[asterisk-users] Remote VOIP/SIP Phones through two routers

Gilles codecomplete at free.fr
Sat Dec 25 18:35:16 UTC 2010


On Sat, 25 Dec 2010 09:49:29 -0500, John Ervin <jervin at jervin.com>
wrote:
>So, assuming your Asterisk box is behind one firewall (Linksys/Tomato 
>Software) and your Wireless SIP phone is behind another firewall 
>(SonicWall 1260 Enhanced).  Is there anything special that I have to do 
>to the firewalls.

If the SonicWall firewall supports STUN, just configure each SIP
client to use this to connect to the Asterisk server.

In Asterisk, provided the firewall also provides NAT, use the
following settings in sip.conf so that Asterisk knows that SIP packets
should be rewritten and how:

===========
[general]
externip=<public IP of Tomato router>
;the LAN where Asterisk lives
localnet=192.168.0.0/255.255.255.0
nat=yes

;all RTP packets go through Asterisk
canreinvite=no

;template for SIP users
[sets](!)
type=friend
context=my-phones
host=dynamic
qualify=yes
nat=no

[1234](sets)
secret=mysecret
===========

As for the RTP part :
- 10001 is wrong, since RTP always starts on even ports, and AFAIK
uses two ports (one for sound TX/RX, and one for RTCP)
- unless you need to support 500 concurrent conversations, you can
trim it down. Make sure the range mapped on the Tomato matches what it
says in rtp.conf

HTH,




More information about the asterisk-users mailing list