<HTML><HEAD></HEAD>
<BODY dir=ltr>
<DIV dir=ltr>
<DIV style="FONT-FAMILY: 'Calibri'; COLOR: #000000; FONT-SIZE: 12pt">
<DIV>Hello Bruce,</DIV>
<DIV> </DIV>
<DIV>Your understanding of NAT is correct, and your setup should work.</DIV>
<DIV> </DIV>
<DIV>I’m not familiar with Pfsense, but I suspected that your problem was due to
a SIP ALG. Pfsense seems to have a SIP ALG and other special handling of VoIP
traffic. Hence, you are not using plain NAT. Pfsense is probably rewriting the
SIP packets in addition to the IP packets. Try reconfiguring Pfsense or swapping
it for something else. A good way to troubleshoot your scenario is to compare
the traffic in your end to the traffic on your providers end (or on either side
of pfsense). Pay attention to the source and destination IP and ports in
addition to the contents of the SIP messages.</DIV>
<DIV> </DIV>
<DIV><A title=http://doc.pfsense.org/index.php/VoIP_Configuration
href="http://doc.pfsense.org/index.php/VoIP_Configuration">http://doc.pfsense.org/index.php/VoIP_Configuration</A></DIV>
<DIV><A title=http://en.wikipedia.org/wiki/Application-level_gateway
href="http://en.wikipedia.org/wiki/Application-level_gateway">http://en.wikipedia.org/wiki/Application-level_gateway</A></DIV>
<DIV> </DIV>
<DIV>With kind regards,</DIV>
<DIV>Pan</DIV>
<DIV
style="FONT-STYLE: normal; DISPLAY: inline; FONT-FAMILY: 'Calibri'; COLOR: #000000; FONT-SIZE: small; FONT-WEIGHT: normal; TEXT-DECORATION: none">
<DIV style="FONT: 10pt tahoma">
<DIV> </DIV>
<DIV style="BACKGROUND: #f5f5f5">
<DIV style="font-color: black"><B>From:</B> <A title=bruceb444@gmail.com
href="mailto:bruceb444@gmail.com">Bruce B</A> </DIV>
<DIV><B>Sent:</B> Tuesday, January 11, 2011 8:58 AM</DIV>
<DIV><B>To:</B> <A title=asterisk-users@lists.digium.com
href="mailto:asterisk-users@lists.digium.com">Asterisk Users Mailing List -
Non-Commercial Discussion</A> </DIV>
<DIV><B>Subject:</B> [asterisk-users] Do I need a sip proxy?</DIV></DIV></DIV>
<DIV> </DIV></DIV>
<DIV
style="FONT-STYLE: normal; DISPLAY: inline; FONT-FAMILY: 'Calibri'; COLOR: #000000; FONT-SIZE: small; FONT-WEIGHT: normal; TEXT-DECORATION: none">Hi
Everyone,
<DIV> </DIV>
<DIV>I am running multiple instances of Asterisk in Proxmox and so far I had one
central Asterisk feeding all others with trunks from one provider. Now, I want
to connect each Asterisk server directly to the provider. Based on my
understanding, each connection made to the provider port 5060 would be on a port
that is unique to that server. And so other connections made to the same
provider will go out through a different port and should receive responses
through that different port. At least that is my understanding of NAT. The
provider should see me trying to register from the same IP with multiple
different ports (high number ports; not talking about 5060 as this is outbound
and not inbound) and should be able to differentiate between SIP packets coming
from various servers. However, it seems to not happen.</DIV>
<DIV> </DIV>
<DIV>There is some sort of clash and only one of the servers shows registered
with the provider and other's trunks go down. I have noticed that keeping one
server works. It could also be that my Fail2ban kicks in on all servers if the
SIP packets received are broadcasted to all servers which shouldn't really
happen and router should take of this by sending it to the server that has the
established connection through that port.</DIV>
<DIV> </DIV>
<DIV><B>My equipment:</B></DIV>
<DIV>Asterisk 1.6x</DIV>
<DIV>Pfsense 1.2.3</DIV>
<DIV>Dumb Switch</DIV>
<DIV> </DIV>
<DIV><B>My questions:</B></DIV>
<DIV>A- What is the rational behind this?</DIV>
<DIV>B- Do I need a sip proxy server? Something like Siproxd, OpenSIPs, or
Kamailio?</DIV>
<DIV>C- Which one of the above is the easiest to get running given I never tried
any of those.</DIV>
<DIV>D- If I am doing an SIP proxy server then it might have to also be
redundant. What options do I have in that and which of above or any other
suggested package might be great for future expansions.</DIV>
<DIV> </DIV>
<DIV>Clarification on how NAT would work in situations like this would be much
appreciated.</DIV>
<DIV> </DIV>
<DIV>Thanks</DIV>
<P>
<HR>
--<BR>_____________________________________________________________________<BR>--
Bandwidth and Colocation Provided by http://www.api-digital.com --<BR>New to
Asterisk? Join us for a live introductory webinar every
Thurs:<BR>
http://www.asterisk.org/hello<BR><BR>asterisk-users mailing list<BR>To
UNSUBSCRIBE or update options visit:<BR>
http://lists.digium.com/mailman/listinfo/asterisk-users</DIV></DIV></DIV></BODY></HTML>