Many have problems when trying to phone with SIP and many suspect errors in the phone' s software. STUN is often thought to be the savior and many want to be able to edit the STUN settings in the phone. In many cases STUN enabled phones can not pass the router. I have been involved in several discussions with Nokia users having problems using the phone with SIP. So far the problems have always been solved by changing settings in the router.
The root of the problem is that the SIP protocol is not intended to be used behind a router. If you have the choice use a switch instead of a router. When using SIP vital parameters needed to set up a call are signaled inside UDP packages. One example: Your phone picks a random port on which it wants to receive the bit stream from the other phone and gives this port number inside a UDP package sent to the other phone. The firewall in your router is not aware of this and does not open this port. There are more examples of similar problems. In general to make it work the router should change information inside the packages passing it. Relatively modern routers have a function doing this. They are usually called ALG, or SIP ALG - Application Level Gateway. The problem is that STUN can do the same and if the phone is using a SIP supplier with STUN enabled the changes made to the packages in the phone can be changed by the ALG in the router.
A quick fix you can try to get things working is:
- If you have STUN enabled in the phone try disabling the SIP ALG in the router - if you have a SIP ALG. I had it in my D-Link D-634M without it being mentioned in the documentation. If you disable the ALG you probably also have to take the actions below.
- Set up the router always to give the phone the same IP-address.
- Routers often have a DMZ function - De-Militarized Zone. One can usually only apply DMZ to one IP-address. Apply it to the IP-address of the phone. This will permit the phone to act as a server for incoming communications and bit streams. This is a quicker way than using port forwarding. If it works and you feel safer if you can close some ports you can later try port forwarding instead.
- For open UDP ports the router has a time out, usually of about five minutes. When you try various solutions keep this in mind and give the router some time to forget its present history.
- A router can only assign a given external port to one internal unit. When buying a service to phone with SIP one usually get a program to be used in the computer for phoning. Often this program is using the same UDP port as the phone (often UDP 5060). Disable this program and give the router time to close possible open ports. For the same reason it is not normally possible to use more than one phone with a router.
Enabling STUN in the phone can stop the phone working instead of helping. To my knowledge most modern routers have SIP ALG. It should be possible to enable/disable STUN in the phone on an operator per operator basis.
If you understand German you find a lot on SIP ALG and its problems on: