Hi Armin, I see, you want to route a private subnet created and NAT'ed in pSense into the internal interface of AstLinux. While in theory that should work, I can't say I've ever tried that.
As an alternative approach... 1) Allow AstLinux to NAT the internal interfaces as per the default. 1a) Because of upstream NAT, set "externaddr" and "localnet" in your sip.conf if direct incoming SIP calls are desired. 2) Have all the internal phones register with Asterisk in AstLinux (probably are doing already) 3) Set "directmedia=no" in your sip.conf for the local phones. In this way only the upstream pfSense NAT comes into play, the local phones have no-NAT talking to Asterisk, and outbound Asterisk in AstLinux is not NAT'ed since it is directly on EXTIF. Only pSense does NAT'ing for SIP, since all outbound SIP comes directly from Asterisk in AstLinux. Additionally, keeping Asterisk in the path of the local phones allows you to do Dial() options like "Kk" to do call parking per features.conf, among other things. Of course any non-Asterisk traffic from the AstLinux internal interface will be double NAT'ed, but that should not be a problem. Lonnie On Aug 2, 2013, at 3:13 AM, Armin Tüting wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Thursday, August 1, 2013, 11:36:19 PM, you wrote: > >> Hi Armin, > Hi Lonnie, > > thanks for your feedback! > >> Could you be more specific with respect to what you want to accomplish. > EXTIF is put into the DMZ. It's being NAT'ed with pfSense and so I'm > having double NAT and my SIP registration fails. Therefore I would > disable NAT on EXTIF and INTIF. > >> By default all IPv4 internal interfaces are NAT'ed via EXTIF. To >> keep this from happening, define the NONAT variable, eg: > Ok, but how I'm able to disable NAT completely, but still use Arno's > FW rules. > > ... > >> Lonnie > Armin ------------------------------------------------------------------------------ Get your SQL database under version control now! Version control is standard for application code, but databases havent caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out. http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
