Date

I've switched away from BT to using a VoIP number provided by my ISP. AAISP strongly encourage their customers to avoid NAT for VoIP, but I wanted to give it a try anyway. Here's how I got it working.

Update 2013/4/10: Although this NAT set-up does work, it only seems to work for a day or two. After a while, the audio connection stops working, so the phone will ring, but there is no audio in or out or both. After playing around with it a bit, I abandoned NAT, and gave my base station a real IP address. So, you can follow these instructions, but you will probably have the same problems...

I have a Technicolor TG582N router, and a Gigaset N300IP phone base station. The router's web based admin interface isn't flexible enough to make the necessary changes, so you need to use the telnet interface. The admin prompt looks like this: {Administrator}=>

Firstly, I gave the base station a static IP.

To choose the static IP, I needed to know what IPs are in the DHCP server's pool.Update 2013/4/10

{Administrator}=>dhcp server pool list
Idx Pool              Address Range         Intf              Admin  Alloc   State
0   LAN\_custom        192.168.1.[100-254]   LocalNetwork      up     dynamic static
1   LAN\_VIRT          0.0.0.0                                 up     dynamic used

The server has reserved addresses 192.168.1.100 to 192.168.1.254, so I picked a number outside this range for the N300IP base station: 192.168.1.11. Connect to "Settings -> IP Configuration", selecting "Static" and fill in the address details as required. Then click on the "Set" button.

Next, configure the router's firewall.

AAISP's instructions are straightforward:

For SIP control data, allow UDP ports 5060 from 81.187.30.110-119

For RTP audio, allow UDP ports 5004-5020 from anywhere.

So, for the RTP audio:

>nat mapadd intf=Internet type=napt protocol=udp
   outside\_addr=81.111.111.111 outside\_port=5004-5020
   inside\_addr=192.168.1.11 inside\_port=5004-5020

This sends all RTP audio to the N300IP base station (192.168.1.11 in my example. The numbers in bold need to be tailored to your set-up.)

And, for the SIP control data:

>nat mapadd intf=Internet type=napt protocol=udp
   outside\_addr=81.111.111.111 outside\_port=5060
   inside\_addr=192.168.1.11 inside\_port=5060
>expr add name=aa-sip-control type=ip addr=81.187.30.[110-119]
>firewall rule add chain=forward\_custom index=1 serv=sip
   srcip=aa-sip-control action=accept
>firewall rule add chain=forward\_custom index=2 serv=sip
   srcintf=wan action=drop

This allows incoming traffic from AAISP's servers, and sends them to the N300IP base station (192.168.1.11 in my example). SIP traffic from other sources is explicitly dropped. I'm using the "forward_custom" chain, which is explicitly provided by the TG582N for user rules.

Finally, we need to save the changed settings:

>saveall

AAISP have a very useful wiki page on configuring the TG582N router. Even though I've ignored their dire warnings to avoid NAT, I've not had any problems so far.