[asterisk-users] problems with natted phones

Duncan Turnbull duncan at e-simple.co.nz
Wed Sep 8 14:17:05 CDT 2021 


> On 9/09/2021, at 6:23 AM, Marek Greško <mgresko8 at gmail.com> wrote:
> 
> Hello,
> 
> I confirm temporarily allowing all the udp communication from the nat
> ip address solved the problem, so the problem lies in the nftables.
> This is probably not the right forum to continue. Or is it? Does
> anybody have wide experience with nftables and sip?
If you publish your rule set then we could look. Did you write the rules? What have you checked so far? 

> 
> Thanks
> 
> Marek
> 
> 
> 2021-09-07 10:40 GMT+02:00, Antony Stone <Antony.Stone at asterisk.open.source.it>:
>> On Monday 06 September 2021 at 23:05:27, Duncan Turnbull wrote:
>> 
>>>>> On 7/09/2021, at 8:30 AM, Marek Greško <mgresko8 at gmail.com> wrote:
>>>>> 
>>>>> Hello,
>>>>> 
>>>>> it is only local nftables with nf_conntrack_sip on the asterisk
>>>>> server. Probably a kernel bug? It did not trigger with previous
>>>>> providers since they had working SIP ALG. Now I hear no audio in both
>>>>> directions because outgoing rtp stream from asterisk goes to private
>>>>> address space and incoming stream is blocked. So the outgoing rtp
>>>>> could not be learnt to send to nat addess.
>>> 
>>> Maybe a bug but that’s less likely than a config error. Time to debug your
>>> nftables.
>> 
>> Try temporarily simply turning the firewall off - allow all traffic through
>> (although leave in place any NAT rules).
>> 
>> If you then find that RTP works, you know where the problem lies.
>> 
>> 
>> Antony.
>> 
>> --
>> Perfection in design is achieved not when there is nothing left to add, but
>> rather when there is nothing left to take away.
>> 
>> - Antoine de Saint-Exupery
>> 
>>                                                   Please reply to the list;
>>                                                         please *don't* CC
>> me.
>> 
>> --
>> _____________________________________________________________________
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>> 
>> Check out the new Asterisk community forum at:
>> https://community.asterisk.org/
>> 
>> New to Asterisk? Start here:
>>      https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>> 
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>>   http://lists.digium.com/mailman/listinfo/asterisk-users
> 
> -- 
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> 
> Check out the new Asterisk community forum at: https://community.asterisk.org/
> 
> New to Asterisk? Start here:
>      https://wiki.asterisk.org/wiki/display/AST/Getting+Started
> 
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list