[asterisk-users] TLS and NAT

Michael Maier m1278468 at mailbox.org
Sat Apr 8 11:35:35 CDT 2023


Hello Steve,

use the following configuration for the transport and bind this 
transport to the trunk:

[transport_name]
type=transport
protocol=tls
bind=192.168.13.24 ; your bind IP
ca_list_file=/etc/pki/tls/certs/ca-bundle.crt
; method=tlsv1_2
verify_server=yes
allow_reload=no
;tos=0xb8
;cos=3
external_media_address=your.ext.host.name ; hostname pointing to your 
ext. IP
external_signaling_address=your.ext.host.name ; hostname pointing to 
your ext. IP
local_net=192.168.0.0/24 # your local net


Regards
Michael

On 07.04.23 at 17:25 Steve Matzura wrote:
> I want to configure communication with my phone provider using TLS for 
> all the obvious reasons. Since I'm behind a firewall, I'll be needing to 
> do it with NAT. There are examples of UDP plus NAT in pjsip.conf, but 
> none for TLS plus NAT. Would it be correct to set up the TLS transport 
> stanza to look like the [transport-udp-nat] stanza example, replacing 
> UDP with TLS in lines like 'transport=tls' and 'protocol=tls', and 
> including the lines for local_net, external_media_address and 
> external_signaling_address?
> 



More information about the asterisk-users mailing list