[Asterisk-Users] running * on a VPN gateway

Lee Goodman lee.goodman at comcast.net
Mon Sep 15 07:40:03 MST 2003 

I was wrong.
While setting the bindaddr=outsideipaddress does fix the format of the SIP
message (the VIA and Contact IP addresses are now correct) , it forces the *
process to run on that address , which is useless when the * server is
behind a NAT.


Lee Goodman
----- Original Message -----
From: "Lee Goodman" <lee.goodman at comcast.net>
To: <asterisk-users at lists.digium.com>
Sent: Thursday, September 11, 2003 10:04 AM
Subject: Re: [Asterisk-Users] running * on a VPN gateway


> I just tried this, I set the bindaddr=outside NAT address and my sip
> registration messages now have the correct ip address in the VIA
field!!!!!!
>
> I tried the fromdomain=outside NAT address , but it didn't change anything
> in the sip message.
>
> And setting the bindaddr=outside NAT address didn't break the SIP thread.
As
> the registration messages work fine.
>
> Lee Goodman
>
>
>
> ----- Original Message -----
> From: "Ian Blenke" <icblenke at nks.net>
> To: <asterisk-users at lists.digium.com>
> Sent: Wednesday, September 10, 2003 3:23 PM
> Subject: Re: [Asterisk-Users] running * on a VPN gateway
>
>
> > Lee Goodman wrote:
> > > Could the bindaddr=x.x.x.x be a way to make * work through a NAT?
> > >
> > > I have * and a few 7960 phones behind a NAT. I am trying to register
> with a
> > > proxy on the outside of the NAT. Registration is ok, but the VIA field
> has
> > > my inside NAT ip address (192. 168.0.7). So the proxy doesn't know how
> to
> > > send a call to *. Would adding my outside NAT ip address to the
bindaddr
> > > statement cause the * to put the outside address in the VIA field???
> >
> > Use "fromdomain=" in your sip.conf entry for your external proxy to
> > override this.
> >
> > >>If like me you run * on a VPN (or multihomed) gateway and want to
serve
> > >>remote SIP clients, make sure you have
> > >>
> > >>bindaddr = 192.168.0.1 ; or whatever is your box's private IP
> > >>
> > >>otherwise * might bind to its public IP and send it as return address
in
> > >>the SIP call setup, which will (should) be rejected by your firewall.
> > >>
> > >>To * experts: might this setting interfer with NATed SIP clients?
> >
> > There appear to be real issues with multi-homed Asterisk installs in
> > more than simple call appearances in the SIP messages.
> >
> > At one point in testing with a recent CVS build (while bound to
> > 0.0.0.0), I was getting SIP messages from the public IP interface and
> > RTP streams *from* the private IP interface, resulting in one-way audio
> > (the called party could hear me, I could not hear them). Very confusing,
> > to say the least.
> >
> > --
> > - Ian C. Blenke <icblenke at nks.net>
> > (This message bound by the following:
> > http://www.nks.net/email_disclaimer.html)
> >
> >
> > _______________________________________________
> > Asterisk-Users mailing list
> > Asterisk-Users at lists.digium.com
> > http://lists.digium.com/mailman/listinfo/asterisk-users
>
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list