Re: [SR-Users] NAT Traversal issue
Dear Kamailio'ns, I am awaiting somebody's suggestions/hints/comments on this issue, with that i can proceed further. Please anybody help me in resolving this issue. Any help will mean a lot and greatly appreciate. Regards, Ravi -- View this message in context: http://sip-router.1086192.n5.nabble.com/NAT-Traversal-issue-tp126442p126456.html Sent from the Users mailing list archive at Nabble.com. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT Traversal issue
It looks like you may be running Kamailio behind NAT as well, no? Can you provide any traffic on the connections that fail? Fred Posner The Palner Group, Inc. 503-914-0999 (direct) 954-472-2896 (fax) On 04/03/2014 08:44 AM, Ravi wrote: Dear Kamailio'ns, I am awaiting somebody's suggestions/hints/comments on this issue, with that i can proceed further. Please anybody help me in resolving this issue. Any help will mean a lot and greatly appreciate. Regards, Ravi ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT traversal problem with Kamailio when trying to communicate between two different LANs
Hi All, I installed Kamailio server on my ubuntu machine. And installed rtpproxy also in the same machine. I didm't make many changes to default configuration files, kamctlrc and kamailio.cfg. Now I am able to communicate between two SIP clients, if both sip clients are in the same LAN. But I am not able to communicate between one sip client in one LAN and the other SIP client in other LAN. Sip Call handling and ringing etc. is ok but there is no voice for this case. I don't have much experience in routing for NAT traversal. I tried to experiment with rtpproxy_manage function in kamailio.cfg file. But I was not successful. Please help me by providing any hints or pointers to proceed further. I am using only Kamailio and Rtpproxy. No other software like Asterisk or FreeSwitch. * These are defines I used in kamailio.cfg file: #!define WITH_MYSQL #!define WITH_AUTH #!define WITH_ALIASDB #!define WITH_USRLOCDB #!define WITH_ANTIFLOOD #!define WITH_NAT #!define WITH_PRESENCE listen ip address changed *** Kamailio is compiled with following modules: include_modules= db_mysql dialplan presence presence_xml Regards, Sateesh ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT traversal problem with Kamailio when trying to communicate between two different LANs
Did you try this; http://www.palner.com/blog/303/kamailio-behind-nat/#more-303 Regards, Arun From: Neo Quartz neoqua...@gmail.com To: sr-users@lists.sip-router.org Sent: Wednesday, February 19, 2014 8:22 AM Subject: Re: [SR-Users] NAT traversal problem with Kamailio when trying to communicate between two different LANs Hi All, I installed Kamailio server on my ubuntu machine. And installed rtpproxy also in the same machine. I didm't make many changes to default configuration files, kamctlrc and kamailio.cfg. Now I am able to communicate between two SIP clients, if both sip clients are in the same LAN. But I am not able to communicate between one sip client in one LAN and the other SIP client in other LAN. Sip Call handling and ringing etc. is ok but there is no voice for this case. I don't have much experience in routing for NAT traversal. I tried to experiment with rtpproxy_manage function in kamailio.cfg file. But I was not successful. Please help me by providing any hints or pointers to proceed further. I am using only Kamailio and Rtpproxy. No other software like Asterisk or FreeSwitch. * These are defines I used in kamailio.cfg file: #!define WITH_MYSQL #!define WITH_AUTH #!define WITH_ALIASDB #!define WITH_USRLOCDB #!define WITH_ANTIFLOOD #!define WITH_NAT #!define WITH_PRESENCE listen ip address changed *** Kamailio is compiled with following modules: include_modules= db_mysql dialplan presence presence_xml Regards, Sateesh ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT Traversal Problem
Hi, To enable nat traversal execute RTPProxy. http://www.rtpproxy.org It supports many thousand calls -- Laurent PIERRE On 18 April 2013 16:04, Ishan Sawhney ishan.sawh...@yahoo.in wrote: Hi, We have a solution which requires only outbound NAT on SIP calls. Do you have a product which would solve the NAT Traversal problem on the outbound SIP calls? If yes, how much would be the cost of this product? Will it support 2000 simultaneous calls? BR// Ishan ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT Traversal Problem
will it be work on NAT Thanks Jagan On 19 April 2013 08:40, PIERRE Laurent ltpie...@gmail.com wrote: Hi, To enable nat traversal execute RTPProxy. http://www.rtpproxy.org It supports many thousand calls -- Laurent PIERRE On 18 April 2013 16:04, Ishan Sawhney ishan.sawh...@yahoo.in wrote: Hi, We have a solution which requires only outbound NAT on SIP calls. Do you have a product which would solve the NAT Traversal problem on the outbound SIP calls? If yes, how much would be the cost of this product? Will it support 2000 simultaneous calls? BR// Ishan ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT Traversal issue
