First off, apologies for my lack of technical ability on this matter.

We have a Samsung OfficeServ 7100 phone system, and we are trying to get some SIP phones working via this system.

We are forwarding the required port, 5060, to the phone system, 192.168.1.9, but the router seems not to be forwarding the SIP traffic. I have checked sys sip_alg and it is disabled.

Can any help?

Many thanks in advance.

I assume that all firewall ports are open so the router can forward the traffic to the appropriate SIP Server/destination?

Thanks for your reply, Bradley.

Excuse my ignorance, but where do I check that?

Firstly, log into the Draytek Web Control Panel and access the 'Firewall' section from left-hand menu. Once in there, click on 'General Setup' and see if the 'Data Filter' has the check box set to 'enabled'. If enabled, make a note of the 'Start Filter Set'. At this stage, if enabled, then you can say that the firewall is on and is using 'Filter Set x'.

Under the Firewall section once again, Click on the 'Filter Setup' menu item and this should show you the filters. Click on the filter number that corresponds with the 'Start Filter Set' as seen in 'General Setup' for data. Look through this filter (and any others) and try to ascertain what the firewall rules (in particular outbound ones) are doing. You might find that the firewall is blocking certain ports/services/IP's etc.

The other thing to test here is to turn off the firewall and then see if this improves communications between the components. Just go back to 'Data Filter' within 'General Setup' and mark is as 'Disabled'. Don't forget to reinstate as soon after testing as possible.

It might be also worth running a TRACERT (or traceroute in UNIX) from a source machine to the destination and seeing if they can communicate and all hops work.

Let me know how you get on - these are just rudimentary ideas so we can look a lot deeper later. They also assume that the Draytek is the issue here which might not be the case.

Firstly, log into the Draytek Web Control Panel and access the 'Firewall' section from left-hand menu. Once in there, click on 'General Setup' and see if the 'Data Filter' has the check box set to 'enabled'. If enabled, make a note of the 'Start Filter Set'. At this stage, if enabled, then you can say that the firewall is on and is using 'Filter Set x'.

Under the Firewall section once again, Click on the 'Filter Setup' menu item and this should show you the filters. Click on the filter number that corresponds with the 'Start Filter Set' as seen in 'General Setup' for data. Look through this filter (and any others) and try to ascertain what the firewall rules (in particular outbound ones) are doing. You might find that the firewall is blocking certain ports/services/IP's etc.

The other thing to test here is to turn off the firewall and then see if this improves communications between the components. Just go back to 'Data Filter' within 'General Setup' and mark is as 'Disabled'. Don't forget to reinstate as soon after testing as possible.

It might be also worth running a TRACERT (or traceroute in UNIX) from a source machine to the destination and seeing if they can communicate and all hops work.

Let me know how you get on - these are just rudimentary ideas so we can look a lot deeper later. They also assume that the Draytek is the issue here which might not be the case.

Thanks again for your very helpful reply, Bradley.

There is only a single data file rule setup as follows.

Direction: LAN to WAN
Source IP: Any
Destination IP: Any
Service Type: TCP/UDP, Port: from 137~139 to 53~undefined
Fragments: Don't Care

It doesn't look like this is causing the issue.