Hi,

My implement is quite simple:

[sip 7960] --------- (internal) [Kamikaze + asterisk1.4.9] (external) ------ X-Lite.

2 sip devices can call each other, just no audio going thru. If I register X-Lite on the internal network, no problem at all. Is this a problem with NAT & RTP? the file /etc/firewall.user is like this:

#!/bin/sh

Copyright © 2006 OpenWrt.org

iptables -F input_rule
iptables -F output_rule
iptables -F forwarding_rule
iptables -t nat -F prerouting_rule
iptables -t nat -F postrouting_rule

The following chains are for traffic directed at the IP of the

WAN interface

iptables -F input_wan
iptables -F forwarding_wan
iptables -t nat -F prerouting_wan

Open port to WAN

– This allows port 22 to be answered by (dropbear on) the router

iptables -t nat -A prerouting_wan -p tcp --dport 22 -j ACCEPT
iptables -A input_wan -p tcp --dport 22 -j ACCEPT

– for SIP server

iptables -t nat -A prerouting_wan -p tcp --dport 5060 -j ACCEPT
iptables -A input_wan -p tcp --dport 5060 -j ACCEPT
iptables -t nat -A prerouting_wan -p udp --dport 5060 -j ACCEPT
iptables -A input_wan -p udp --dport 5060 -j ACCEPT

Port forwarding

– This forwards port 8080 on the WAN to port 80 on 192.168.1.2

iptables -t nat -A prerouting_wan -p tcp --dport 8080 -j DNAT --to 192.168.1.2:80

iptables -A forwarding_wan -p tcp --dport 80 -d 192.168.1.2 -j ACCEPT

DMZ

– Connections to ports not handled above will be forwarded to 192.168.1.2

iptables -t nat -A prerouting_wan -j DNAT --to 192.168.1.2

iptables -A forwarding_wan -d 192.168.1.2 -j ACCEPT

Please advise, thanks.
Jon

You forgot to open the rtp ports for audio in the firewall, Asterisk uses udp ports range 10000-20000, check in rtp.conf.

Cheers.

Marco Bruni

Resolved. Thanks.