Hi,
We have a new Mitel CS5200 system. What are the exact ports that we have to NAT to the phone system.
In the documentation it lists TFTP 68, 69, 20001 UDP; MiNet 6800-6802 TCP; SAC 3998,3999 TCP; RTP(Inter-tel IP Endpoint) 5004-5007 UDP; RTP (Mitel IP Endpoint) 50098-50508; RTP (Processor Module) 6004-6261 UDP; and RTP (Expansion Module) 6604-7039 UDP.
Do the Mitel 5340 IP Phones really need all of these ports open?
Thanks,
ltctech
Hi, I am assuming that you are trying to connect a IP phone to the controller outside of the LAN.
If that is the case, what type of router are you using? Can you bimap the controller to the outside world?
Using a unix firewall you could indeed NAT all those entries, but if it a simple router, your only option maybe to put the controller out on the DMZ.
Obviously that has its own security risks. In this case you need to "protect" the box, disable services you don't need and make sure you have strong passwords.
So I ended up opening all of those ports except 68 & 69, as the phones look for the tftp server on 20001 first anyway...
We have a Cisco router, it has every possible thing you would imagine... Except it cannot NAT map a range of ports, which is ridiculous. I ended up using a know workaround (hack) to map these huge ranges.
Anyway, our IP phones are working so everything looks good...
I set this all up and in the firewall and all I get is...
The phone connects and I can make calls but they can’t hear me and I can’t hear them.
I would LOVE ANY HELP that I could get!!!!
No voice path is an indication that UDP packets are not getting through. Check UDP ports.
Is there others then the ones above?
Off the top of my head, I have no idea. I'd have to check the manual. But TCP nails up the call, and UDP provides the voice path, so no voice path means no UDP.
If it's one-way voice and one-way no-voice, then it might be a programming issue, but if it's no voice either way, then it's usually firewall or network. In this case, firewall, probably.
Between some of the documentation being incorrect or misleading, the ports listed below are what I have found to work without any issues.
Alternative TFTP UDP:20001
Audio Stream Receive Ports UDP:6004-7039
Mitel Devices TCP:6800-6802
RTP/RTCP UDP:5004-5005
SAC Connection TCP:3998-3999,6880
Softphone GP UDP Port UDP:5567
Softphone TCP Call Control TCP:5566
A couple of 'gotchas'. Make sure the endpoint is configured for NAT and not Native. If you have a 5400 or 5600 which has the Processor Expansion Card, you will have to direct your 'Audio Stream Receive Ports' to that IP address.
I just gave it another shot and I just don’t think I have all the ports open. I get the same thing no voice.
I see it in the connections using ports and that is all.
UDP 20001
UDP 20001
TCP 6802
What model phone switch are you using?
Do you have UDP ports 6004-7039 open?
it is 3300
and yea I have 6004-7039
Thanks for the help!!!
Ah...I was referring to the Mitel/Intertel 5X00 series that the original poster had mentioned.
The 3300 may use totally different ports for voice traffic.
NAT IP Address has to be in the P6000 group in the 5200 don't remember that much about the 3300 rarely work on it but that audio issue bit me twice now have a note in red ink on my port list I carry saying NAT IP in 6000
Randy