[Asterisk-Users] Asterisk as a SIP server behind nat, clients on the outside connecting to Asterisk
Steve Beaumont
steveb at asbc.demon.co.uk
Wed Mar 3 10:23:13 MST 2004
----- Original Message -----
From: AstGrp <astgrp at cwkb.com>
To: <asterisk-users at lists.digium.com>
Sent: Monday, March 01, 2004 5:22 AM
Subject: RE: [Asterisk-Users] Asterisk as a SIP server behind nat, clients
on the outside connecting to Asterisk
> I have this working, with not much work...
>
> SIP CONF
>
> [general]
> port = 5060 ; Port to bind to
> bindaddr = 0.0.0.0 ; address to bind to
> externip = <NAT IP / Outside IP> ; Address that we're going to
> put in SIP messages if we're behind a NAT
> localnet = 10.100.254.0 ; Internal NETWORK address
> localmask = 255.255.255.0 ; Internal netmask
> context=default ; Default for incoming calls
> ;srvlookup = yes ; Enable SRV lookups on outbound calls
> ;pedantic = yes ; Enable slow, pedantic checking for
> Pingtel
> ;tos=lowdelay
> ;tos=184
> ;maxexpirey=3600 ; Max length of incoming registration we
> allow
> ;defaultexpirey=120 ; Default length of incoming/outoing
> registration
> ;notifymimetype=text/plain ; Allow overriding of mime type in
> NOTIFY
> ;videosupport=yes ; Turn on support for SIP video
> disallow=all ; Disallow all codecs
> allow=ulaw ; Allow codecs in order of preference
> allow=ilbc
> allow=alaw
>
>
> [travel]
> type=friend
> username=travel
> secret=<password>
> host=dynamic
> nat=yes
> context=local
> mailbox=4003
>
> Ports in the Firewall
>
> Port 5060 UDP
> Ports 16456 - 17456 UDP
>
> RTP Conf
>
> rtpstart=16456
> rtpend=17456
>
> -gcc
>
>
> -----Original Message-----
> From: asterisk-users-admin at lists.digium.com
> [mailto:asterisk-users-admin at lists.digium.com] On Behalf Of Steve
> Beaumont
> Posted At: Sunday, February 29, 2004 4:12 PM
> Posted To: Asterisk User Group
> Conversation: [Asterisk-Users] Asterisk as a SIP server behind nat,
> clients on the outside connecting to Asterisk
> Subject: [Asterisk-Users] Asterisk as a SIP server behind nat, clients
> on the outside connecting to Asterisk
>
>
> On the wiki pages it suggests that clients on the outside of NAT can
> connect to an Asterisk server behind nat. (option no 3). The note
> suggests that this can work with port forwarding and some 'header
> mangling magic'.
>
> I have the port forwarding configured however, when I try to connect an
> external client through the firewall the client does not correctly
> register. The REGISTER message is received, the server responds with
> Status 100 trying, followed by Status 407 Proxy Authentication required.
> This repeated several times.
>
> I guessing but could this be where the 'header mangling magic' is
> required. ? Does anyone know how this magic can be applied.
>
> Many thanks
> Steve Beaumont
Thanks for the replies, but this has turned out to be a little more involved
than it first appeared. I'm sorry to say I haven't really got to the bottom
of it yet but it seems to be a problem with the way my router handles
NAT/PAT. Unfortunately, I am unable to sniff the adsl side of my internet
connection so it's proving a little difficult to pin down. I must admit I'm
a little surprised that a fairly recent protocol like SIP is not more
firewall /NAT/PAT friendly.
Anyhow, less of the moaning. A general question that has been on mind for a
while is the range of RTP ports used by SIP. What governs there allocation.
Concurrent connections ?
All the best
Steve Beaumont
More information about the asterisk-users
mailing list