I have a double NAT problem where the softphones are behind this network.
My IPBX server is in clound with a public IP.
I would like to know how I can configure the softphones so that the audio works, I can start a call session but I cannot pass audio between them.
I already configured rtp_symmetric=yes, force_rport=yes, direct_media=no, rewrite_contact=yes, ice_support=yes.
Was there anything else to do in this case?
Ex: sub net 10.0.0.0 > net gw 192.168.0.0 >(firewall) > IP external public > IP public IPBX
Double Nat is one of the worst things you can have when dealing with rtp. Also it depends a lot on the routers / firewalls you have.
The first thing I would try is set rtp_keepalive=1 at the endpoints as it sends rtp packets immediately and may helps to open the ports at the right time.
rtp_keepalive on endpoints didn’t work for me.
Only after 2 minutes I have audio stream.
I also added the invalid ip of gw that does the nat in media_address, however it doesn’t hear any changes in the SDP.
Would it be ideal to change this network to a network with a single NAT?
If you are able to change the network to single Nat, chances are high that it will work.
Another thing that I like to do in complicated Nat situations is to use VPN. You could install openvpn or zerotier on your vps and your clients and it will work like an ethernet cable without any Nat problems. Especially zerotier is set up in five minutes.
As a nice side effect you also add an extra layer of security since traffic is encrypted then.