[asterisk-users] NAT
Stefan van der Eijk
stefan at eijk.nu
Tue Aug 28 16:14:06 CDT 2007
On 8/28/07, Stefan van der Eijk <stefan at eijk.nu> wrote:
>
>
> On 7/9/07, Noah Miller <noahisaacmiller at gmail.com > wrote:
> > Hi Stefan -
> >
> > > What I want to accomplish:
> > > - calls within the LAN are re-invited (RTP goes from endpoint to
> endpoint)
> > > - asterisk detects when a call is going beyond the local LAN (over the
> NAT),
> > > and then stays in the middle.
> > >
> > > I'm wondering if this is hard to do and how I'm supposed to configure
> this.
> >
> > I don't really know how hard it would be to do what you describe, but
> > if you're interested in getting the results you want with a minimum of
> > effort, just keep asterisk in the media path all the time. Set
> > canreinvite=no, and your calls should work consistently whether they
> > stay inside the NAT or go outside.
>
> This is what I ended up doing. Until I ran into issues again with outgoing
> calls. Current setup = asterisk 1.4.11, installed on a host connected to the
> internet (internet route able IP-address) and my internal network
> (192.168.254.254). SIP phones are on the internal network, STUN and such
> hasn't been configured.
>
> SIP.conf:
> externhost = <external hostname --> ddns.org>
> canreinvite = no
> localnet = 192.168.254.0/24
> ; nat = option is not set
>
> Outgoing call to our sip provider ends up being setup like this:
>
> outbound RTP stream:
> SIP phone (192.168.254.104) --> asterisk internal (192.168.254.254)
> asterisk external (internet IP) --> asterisk external (internet IP) (!!!)
>
> inbound RTP stream:
> SIP provider (internet IP) --> asterisk external (internet IP)
> asterisk internal (192.168.254.254) --> SIP phone ( 192.168.254.104)
>
> I have no idea why asterisk is trying to send the outbound RTP stream to
> itself. Removing the externhost and localnet settings doesn't help either.
> Neither does setting "nat = yes", even in the example below.
nat = yes solved it in the example above.
>
>
> SIP.conf:
> externhost = <external hostname --> ddns.org>
> canreinvite = nonat
> localnet = 192.168.254.0/24
> ; nat = option is not set.
>
> Outgoing call to our sip provider ends up being setup like this:
>
> outbound RTP stream:
> SIP phone (192.168.254.104) --> asterisk internal (192.168.254.254)
> asterisk external (internet IP) --> SIP provider (internet IP)
>
> inbound RTP stream:
> SIP provider (internet IP) --> asterisk external (internet IP)
> asterisk internal (192.168.254.254) --> SIP phone (192.168.254.104)
>
> The inbound RTP stream goes well for +/- 1 second, then the SIP provider
> responds to a re-invite sent by my asterisk box to send the trafic to
> 192.168.254.104 (the SIP phone on my internal network).
>
> outbound RTP stream:
> SIP phone (192.168.254.104) --> asterisk internal (192.168.254.254)
> asterisk external (internet IP) --> SIP provider (internet IP)
>
> inbound RTP stream:
> SIP provider (internet IP) --> SIP phone (192.168.254.104)
>
> I don't understand the logic of Asterisk sending the re-invite for inbound
> RTP stream. I would be more logical if Asterisk would send an invite for the
> outbound RTP stream:
>
> outbound RTP stream:
> SIP phone (192.168.254.104) --> SIP provider (internet IP)
>
> inbound RTP stream:
> SIP provider (internet IP) --> asterisk external (internet IP)
> asterisk internal IP (192.168.254.254) --> SIP phone (192.168.254.104)
>
> Does the logic have anything to do with in which order the interfaces are
> defined on the box? In my case, ETH0 = 192.168.254.254, ETH1 = internet IP.
>
> I can't find any configuration examples of my kind of setup, where a
> dual-homed host running asterisk has one NIC on the Internet and one on the
> internal (RFC1918 space) network. All examples I've bumped into have either
> the asterisk box behind a NAT router ( i.e. it only has a RFC1918
> IP-address) or the asterisk box is on a real IP.
>
> with kind regards,
>
> Stefan
More information about the asterisk-users
mailing list