using directmedia=no however will greatly reduce the number of simultaneous
calls you can have in your system.. esp if you are running an embedded board
like a soekris or alix.
-Christopher
________________________________
From: Lonnie Abelbeck <[email protected]>
To: AstLinux Users Mailing List <[email protected]>
Sent: Friday, August 2, 2013 9:42 AM
Subject: Re: [Astlinux-users] Disable NAT on EXTIF
Hi Armin,
I see, you want to route a private subnet created and NAT'ed in pSense into the
internal interface of AstLinux. While in theory that should work, I can't say
I've ever tried that.
As an alternative approach...
1) Allow AstLinux to NAT the internal interfaces as per the default.
1a) Because of upstream NAT, set "externaddr" and "localnet" in your sip.conf
if direct incoming SIP calls are desired.
2) Have all the internal phones register with Asterisk in AstLinux (probably
are doing already)
3) Set "directmedia=no" in your sip.conf for the local phones.
In this way only the upstream pfSense NAT comes into play, the local phones
have no-NAT talking to Asterisk, and outbound Asterisk in AstLinux is not
NAT'ed since it is directly on EXTIF. Only pSense does NAT'ing for SIP, since
all outbound SIP comes directly from Asterisk in AstLinux.
Additionally, keeping Asterisk in the path of the local phones allows you to do
Dial() options like "Kk" to do call parking per features.conf, among other
things.
Of course any non-Asterisk traffic from the AstLinux internal interface will be
double NAT'ed, but that should not be a problem.
Lonnie
On Aug 2, 2013, at 3:13 AM, Armin Tüting wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Thursday, August 1, 2013, 11:36:19 PM, you wrote:
>
>> Hi Armin,
> Hi Lonnie,
>
> thanks for your feedback!
>
>> Could you be more specific with respect to what you want to accomplish.
> EXTIF is put into the DMZ. It's being NAT'ed with pfSense and so I'm
> having double NAT and my SIP registration fails. Therefore I would
> disable NAT on EXTIF and INTIF.
>
>> By default all IPv4 internal interfaces are NAT'ed via EXTIF. To
>> keep this from happening, define the NONAT variable, eg:
> Ok, but how I'm able to disable NAT completely, but still use Arno's
> FW rules.
>
> ...
>
>> Lonnie
> Armin
------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
