[asterisk-users] NAT/IPTABLES workarounds

Kevin P. Fleming kpfleming at digium.com
Wed Jan 4 17:20:29 CST 2012


On 01/03/2012 10:03 AM, Patrick Lists wrote:
> On 03-01-12 16:24, Danny Nicholas wrote:
>> Hello List,
>>
>> I work in an environment where I have to request IPTABLES changes rather
>> than doing them myself. Is there a way to utilize my SSH (port 22) to
>> get a functional (and with good sound) Asterisk installation with
>> multiple channels up without requesting the 5060(SIP) 5061 (TLS) and
>> UDP/RTP (usually 10001-20000) IPTABLES allowances?
>
> Not with SIP as it needs a port for signaling (usually 5060) and RTP
> ports for sending the actual voice packets. So for SIP you will always
> need multiple ports. If you can use IAX then you could use port 22 as
> IAX only needs one port. The question is how are you going to SSH into
> the box if you use the SSH port for Asterisk?

It is not practical (although not impossible) to run UDP over an SSH 
tunnel. Since VoIP media is generally transported over UDP, this will be 
a major obstacle.

-- 
Kevin P. Fleming
Digium, Inc. | Director of Software Technologies
Jabber: kfleming at digium.com | SIP: kpfleming at digium.com | Skype: kpfleming
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at www.digium.com & www.asterisk.org



More information about the asterisk-users mailing list