Hello, great, thanks for replying and closing the thread with the solution. Cheers, Daniel On 12/19/12 2:31 AM, Raj Roy Ghandhi wrote: Hi All, Problem solved. It was a CODEC issue. Best Regards, Roy. On Tue, Dec 4, 2012 at 3:58 AM, Raj Roy Ghandhi roy.gan...@gmail.com mailto:roy.gan...@gmail.com wrote: Hi, My Kamalio development version works very well with websocket and webrtc clients. But when I try to call the guy in remote area (he had connected to the same server with 3G dongle) no voice and video. Here is how I have set it up. 1. Kamailio 3.4 development version running on public IP 2. NAT Traversal is done with RTPProxy 1.2. 3. IP Phones work very well. (phones are behind NAT) 4. Web page with WebRTC works well in LAN behind the NAT But I try to call a account which in logged into same Kamailio server we do not hear voice nor media. I have attached the sip capture into 2 files 1. LAN webrtc client-LAN client web page call 2. LAN webrtc client - 3G Dongle webrtc client Please help me out to figure this out. Best Regards, Roy. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT Traversal issue
Hi All, Problem solved. It was a CODEC issue. Best Regards, Roy. On Tue, Dec 4, 2012 at 3:58 AM, Raj Roy Ghandhi roy.gan...@gmail.comwrote: Hi, My Kamalio development version works very well with websocket and webrtc clients. But when I try to call the guy in remote area (he had connected to the same server with 3G dongle) no voice and video. Here is how I have set it up. 1. Kamailio 3.4 development version running on public IP 2. NAT Traversal is done with RTPProxy 1.2. 3. IP Phones work very well. (phones are behind NAT) 4. Web page with WebRTC works well in LAN behind the NAT But I try to call a account which in logged into same Kamailio server we do not hear voice nor media. I have attached the sip capture into 2 files 1. LAN webrtc client-LAN client web page call 2. LAN webrtc client - 3G Dongle webrtc client Please help me out to figure this out. Best Regards, Roy. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT Traversal :: RTPProxy and Jitsi client
Hello, you have to do nat traversal for signaling and rtp relaying for media streams. Default configuration file for kamailio includes the solution for this case, using nathelper and rtpproxy. Looking into kamailio.cfg for WITH_NAT token. Cheers, Daniel On 12/14/12 7:37 PM, Raj Roy Ghandhi wrote: Hi, I am trying to communicate 2 Jitsi clients in 2 separate private networks. Both clients are behind NAT. Kamailio Server is on Public IP. Both Jitsi clients does register and presence works fine. And also text messages works well. But unable to call each other. Had some one had the same issue before. I tried with many soft clients and all failed with same result. Same scenario works with IP Phones. Can anybody point out what I miss there. Regards, Roy. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT Traversal :: RTPProxy and Jitsi client
Hi Daniel, Thanks for the reply. I am using that flag WITH_NAT and RTPProxy. Please find my config file at http://pastebin.ca/2293600 and let me know I have miss anything there. Best Regards, Roy. On Fri, Dec 14, 2012 at 11:53 AM, Daniel-Constantin Mierla mico...@gmail.com wrote: Hello, you have to do nat traversal for signaling and rtp relaying for media streams. Default configuration file for kamailio includes the solution for this case, using nathelper and rtpproxy. Looking into kamailio.cfg for WITH_NAT token. Cheers, Daniel On 12/14/12 7:37 PM, Raj Roy Ghandhi wrote: Hi, I am trying to communicate 2 Jitsi clients in 2 separate private networks. Both clients are behind NAT. Kamailio Server is on Public IP. Both Jitsi clients does register and presence works fine. And also text messages works well. But unable to call each other. Had some one had the same issue before. I tried with many soft clients and all failed with same result. Same scenario works with IP Phones. Can anybody point out what I miss there. Regards, Roy. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing listsr-us...@lists.sip-router.orghttp://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla - http://www.asipto.comhttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT Traversal
