I have the rb750 running license level 4 for one of my customers. We also have VoIP
telephony running in the network. In order to allow VoIP phone calls from outside, we
need to open ports 5060’ 5061 and 5080 and forward them to the SIP server. This is to
be done of course in NAT. But when we try to do this, SIP protocol is not listed among
the protocols available. We have tried udp and tcp. None of them worked.
I want to know if this is a license level problem of if router os does not support sip
protocols port forwarding generally.
If it is a license issue, can the level 4 license that comes bundled with the rb750 be
upgraded or replaced with the level 5 or 6?
…
SIP can use either the UDP or TCP protocol. UDP is the “baseline” standard and is the more common, though more SIP services are moving toward TLS-based security (SIPS), which requires the TCP protocol.
You will need to check with your SIP carrier which protocol they are using. If they and your phone system both support SIPS (SIP with TLS over TCP), you should prefer that method.
“protocol” here is referring to OSI-layer-4 protocols such as TCP, UDP, IPIP, GRE, ESP, etc.
SIP is a higher layer protocol on the same layer with http, imap, smtp, ftp, ssh, etc., which is why you’re not seeing it in the list. If in doubt, add two rules for ports 5060-5061 - one for tcp, one for udp.
As an added bonus, make sure to disable the sip alg in the Mikrotik by going to IP > Firewall > Service Ports
Usually, SIP servers and devices are smart enough to detect and work with NAT on their own, and if they are, the Mikrotik’s attempts to ‘help’ actually end up making things act crazy. (I call it “haunted phones”)