On Mon, Dec 15, 2003 at 10:05:56AM +0200, Peter Zeltins
wrote:> My Asterisk box also does NAT for internal network, and
> establishes site-to-site VPN tunnel(s). As a result I have
> several internal interfaces with private addresses on them, and
> only one public interface. By trial-and-error I've found out that
> FWD (SIP) won't work unless I disable my VPN tunnels - it would
> send the internal IP address to FWD's SIP server instead of public
> one. I assume "bindaddress" in SIP.CONF is what I need (bind only
> to public IP), but the problem is that my public IP is dynamic!
> Any ideas? Or have I missed something?
This can be a tricky one. If you only use one address range internally,
i.e. 192.168.0.0/16 broken up into subnets, then you should be fine
with the SIP+NAT patch from bug #104.
Since your public IP is dynamic, you will need to give it a stable
name -- perhaps set up Dynamic DNS or use one of the DDNS providers
so that you will know that the name, myhost.myip.com always maps
to the correct address.
Then, put
externip=myhost.myip.com
localnet=192.168.0.0
localmask=255.255.0.0
in sip.conf. as long as localnet is a superset of your internal
address ranges, it should be fine.
If you are using multiple RFC1918 address ranges, more than one of
10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, then you will have a problem
because at the moment, we only support one internal address range
in the localnet parameter. In the future it may be possible to
do something like
localnets = { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 }
but for now, not.
hope this helps,
-w
--
/~\ The ASCII Ribbon Campaign
\ / No HTML/RTF in email
X No Word docs in email
/ \ Respect for open standards