So, I've made resetup of network to run tests. I've figured out, that one of the routers were changing SIP headers, i.e. Contacts header to public IP. This caused UAC under this router not to use STUN and gave one way audio. Now I'm using fix_nated_contact and fix_nated_register. Location table contains correct IPs. However, when I'm making a call, RTP is sent to private IP. With STUN IP is correct. Where it comes from? I tried also STUN and force_rtp_proxy() with 'r' flag. Nothing has changed - destination port for RTP traffic differs from source port. As result - complete silence. Please advice, where to dig? On Wed, 2011-03-02 at 09:53 +0100, Daniel-Constantin Mierla wrote: On 3/2/11 9:32 AM, Spinov Evgeniy wrote: Unfortunately ngrep is unavailable right now, cause network was configured to use public IPs. May be I'll can do that on development network later. Right now development network using public`s also. I'll try to sort out ngrep anyway. I was giving FAEI to INVITEs from UAC to Asterisk and FAIE to INVITEs from Asterisks to UAC. Everything was good except destination UDP port to UAC 1. It was different then the source. As result UAC 1 didn't received backflow. You say about wrong port for RTP or for SIP? For SIP be sure you call force_rport(). For RTP try eventually the flag 'r' in in parameters of force_rtp_proxy(). Also, may be this will help: Kamailio was unable to identify that faulty UAC 1 is behind the NAT. I've tried nat_uac_test(31), however - nothing, while SIP headers were containing NATed IPs. By NATed ip you mean private class, like 10... or 192.168...? If yes, that is strange, can you add debugger module with cfgtrace enabled to see what lines in the config file are executed for that call? (this is assuming you are using v3.1.x, if not add xlog() messages in the config to be sure the nat handling part is executed). Cheers, Daniel So during tests I've just forced NAT always. Without that I didn't had audio at all. While with it - one way audio with faulty UAC and normal call for all others. Also, on faulty UAC 1 I had to use STUN server, while all other clients worked without it. After going Asterisks public and changing kamailio configuration for it, STUN no longer needed anywhere. Just assuming fact, that router has bad ALG implementation. Is there any workaround for it, may be forcing destination ports to source ones? On Wed, 2011-03-02 at 09:30 +0100, Daniel-Constantin Mierla wrote: Hello, one option might be a bad ALG implementation in the router. Can you send a full ngrep of such case? You can obfuscate the IP addresses, use different ones for each point in the network and leave the ports. Seeing SIP headers and SDP can indicate the presence of an ALG or something broken in config logic. Also, what is the parameter you give to force_rtp_proxy(...)? Cheers, Daniel On 3/2/11 8:38 AM, Spinov Evgeniy wrote: May be I miss some important details? No suggestions? Thank you. Hello, all. Using nathelper + rtpproxy for subj. Kamailio has public and private network interfaces. Asterisk is only private. RTP Proxy is working in bridge mode and relaying traffic from UAC to Asterisks. Everything is working fine, except one configuration. When the client is behind router ( a specific one, I do not have an access there to check ), and this UAC is making a call to other public extension, which is behind router, then RTP Proxy is relaying traffic to the caller, using another UDP port, then the packets arrive. For instance: UAC 1 - UAC 2 PUBLIC_IP:10 KAMAILIO_IP: KAMAILIO_IP:5678 PUBLIC_IP:12 While for the UAC 2 it looks like: PUBLIC_IP:20 KAMAILIO_IP:6767 KAMAILIO_IP:4564 PUBLIC_IP:20 The source and destination UDP ports are the same. As result, I can hear UAC 1 and he cannot hear me. In case of we have UAC 3, which is behind other router, call is working fine with same configuration. It's routers fault you can say, but in the same configuration ( I mean network, not kamailio ) it worked, but when RTPProxy was not in bridge mode and Kamailio and Asterisks were in public network. Reinvites are not allowed in both cases. The question is, why the source and destination UDP ports are different? Using STUN in first case, cause without it, private IP written in contacts and as result, traffic relayed from Kamailio is incorrect, cause heading to private network which is unreachable. Any ideas where to dig? ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org
Re: [SR-Users] NAT Traversal
