the network starts getting busy and see how i get on. But before I do, I understand that if I am downgrading, the router will default to factory settings. Will a backup of settings from a later firmware release restore ok on earlier firmware? (I want minimum downtime so want to avoid manual config)

Gold

RV042G - Port Forwarding Not Working. Ideas?

Stuart,

Your port range for RTP is very small. I have seen cases like this where opening a wider range of ports to the server helped to narrow down the issue. Try the following:

3CX_RTP [UDP/6000-50000]->192.168.51.49

If that allows incoming calls through then you know that your range was incorrect. You can then narrow the range down to what is actually necessary.

Have you tested port forwarding to a PC just to see if it works? You could forward 3389 for RDP and see if the PC is reachable from the WAN. Another good tool is RJL Port Listener. This tool allows you to make the PC listen on any TCP port that you select. For example you can make the PC listen on port 80 and then scan and see if the port is open.

RJL Port Listener:

http://www.rjlsoftware.com/software/utility/portlistener/

Open Port Check Tool: (You can scan 5060 and 5090 right now to see if SIP is forwarded and the server is listening)

http://www.yougetsignal.com/tools/open-ports/

Please keep us updated.

- Marty

New Member

RV042G - Port Forwarding Not Working. Ideas?

Hello Mr. Miller

Please refers this article about how to configure port forwading in RV042 : Forwarding Point-to-Point Tunneling Protocol (PPTP) to Routing and Remote Access Service (RRAS) on RV016, RV042, RV042G and RV082 VPN Routers

I hope this will be helpful.

Thanks

Green

RV042G - Port Forwarding Not Working. Ideas?

Another idea is to set the remote management of the router to port 5060 or any of the RTP ports mentioned. If you're not able to remote manage the router on that condition then your upstream device is breaking it.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
New Member

RV042G - Port Forwarding Not Working. Ideas?

Hi Guys,

Bit of an update... Had another email from Cisco suggesting I try reverting back to previous version of firmware. Well, I did this, but that would not accept the backup of settings, which would've meant I'd have to reconfigure manually. Not really an option as I had to take the office off-line to do this. So, quickly go back to previous firmware and.... BRICK. one RV042G completely dead with the diagnostics light flashing. So if it wasn't forwarding ports correctly, and now its Bricked itself, I'm prettu sure we can say its a hardware/software fault. Either way, I need a new router.

To be fair to the Cisco staff, once I'd replied and told them what happened, my mobile rang within a few minutes and it was the same person I've been speaking with at Cisco, to let me know they're sending out another unit, even though technically the warranty is RTB terms. HOPEFULLY this new one will get us up and running properly. Fingers crossed!

Gold

RV042G - Port Forwarding Not Working. Ideas?

Hi Stuart,

Please keep us updated when the new device arrives. Port forwarding should work without issue, especially on the latest firmware. I recommend that you test the forwarding out of the box to ensure that no other setting is in conflict. Then if it is working load your old config and test again.

- Marty

New Member

RV042G - Port Forwarding Not Working. Ideas?

So the replacement router arrived today, quicker than expected too.

Started from scratch, just adding the port forwarding and dealing with the QOS for voip. And? It WORKS! Literally no other config required other than port forwarding, and QOS.

So, faulty router all along it seems. So glad thats over!!

Gold

RV042G - Port Forwarding Not Working. Ideas?

Stuart,

Glad to hear it's working. Thanks for keeping us updated!

- Marty

Bronze

RV042G - Port Forwarding Not Working. Ideas?

I NEVER save and restore settings, especially between firmwares.  Just take screenshots and rebuild the config manually.  It takes a bit of time, but is a lot easier than trying to diagnose an issue (if the firmware change fixes the issue).    

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
3152
Views
0
Helpful
24
Replies
CreatePlease to create content