[Asterisk-Users] asterisk on internet sip phone behind nat -
does someone even have this working
Olle E. Johansson
oej at edvina.net
Thu Jun 2 11:51:25 MST 2005
Lance Grover wrote:
> I have been working with this for a wile and I have been watching
> the list for about a month on this subject, to no avail.
>
> I am wondering if anyone has successfully configured asterisk for
> clients to connect to it when the clients are behind nat. I mean
> successfully because I can do everything except for audio, my audio is
> only one way. I am asking so I can determin if I will be continuing
> this project or not. If someone has it working please just let me
> know.
>
Lance,
First, download winstun.exe and test it from inside your nat to see if
it's possible to connect at all. It's available on sourceforge.
If your phones support STUN, they will run the same test. If your nat is
cooperative, the phones will figure out how to work properly and take
care of NAT traversal themselves. A lot of the modern firmware versions
support this today, so you don't have to do anything else than turn it
on in the phone.
Secondly, you need to either tell the phone or Asterisk to keep the NAT
open. Again, a lot of phones do this now. If not, turn on qualify=yes
for those peers in sip.conf. With qualify=yes, asterisk will regurlarly
send SIP packets to the phone to keep the nat open.
Thirdly, if the phones do not support STUN and nat traversal properly,
you can tell Asterisk to ignore any IP address the phone sends to it. If
the phone gives Asterisk a private IP address, we can't send audio to
the phone, right? With nat=yes in the peer config, Asterisk will ignore
the phone and just send the audio to whatever IP address we got data
from, normally the outside IP and port of the NAT. The NAT will take
these packets and forward to the phone.
So to summarize:
* For most modern phones, the phone will take care of NAT traversal
by using STUN for discovery and sending NAT keepalives
* If they still do not work, turn on qualify=yes and nat=yes to
be able to communicate fully.
"One way audio" is the most common error report on this list. It's
usually a NAT problem and those problems are *very* well documented on
the wiki and in previous mailings to the list...
Good luck, I hope you get two-way audio - it's easier to communicate
that way!
Cheers,
/Olle
----
Astricon - the Asterisk User's conference - Madrid June 15-17
http://www.astricon.net/europe/ - Register today!
More information about the asterisk-users
mailing list