Basically, I'm forwarding the standard Asterisk ports: tcp 5060 udp 5060 udp 4569 udp 5036 tcp 5038 udp 5038 udp 10000:20000
I'm not sure that i needed both tcp and udp on the mgmt port 5038, but what the heck. :)
In sip.conf: externip = xx.xx.xx.xx localnet=192.168.1.0
In the sip client contexts they *all* have: nat=yes canreinvite=no
This is so that they can be hopped both in and out of NATs without reconfiging.
No special ports being forwarded for the clients. They seem to work behind whatever NATs we throw at them without difficulties...
later,
Paul
----- Original Message ----- From: "Anton Krall" <[EMAIL PROTECTED]>
To: "'Asterisk Users Mailing List - Non-Commercial Discussion'" <[email protected]>
Sent: Tuesday, March 29, 2005 5:28 AM
Subject: RE: [Asterisk-Users] Asterisk, SER, NAT, STUN and the whole debate
Thank you for your story Paul, nice work with the dialplans!
I have one question, so you say that for server 2, asterisk is behind nat and you have sip clients inside and outside the nat. Which ports are you forwarding to asterisk from your firewall and in the case of sip clients outside nat, did you have to open certain ports for each client or all clients use the same?
For inside clients it should be a charm!
Very nice job Paul, intercity dialing and everything well connected... That
was a good story.. Thx for sharing.
Anton
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Paul Fielding
Sent: Martes, 29 de Marzo de 2005 12:52 a.m.
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [Asterisk-Users] Asterisk, SER, NAT, STUN and the whole debate
----- Original Message ----- From: "Anton Krall" <[EMAIL PROTECTED]>would like to hear some actual setups and how people are solving the nat issue within scenarios like:
Asterisk - nat (ports forwarded) - internet - nat - multiple voup phones
I've been playing with this with my friends for awhile now. We've got four
different Asterisk servers set up in four different cities:
1. 2 nics - one on internal network, other on external network. TDM400 card
with 2 FXO and 1 FXS, 2 different analog lines, and a LiveVoip IAX2 dialout.
Various SIP phones connected, both from within the internal network and out
on the internet from behind other NATs.
2. 1 nic - behind NAT (ports forwarded). X100p with 1 analog line. Various
SIP phones, internal network and from behind other NATs.
3 & 4. Like #2 but no X100p.
All four servers are connected via IAX2 - in all cases we can dial
extensions for each other's systems and the call gets dumped to the correct
server. Also between server 1 & 2 we have local inter-city dialing working
(if you dial an outside number that is local to the other city and don't put
a 1 in front of the number it dumps to the other server and dials out).
NAT hasn't proven to be a problem for us - the only thing we can't do as a result of all the SIP clients being natted is Reinvites - this just means that all conversation *must* go through the server as opposed to direct client-client transfer.
Servers that are behind nats have the correct IP settings set in SIP.CONF. As long as I set the STUN server on the sip clients to a good working STUN server everything works like a hot damn. Nothing special....
regards,
Paul
_______________________________________________ Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
_______________________________________________ Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
_______________________________________________ Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
