Anyone out there?

I’m still amazed of how complicated is to get my “simple” Asterisk configuration up running. It should be far more simple as it is (I guess) a common configuration.

I have Asterisk server at office behind NAT and a client in a home LAN also behind NAT. I went over lot of information but no one seems to come with a robust solution (if any). In my opinion, the Asterisk documentation in this field is poor (from my newbie eyes) since it doesn’t explain the implications it has to be in different scenarios and what actions should be taken at server or client to fix it. I guess that if it is not there that is because the documentation team think that it is out scope.

I tried many different configurations of sip.conf but none will work properly.

Did anyone have the same issues? How did you fix it?


That’s not a simple configuration. Amongst other things, it depends on how both routers handle NATting of SIP, and what NAT support there is in the phone.

I totally agree with you David. At least it’s not a simple configuration regarding the effort that is taking me trying to set it up. I guess this post is a mix of claiming and asking for support. I already read more of half the book “Asterisk: the definitive guide”. It is an excellent book but I do myself a question: Is it so hard for those people whom wrote the book (as Leife Madsen is one of the authors of dCAP tests for example) to work a dedicated section in the documentation for this purpose as so many people are having this problem?

I already begun to read from the start (SIP rfc) and I will try to understand everything that takes place in the cause of the problem and one thing I’m sure. As soon as I get it I will explain it to others or make a good (aplicable) summary of the different scenarios. At least this is what I would like others to do for me. If I didn’t do it yet is because I just got into the Asterisk world (2 months ago) and I didn’t have as much time as I would liked.

Hey, you MASTERS, get out here and help us! :wink:

Anyway, I should say thanks to everyone in this forum. Just the fact of being around here says a lot (mainly those who try to help!).

Use two VPN capable routers and establish a VPN tunnel between the two locations. That way all the VoIP traffic will flow via the VPN tunnel and all NAT troubles will go away :wink:

Hi BorjaGVO!

I got around NAT by portforwarding the following ports in my firewall to my Asterisk server:

SIP_PORT="5060:5082" IAX_PORT="5036" IAX2_PORT="4569" RTP_PORT="10000:20000"
Hope this helps you out!

if you use port forwarding, heavily advisable to shorten that port range of RTP down to what you need.

Thinking about it, our IT department actually used the VPN approach, but they didn’t have to think about it, as the VPN was already there.

Thanks dejanst, nypon…good point riva!

Today I’m taking an examn and didn’t have time to spend on this. As soon as I finish with work I’ll go over all of this and I’ll post my results.

Thanks guys!

When you say “to what you need” what do you mean?
What port range do you think is better for me?
Does anybody know what to think of when setting the RTP span?
I just found on the net that 10000 - 20000 would be OK to have for the RTP span!

When you say “to what you need” what do you mean?
What port range do you think is better for me?
Does anybody know what to think of when setting the RTP span?
I just found on the net that 10000 - 20000 would be OK to have for the RTP span![/quote]

As long as I know, RTP/RTPC uses up to 4 ports per call. It can use just a pair of ports (one even port for RTP and the following number for RTCP). So when it’s said to shorten the range it means that you should arrange your port range according to your needs. Doesn’t make too much sense to specify such a large range of ports if your system is just going to handle a few concurrent calls.

The use of 2 or 4 ports per call depends for example wether you use symmetric RTP/RTCP or not:

Please, anyone correct me if I’m missing something.

I hope this clarifies your doubt.

Hi BorjaGVO and thanks for your reply!

I understand a bit more now and I will shorten the range!

But I think I also need to read a little about
asymmetric RTP and asymmetric RTCP and
symmetric RTP or symmetric RTCP to understand a bit more!

Thanks for the info! :smiley:

After one week with the worst flu ever I came up with something new. I read big part of a book explaining SIP protocol (the author is one of whom wrote the rfc).
I did a few captures with wireshark and try several configurations within X-lite. I left the option in the field “firewall traversal” as "Auto/detect firewall traversal method using ICE. As server address I-m using one free that I found on the internet:

It doesn’t work. In the INVITE Request, in the VIA header X/lite puts the local address instead of the public. Here it is the INVITE:

I think there can be one of the problems. Could be the Xlite?