[asterisk-users] SIP AND NAT
Ketema Harris
ketema at midnightoilconsulting.com
Mon Aug 3 12:29:31 CDT 2009
I recently did a set up where I replaced a simple D-link home router
that was having trouble processing a T1's worth of bandwidth with a
linux machine running iptables. the kernel was 2.6.29-r5 and I chose
the SIP connection tracking modules from the menuconfig.
Router worked fine for normal traffic, but I was unable to get the SIP
phones to work. Using ngrep it was plain to see that the although the
packets going out were reaching their destination the data inside the
sip headers all contained non routable IPs. I used lsmod and saw that
the following modules:
nf_nat_sip 5084 0
nf_nat 16400 3 nf_nat_sip,ipt_MASQUERADE,iptable_nat
nf_conntrack_ipv4 11912 3 iptable_nat,nf_nat
nf_defrag_ipv4 1788 1 nf_conntrack_ipv4
were loaded. I also googled and found the http://www.iptel.org/
sipalg/ website, but since this seemed to be a little dated I assumed
the modules contained in the kernel source tree were newer and more
"reliable"
my questions are: What is the correct way(or resource to find a way)
to get a linux firewall to work with SIP so that the NAT issue is not
an issue ?
More information about the asterisk-users
mailing list