Thank you david for the answer, I actually still in need for more details
Do I need to setup a vpn server (eg, OpenVPN), and then set asterisk to send the traffic to the vpn and from there to the end points and vice versa, or how it should work.
Also, it would be highly appreciated if you provide more simple details on how to use force_rport, symmetric_rtp, and rewrite_contact, to have Asterisk use de facto peer addresses, and how to use STUN to let the endpoint discover its own address!!!
hmmm yes I’m still in beginning of the journey with Asterisk and there are lots of things I need to do my homework to gain knowledge about them.
If you think that it will take much time for you to explain in details then maybe you would refer some resources or links to read,
Does your Asterisk server live behind NAT as well? If not, you should not really need to do much.
Configure your endpoints with the following settings in the PJSIP configuration file:
; If using pjsip_wizard.conf, prefix all lines with endpoint/
rewrite_contact = yes
force_rport = yes
rtp_symmetric = yes
direct_media = no
If you have Asterisk behind NAT as well, and needs access from the outside, the easiest and best option is to move Asterisk outside your NAT, on a public IP address. VoIP and NAT can be quite a challenge if everyone is behind NAT, but usually works flawlessly, if Asterisk has a public IP address.