<div dir="ltr"><div><br></div><div>I have asterisk in DMZ with private IP.</div><div>The firewall is pfsense with two WAN gateway in failover mode<br><br><a href="https://doc.pfsense.org/index.php/Multi-WAN#Failover">https://doc.pfsense.org/index.php/Multi-WAN#Failover</a><br><br><br>I want to avoid the need to use a script to reconfigure asterisk in the event of external IP change (for example if the main gateway go down)<br><br><a href="http://lists.digium.com/pipermail/asterisk-users/2012-February/270057.html">http://lists.digium.com/pipermail/asterisk-users/2012-February/270057.html</a><br><br><br></div><div><br></div><div>thanks</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Oct 23, 2016 at 8:24 PM, Guido Falsi <span dir="ltr"><<a href="mailto:mad@madpilot.net" target="_blank">mad@madpilot.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 10/23/16 11:58, Francesco Pasqualini wrote:<br>
> OK interresting.<br>
><br>
> Is there a recipe to configure asterisk behind NAT with two WAN failover ?<br>
><br>
<br>
I know no recipe, since WAN failover means your IP is moved on to the<br>
standby connection when links are switched. If this is not the case what<br>
you have isn't really a WAN failover, but just two unrelated internet<br>
connections and a router balancing them with a failover logic.<br>
<br>
If the IP changes when the WAN link is switched there is no way the<br>
router, or asterisk or anything in your LAN can do to bring over<br>
existing connections.<br>
<br>
Asterisk using ICE will analyze the active connection at call time and<br>
insert SDP information pertinent to that one for the call. So it will<br>
work correctly for whatever link is being used as long as it is used.<br>
Active calls when the link is switched due to a failure on the main one<br>
will go mute and time out.<br>
<br>
As Joshua Colp stated, ICE needs the other party to also have ICE<br>
enabled to work correctly, so you also need collaboration from the other<br>
side of the communication.<br>
<br>
Maybe if you explain better what you have and what you are trying to<br>
achieve some better suggestion can be given.<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
Guido Falsi <<a href="mailto:mad@madpilot.net">mad@madpilot.net</a>><br>
<br>
--<br>
______________________________<wbr>______________________________<wbr>_________<br>
-- Bandwidth and Colocation Provided by <a href="http://www.api-digital.com" rel="noreferrer" target="_blank">http://www.api-digital.com</a> --<br>
<br>
asterisk-dev mailing list<br>
To UNSUBSCRIBE or update options visit:<br>
<a href="http://lists.digium.com/mailman/listinfo/asterisk-dev" rel="noreferrer" target="_blank">http://lists.digium.com/<wbr>mailman/listinfo/asterisk-dev</a><br>
</font></span></blockquote></div><br></div>