I found out my ISP is blocking outgoing SIP port (5060) at home. I have a remote Linux server that I can use to listen on different port than 5060 and do the forwarding for the traffic. Not sure what iptables rules needs to be applied to make things work.
Is there a need to do the forwarding for RTP ports (10000-20000)?
Your help is appreciated.
Thanks.
Can you run a SIP proxy on your remote machine, say on 15060? Then you can set up your local SIP user agent to use that machine. Signalling traffic from your SIP UA goes out on 15060, and incoming calls will route through your proxy.
You wouldn't have any additional need to forward RTP with the above setup, but you might still need to work around your NAT if you have one.
Many VOIP carriers listen on other ports besides 5060. (Typical ranges to listen on are like 5060-5080.) I had periodic problems when I was with Comcast with 5060 getting blocked; I'd need to change my VOIP ATA to 5060, 5062, etc., periodically.
I never figured out why the port would get blocked, although I assume it was some sort of spam filtering or abuse prevention. It didn't seem to be an attempt to block SIP outright, since it was easy to get around; if your ISP is honestly trying to prevent you from using VOIP, then the workaround might not be quite so trivial.
But I would "try before you pry" and just go up to 5061 or something else in the listening range before you get started with forwarding through a remote server.
If your ISP has told you they are blocking port 5060 and won't help you reconfigure your client to use VOIP (in which case they mean to block SIP) then you should vote with your feet and switch to an ISP that supports the functions you need.
Otherwise you will just be playing whackamole with your ISP as they tighten their anti-SIP policy. But talk to them in case they aren't trying to block SIP - they might be able to help you.
One more complicated solution is to use a VPN. You will want a low encryption VPN over a UDP transport protocol or else you can expect bad latency.