Hello, one option might be a bad ALG implementation in the router. Can you send a full ngrep of such case? You can obfuscate the IP addresses, use different ones for each point in the network and leave the ports. Seeing SIP headers and SDP can indicate the presence of an ALG or something broken in config logic. Also, what is the parameter you give to force_rtp_proxy(...)? Cheers, Daniel On 3/2/11 8:38 AM, Spinov Evgeniy wrote: May be I miss some important details? No suggestions? Thank you. Hello, all. Using nathelper + rtpproxy for subj. Kamailio has public and private network interfaces. Asterisk is only private. RTP Proxy is working in bridge mode and relaying traffic from UAC to Asterisks. Everything is working fine, except one configuration. When the client is behind router ( a specific one, I do not have an access there to check ), and this UAC is making a call to other public extension, which is behind router, then RTP Proxy is relaying traffic to the caller, using another UDP port, then the packets arrive. For instance: UAC 1 - UAC 2 PUBLIC_IP:10 KAMAILIO_IP: KAMAILIO_IP:5678 PUBLIC_IP:12 While for the UAC 2 it looks like: PUBLIC_IP:20 KAMAILIO_IP:6767 KAMAILIO_IP:4564 PUBLIC_IP:20 The source and destination UDP ports are the same. As result, I can hear UAC 1 and he cannot hear me. In case of we have UAC 3, which is behind other router, call is working fine with same configuration. It's routers fault you can say, but in the same configuration ( I mean network, not kamailio ) it worked, but when RTPProxy was not in bridge mode and Kamailio and Asterisks were in public network. Reinvites are not allowed in both cases. The question is, why the source and destination UDP ports are different? Using STUN in first case, cause without it, private IP written in contacts and as result, traffic relayed from Kamailio is incorrect, cause heading to private network which is unreachable. Any ideas where to dig? ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla http://www.asipto.com ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT Traversal
Unfortunately ngrep is unavailable right now, cause network was configured to use public IPs. May be I'll can do that on development network later. Right now development network using public`s also. I'll try to sort out ngrep anyway. I was giving FAEI to INVITEs from UAC to Asterisk and FAIE to INVITEs from Asterisks to UAC. Everything was good except destination UDP port to UAC 1. It was different then the source. As result UAC 1 didn't received backflow. Also, may be this will help: Kamailio was unable to identify that faulty UAC 1 is behind the NAT. I've tried nat_uac_test(31), however - nothing, while SIP headers were containing NATed IPs. So during tests I've just forced NAT always. Without that I didn't had audio at all. While with it - one way audio with faulty UAC and normal call for all others. Also, on faulty UAC 1 I had to use STUN server, while all other clients worked without it. After going Asterisks public and changing kamailio configuration for it, STUN no longer needed anywhere. Just assuming fact, that router has bad ALG implementation. Is there any workaround for it, may be forcing destination ports to source ones? On Wed, 2011-03-02 at 09:30 +0100, Daniel-Constantin Mierla wrote: Hello, one option might be a bad ALG implementation in the router. Can you send a full ngrep of such case? You can obfuscate the IP addresses, use different ones for each point in the network and leave the ports. Seeing SIP headers and SDP can indicate the presence of an ALG or something broken in config logic. Also, what is the parameter you give to force_rtp_proxy(...)? Cheers, Daniel On 3/2/11 8:38 AM, Spinov Evgeniy wrote: May be I miss some important details? No suggestions? Thank you. Hello, all. Using nathelper + rtpproxy for subj. Kamailio has public and private network interfaces. Asterisk is only private. RTP Proxy is working in bridge mode and relaying traffic from UAC to Asterisks. Everything is working fine, except one configuration. When the client is behind router ( a specific one, I do not have an access there to check ), and this UAC is making a call to other public extension, which is behind router, then RTP Proxy is relaying traffic to the caller, using another UDP port, then the packets arrive. For instance: UAC 1 - UAC 2 PUBLIC_IP:10 KAMAILIO_IP: KAMAILIO_IP:5678 PUBLIC_IP:12 While for the UAC 2 it looks like: PUBLIC_IP:20 KAMAILIO_IP:6767 KAMAILIO_IP:4564 PUBLIC_IP:20 The source and destination UDP ports are the same. As result, I can hear UAC 1 and he cannot hear me. In case of we have UAC 3, which is behind other router, call is working fine with same configuration. It's routers fault you can say, but in the same configuration ( I mean network, not kamailio ) it worked, but when RTPProxy was not in bridge mode and Kamailio and Asterisks were in public network. Reinvites are not allowed in both cases. The question is, why the source and destination UDP ports are different? Using STUN in first case, cause without it, private IP written in contacts and as result, traffic relayed from Kamailio is incorrect, cause heading to private network which is unreachable. Any ideas where to dig? ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT Traversal
