I was wondering if it is possible to allow direct_media only when endpoints are on the same subnet? Here is my situation:
50 internal phones on a subnet behind a firewall.
Asterisk box multihomed with one interface on above network, one interface on public internet
VOIP provider that does not proxy media and therefore requires direct_media=yes.
If the internal phones are configured as endpoints with direct_media=no, then everything works fine for phone-to-phone calling and also phone-VOIP calling. However we have a lot of internal phone-to-phone calling so it would nice for that media to not have to go through the Asterisk box.
When I set direct_media=yes for the phone endpoints, then phone-to-phone calling works fine, but phone-VOIP calling has no sound because the media cannot pass through the firewall and needs to go through the asterisk box.
Is there a way to configure Asterisk to allow reinvites when the two endpoints are in the same local network, but not when one endpoint is outside?
My transport is set with local_net, external_media_address and external_signalling_address defined. I am also aware that there is at disable_direct_media_on_nat option, but setting it to yes in the endpoint configuration for the phones or the VOIP provider endpoint does not seem to make any difference, so I do not understand how Asterisk determines whether NAT is involved or not.
You should not need “direct_media” on the VoIP provider. It has no relation to whether they proxy media or not, but whether Asterisk should proxy or not. Asterisk itself doesn’t know what the VoIP provider is doing and it doesn’t matter to it.
Setting direct_media = no on the trunk endpoint configuration in pjsip.conf results in no sound when making outbound VOIP calls to the PSTN. I am not well versed in the SIP protocol, but doesn’t direct_media need to be set to yes for reinvites to work, which is required by the VOIP company because all RTP must go directly between my asterisk box and the outbound upstream carriers used by the VOIP company? In their documentation example (which is for sip.conf), it says that canreinvite must be set to yes.
What works:
direct_media=no for all phones in my LAN, direct_media=yes on the trunk endpoint for outbound calls to the VOIP company that requires RTP flow from asterisk directly to the upstream carrier used. This works, but now even RTP between phones on the same network goes through asterisk.
Setting direct_media=no on the trunk endpoint results in no sound for outbound calls via the VOIP trunk.
Again, what I’d like is for reinvites to be allowed between endpoints on the same subnet, but not if endpoints are on different subnets.
I tried a different VOIP provider that does accept RTP for outbound calls, and in that case I can set direct_media=yes for phone enpoints on my LAN and direct_media=no on the trunk endpoint configuration. However I can’t do this on the original VOIP company that requires canreinvite=yes.
The options in Asterisk are for whether Asterisk will initiate a re-INVITE to have media go directly. It will always receive and process a re-INVITE, and unless you use symmetric RTP Asterisk will always send media where it is told to go in the SDP.
I’d suggest examining things to understand what exactly is going on when the options are set. Look at a packet capture to see where media is actually going, look at the SDP to see where Asterisk is telling things to go.