[asterisk-users] problems with natted phones

Marek Greško mgresko8 at gmail.com
Sat Sep 4 15:13:32 CDT 2021 

Hello,

I agree my knowledge of SIP itself is poor, but I have quite well
general tcp/ip understanding. What sip parameters should be
anonymized? How about tag, branch, call-id, cseq values?

Thanks

Marek


2021-09-04 12:36 GMT+02:00, Duncan Turnbull <duncan at turnbull.co.nz>:
>
>
>> On 4/09/2021, at 8:55 PM, Marek Greško <mgresko8 at gmail.com> wrote:
>>
>> Ok,
>>
>> let substitute lan for 192.168.100.235, provider with 192.0.2.1 and
>> asterisk with 198.51.100.1.
>
> Can you provide the previous packet details with these addresses filled in
>>
>> In the working scenario understand that asterisk is not aware of the
>> providers ip address
> If the call goes provider - asterisk - phone then asterisk is absolutely
> aware of the provider ip. I think you need to get more familiar with sip and
> rtp
>
>> 192.0.2.1 in the sip protocol, and it should pick
>> it from the network layer. It is harder to calcutale port, so it
>> should probably listen for incoming rtp stream?
>
> The sdp in the sip packet tells the rtp ip and port to connect to
>> Until then it is just
>> sending to private address? But I thing it is futile, since it is
>> known from the sip protocol there is nat involved and thus the packets
>> are destined to nowhere.
>
> You need to realise that this works normally everyday all over the place so
> what you are imagining is incorrect
>>
>> But I still cannot imagine what goes wrong in non working scenario and
>> how the asterisk reboot (not every one and not sure this is the real
>> trigger). The sip communication seems identical to me. The provider's
>> router does not touch SIP now as observed after disabling SIP ALG.
>
> It is very unclear as to how you are justifying these statements. You don’t
> yet understand how sip and call setup with media works. If you provide the
> whole sip packet capture with the substituted ips it should be easier to
> point out where the error is
>
> You need to be really clear on what’s ip
> is what and where the conversations are captured
>
> It will become clear once you provide all the details
>
>
>>
>> Thanks
>>
>> Marek
>>
>> 2021-09-04 0:40 GMT+02:00, Antony Stone
>> <Antony.Stone at asterisk.open.source.it>:
>>> On Saturday 04 September 2021 at 00:34:49, Duncan Turnbull wrote:
>>>
>>>>>> On 4/09/2021, at 7:53 AM, Marek Greško <mgresko8 at gmail.com> wrote:
>>>>>>
>>>>>> So you suspect something is messing up SIP protocol? Maybe the phone
>>>>>> itself is not working properly. The phone itself is not aware of the
>>>>>> internet address, so is sending lan private address in the sip
>>>>>> protocol.
>>>>
>>>> I doubt it’s the phone. You need to check your data again and ideally
>>>> explain what you mean by the names you have substituted for the ip
>>>> addresses
>>>
>>> My advice (regarding the IP addresses) is:
>>>
>>> - where you have https://tools.ietf.org/html/rfc1918 addresses, leave
>>> them
>>> as
>>> they are - you're not giving away any sensitive information by telling us
>>> about your internal addresses which can't be routed over the Internet
>>>
>>> - where you have public addresses and would prefer not to reveal what
>>> these
>>> are, substitute with https://tools.ietf.org/html/rfc5737 addresses
>>> instead.
>>>
>>> - always ensure that you substitute address A in the same way each time,
>>> and
>>> address B, etc.
>>>
>>>
>>> Antony.
>>>
>>> --
>>> You can spend the whole of your life trying to be popular,
>>> but at the end of the day the size of the crowd at your funeral
>>> will be largely dictated by the weather.
>>>
>>> - Frank Skinner
>>>
>>>                                                   Please reply to the
>>> list;
>>>                                                         please *don't* CC
>>> me.
>>>
>>> --
>>> _____________________________________________________________________
>>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>>
>>> Check out the new Asterisk community forum at:
>>> https://community.asterisk.org/
>>>
>>> New to Asterisk? Start here:
>>>      https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>>>
>>> asterisk-users mailing list
>>> To UNSUBSCRIBE or update options visit:
>>>   http://lists.digium.com/mailman/listinfo/asterisk-users
>>
>> --
>> _____________________________________________________________________
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>
>> Check out the new Asterisk community forum at:
>> https://community.asterisk.org/
>>
>> New to Asterisk? Start here:
>>      https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>>
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at:
> https://community.asterisk.org/
>
> New to Asterisk? Start here:
>       https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list