[Asterisk-Users] SIP behind NAT, workaround to make W Snel's very welcome fix work both for inside *and* outside clients

Chris Albertson chrisalbertson90278 at yahoo.com
Tue Oct 28 16:11:53 MST 2003 

That's for pointing out Walter Snel "hack". 
Adding his two additional features would not be
hard.http://lists.digium.com/pipermail/asterisk-users/2003-October/024968.html

in sip.conf "nat=1" means the _client_ that Asterisk is
talking with is NAT'd.  We could add a line like below
to sip.conf

  asterisk_interal_network=<network name or address/mask>

and a line like

  asterisk_external_address<FQN or ipaddress>

One hitch is DHCP. The asterisk_external_address could
change at any time while Asterisk is running when the
DHCP lease expires.  For that reason I would set up a
dynamic DNS service and use the FQN raher then numeric
address.  But if you have a fixed IP that could work too.

inside the code you test for "dest.sin_addr" being within
<network name or address/mask>
Network name can be numeric address/mask or a "network name
for /etc/networks or the networks NIS map.

Would this work?




> On Tue, 28 Oct 2003, Christopher Stephens wrote:
> 
> > Hello everyone and welcome to my first post to the list!
> >
> > After studying for a couple of weeks, I finally built * for the
> first
> > time last night, and of course had the same SIP-behind-NAT woes
> that
> > plague all of us who use NATted connections.
> > It was therefore with no small joy that I read the fix for that
> that
> > Walter Snel proposed (q.v.:
> >
>
http://lists.digium.com/pipermail/asterisk-users/2003-October/024968.html).
> > Since I currently have no zaptel hardware (though intend to get
> some
> > within the week) and thus use soft (SIP) clients on the same
> internal
> > network, the caveat that it would break internal SIP clients was,
> for me,
> > a reason to not yet implement his fix. I was examining chan_sip.c,
> trying
> > to think of a way to implement his 'Naturally it would be much
> better to
> > make this behavior:', and while bemoaning my pathetic C skills,
> thought
> > of another solution:
> >
> > -CUT HERE TO GET RIGHT TO THE POINT :P-
> > 1) Somehow (I use dynamic DNS) get a FQDN to point to the IP of the
> > outside of your NAT box;
> > 2) Implement W Snel's hardcoding as in the above URL, using your
> chosen
> > FQDN where, in his example, he has 213.84.4.39;
> > 3) On any internal machine with a SIP client, add an entry to the
> hosts
> > file that points your chosen FQDN to the * server's IP on the
> *internal*
> > network.
> >
> > What do you all think?
> > I won't have an opportunity to try to implement this until later
> this
> > evening, but at that time will post a follow-up to let you know how
> it
> > went.
> >
> > -Chris
> > _______________________________________________
> > Asterisk-Users mailing list
> > Asterisk-Users at lists.digium.com
> > http://lists.digium.com/mailman/listinfo/asterisk-users
> >
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users


=====
Chris Albertson
  Home:   310-376-1029  chrisalbertson90278 at yahoo.com
  Cell:   310-990-7550
  Office: 310-336-5189  Christopher.J.Albertson at aero.org
  KG6OMK

__________________________________
Do you Yahoo!?
Exclusive Video Premiere - Britney Spears
http://launch.yahoo.com/promos/britneyspears/

More information about the asterisk-users mailing list