Hi Michael, It depends, if the pre-existing SIP PBX only does outbound calls (SIP trunking) then don't enable any "NAT EXT->LAN" to the SIP PBX and make sure the SIP PBX trunk registers or qualifies often enough to keep a firewall state open for inbound calls from the provider. You may have to forward the RTP media range, again depends, try without but be prepared to "NAT EXT->LAN" the RTP range if needed.
If the pre-existing SIP PBX has to service remote "clients", that is more trouble with NAT, in that case I would consider using your AstLinux box at the edge to handle those and act as a proxy to the internal pre-existing SIP PBX. Lonnie On Sep 5, 2017, at 6:06 AM, Michael Knill <michael.kn...@ipcsolutions.com.au> wrote: > Hi Michael > > Thanks for that but you misunderstand sorry. > Astlinux is on the edge and a SIP PBX is on the inside that will eventually > be replaced. > > Regards > Michael Knill > > -----Original Message----- > From: Michael Keuter <li...@mksolutions.info> > Reply-To: AstLinux List <astlinux-users@lists.sourceforge.net> > Date: Tuesday, 5 September 2017 at 6:20 pm > To: AstLinux List <astlinux-users@lists.sourceforge.net> > Subject: Re: [Astlinux-users] Guidance on configuring NAT on Astlinux > > >> Am 05.09.2017 um 09:16 schrieb Michael Knill >> <michael.kn...@ipcsolutions.com.au>: >> >> Hi group >> >> I have a bit of a tricky one that I want to run past the Astlinux firewall >> experts. >> >> Scenario: >> An existing PBX (soon to be replaced) using an existing SIP Provider sitting >> BEHIND an Astlinux appliance which is connected to another SIP Provider. >> >> Should I just be able to do NAT EXT -> LAN to the internal PBX for 5060 & >> Media Ports using the Source IP Addresses of their current provider? Or do I >> need to add something in NAT EXT: ? >> I just recall that I had issues with Astlinux and forwarding 5060 but that >> was a while ago. >> >> Thanks. >> >> Regards >> Michael Knill > > Hi Michael, > > I had the same issue. It is quite easy: > > On the PBX behind the main AstLinux box set in sip.conf: > > ; NAT settings > externaddr=xx.xx.xx.xx:5062 ; this tells the second provider to send the > returning packets to port 5062! > localnet=yy.yy.yy.yy/255.255.255.0 > nat=force_rport,comedia > > Then on the main AstLinux box set NAT EXT -> LAN port 5062 to the IP of the > 2nd PBX but on port 5060! > Then just use different RTP ports then on the edge box. > > Michael > > http://www.mksolutions.info > > > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pay...@krisk.org. > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pay...@krisk.org. > > ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
