[Asterisk-Users] sip through nat problem

Alyed Tzompa alyed.tzompa at simitel.com
Fri Dec 30 17:49:58 MST 2005 

Hi everyone

 My problem is the following:
 I'm trying to make a call from a sip phone (SJphone) behind a Restricted Cone NAT towards and Asterisk behind another NAT (a freeBSD 3.3 using pf). By now I'm only trying to play a record set in the remote Asterisk.

 My soft phone registers without problems to the Asterisk but once the record starts to play I get a hangup. SJphone outputs "End reason:  Unable to agree on media streams". 

 I'm forwarding SIP and IAX ports from the remote NAT towards the Asterisk box (i've tryied it with IAX with no problems) using the following config in the remote NAT:

 /etc/pf.conf
 .....
 # outgoing UDP port 5060 connections use source port 5060 on firewall
 nat on $ext_if inet proto udp from any port = 5060 to any -> ($ext_if) port 5060

 # Redirect all trafic from NAT:asterisk_port to 192.168.1.5:asterisk_port
 rdr on $ext_if inet proto { tcp, udp } from any to any port 4569 -> 192.168.1.5 port 4569
 rdr on $ext_if inet proto { tcp, udp } from any to $ext_if port 5060 -> 192.168.1.5 port 5060
 rdr on $ext_if inet proto { tcp , udp} from any to any port 10000:20000 -> 192.168.1.5 port 10000:20000

 # Let the Internet see our services
  pass in log-all quick on $ext_if inet proto { tcp, udp } from any to any port 4569 keep state 
 pass in log-all quick on $ext_if inet proto { tcp, udp } from any to any port 5060 keep state 
 .....
 ------------------------------------------------------------------

 I think the problem might relay in this "pass in log-all" since once I commented the last line and the SJphone was unable to register, but I haven't found a way to set up a range using this "pass" command (it complains saying that the " : " is valid only with the "rdr " command) but I haven't found info explaining why I should (or shouldn't) use this "pass" command.

 My Asterisk config is:

 sip.conf
 [general]
 port=5060
 externip = www.theip.net
 localnet = 192.168.1.0
 localmask = 255.255.255.0
 allow=all

 [user]
....
 nat=yes
 canreinvite=no
 host=dynamic
 --------------------------------------------
extensions.conf

 exten => 400,1,Background(/var/lib/asterisk/sounds/myrecord)
 exten => 400,2,Hangup
 exten => 400,102,Hangup
 ---------------------------------------------

 Thanx a lot!
 ww6 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20051230/c8529cb4/attachment.htm

More information about the asterisk-users mailing list