[Asterisk-Users] SIP through freeBSD NAT

Alyed Tzompa alyed.tzompa at simitel.com
Tue Jan 3 12:18:56 MST 2006 

Tryed what Eric suggested in the other thread (changing  in sip.conf:  allow=all     for     disallow=all allow=somecodec)
 so now the call is not being hanged up, but cannot hear anything. Tryied it with ilbc,alaw, ulaw and gsm

 I still think it sould be a matter of RTP addressing since I get the following after a sip debug :

     -- Executing BackGround("SIP/alyed-5a8d", "/var/lib/asterisk/sounds/test") in new stack
 We're at 200.78.243.12 port 13458
 Answering with preferred capability 0x400(ILBC)
 Answering with non-codec capability 0x1(G723)
 Reliably Transmitting (NAT):
 SIP/2.0 200 OK
 Via: SIP/2.0/UDP 90.0.0.10;branch=z9hG4bK5a00000a000000c043bab4f9390f1bef000002ef;received=201.127.53.246;rport=5060
 From: "unknown"<sip:alyed at www.myip.net:5060>;tag=2438130825771721203
 To: <sip:400 at www.myip.net:5060>;tag=as7222f729
 Call-ID: CAB8D822-1DD1-11B2-B69A-FEE14D7A103A at 90.0.0.10
 CSeq: 2 INVITE
 User-Agent: Asterisk PBX
 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER
 Contact: <sip:400 at 200.78.243.12>
 Content-Type: application/sdp
 Content-Length: 220

 v=0
 o=root 17028 17028 IN IP4 200.78.243.12
 s=session
 c=IN IP4 200.78.243.12
 t=0 0
 m=audio 13458 RTP/AVP 97 101
 a=rtpmap:97 iLBC/8000
 a=rtpmap:101 telephone-event/8000
 a=fmtp:101 0-16
 a=silenceSupp:off - - - -

  to 201.127.53.246:5060
     -- Playing '/var/lib/asterisk/sounds/test' (language 'en')
 Integra2*CLI>

 Sip read:
 ACK sip:400 at 200.78.243.12 SIP/2.0
 Via: SIP/2.0/UDP 90.0.0.10;rport;branch=z9hG4bK5a00000a000000c043bab4f944b4f6f3000002f2
 Content-Length: 0
 Call-ID: CAB8D822-1DD1-11B2-B69A-FEE14D7A103A at 90.0.0.10
 CSeq: 2 ACK
 From: "unknown"<sip:alyed at www.myip.net:5060>;tag=2438130825771721203
 Max-Forwards: 70
 To: <sip:400 at www.myip.net:5060>;tag=as7222f729
 User-Agent: SJphone/1.60.299a/L (SJ Labs)

 9 headers, 0 lines

 think it is addressing the rtp to my internal IP, but don't know who can I address it in the right way. I'm using the default STUN config in the SJphone :
  STUN server address --> stun.softjoys.com :3478, refresh time out -->1200000  conclusive response timeout-->0 retrunsmissions number --> 13 
 and nat= yes in the sip.conf

 But still no sound in my endpoint

Alyed 

Alyed Tzompa Sosa

Simitel
VoIP developer
+52 (55) 24 52 43 90 Ext. (107)
alyed.tzompa at simitel.com 

----------------------------------------
Return-Path: <tony at jago.net> Mon Jan 02 13:29:11 2006
Received: from mail08.syd.optusnet.com.au [211.29.132.189] by mail11.webcontrolcenter.com with SMTP;
 Mon, 2 Jan 2006 13:29:11 -0700
Received: from router.vpn.marvy.net (c220-237-85-239.kelvn1.qld.optusnet.com.au [220.237.85.239])
 by mail08.syd.optusnet.com.au (8.12.11/8.12.11) with ESMTP id k02KT9sT019578
 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO)
 for <alyed.tzompa at simitel.com>; Tue, 3 Jan 2006 07:29:09 +1100
Received: from alcan (alcan.vpn.cc.uq.edu.au [192.168.136.2])
 by router.vpn.marvy.net (8.13.3/8.13.3) with SMTP id k02KT88l022322
 for <alyed.tzompa at simitel.com>; Tue, 3 Jan 2006 06:29:08 +1000 (EST)
 (envelope-from tony at jago.net)
Message-ID: <001901c60fdb$3a781300$0288a8c0 at alcan>
From: "Tony Jago" <tony at jago.net>
To: <alyed.tzompa at simitel.com>
References: <da06c3886a364e62ba1f92b767917836 at simitel.com>
Subject: Re: [Asterisk-Users] SIP through freeBSD NAT
Date: Tue, 3 Jan 2006 06:29:27 +1000
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="----=_NextPart_000_0016_01C6102F.0BCE3AD0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2670
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
X-SmarterMail-Spam: SPF_None 

 "Unable to agree on media streams" means that the two devices can't pick a common codec. This shouldn't have anything to do with the firewall.   ----- Original Message -----  From: Alyed Tzompa  To: asterisk-users at lists.digium.com  Sent: Tuesday, January 03, 2006 5:32 AM Subject: [Asterisk-Users] SIP through freeBSD NAT 
Hi everyone

My problem is the following:
I'm trying to make a call from a sip phone (SJphone) behind a Restricted Cone NAT towards and Asterisk behind another NAT
(a freeBSD 3.3 using pf). By now I'm only trying to play a record set in the remote Asterisk.

My soft phone registers without problems to the Asterisk but once the record starts to play I get a hangup. SJphone outputs
"End reason:  Unable to agree on media streams". 

I'm forwarding SIP and IAX ports from the remote NAT towards the Asterisk box (i've tryied it with IAX with no problems) using
the following config in the remote NAT:

/etc/pf.conf
.....
# outgoing UDP port 5060 connections use source port 5060 on firewall
nat on $ext_if inet proto udp from any port = 5060 to any -> ($ext_if) port 5060

# Redirect all trafic from NAT:asterisk_port to 192.168.1.5:asterisk_port
rdr on $ext_if inet proto { tcp, udp } from any to any port 4569 -> 192.168.1.5 port 4569
rdr on $ext_if inet proto { tcp, udp } from any to $ext_if port 5060 -> 192.168.1.5 port 5060
rdr on $ext_if inet proto { tcp , udp} from any to any port 10000:20000 -> 192.168.1.5 port 10000:20000

# Let the Internet see our services
  pass in log-all quick on $ext_if inet proto { tcp, udp } from any to any port 4569 keep state 
pass in log-all quick on $ext_if inet proto { tcp, udp } from any to any port 5060 keep state 
.....
------------------------------------------------------------------

I think the problem might relay in this "pass in log-all" since once I commented the last line and the SJphone was unable to
register, but I haven't found a way to set up a range using this "pass" command (it complains saying that the " : " is valid only
with the "rdr " command) but I haven't found info explaining why I should (or shouldn't) use this "pass" command.

My Asterisk config is:

sip.conf
[general]
port=5060
externip = www.theip.net
localnet = 192.168.1.0
localmask = 255.255.255.0
allow=all

[user]
....
nat=yes
canreinvite=no
host=dynamic
--------------------------------------------
extensions.conf

exten => 400,1,Background(/var/lib/asterisk/sounds/myrecord)
exten => 400,2,Hangup
exten => 400,102,Hangup
---------------------------------------------

Thanx a lot!
ww6 

----------------------------------------

_______________________________________________
--Bandwidth and Colocation provided by Easynews.com --

Asterisk-Users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20060103/040668b9/attachment.htm

More information about the asterisk-users mailing list