On 3/2/11 9:32 AM, Spinov Evgeniy wrote: Unfortunately ngrep is unavailable right now, cause network was configured to use public IPs. May be I'll can do that on development network later. Right now development network using public`s also. I'll try to sort out ngrep anyway. I was giving FAEI to INVITEs from UAC to Asterisk and FAIE to INVITEs from Asterisks to UAC. Everything was good except destination UDP port to UAC 1. It was different then the source. As result UAC 1 didn't received backflow. You say about wrong port for RTP or for SIP? For SIP be sure you call force_rport(). For RTP try eventually the flag 'r' in in parameters of force_rtp_proxy(). Also, may be this will help: Kamailio was unable to identify that faulty UAC 1 is behind the NAT. I've tried nat_uac_test(31), however - nothing, while SIP headers were containing NATed IPs. By NATed ip you mean private class, like 10... or 192.168...? If yes, that is strange, can you add debugger module with cfgtrace enabled to see what lines in the config file are executed for that call? (this is assuming you are using v3.1.x, if not add xlog() messages in the config to be sure the nat handling part is executed). Cheers, Daniel So during tests I've just forced NAT always. Without that I didn't had audio at all. While with it - one way audio with faulty UAC and normal call for all others. Also, on faulty UAC 1 I had to use STUN server, while all other clients worked without it. After going Asterisks public and changing kamailio configuration for it, STUN no longer needed anywhere. Just assuming fact, that router has bad ALG implementation. Is there any workaround for it, may be forcing destination ports to source ones? On Wed, 2011-03-02 at 09:30 +0100, Daniel-Constantin Mierla wrote: Hello, one option might be a bad ALG implementation in the router. Can you send a full ngrep of such case? You can obfuscate the IP addresses, use different ones for each point in the network and leave the ports. Seeing SIP headers and SDP can indicate the presence of an ALG or something broken in config logic. Also, what is the parameter you give to force_rtp_proxy(...)? Cheers, Daniel On 3/2/11 8:38 AM, Spinov Evgeniy wrote: May be I miss some important details? No suggestions? Thank you. Hello, all. Using nathelper + rtpproxy for subj. Kamailio has public and private network interfaces. Asterisk is only private. RTP Proxy is working in bridge mode and relaying traffic from UAC to Asterisks. Everything is working fine, except one configuration. When the client is behind router ( a specific one, I do not have an access there to check ), and this UAC is making a call to other public extension, which is behind router, then RTP Proxy is relaying traffic to the caller, using another UDP port, then the packets arrive. For instance: UAC 1 - UAC 2 PUBLIC_IP:10 KAMAILIO_IP: KAMAILIO_IP:5678 PUBLIC_IP:12 While for the UAC 2 it looks like: PUBLIC_IP:20 KAMAILIO_IP:6767 KAMAILIO_IP:4564 PUBLIC_IP:20 The source and destination UDP ports are the same. As result, I can hear UAC 1 and he cannot hear me. In case of we have UAC 3, which is behind other router, call is working fine with same configuration. It's routers fault you can say, but in the same configuration ( I mean network, not kamailio ) it worked, but when RTPProxy was not in bridge mode and Kamailio and Asterisks were in public network. Reinvites are not allowed in both cases. The question is, why the source and destination UDP ports are different? Using STUN in first case, cause without it, private IP written in contacts and as result, traffic relayed from Kamailio is incorrect, cause heading to private network which is unreachable. Any ideas where to dig? ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla http://www.asipto.com ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT Traversal
On Wed, 2011-03-02 at 09:53 +0100, Daniel-Constantin Mierla wrote: On 3/2/11 9:32 AM, Spinov Evgeniy wrote: Unfortunately ngrep is unavailable right now, cause network was configured to use public IPs. May be I'll can do that on development network later. Right now development network using public`s also. I'll try to sort out ngrep anyway. I was giving FAEI to INVITEs from UAC to Asterisk and FAIE to INVITEs from Asterisks to UAC. Everything was good except destination UDP port to UAC 1. It was different then the source. As result UAC 1 didn't received backflow. You say about wrong port for RTP or for SIP? On RTP only. SIP works fine, except STUN server requirement as I've mentioned below. For SIP be sure you call force_rport(). For RTP try eventually the flag 'r' in in parameters of force_rtp_proxy(). According to README, r flag affects IP addresses, so it will not solve RTP issue, but I'll try it to get rid of STUN server requirement, hope this will help. Also, may be