I think that is about the only thing that _will_ work if you want Asterisk to make and recieve SIP calls to the public Internet.
If your system were larger you could justify _two_ asterisk servers. One on the fire wall as you've proposed and the second inside in back of NAT. All SIP calls to/from the outside would go through the exposed server while your inside lines and PSTN connection would be via the inside server. The two servers would interconnect via IAX2 trunk. This would be more secure that your proposed plan but adds to the cost. Note however that the exposed computer could be a very light weight machine, a 1Ghz micro ATX card. I'm working on setting up just what you describe. Another idea, one that I'll work on is setting up not an Asterisk server on the firewall but a SIP proxy. This requires changes to chan_sip.c to teach it about SIP proxies but I think it the best long term fix and worth the effort. --- "Steven M. Sokol" <[EMAIL PROTECTED]> wrote: > Has anyone tried installing * on a box with two eth interfaces which > is > acting as a NAT box? I have only one IP at this point and I would > like > to get * working without all of the NAT issues. My idea is to run * > on > my gateway (which is also running the firewall and masquerade > services). > All of my UAs (Grandstream + Xten X-LITE + gnophone) will be inside > the > NAT screen, and will connect to the * using its PUBLIC (outside) > address. > > Does this sound reasonable? > > Thanks, > > Steve > > > _______________________________________________ > Asterisk-Users mailing list > [EMAIL PROTECTED] > http://lists.digium.com/mailman/listinfo/asterisk-users ===== Chris Albertson Home: 310-376-1029 [EMAIL PROTECTED] Cell: 310-990-7550 Office: 310-336-5189 [EMAIL PROTECTED] KG6OMK __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users
