Hello, I can’t quite wrap my head around this one - So I am requesting input…here is my config:
-Asterisk PBX is on 192.168.1.x and is behing a nat’ed router (Obviously)
-I have a remote network of 10.10.40.x with a Grandstream GXT2000 also behind NAT
-The two net’s have a pin up VPN tunnel established (router to router)
-You can ping both ways between the nets to any device just fine
So my question is…do I need to mess with the NAT config on either side? I would think the tunnel would eliminate the need for any NAT transversal config, but I can’t seem to get the remote phone to register via sip?
-Could it be that asterisk won’t take registrations from the 10.10.40.x IP? The asterisk docs indicate that all private nets are considered local nets?
In the GUI > SIP Config > Local Network Address is - 192.168.1.0/255.255.255.0
? How do I set two local nets in the box…separate with a comma?
I have set no static routes in Rpath…can you elaborate on this? I am familiar with windows routing and a noob to Linux…although I can SSH in and navigate Rpath, I have no idea the syntax to set a static route.
I assumed the router would be smart enough to handle it as the two nets can ping each other…the Localnet GW (192.168.1.1) is the same physical device that is doing the tunnel…so technically they would have the same local gw (???). I would think that a packet hitting the router for the 10.10.40 net would get auto routed across the tunnel…but really I have no idea…that is the only way I can explain ping working from the 192 net to the 10 net.
Local Network Address: ‘192.168.0.0/255.255.0.0’ : All RFC 1918 addresses are local networks, ‘10.0.0.0/255.0.0.0’ : Also RFC1918, ‘172.16.0.0/12’ : Another RFC1918 with CIDR notation, ‘169.254.0.0/255.255.0.0’ : Zero conf local network
so I assume that asterisk assumes the 10.10.40 net is local
Well, it looks like RIP was the trick…it just took a few minutes to register…but then i couldn’t make a call of any sorts…did a reboot of the phone, then it wouldn’t register?
Are there any NAT settings I need to worry about ya think?
I thought this behavior was nothing to worry about, but now I think it may be a indication of something…
When I go to the remote IP phone (10.10.40.x) from the local network (192.168.1.x), the web interface starts to load, then hangs forever…like everything loads but the password box (the only input box) and the submit btn???
From the 10.10.40.x net, the web interface works as expected?
About 2500 ping’s 0% packet loss, between 40 and 50ms latency…that is fricking outstanding!
remote PC to local server and server to remote phone, both look the same?
I am no routing expert (maybe a routing pro), is it possible that there is a routing difference between ping and sip/UDP?
Things that make you go hmmmmmmmmm!
Does everyone agree that my config warrants NO NAT considerations? It seems to me that the tunnel would exempt me from needing nat translation as the two nets clearly know about each-other.
Another tidbit: Here is the tracert from local server to remote phone:
U:>tracert 10.10.40.116
Tracing route to 10.10.40.116 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 192.168.1.1
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 333 ms 442 ms 338 ms 10.10.40.116
Trace complete.
NOT what I expected…1 is the local router, 2,3,and 4?? One of those should be the remote router, then 5 is the remote phone. I wonder why they are not responding and why there are 3 in the middle (I would think there would be just one in the middle).
Ah ha! Tracepath (rpath traceroute) from PBX to phone fails at the local router 192.168.1.1 ???
Here is the PBX routing table:
[root@PBX bin]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
10.10.40.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
[root@PBX bin]#
The plot thickens…in fact, it turned black and is all gooey…little bit of smoke…
