Gilles
2010-Jul-05 10:45 UTC
[asterisk-users] [NAT] * + private IP + locked-down firewalls?
Hello In case Asterisk is used in a private LAN behind a firewall while allowing remote SIP clients to connect from the Net, we must open UDP5060 for SIP and a range of UDP ports (as set in rtp.conf) so let incoming voice packets. Provided the user doesn't have access to the firewall (eg. corporate or hotel), and the firewall doesn't allow dynamic port opening through UPnP or NAT-PMP... 1. Can Asterisk use eg. STUN to open those ports and keep them open through keep-alive packets? If not, is there another solution to solve this issue in this context? 2. In case a dynamic solution is available, does Asterisk provide a tool to monitor that the ports are correctly open, so as to ease problem-solving in case a customer has a problem and needs to be helped over the phone? Knowing that ports on the firewalls are correctly open is one less area to worry about in case Asterisk doesn't work as planned. Thank you.
Gilles
2010-Jul-09 08:28 UTC
[asterisk-users] [NAT] * + private IP + locked-down firewalls?
On Mon, 05 Jul 2010 12:45:34 +0200, Gilles <codecomplete at free.fr> wrote:>Provided the user doesn't have access to the firewall (eg. corporate >or hotel), and the firewall doesn't allow dynamic port opening through >UPnP or NAT-PMP...For those interested, I was tipped through private e-mail about using OpenVPN to open a steady tunnel between the client and Asterisk, and have the SIP client send packets through that tunnel instead of trying to connect directly.