Hello Guys,
I’m trying to configure my Asterisk behind NAT with local media. At the moment If I set:
nat=yes
everything works good, however the RTP goes through Asterisk, the INVITE sent to the phone has the public IP of Asterisk on its Body.
I would like to have the signaling using the public IP but the media using local IP. Is it possible ?
Asterisk version: 16.16.1
Thanks !!
nat=yes is deprecated.
chan_sip is deprecated.
I suspect the answer is it can’t be done, unless both endpoints and Asterisk are in the same intranet, but if it can you will need to enable directmedia (if you are using example configurations that have nat==yes, they may use the, deprecated, name canreinvite for this).
Do not use directrtpsetup, as it has never been supported.
Please also describe your topology so that I can understand what, if any nat= workarounds are needed. I think you either have a very tricky configuration, or you are overcomplicating things.
Note that, if you can get directmedia to take, it will be necessary for the end points to be mutually routable and for them to be including the routable IP address, for direct routing, in their SDP.
Please also provide the complete general section, of sip.conf, and the sections relating to the end points in question. Obfuscate passwords, and public IP addresses. Make sure that it clear whether addresses are public or private, and for private addresses, to which intranet they belong.
I miss typed the parameters… I’m using PJSIP, not chan_sip and the parameters I’m using at the moment are:
direct_media=yes
force_rport=no
rtp_symmetric=no
rewrite_contact=yes
I have configured on my protocol:
external_signaling_address=public ip
external_media_address=public ip
local_net=192.168.0.0/24
local_net=127.0.0.1/32
Now my topology is:
Asterisk <-> Firewall <-> Internet <-> Firewall <-> Phones A, Phone B, Phone C and so on…
Thanks !
What signalling and media addresses are the phones sending?
From Phone A:
o=- 3844325723 3844325723 IN IP4 192.168.0.8
After all dialplan rules were executed:
To Phone B:
o=- 3844325723 3844325725 IN IP4 177.3.10.5
I tried to remove from protocol: external_media_address=177.3.10.5 then asterisk starts to insert its own local IP.
Asterisk is not sending to the Phone B the media address received from Phone A.
I think the chances of this being supported are very slim. NAT of any sort is a hack and back to back NAT makes things even more confusing. It would be best to have a satellite PABX, or to create a virtual network, so the internet was hidden.
To stand any chance, you would need discrete sub-networks address ranges.
Also, it is the c= line that matters, although that is probably the same.
Typically phones can’t cope with a mixture of NAT and non-NAT, even if they can be made NAT aware.
Also remember that many things you can do with Asterisk require it to be in the media stream, so will disable direct media (in the case of FreePBX it is difficult or impossible to meet the conditions to allow direct media.)
Thanks for your help !! I really appreciate it and I will continue trying If I find a way I share !
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.