Clearing up confusion about Router device!

Hi there,

I am working with a developper who installed Asterisk on my Ubuntu Server. We are able to call but not receive calls. He suggested me to connect my server directly on my dsl modem because he is thinking that the problem may be my router. I don’t really like that option since I think that it will make my server more vulnerable to attack.

Can someone suggest me a router to buy (this is a very simple installation: only two lines) that is compatible with Asterisk. Right now I have a Cisco WRT-400N on which I installed DD-WRT.

I am very confused about router and Asterisk. I read a lot of forum talking about installing Asterisk directly on the router ?! Do I have to go through that kind of complex installation to be able to connect on my server and use Asterisk properly ???

Thank you very much for your advice on this matter, this will help me a lot !!!

Have you forwarded incoming traffic on port 5060 and whatever ports you have configured in rtp.conf to your Ubuntu server? On dd-wrt this in under the nat/qos tab. You will of course then be open to hacking attempts, so you should also read the security advice for asterisk and install a program like fail2ban to minimise break-in attempts.

Ian

The complexities arise through NAT and firewalls, not the use of routers. Firewalls obviously have to be open for SIP, RTP, DNS etc.

The desination of a SIP connection is a server, and NAT and servers have an uneasy relationship.

The specific problem people get with some routers is that they try and do something clever with SIP. You generally don’t want them to do that with Asterisk. You want Asterisk to handle the problems of working through NAT. If the router offers something called something like “SIP-ALG”, turn that off.

Thanks for taking the time to answer me.

Yes these ports have been forwarded :
Port 2000 TCP/UDP
Port 4569 UDP
Port 5000-5500 UDP
Port 10000-20000 UDP

rtp.conf configure accordingly. And I do have fail2ban installed !

Even with firewalls down (ubuntu & router) I still cannot received calls.

Concerning SIP-ALG, there is no such feature on dd-wrt. But I read about Siproxd http://www.dd-wrt.com/wiki/index.php/Siproxd (http://siproxd.sourceforge.net/) could this correct the problem ? If so this means that the issue could be with the router firmware ?

I’ve also read that the use of openwrt could be more suitable… but once again were going back to the router firmware issue ???

My answer would be: Establish a VPN connection between sites and run all telephony via the VPN tunnel. Very secure and no NAT.