VoIP behind RouterOS

RouterOS Beginner Basics
1

Hi Guys,

I just inserted RB750GL b/w my DSL router and my existing Linksys E4200 router (running Shibby Tomato Firmware), and my pap2 voip device service is no longer registering, can someone please help, I am a complete newbie :slight_smile:

Here are relevant outputs and diagram:

Internet -- Public x.x.x.x 192.168.88.1 -- 192.168.88.2 192.168.2.1 -- 192.168.2.2 192.168.1.1 -- 192.168.1.15




[admin@MikroTik] > /ip address print detail
Flags: X - disabled, I - invalid, D - dynamic
0 address=192.168.88.1/24 network=192.168.88.0 interface=Local
actual-interface=Local

1 address=192.168.2.2/24 network=192.168.2.0 interface=WAN1
actual-interface=WAN1

2 address=192.168.3.2/24 network=192.168.3.0 interface=WAN2
actual-interface=WAN2

[admin@MikroTik] > /ip route print detail
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
0 A S dst-address=0.0.0.0/0 gateway=192.168.2.1
gateway-status=192.168.2.1 reachable via WAN1 check-gateway=ping
distance=1 scope=30 target-scope=10 routing-mark=to_WAN1

1 S dst-address=0.0.0.0/0 gateway=192.168.3.1
gateway-status=192.168.3.1 unreachable check-gateway=ping distance=1
scope=30 target-scope=10 routing-mark=to_WAN2

2 A S dst-address=0.0.0.0/0 gateway=192.168.2.1
gateway-status=192.168.2.1 reachable via WAN1 check-gateway=ping
distance=1 scope=30 target-scope=10

3 S dst-address=0.0.0.0/0 gateway=192.168.3.1
gateway-status=192.168.3.1 unreachable check-gateway=ping distance=2
scope=30 target-scope=10

4 ADC dst-address=192.168.2.0/24 pref-src=192.168.2.2 gateway=WAN1
gateway-status=WAN1 reachable distance=0 scope=10

5 ADC dst-address=192.168.3.0/24 pref-src=192.168.3.2 gateway=WAN2
gateway-status=WAN2 unreachable distance=0 scope=200

6 ADC dst-address=192.168.88.0/24 pref-src=192.168.88.1 gateway=Local
gateway-status=Local reachable distance=0 scope=10

[admin@MikroTik] > /interface print detail
Flags: D - dynamic, X - disabled, R - running, S - slave
0 R name="WAN1" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=4074

1 name="WAN2" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=4074

2 name="ether3" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=4074

3 name="test" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=4074

4 R name="Local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=4074

[admin@MikroTik] > /ip firewall export

jul/05/2014 18:20:30 by RouterOS 5.26

software id = MMS0-VAHA

/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s
tcp-close-wait-timeout=10s tcp-established-timeout=1d
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall mangle
add action=mark-connection chain=input disabled=no in-interface=WAN1
new-connection-mark=WAN1_conn passthrough=yes
add action=mark-connection chain=input disabled=no in-interface=WAN2
new-connection-mark=WAN2_conn passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_conn disabled=no
new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_conn disabled=no
new-routing-mark=to_WAN2 passthrough=yes
add action=accept chain=prerouting disabled=no dst-address=192.168.2.0/24
in-interface=Local
add action=accept chain=prerouting disabled=no dst-address=192.168.3.0/24
in-interface=Local
add action=mark-connection chain=prerouting disabled=no dst-address-type=
!local in-interface=Local new-connection-mark=WAN1_conn passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-connection chain=prerouting disabled=no dst-address-type=
!local in-interface=Local new-connection-mark=WAN2_conn passthrough=yes
per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=WAN1_conn disabled=
no in-interface=Local new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2_conn disabled=
no in-interface=Local new-routing-mark=to_WAN2 passthrough=yes
add action=mark-connection chain=forward connection-type=sip disabled=no
new-connection-mark=voip-conn passthrough=yes
add action=mark-connection chain=forward disabled=no dst-port=5060
new-connection-mark=voip-conn passthrough=yes protocol=udp
add action=mark-packet chain=forward connection-mark=voip-conn disabled=no
new-packet-mark=voip-packet passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=WAN1
add action=masquerade chain=srcnat disabled=no out-interface=WAN2
to-addresses=0.0.0.0
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
[admin@MikroTik] >