Hi,
I have spent days trying to solve my problem with sip and asterisk, Local users on the same network are ok but remote users behind various broadband routers can connect and dial but get no voice.
All people use eyebeam sip softphone.
Tried so many google guides Im now quite stuck.
Setup.
- Asterisk 1.2.1 box with sip phones. rtp set to 10000-10500 udp
- Broadband Gateway server / Modem using linux NAT + iptables firewall
Forwads 5060 + 10000-10500 UDP from public IP to asterisk box.
4 . Internet
- Broadband Router Uses Nat (Remote user)
- Remote user lan with sip softphone.
(ASTERISK Box connects to normal bt phone lines via tmd400p (No probs witht this)
Local lan users on the same lan as asterisk all works ok.
Just the remote ones behind there own nat routers.
I cannot put the server in a dmz zone what alternatives are there.
Cannot really change to iax as the eyebeam softphone supports pc +mac+linux and Video and I have not seen a IAX softphone which supports all of this.
Thanks
Nick
Sip.conf
port=5060
bindaddr = 192.168.10.210
srvlookup=yes
nat=yes
localnet = 192.168.10.0/24
externip=xx,xx,xx,xx (our public ip)
dissallow=all
allow=alaw
canreinvite=no
[602]
type=friend
username=602
secret=password
nat=yes
host=dynamic
extensions.conf
exten => 1000,1,Voicemailmain()
exten => 1000,2,HangUp()
(voice mail) Dial it and you should hear voicemail menu
You also need to add 5061 and sometimes 5000.
Also NAT is not your best friend. I have had problems in the past. Trying use pass thru. Also you need to configure your public IP in sip.conf
nat=yes ; Tells system that you are using NAT
canreinvite=no ; Allow clients to directly connect if set to yes. Set to no if behind NAT.
Thanks for the thing about port 5061. I will try that tonight from home.
On the Passthru what do you mean. ?
Our linux firewall box has rules on iptables NAT Prerouting part to
Destination NAT If protocol is UDP and destination is publicIP and input interface is ppp0 and destination port is 5060:5061
Destination NAT If protocol is UDP and destination is PublicIP and input interface is ppp0 and destination port is 10000:10500
Nick
What is in your /etc/asterisk/rtp.conf? Also, what are the configurations at the endpoints/users locations?
Just
[general]
rtpstart=10000
rtpend=10500
The users on the same lan just use eyebeam and set the sip server to the asterisk box. Dial out is through a tdm400 card.
users at home on broadband connection eyebeam sip points to our public ip address.
All users have sip listen port set to 5060.
Nick
Do your users have their RTP ports open on their broadband networks as well? Have you considered using a STUN server?
yes the rtp ports 10000-10500 UPD are portforward on the firewall to asterisk box and also all pcs at work have access to ports 10000-10500.
my router i use at home does not block any outgoing or incomming ports as i have even turned the firewall of to test it.
If i use a stun server do i need to modify any asterisk confg and do
the remote eyebeams need to point to it or every sip phone we use no matter where it is. ?
Nick
Hi
Just tried it and I now have remote sip clients behind nat connecting to our asterisk server which is behind nat OK.!!
I think my problem is caused by some old adsl routers and there builtin firewall.
Thanks for you tips.
Nick