[Asterisk-Users] How to config firewall for RTP/RTCP?

谢水全 arthur.echo at gmail.com
Tue Apr 11 20:56:25 MST 2006 

I have a private network like this:



                                 +-----------------------+
                                  |     firewall             |
                                 +-----------------------+
                                                  |
                                 +-----------------------+
                                 |          1.2.3.4          |
        ------------------ |            NAT             |---------------------
                                 |        192.168.1.1   |
                                 +-----------------------+

                      +-----------------------+                     
+-------------------------------+
                      |  PBX:192.168.1.2 |                       |
SIPphone:192.168.1.3 |     ............
                      +-----------------------+                     
+--------------------------------|
 Now ,I can let my asterisk work correctly by STUN.But ,for security,I
must config my firewall.Because the RTP port is allocated
dynamic(10000:20000),if I just open ports 10000:20000 on my firewall
,I doubt that it will not work.Maybe like this: asterisk get a RTP
port 10000,but after it get through NAT,the port  become
9999(worse,next time it may be 9998,and i can't preknow it will be
what),then my firewall will DROP  it.

Please help me ,thanks

More information about the asterisk-users mailing list