The problem is that the Linux SIP ALG is not RTP-aware and doesn't NAT the RTP. If that's changed, it would have to be in the last one or two kernel releases.
Your solution is OpenSER (Kamailio/OpenSIPS) + nathelper + mediaproxy or rtpproxy. OCG Technical Support wrote: > I have a new Fedora 9 firewall I am setting up in front of an Asterisk > 1.4 box. I ported over all of my iptables rules..but now have a strange > problem: SOMETIMES, the audio is only 1-way (i.e. and RTP path problem). > > > > Can someone offer a tip here? Since I have conntrack_sip loaded on the > firewall, do I need to: > > > > 1. Use SIP and RTP port forwarding & prerouting to my asterisk > box? (SIP clients are outside the LAN) – this is the way I do it now > > 2. Remove all SIP and RTP port forwarding & prerouting and assume > conntrack_sip will do everything? > > 3. Allow SIP and RTP **INTO** the firewall, to allow conntrack_sip > to work? > > > > Clearly something has changed with conntrack_sip or iptables in the > latest kernel...so I need to figure this out. Help! > > > > Thanks! > > > > Michelle > > > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users -- Alex Balashov Evariste Systems Web : http://www.evaristesys.com/ Tel : (+1) (678) 954-0670 Direct : (+1) (678) 954-0671 Mobile : (+1) (706) 338-8599 _______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
