MikroTik

I have a client that has a few hosted VoIP phones on their network. I need to accept the port range of 10000-20000, to the entire internal network in and out. I assume this need to be done with a filter rule? I am unsure of how to do this on a Tik. Any suggestions? Thanks!

I've read up a bit, and apparently I really shouldn't need to open this range as the default "established allow connections" should handle this. Is this correct, and if so why is it not working? Phone calls can be made and I hear them, but they do not hear me. Thanks!

RouterOS has an accept default policy filter rules so if you not add any rule of block traficc it not drop this voip connection.


You can accept this traffic with this rule:

/ip firewall filter add chain=forward scr-address=ip_voip_phone protocol=udp dst-port=10000-20000 action accept


/ip firewall filter add chain=forward dst-address=ip_voip_phone protocol=udp dst-port=10000-20000 action accept

The same rule for tcp traffic but replace tcp instead udp

sent from my mobile phone using tapatalk

Thanks for the reply! I have done this as well as enabled nat keep alive and mapping directly on the Cisco phone. I can hear them talking, but they cannot hear me.

It ended up be an issue with a NAT rule/masquerade. It is working now. Thanks for the replies!

It ended up be an issue with a NAT rule/masquerade. It is working now. Thanks for the replies!

What were the rule nat/masquerade than help you to solve the problem ?

sent from my mobile phone using tapatalk