[Asterisk-Users] Anyone doing NAT through m0n0Wall?

Mark Phillips g7ltt at g7ltt.com
Thu Dec 22 09:06:47 MST 2005 

Thanks Francis!!!

You were right on the nail with the local network parameter. I had 
"localnet = 192.168.201.0 255.255.255.0" set rather than "localnet = 
192.168.201.0/255.255.255.0"

All is working as it should!

Thanks for all the responses.

Mark, G7LTT/KC2ENI
Randolph, NJ
http://www.g7ltt.com


Francis Ballares (VoIPware.ca) wrote:
> Hi Colin,
>  
> You should use
> externhost=yourhost.somethingddns.com <http://yourhost.somethingddns.com>
>  
> and you should put the *local network parameter *in your sip.conf.  This 
> will identify that your local lan doesn't need to use the "externhost" 
> parameter when you try to connect internally- and asterisk should just 
> work fine.
>  
> regards,
>  
> Francis
>  
> 
> 
>  
> On 12/22/05, *Colin Anderson* <ColinA at landmarkmasterbuilder.com 
> <mailto:ColinA at landmarkmasterbuilder.com>> wrote:
> 
>     I am. Setup exactly as you describe, in a corporate environment. No
>     problem
>     whatsoever. Do you have port forwarding rules to your Asterisk
>     server from
>     the WAN interface specifically for 5060 UDP and RTP 10000-20000?
> 
>     Also Monowall 1.2 was flaky for me, I'm running 1.1
> 
>     -----Original Message-----
>     From: Mark Phillips [mailto: g7ltt at g7ltt.com <mailto:g7ltt at g7ltt.com>]
>     Sent: Thursday, December 22, 2005 5:48 AM
>     To: Asterisk Users Mailing List - Non-Commercial Discussion
>     Subject: [Asterisk-Users] Anyone doing NAT through m0n0Wall?
> 
>     Hi Folks,
> 
>     I've just built myself a m0n0Wall based around a WRAP board and whilst
>     it work really well for everything else I'm having some issues with
>     Asterisk's NAT abilities.
> 
>     Here's my setup,
> 
>     A bunch of hardphones (various types) littered around the house.
>     SPA-3000 handles the house POTS line which forwards to extention 2005.
>     X-Ten Pro on my laptop for when I'm out and about.
>     Grandstream BT-101 at my dad's house via our cable modems.
> 
>     Until replacing the Linksys with the m0n0Wall everything was working
>     fine and dandy.
> 
>     I have externip= g7ltt.dyndns.org <http://g7ltt.dyndns.org> set in
>     my sip.conf file. Without it I
>     could not make my dad's phone work.
> 
>     With the m0n0Wall in place and the externip setting set I can make no
>     calls internally but all the external phones work just fine. The
>     reverse
>     is true when I remove the externip setting; the internal phones work but
>     the external ones don't.
> 
>     I've done some tracing with both firewalls and have noted the following;
> 
>     Linksys: externip set all SIP and IAX2 frames from * have my public
>     address as the reply-to regardless of the NAT requirement of the phone
>     in use. In other words it offers up the external address for internal
>     calls. All data flows through the Linksys when addressed to the public
>     IP address and is then forwarded back to the * server.
> 
>     m0n0Wall: externip set as above and the firewall drops the packets.
>     externip not set and the * NAT doesn't work.
> 
>     I know that the m0n0Wall requires a rule to be added to make it work as
>     before but what I don't understand is why is Asterisk forcing all calls
>     to use its public IP address when externip is set?
> 
>     Surely this doubles network traffic; one packet goes to the router.
>     another goes from the router to the internal host. Why doesn't go
>     directly over the LAN for internal stuff?
> 
>     I had assumed that the addition of a nat=yes statement in the relevant
>     phone stanza would turn on or off the NAT reqirement for that phone
>     device but this doesn't seem to be the case.
> 
>     Any ideas would be greatly appreciated.
> 
>     Mark
> 
> 
> 
>     --
> 
>     Mark, G7LTT/KC2ENI
>     Randolph, NJ
>     http://www.g7ltt.com
>     _______________________________________________
>     --Bandwidth and Colocation provided by Easynews.com
>     <http://Easynews.com> --
> 
>     Asterisk-Users mailing list
>     To UNSUBSCRIBE or update options visit:
>        http://lists.digium.com/mailman/listinfo/asterisk-users
>     _______________________________________________
>     --Bandwidth and Colocation provided by Easynews.com
>     <http://Easynews.com> --
> 
>     Asterisk-Users mailing list
>     To UNSUBSCRIBE or update options visit:
>       http://lists.digium.com/mailman/listinfo/asterisk-users
> 
> 
> 
> 
> -- 
> Regards,
> 
> Francis Ballares
> E-mail: ballares (at) gmail.com <http://gmail.com>
> 
> www.VoIPware.ca <http://www.VoIPware.ca>
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
> 
> Asterisk-Users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list