asterisk users - May 2005 - Working Xten, Asterisk, double-NAT configs out there?

All,

I have my * box NAT'd with all ports forwarded that are SIP related
(based on Wiki).  I also have nat=yes, externalip=WAN address of
firewall, internalip=LAN network of *.

I have my Xten soft phone on a PC which is NAT'd behind firewall with
ports forwarded.  I have also followed instructions on Wiki for Xten.

I can authenticate fine, and sip show peers shows my extension is OK,
but whenever I dial another SIP or zap channel, I can a "max retries
exceeded" on my * box.

Can somebody post a working config with * behind firewall w/ports
forwarded and xten behind firewall w/ports forwarded?

Thanks,

-- Aaron

I have (had) a similar setup at one time. I'm running freebsd/pf on each 
nat box. Asterisk is behind one, an xten softphone behind the other.

I watched the SIP traffic on both the incoming and outgoing interfaces 
(pre/post nat) of each box. You can then generally see whats wrong, and 
as a huge plus, learn a lot more about how SIP/RTP actually works ..

That coupled with the firewall log (I deny/log all by default) and the 
firewall debut output ( I have had, and am still having in a couple of 
weird cases, state clashes) you can usually identify the problem ..

Or you could post your details and let someone have a stab at helping, 
unless there are any psychics here :-)

Tim

Aaron O'Hara wrote:
>All,
>
>I have my * box NAT'd with all ports forwarded that are SIP related
>(based on Wiki).  I also have nat=yes, externalip=WAN address of
>firewall, internalip=LAN network of *.
>
>I have my Xten soft phone on a PC which is NAT'd behind firewall with
>ports forwarded.  I have also followed instructions on Wiki for Xten.
>
>I can authenticate fine, and sip show peers shows my extension is OK,
>but whenever I dial another SIP or zap channel, I can a "max retries
>exceeded" on my * box.
>
>Can somebody post a working config with * behind firewall w/ports
>forwarded and xten behind firewall w/ports forwarded?
>
>Thanks,
>
>-- Aaron
>
>_______________________________________________
>Asterisk-Users mailing list
>Asterisk-Users@lists.digium.com
>http://lists.digium.com/mailman/listinfo/asterisk-users
>To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>  
>

> I have my * box NAT'd with all ports forwarded that are SIP related
> (based on Wiki).  I also have nat=yes, externalip=WAN address of
> firewall, internalip=LAN network of *.
> 
> I have my Xten soft phone on a PC which is NAT'd behind firewall with
> ports forwarded.  I have also followed instructions on Wiki for Xten.
Take a look here:

http://willypick.mindsay.com/?entry=10

Your problem does not sound like NAT to me, but authentication on the
other end. Max retries refers to the phone you are trying to reach.