[Asterisk-Users] Asterisk behind a NAT
Martinez Felix
felix.jesus at gmail.com
Mon Nov 14 08:20:02 MST 2005
You need a Stun Server...vovida.org works for me
On 11/11/05, Enrique Leon <enrique.leon.acedo at gmail.com> wrote:
>
> Second post
>
> I have installed Asterisk on SuSE 10.0 with an active firewall/NAT filter.
> The server has connection to my own Intranet (private IP) and to Internet
> Everything works well for clients behind and in front-of the firewall
> but they can not communicate with each other. Signalling gets through
> but the audio gets blocked by the firewall/NAT.
>
> So, I open-up ports 10.000 -to- 20.000 in the fw so that the udp/rtp
> packages
> cuold get through but it has not been successful.
>
> I am using xlite for clients and have no pot cards installed ( digium
> fxo,fxs, etc).
>
> Does anyone knows what else to do?
>
> Has anyone come accross (and solved) this type of problem?
>
> Firewall configuration is as follows:
>
>
> FW_DEV_EXT="eth-id-00:0d:87:5c:44:e5" #eth1
> FW_DEV_INT="eth-id-00:06:4f:0e:ca:99
> eth-id-00:40:f4:9f:12:25" #eth0 wlan0
> FW_ROUTE="yes"
> FW_MASQUERADE="yes"
> FW_MASQ_DEV="$FW_DEV_EXT"
> FW_MASQ_NETS="192.168.100.0/255.255.255.0<http://192.168.100.0/255.255.255.0>
> "
> FW_SERVICES_EXT_TCP="53 http https ssh"
> FW_SERVICES_EXT_UDP="5060 5061 53"
> FW_SERVICES_INT_TCP="21 3128 5056 53 5801 5901 80 8080
> epmap http microsoft-ds netbios-ssn smtp ssh"
> FW_SERVICES_INT_UDP="5060:5075 53 bootps netbios-dgm
> netbios-ns"
> FW_SERVICES_INT_RPC="mountd nfs nfs_acl nlockmgr
> portmap status ypbind"
> FW_SERVICES_ACCEPT_EXT="0/0,udp,5060:5075"
> FW_TRUSTED_NETS="192.168.100.0/255.255.255.0<http://192.168.100.0/255.255.255.0>
> "
> FW_FORWARD="0/0,192.168.100.0/255.255.255.0,udp,5060<http://192.168.100.0/255.255.255.0,udp,5060>
> "
> FW_FORWARD="0/0,192.168.100.0/255.255.255.0,udp,10000<http://192.168.100.0/255.255.255.0,udp,10000>
> "
> FW_FORWARD="192.168.100.0/255.255.255.0,0/0,udp,10000<http://192.168.100.0/255.255.255.0,0/0,udp,10000>
> "
>
>
> Sip Configuration:
>
> [general]
> bindport=5060
> bindaddr=0.0.0.0 <http://0.0.0.0>
> srvlookup=no
> externrefresh=10
> externip=201.208.246.178 <http://201.208.246.178>
> nat=yes
> localnet=192.168.100.0/255.255.255.0 <http://192.168.100.0/255.255.255.0>;
>
>
> RTP configuration:
>
> [general]
> rtpstart=10000
> rtpend=20000
> rtpchecksums=yes
>
> Regards, Enrique Leon
> _______________________________________________
> --Bandwidth and Colocation sponsored by Easynews.com <http://Easynews.com>--
>
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20051114/d0fc2971/attachment.htm
More information about the asterisk-users
mailing list