More than one IP phone behind single NAT public IP address

Hi All,

Maybe this is a topic that has been covered and discussed many times before, but I couldn’t find any real/satisfactory answers to my questions.

I know, please correct me if I was wrong, that Asterisk can’t handle more than one IP phone behind a single NAT router whith same public IP address.

Scenario:

1- Asterisk server itself is NOT behind NAT, its publicly hosted on the Internet with public IP address configured on the NIC.

2- Remote Office, with a DSL link, of course, with a single public IP address on the WAN interface. On this office 5 IP phones are connected to the LAN (all using 192.168.1.0 private addresses).

3- All the phones are using SIP UDP port 5060 for signlaing.

4- None of the phones had their RTP port ranges tampered with or changed in any way.

Questions:

1- Could these phones all register successfully to the server using the same port 5060?

2- Could these phones dial one another (extension-to-extension calls) without any mishapps or issues?

3- Do we need to change any thing with this setup to get it to work properly without any SIP or RTP issues?

Thanks for your support

My company has a similar configuration: An Asterisk box at the main office and a few phones at a retail store, which register over the internet to the office server. However, we get around the NAT issue by employing a VPN. We didn’t do this specifically for the phones, but it worked well for them straightaway. VPN does add overhead to the packets, but fortunately in our case it’s very minimal (probably because we have the same ISP on each end.)

I’ve never had to deploy more than one IP phone behind NAT, but I hear it’s troublesome. For a bit more background, look at the “SIP and NAT” (page 190) and “IAX” (page 106) topics in the Asterisk book here: downloads.oreilly.com/books/9780596510480.pdf

Hi,

thanks for your reply. I know that we can get rid of NAT bu using VPN. But this not scalable solution. we can’t setup VPN for all clients that belong to ITSP.

Any other ideas?

1- Could these phones all register successfully to the server using the same port 5060?

yes, because when those phone 's sip message go out the router by nat, their source port must be changed to very different port. asterisk will use those port instead.

2- Could these phones dial one another (extension-to-extension calls) without any mishapps or issues?

yes. it work but all rtp will be forward to the asterisk.

3- Do we need to change any thing with this setup to get it to work properly without any SIP or RTP issues?

nothing, just have the nat option on.

www.telecomchinasourcing.com/knowledge

Thanks telecomchina,

That means the only problem is RTP stream still going over the WAN when 2 extensions are talking to each other.

But I guess with G.729 Codec its not of a big deal.

Are you using G.729 Codec? which do you recommend, Digium?

Thanks