Dear team,
Here my SIP topology
A: 1.10 SIP-Signaling
B: 2.10 RTP-Media
C: 3.10 SOPHOS XG
D: 4.10 SIP Backend
everything are look good running but inconsistency way, some time great for 5 call outgoing but 2 of 5 incoming failed with "482:LOOP Detected", bus sometime good all day with 9 of 10 outgoing and 10 incoming.
with this inconsistency , we discuss with the ISP and they never asking why there's no ISUP(ITU) because this topology should not hide behind Firewall Sophos XG, previously just linux iptables and and masquerade and never has a problem and has never loose ISUP MIME Application.
the topology that ISP want only A ---> router --> C
after they knew that we put the firewall SOPHOS XG, they ask to remove the sophos or back to linux iptables as a router.
because of this case, we grab TCPDump from Sophos and dig line by line, here what we found
from PCAP
form PCAP to TXT
from firewall DNAT Rule
From Services
Question:
what filter that might be "turn on" that make this encapsulated multipart part: application/isup missing or filtered at "D" point?
and how to make this filter off or exclude at sophos so we can get this ISUP MIME work as linux iptables does
how we know are we using SIP Helper on not? there's only command
console> system system_modules sip unload and load
I never try to load nor unload, because i don't know current setup
Thank You.
This thread was automatically locked due to age.
Quote