this will help: Kamailio was unable to identify that faulty UAC 1 is behind the NAT. I've tried nat_uac_test(31), however - nothing, while SIP headers were containing NATed IPs. By NATed ip you mean private class, like 10... or 192.168...? Yea, in my case this is 192.168 If yes, that is strange, can you add debugger module with cfgtrace enabled to see what lines in the config file are executed for that call? (this is assuming you are using v3.1.x, if not add xlog() messages in the config to be sure the nat handling part is executed). This is Kamailio 3.0.4. I've added xlogs and seen that messages are proceeded on SIP sessions ( ones for INVITE from UAC1 and once for INVITE from Asterisk to UAC2 ) and for RTP, once for each session. RTP Proxy is proxing all 4 flows ( 2 per each side ). May be I should take a look at something else? Cheers, Daniel So during tests I've just forced NAT always. Without that I didn't had audio at all. While with it - one way audio with faulty UAC and normal call for all others. Also, on faulty UAC 1 I had to use STUN server, while all other clients worked without it. After going Asterisks public and changing kamailio configuration for it, STUN no longer needed anywhere. Just assuming fact, that router has bad ALG implementation. Is there any workaround for it, may be forcing destination ports to source ones? On Wed, 2011-03-02 at 09:30 +0100, Daniel-Constantin Mierla wrote: Hello, one option might be a bad ALG implementation in the router. Can you send a full ngrep of such case? You can obfuscate the IP addresses, use different ones for each point in the network and leave the ports. Seeing SIP headers and SDP can indicate the presence of an ALG or something broken in config logic. Also, what is the parameter you give to force_rtp_proxy(...)? Cheers, Daniel On 3/2/11 8:38 AM, Spinov Evgeniy wrote: May be I miss some important details? No suggestions? Thank you. Hello, all. Using nathelper + rtpproxy for subj. Kamailio has public and private network interfaces. Asterisk is only private. RTP Proxy is working in bridge mode and relaying traffic from UAC to Asterisks. Everything is working fine, except one configuration. When the client is behind router ( a specific one, I do not have an access there to check ), and this UAC is making a call to other public extension, which is behind router, then RTP Proxy is relaying traffic to the caller, using another UDP port, then the packets arrive. For instance: UAC 1 - UAC 2 PUBLIC_IP:10 KAMAILIO_IP: KAMAILIO_IP:5678 PUBLIC_IP:12 While for the UAC 2 it looks like: PUBLIC_IP:20 KAMAILIO_IP:6767 KAMAILIO_IP:4564 PUBLIC_IP:20 The source and destination UDP ports are the same. As result, I can hear UAC 1 and he cannot hear me. In case of we have UAC 3, which is behind other router, call is working fine with same configuration. It's routers fault you can say, but in the same configuration ( I mean network, not kamailio ) it worked, but when RTPProxy was not in bridge mode and Kamailio and Asterisks were in public network. Reinvites are not allowed in both cases. The question is, why the source and destination UDP ports are different? Using STUN in first case, cause without it, private IP written in contacts and as result, traffic relayed from Kamailio is incorrect, cause heading to private network which is unreachable. Any ideas where to dig? ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT Traversal IPTel example
Hello On 5/5/10 9:00 AM, Andy Savage wrote: Hi there, I've been setting up SER for a testing server on the local network behind a NAT. I'm having problems understanding how to setup the NAT routing in the configuration file. My understanding is that IPTel has already setup advanced NAT routing on the free service (as per the website). Is it possible to get a copy of the configuration file (atleast the part that has the NAT routing stuff). This would help me immensely in getting proper nat traversal setup as it already works great on the IPTel server. Not sure who I would contact in regards to this, but this seemed like a good place to start. in the etc directory of sources you have several configuration files, oob.cfg should be pretty much what iptel.org has, afaik. also, kamailio flavour config, kamailio.cfg has nat traversal guidelines. Cheers, Daniel Kind regards, Andy Savage -- The greatest challenge to any thinker is stating the problem in a way that will allow a solution - Bertrand Russell Andy Savage Cell Phone: +852 936 34341 Skype ID: andy_savage Linked In: http://www.linkedin.com/in/andysavage ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla * http://www.asipto.com/ * http://twitter.com/miconda * http://www.linkedin.com/in/danielconstantinmierla ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users