I have almost everything working on my asterisk configuration. If I use a softphone on the same network as my server, it works. However when I config a softphone on another network outside my firewall(permitting all traffic from source two hosts), it doesn’t seem to work. In my sip.conf I have the lines under [general]
externip = x.x.x.x(public ip) and
localnet=192.168.11.0/255.255.255.0 which is my LAN where asterisk server is on. For the softphone I have:
[soft1]
username=soft1
type=friend
context=phone4
dtmfmode=rfc2833
secret=soft1
host=dynamic ; This peer register with us
nat=yes
I port forwarded the relevant ports in my router, but the server was not available from the net. Therefore, I also DMZed the asterisk server.
I could access the server and dial any number from outside my firewall or local lan, but no sound could be heard. However, the same works under my firewall except the softphones could not send dtmf signal to remote voipservers, no matter what I choose for dtmfmode (tested with rfc, inband and info and inband+info).
I could not find a way out even after drilling through several tutorials, asterisk books (*tfot, switching to voip, voip hacks and tb forums, tutorials at voip-info etc.)
in general, if you get no audio over a NAT’d connection you haven’t got the port forwarding setup correctly.
i connect to my Asterisk server using my laptop from a variety of places, and have never had an issue with audio (except one of bandwith if using G711)
Thanks so much. I have been whining for days to get it work and finally inserting dtmfmode=auto in the sip.conf solved the dtmf problem. Kudos to the hint by baconbuttie.
As far as the port forwarding is concerned, I have forwarded the ports 4569 for iax, 5004-5088 for sip and 8000-20000 for RTP. Also I put my asterisk server in DMZ (without DMZed I could not reach the server from outside). Is there any other port that I need to forward besides them?
But I still am having the other two problems as specified in other posts of mine. Thank you again.
I dont think it’s a problem with my firewall, I ran a debug and no traffic is being blocked. Also I have an existing VOIP service running SIP and all goes well(asterisk will replace old VOIP system). If there is any problem, I would think it’s the NAT. I’m doing one to one NAT from public to private, getting back to the firewall for a minute, I permitted ANY ANY from phone(outside) going to asterisk server on inside(private).
I have forwarded the ports 4569 for iax, 5004-5088 for sip and
8000-20000 for RTP. Also I put my asterisk server in DMZ
(without DMZed I could not reach the server from outside). Is
there any other port that I need to forward besides them?
If you put the asterisk server in the DMZ (assuming your router’s manufacturer’s definition of “DMZ” is the same as mine), I don’t believe you should have to forward any ports. To the best of my knowledge and belief, “DMZ” implies that the DMZ-d host is visible to the world (or at least to the open side of the router) without anything (ports, etc.) being filtered.
I am using the jensernscandinavia.com’s wireless router (AirLink WBR6954). I DMZed the server after I could not access the machine even after port forwarding the necessary ports including 22. That amazed me as well.
Peter:
It could be ridiculous to ask for those experts, but I could not follow what pix is and where you disabled it? Or do you mean Cisco Pix firewall?
I have a cisco Pix firewall running version 7.01(I think) code. After running the command line: no fixup protocol sip udp 5060
it seemed to work fine. I don’t think you’ll see the command in config anywhere, it’s not in my config now. But ever since everything is working.
