NAT issues

I don’t have audio from external locations. My Asterisk has a public IP address.

asterisco*CLI> sip show peers
Name/username              Host            Dyn Nat ACL Port     Status               
Off-net                       200.xx.xx.15      N               5060     Unmonitored           
6005                       (Unspecified)    D   N                0         UNKNOWN              
6004/6004           D   N         5060     OK (39 ms)           
6003/6003           D              5060     OK (35 ms)           
6002/6002                  201.xx.xx.218     D   N         5060     OK (85 ms)           
6001/6001                  201.xx.xx.137     D   N         5060     OK (37 ms)           
43222999                   (Unspecified)       D   N           0        UNKNOWN              
7 sip peers [Monitored: 4 online, 2 offline Unmonitored: 1 online, 0 offline]



The external extension


RTP debug (it doesn’t show the public IP address from my external extension)

Sent RTP packet to (type 18, seq 008915, ts 007200, len 000020)
Got  RTP packet from (type 18, seq 014875, ts 007360, len 000020)
Sent RTP packet to (type 18, seq 008916, ts 007360, len 000020)
Got  RTP packet from (type 18, seq 014876, ts 007520, len 000020)
Sent RTP packet to (type 18, seq 008917, ts 007520, len 000020)
Got  RTP packet from (type 18, seq 014877, ts 007680, len 000020)
Sent RTP packet to (type 18, seq 008918, ts 007680, len 000020)
Got  RTP packet from (type 18, seq 014878, ts 007840, len 000020)
Sent RTP packet to (type 18, seq 008919, ts 007840, len 000020)
Got  RTP packet from (type 18, seq 014879, ts 008000, len 000020)
Sent RTP packet to (type 18, seq 008920, ts 008000, len 000020)
Got  RTP packet from (type 18, seq 014880, ts 008160, len 000020)
Sent RTP packet to (type 18, seq 008921, ts 008160, len 000020)
Got  RTP packet from (type 18, seq 014881, ts 008320, len 000020)
Sent RTP packet to (type 18, seq 008922, ts 008320, len 000020)
Got  RTP packet from (type 18, seq 014882, ts 008480, len 000020)
Sent RTP packet to (type 18, seq 008923, ts 008480, len 000020)
Got  RTP packet from (type 18, seq 014883, ts 008640, len 000020)
Sent RTP packet to (type 18, seq 008924, ts 008640, len 000020)
Got  RTP packet from (type 18, seq 014884, ts 008800, len 000020)
Sent RTP packet to (type 18, seq 008925, ts 008800, len 000020)

Is not a codec issues, it must be a RTP trouble.
any idea?

Any idea guys?

I think Asterisk is not resolving NAT, because the RTP packets are going to private IP address.

How can I fix that?


You can use stun server with the phones… I had the same problem and it solved.

How does this thread differ from


If the Asterisk box is on a public IP address, then you should be OK.
If the box is behind NAT too, you will have to forward the UDP ports for SIP and UDP ports from the extrernal IP of the router to the asterisk box + some other work. haven’t tried it yet, but will be doing it soon.

Good luck

There’s no sound for remote clients when calling to my Asterisk behind NAT. It plays ringing tone though.

I’ve set following in the


externip = public ip address for the broadband router


Also, I’ve done port forwarding to the Asterisk server, for ports like 5060, 10001-20000.

When using CLI command sip show peers
the NAT column for a natuser connected from a x-lite client shows N. That means, it can’t recognize the client as from a NATed connection, eventhough the user is configure to use NAT all the times.

When testing with the X-lite client networking, it says the firewall type is BLOCKED. But, I’ve disabled firewall on my PC. Do I need to do port forwarding to my PC on the router? However, this is not a preferred solution.

It seems that Asterisk does not regconize the NAT connection from external network, please help.

What sort of router do you have ?

What sort of firewal rules do you have running on it ??

Do the clients stay registered or do they drop out after a minute or so ???

Remember to use:



I’m using Linksys WRT54GR at home. There’s no firewall rule being set on the routers or Windows.

The phone can be registered without any problem. It can make and receive phone call without sound on both ends.

What I’ve figured it out is that the Asterisk does not recognize the remote client is using NAT. It shows the NAT status as N as shown by SIP SHOW PEERS. The debug log shows that Asterisk was trying to send audio to the private IP of the remote client, so the audio doesn’t send out of the NAT.

The remote client in SIP.conf was already marked NAT=YES. Thanks for your help.

OK, so your SIP is OK

I just tried X-ten on my system. All worked OK. Same setup.

Have you got a SIP hadset or just soft clients ???

Try the soft SNOM 360. Its sorta kinda OK, and it does work through NAT

Have you tried form behind a different router ? Somewhere else ?

Is there something on the router for managing SIP already that could be causing grief ??

Try running something like SmartSniff to see whats going on

Can you connect if you just use a PPPoE bridge and give the client a direct connection to the internet.

Can you run your X ten client into a free SIP service and make it work ?

Divide and conquor, swear a little and when its all over, you’ll be able to post a “Guess what I forgot to do…” post that someone at your stage now at around 3am will totally miss the point of before it finally dawns on him at work the following morning during coffee break.

Good luck and keep us informed

ps. Are you happy to give me a login so I can test off line ?? I can return the same favour to you on my system ? PM me if you want

Thanks, Chris.

I test with a soft phone client, because this will be used by remote users.

For the same configuration, there’s no problems for the soft phone to hear voice when it connects to the broad band modem directly, ie, by pass the broadband router at home. So, the settings on the Asterisk server works.

Do I need to do port forwording on the home router? However, it’s not the preferred way.

I have the same situation as sadzas posted. It seems that the Asterisk server does not recognize the user connection is a NATted connection. The NAT status is N. Could this be the real issue? And I also believe it’s a RTP issue. The packet sniff shows that the RTP was sent from the Asterisk (private IP) to the remote client’s (private IP). But, these are under two private networks and it’s not routable.

It works fine with VPN connection. But, this will slow down the traffic, so it’s not my preferred solution too.

Thank you very much for all your input and efforts.


Additional information,

In the SIP.conf, I’m using the local net as, while the private networking at home is using



The X-lite is using port range UDP 15000-16000, which has forwarding to the Asterisk server.

How are you going ???

The sip.conf looks fine.

Have you tried the X-ten client with a free SIP service and done an echo test ?? does that work ?? Can you get it to work that way ??

Let me know how you go…