S20 - Multiple SIP trunks - 403 Forbidden

Hey folks, hoping for some help with a 403 forbidden error I'm getting, a bit of backgroup on my setup...

My ISP hands off two Ethernet connections from their router, one for internet with a static public IP which connects to my firewall and the other an L2TP tunnel in RFC1918 IP space (10.255.xx.) which is connected to my PABX WAN.

The default gateway on my PABX is the LAN gateway and then I have a static route to my ISP SIP servers via the WAN interface.

I have configured OpenVPN server on the PABX and port forwarded 1194 to it and have a few remote extensions in addition to a handful of extension in my office. Everyone can call each other internally or remote extensions just fine.


Now, onto my issue... my ISP provides two SIP trunks which I've configured on my PABX. The first trunk is the main office number (ending 4821) which has an inbound route to a ring group for my office phones. The second trunk is an after hours support number (ending 4668) which I plan to change the inbound route weekly to point to whichever remote extension is doing support duties.


I checked the PCAP and match the invite for DID match pattern on inbound routes to send the respective calls on either trunk to the ring group or remote extension - calling from outside into the main office number office or calling from outside to the support number works just fine.


I then created two outbound routes, separate dial plans & separate trunks, for the office staff to call out from the 1st trunk (our main 4821 number) and the remote support staff to call out from the 2nd trunk (our 4668 support number). I haven't setup any DOD as yet.


But when calling out from either the office or remote extension I'm getting a "forbidden" message on my handsets? If I disable the 2nd trunk then I can again make calls out?

I haven't touched any NAT settings or "From User" or anything else. Could someone kindly guide me as to where I might be going wrong?


Many thanks



Please sign in to leave a comment.