Guys. Im writing this because Ive checked the wiki, Xten website and read a lot of docs and still cant figure out a way around the NAT issues. Maybe somebody else can give me some ideas from a fresh perpective. My test setup is this: Asterisk -> 2wire homeportal Firewall -> internet Computer with Xten eyebeam The asterisk box and the computer with xten beam are behind the same firewall (same LAN). If eyebeam is configured to use asterisks internal ip, everything works fine, and of course, same LAN, no problems. The firewall external interface has its real IP and Im forwarding ports 4569, 10000-20000, 5060 and 5004 UDP to the asterisk box. So I went a step ahead and configured eyebeam to connect not to astersis kinternal IP but rather the external firewalls IP, much like any other external computer would do. The SIP connection between eyebeam and asterisk is made on port 5060 and I can hear asterisks echo test welcome message. But, as usual, after the message ends, I start talking and no echo is getting back. I checked the logs and some RTP and SIP messages come and go with both the asterisk IP and the eyebeam internal and external Ips, mentioning ports like 5060 and 6xxx. So my question is... How do you work around issues like this, where the asterisk box is inside a NAT and the eyebeam computer is also behind NAT or in this case, same NAT but eyebeam is trying to connect to asterisks external or real IP and then getting back inside the LAN from an external user perspective. Hope you can help me on this Guys cause Ive read about STUN, SER, etc. But still dont know when to use what and where to put it, all inside the asterisk box or what? Thx Guys.
Guys. Im writing this because Ive checked the wiki, Xten website and read a lot of docs and still cant figure out a way around the NAT issues. Maybe somebody else can give me some ideas from a fresh perpective. My test setup is this: Asterisk -> 2wire homeportal Firewall -> internet Computer with Xten eyebeam The asterisk box and the computer with xten beam are behind the same firewall (same LAN). If eyebeam is configured to use asterisks internal ip, everything works fine, and of course, same LAN, no problems. The firewall external interface has its real IP and Im forwarding ports 4569, 10000-20000, 5060 and 5004 UDP to the asterisk box. So I went a step ahead and configured eyebeam to connect not to astersis kinternal IP but rather the external firewalls IP, much like any other external computer would do. The SIP connection between eyebeam and asterisk is made on port 5060 and I can hear asterisks echo test welcome message. But, as usual, after the message ends, I start talking and no echo is getting back. I checked the logs and some RTP and SIP messages come and go with both the asterisk IP and the eyebeam internal and external Ips, mentioning ports like 5060 and 6xxx. So my question is... How do you work around issues like this, where the asterisk box is inside a NAT and the eyebeam computer is also behind NAT or in this case, same NAT but eyebeam is trying to connect to asterisks external or real IP and then getting back inside the LAN from an external user perspective. Hope you can help me on this Guys cause Ive read about STUN, SER, etc. But still dont know when to use what and where to put it, all inside the asterisk box or what? Thx Guys.
I would recommend looking at a relatively inexpensive product by Ingate which provides both near-end and far-end SIP NAT traversal. http://www.ingate.com/RSC.php If you have a firewall they have a product called the separator. Otherwise the have a good firewall that will do the trick. Both solutions need the "Remote SIP Connectivity" module. Chad Brown - IdentityMine -----Original Message----- From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Anton Krall Sent: Saturday, March 26, 2005 12:25 AM To: 'Wilson Pickett'; 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: RE: [Asterisk-Users] Xten and NAt Problems Ill do a search on that... Besides that, how would you make * work for sip if for example this: Softphone - nat - internet - nat - * ?? -----Original Message----- From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Wilson Pickett Sent: S?bado, 26 de Marzo de 2005 02:17 a.m. To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [Asterisk-Users] Xten and NAt Problems> So I went a step ahead and configured eyebeam to connect not to > astersis kinternal IP but rather the external firewalls IP, much like > any other external computer would do.Why? What you did doesn't accurately simulate someone on the outside trying to get through your firewall because you are passing through it twice and many NAT rouiters won't do this. It's called "hairpinning". Look up NAT router hairpin on google, there is some interesting info on it. _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users