<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.16.0">
</HEAD>
<BODY>
That's sad. I'll start talking to my ISP.<BR>
<BR>
Thanks<BR>
Bob<BR>
<BR>
On Thu, 2009-04-02 at 16:07 -0400, Matt Sales wrote:
<BLOCKQUOTE TYPE=CITE>
<FONT COLOR="#000000">Bob, you're dealing with a double NATted environment with both your Asterisk server and phones behind firewalls. Personally I think this is going to do nothing but give you headaches. I would add a 2nd NIC card to your asterisk server and assign it a public IP address. Now just have your softphones and hardphones register to the public IP address. You will still need to set nat=yes for those remote extenstions in users.conf</FONT>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<FONT COLOR="#000000"> </FONT>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<FONT COLOR="#000000">I'm sure others will chime it that this a major security risk but if you use iptables to block all ports except those required by asterisk (SIP, IAX, & RTP) and set secure sip passwords you should be ok.</FONT><BR>
<BR>
<BR>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<FONT COLOR="#000000">On Thu, Apr 2, 2009 at 2:57 PM, Bob Crandell <<A HREF="mailto:bob@assuredcomp.com">bob@assuredcomp.com</A>> wrote:</FONT>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<BLOCKQUOTE>
<FONT COLOR="#000000">I have NAT=yes through out.</FONT><BR>
<FONT COLOR="#000000">I have both externip and localnet set. </FONT>
</BLOCKQUOTE>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<BLOCKQUOTE>
<BR>
</BLOCKQUOTE>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<BLOCKQUOTE>
<BR>
<BR>
<FONT COLOR="#000000">On Thu, 2009-04-02 at 00:03 -0700, Marvin Whitfield wrote: </FONT>
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">Bob,</FONT>
<FONT COLOR="#000000">Definately a NAT issue. Had the same issues when I first started</FONT>
<FONT COLOR="#000000">setting up remote extensions. Look in your sip.conf for externip=...</FONT>
<FONT COLOR="#000000">and localnet=.... You'll use the to tell asterisk what's internat and</FONT>
<FONT COLOR="#000000">what's external. Also remember to at NAT=yes to extensions that will</FONT>
<FONT COLOR="#000000">be remote. The last thing you might need to modify is your firewall</FONT>
<FONT COLOR="#000000">and phone settings. These vary widely by manufacturer but the general</FONT>
<FONT COLOR="#000000">idea is that you need asterisk to be able to reach the phone that will</FONT>
<FONT COLOR="#000000">be behind a NAT firewall so you'll probably need to forward some ports</FONT>
<FONT COLOR="#000000">or configure the phone to keep the connection alive. Hope that helps.</FONT>
<FONT COLOR="#000000">--</FONT>
<FONT COLOR="#000000">Marvin</FONT>
<FONT COLOR="#000000">On 4/1/09, Matt Brown (HC) <<A HREF="mailto:matt@mbrown.co.uk">matt@mbrown.co.uk</A>> wrote:</FONT>
<FONT COLOR="#000000">> Hi Bob,</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">>> Hi guys,</FONT>
<FONT COLOR="#000000">>></FONT>
<FONT COLOR="#000000">>> I've been testing softphones in Windows and SuSE. From outside the</FONT>
<FONT COLOR="#000000">>> office, I can make a call to a different extension and to an outside</FONT>
<FONT COLOR="#000000">>> number but neither the caller nor the callee can hear anything. I</FONT>
<FONT COLOR="#000000">>> thought I was being stupid until I bought a Grandstream GXP 2020</FONT>
<FONT COLOR="#000000">>> which wouldn't speak to me either from outside the office. It does</FONT>
<FONT COLOR="#000000">>> work inside the office. I tested the softphone inside the office</FONT>
<FONT COLOR="#000000">>> and it works too. Ok so it's the firewall. I have port 5060 UDP</FONT>
<FONT COLOR="#000000">>> and 10001-20000 UDP open and pointed to the Asterisk box. What am I</FONT>
<FONT COLOR="#000000">>> missing? I'm getting so close to being able to go live with this</FONT>
<FONT COLOR="#000000">>> thing.</FONT>
<FONT COLOR="#000000">>></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Just double check the /etc/asterisk/rtp.conf to make sure port range</FONT>
<FONT COLOR="#000000">> being used is correct. In addition I agree with Matt that it sounds</FONT>
<FONT COLOR="#000000">> like a NAT issue. Take a peek at sip.conf or users.conf for the</FONT>
<FONT COLOR="#000000">> extension in question and check nat=yes is set for that user/extension.</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Regards</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Matt Brown</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> _______________________________________________</FONT>
<FONT COLOR="#000000">> --Bandwidth and Colocation Provided by <A HREF="http://www.api-digital.com/">http://www.api-digital.com</A>--</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> asterisk-gui mailing list</FONT>
<FONT COLOR="#000000">> To UNSUBSCRIBE or update options visit:</FONT>
<FONT COLOR="#000000">> <A HREF="http://lists.digium.com/mailman/listinfo/asterisk-gui">http://lists.digium.com/mailman/listinfo/asterisk-gui</A></FONT>
<FONT COLOR="#000000">></FONT>
</PRE>
</BLOCKQUOTE>
</BLOCKQUOTE>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<BLOCKQUOTE>
<BR>
<FONT COLOR="#000000">_______________________________________________</FONT><BR>
<FONT COLOR="#000000">--Bandwidth and Colocation Provided by <A HREF="http://www.api-digital.com--/">http://www.api-digital.com--</A></FONT><BR>
<BR>
<FONT COLOR="#000000">asterisk-gui mailing list</FONT><BR>
<FONT COLOR="#000000">To UNSUBSCRIBE or update options visit:</FONT><BR>
<FONT COLOR="#000000"> <A HREF="http://lists.digium.com/mailman/listinfo/asterisk-gui">http://lists.digium.com/mailman/listinfo/asterisk-gui</A></FONT>
</BLOCKQUOTE>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<BR>
</BLOCKQUOTE>
</BODY>
</HTML>