NAT problems?


My asterisk is located in DMZ, on firewall (edge router) there is port forwarding
(udp packets 1024-32000 from internet are forwarded to asterisk).

In rtp.conf:

In sip.conf in [general] i have:

Outgoing connections from my server (local clients connecting to server) to the world works fine. Incoming connections (using SIP provider) from world to my server are disconnected after 20 seconds (always). In logs:

[Mar 19 14:31:35] WARNING[6437]: chan_sip.c:1881 retrans_pkt: Maximum retries exceeded on transmission 8413D75-D55511DB-8F5CDCA3-A41DF0A8@ for seqno 101 (Critical Response)
[Mar 19 14:31:35] WARNING[6437]: chan_sip.c:1898 retrans_pkt: Hanging up call 8413D75-D55511DB-8F5CDCA3-A41DF0A8@ - no reply to our critical packet.

Why ? What’s wrong ? Could anybody help ?


Look here and make sure things are setup correctly, it is what got me going; … ight=drwho

I have the same problem and the suggested tutorial hasn’t solved my problem.
I have the following scheme design:

Local users — AsteriskNOW Beta4 — NAT item — Internet — NAT ITEM — Users

–>I have included the following parameters in each account in the users.conf:
nat = yes
qualify = 3000

–> In sip.conf I have configured
nat = yes
canreinvite = nonat ;also tried no
port = 5060
bindaddr =
externip = ; Public IP
localnet = ; several lines with the IPs of the local nets

–> And in rtp.conf:

A user outside the local network can call other users (both in the local network and in the Internet), but they can’t hear each other, there is no sound.
If a user outside calls the voicemail he can hear the voicemail menu, but after 20seconds the call is finished by Asterisk, this is what I get from Asterisk:
– Executing [85000@default:1] VoiceMailMain(“SIP/5060-083126d8”, “”) in new stack
– Playing ‘vm-login’ (language ‘en’)
[May 7 13:01:40] WARNING[4750]: chan_sip.c:1881 retrans_pkt: Maximum retries exceeded on transmission 1447a6-c0a80101-0-5@ for seqno 1 (Critical Response)
[May 7 13:01:40] WARNING[4750]: chan_sip.c:1898 retrans_pkt: Hanging up call 1447a6-c0a80101-0-5@ - no reply to our critical packet.
== Spawn extension (default, 85000, 1) exited non-zero on ‘SIP/5060-083126d8’

When analysing the call with Ethereal I discovered that the SIP messages are correctly interchanged between the user and Asterisk, but the RTP traffic from the useris destinated to the private IP address of Asterisk instead of to its public IP. I think that this is caused because the Asterisk sends a SIP/SDP Status: 200 OK, with session description message to the user and the Connection informations is “IN IP4” instead of “IN IP4 puclic.ip.of.asterisk”.

What should I configure to get this scheme work properly?

I had the problem of one side sound also. this was because * was behind nat as well as the voip telephone. (double nat) By using stun it was solved.

By putting a stun server in the telephone or an other one will probably work fine.