[Asterisk-Users] running * on a VPN gateway

Lee Goodman lee.goodman at comcast.net
Thu Sep 11 07:04:15 MST 2003 

I just tried this, I set the bindaddr=outside NAT address and my sip
registration messages now have the correct ip address in the VIA field!!!!!!

I tried the fromdomain=outside NAT address , but it didn't change anything
in the sip message.

And setting the bindaddr=outside NAT address didn't break the SIP thread. As
the registration messages work fine.

Lee Goodman



----- Original Message -----
From: "Ian Blenke" <icblenke at nks.net>
To: <asterisk-users at lists.digium.com>
Sent: Wednesday, September 10, 2003 3:23 PM
Subject: Re: [Asterisk-Users] running * on a VPN gateway


> Lee Goodman wrote:
> > Could the bindaddr=x.x.x.x be a way to make * work through a NAT?
> >
> > I have * and a few 7960 phones behind a NAT. I am trying to register
with a
> > proxy on the outside of the NAT. Registration is ok, but the VIA field
has
> > my inside NAT ip address (192. 168.0.7). So the proxy doesn't know how
to
> > send a call to *. Would adding my outside NAT ip address to the bindaddr
> > statement cause the * to put the outside address in the VIA field???
>
> Use "fromdomain=" in your sip.conf entry for your external proxy to
> override this.
>
> >>If like me you run * on a VPN (or multihomed) gateway and want to serve
> >>remote SIP clients, make sure you have
> >>
> >>bindaddr = 192.168.0.1 ; or whatever is your box's private IP
> >>
> >>otherwise * might bind to its public IP and send it as return address in
> >>the SIP call setup, which will (should) be rejected by your firewall.
> >>
> >>To * experts: might this setting interfer with NATed SIP clients?
>
> There appear to be real issues with multi-homed Asterisk installs in
> more than simple call appearances in the SIP messages.
>
> At one point in testing with a recent CVS build (while bound to
> 0.0.0.0), I was getting SIP messages from the public IP interface and
> RTP streams *from* the private IP interface, resulting in one-way audio
> (the called party could hear me, I could not hear them). Very confusing,
> to say the least.
>
> --
> - Ian C. Blenke <icblenke at nks.net>
> (This message bound by the following:
> http://www.nks.net/email_disclaimer.html)
>
>
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list