Asterisk NAT Routing Libvirt (iptables)

Hi,
I have asterisk running in a VM using Libvirt. When I try to connect to the system it connects fine but I do not hear any audio.

My iptables settings on the host:

iptables -I FORWARD -o virbr0 -d $guestip -j ACCEPT
iptables -t nat -I PREROUTING -p udp -d $hostip --dport 5060 -j DNAT --to $guestip:5060
iptables -t nat -I PREROUTING -p udp -d $hostip --dport 10000:10500 -j DNAT --to $guestip:10000-10500

rtp.conf is using 10000 -> 10500

Any suggestions? Im sure there is some iptable rule I’m not getting right but Im not sure what it is.

First, is there a specific reason why you are using the virtual bridge? In case you want to communicate with the world, you’d end up with at least two NAT boundaries. Inside a LAN, a simple macvtap bridge should be more straightforward and the rest would also be easier.

Instead of showing parts of your firewall configuration, you should show the actual SIP communication (sip set debug on, or pjsip set logger on). There’s not much we can see here and any help would be guessing only.

Here is what Im trying to do:

Screen Shot 2019-12-06 at 8.47.38 PM.png830×157 12 KB

The problem is the I/Client connect to the Main Asterisk Server no problem but I dont hear any sound from the server.
If I play a file to the client via the Proxy I hear sound (tells me forwarding is correct) but for some reason I cant get sound back going to the main server -> client.

My iptables:

dest=192.168.122.2
iptables -t nat -I PREROUTING -p udp -d $host --dport 5060:5080 -j DNAT --to-destination $dest:5060-5080
iptables -t nat -I PREROUTING -p udp -d $host --dport 10000:20000 -j DNAT --to-destination $dest:10000-20000
iptables -I FORWARD -m state -d 192.168.122.0/24 --state NEW,RELATED,ESTABLISHED -j ACCEPT

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.