NAT & RTP Problems (yay!)

The setup:

  • An Asterisk server with a public IP address hosted at a datacenter.
  • An office with 3 extensions behind a NAT gateway at Site A
  • Another office with 3 extensions behind a NAT gateway at Site B

With reinvites disabled, things work great; Office A can call Office B and vice-versa. The problem is that all the RTP traffic goes through the Asterisk server first, which includes intraoffice calls. This needlessly both uses bandwidth and adds latency because phones on the same LAN can’t talk directly to each other.

Enabling reinvites eliminates the problem, but introduces a new one: with Office A and Office B both behind a NATed connection, RTP packets can’t traverse between the two locations. Incoming SIP messages from the Asterisk server set up the call correctly, but no media traffic works.

Short of implementing something like a session border controller, does anyone have a suggestion?

Are the firewalls setup to allow RTP traffic through? Do your firewalls allow traffic between the 2 sites?
It may well be that you allow traffic to the data center, but not direct site to site

Thanks for the reply. I’ve used both Netsceens with liberal rulesets enabled, and dumb NAT routers such as serveral Linksys models. No dice. I’m fairly sure that the problem is directly related to NAT; I’m not sure how to fix it though. I’m using Aastra handsets, which don’t support STUN, unfortunately.

Can you post the logs for when a call is attempted?

Also, are you using the latest firmware upgrades for those Aastra’s? (1.3)


Hava a look a this: … highlight=