Extension on LAN ->Asterisk ->VoIP provider->PSTN

Hi guys, I installed asterisk on my server, and my server connect to internet by a ADSL modem… and I didn’t use any firewall or router.
Calls between extensions on the LAN is all ok.
but when I’m making call to PSTN via the SIP trunk to my voip provider. I can hear from the pstn clearly ,but the pstn extension cannot hear anything from me…
Someone told me that maybe the RTP port was blocked, but I don’t have any firewall or router enabled. the server connect to Internet just using a pppoe dialup link.
could someone tell me how to solve my problem ?thanks!
any help is appreciated! :smile:

Not using a firewall is incredibly risky. The average life of an unprotected Windows machine with a direct internet connection is supposedly 12 minutes before some form of malware appears on it… Linux is rather better, but still not bombproof without a firewall.

Your setup as shown & described does not quite make sense?
For the 8000/8001 extensions on the LAN to access the internet presumably you are running an internet connection sharing utility - this is a form of NAT (Network address translation) system, as in a NAT Firewall.

What are the IP addresses of the 8000/8001 extensions - if they are 192.168.x.x or 10.x.x.x then they are behind NAT.

If you actually have a block of ‘public IPs’ so each device has it’s own public address, you would need a router running on the server to direct each address to the correct device?

For more than one device to be using the same public IP address, you need some method of directing or routing the data correctly.

Personally, I would never use a simple modem on a server of any description (and advise against it on individual PCs).
Get a cheap ethernet-connected ADSL box which has built-in NAT firewall and fully configurable port forwarding, so you can allow the connections you want and block everything else.
There are many makes about, just make sure it’s a fully configurable generic unit and not a crippled one supplied for a specific ISP.

I have a D-Link DSL-524 on my own home setup, I don’t claim it’s good or bad but it is very configurable, has Quality of service facilities so voice traffic takes priority over general internet data - and it was cheap on ebay…

On the basics of your Asterisk setup, assume that it IS working via NAT and set everything up accordingly.

Specifically, in your sip.conf you need localnet to define addresses inside the NAT, e.g. localnet = (assuming the LAN addresses are 192.168.x.x).
Also define externip so Asterisk can put the correct external ‘reply’ address in the data packets.

This is where it gets tricky, as I don’t know if that works unless you have a static IP address… The line is usually something like

externip = obviously with your actual IP.

Also make sure you have

nat=yes canreinvite=noin each SIP extension’s settings.

As your main problem appears to be with outward data, just these two lines may help fix things.

thanks for your reply and advice rjenkins!!
I setup up this network environment just to test the sip call, so I didn’t spent any time on configuring firewall. :smile:
I’ll try to reconfigure my Asterisk server according your advice tomorrow, then I’ll post the result as soon as I finish it.
thanks again for your help!