asterisk users - Apr 2005 - asterisk + OH323 + NAT + gnomemeeting

Hello,

I've been working a lot with asterisk lately. I've
had a LOT of positive experience with various SIP
clients (grandstream hardware phones & ATAs, X-Lite,
SJPhone, etc...), and I've had no trouble getting
asterisk behind a NAT to talk SIP to clients across
the internet behind another NAT using STUN to traverse
firewalls. In fact, I got to the point that I could
take a hardware phone to just about any internet
connected location, plug it in, turn it on, and have
perfect connectivity (depending on internet connection
quality, of course).

But one of the difficulties I've had is in finding
a good client for Linux. You know, there's the whole
OSS vs ALSA vs arts vs esd issue. X-Lite under Wine
isn't an option because the voice quality is way to
delayed, and X-Lite under Wine crashes on my machine
way too often. So recently I've standardized on ALSA,
because ALSA + DMIX + DSNOOP + ASYM allows me to
completely do away with my sound daemon(s) and do
all of my sound mixing in kernel (sound quality is
a bit worse than with artsd, but more reliable).
However, gnomemeeting seems to be the only VoIP
client capable of working with DMIX + DSNOOP + ASYM
in full duplex!

And guess what? gnomemeeting only speaks H.323 in the
current production version.

So I've compiled the OH323 module and I am using it
with asterisk and trying desperately to get it to the
same plug-and-play level that I had with SIP - and
failing miserably. :(

What appears to be happening is that asterisk's oh323.conf
lacks the "nat=yes" and "externip" and "localnet"
config
items found in sip.conf, so firewall traversal doesn't
work nearly as well.

What are my fellow listers doing in this situation?
Running gnugk? Could you share a config with me? Or
perhaps point me in the right direction? Here's my
target network layout currently:

gnomemeeting <-> NAT1 <-> internet <-> NAT2 <-> asterisk

But I need to be able to do this also:

gnomemeeting <-> internet <-> NAT2 <-> asterisk

And also this:

gnomemeeting <-> LAN <-> asterisk

And I need calls to be able to be initiated from both
ends.

NAT2 has TCP/UDP ports 10,000 -> 20,000 pointed to the
asterisk machine, as well as TCP ports 5060, 1720, and
1721. NAT1 *must not* have port forwardings in place
for RTP or H.323, as I don't necessarily have
administrative access to it. In the first diagram, above,
both gnomemeeting and asterisk have private IPs. In the
second diagram above, asterisk has a private IP and
gnomemeeting has a public IP. In the third diagram, there
is no NAT and both asterisk and gnomemeeting have private
IPs on the same LAN.

Any ideas? Will gnugk + asterisk allow me to make this
work? How? Thanks!

-- 
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v)  423-559-5145 (f)
http://www.wingnet.net

H.323 will not traverse NAT.

Sorry...  I know, I was a big proponent of it when H.323 was the only 
"standard" VoIP protocol out there.  Probably because when it came out
NAT
wasn't even thought of.

The problem is that the control channel in H.323 discloses the internal IP 
address, and the various connections attempt to connect to each other.  So 
you wind up with problems like audio only in one direction, etc...

Although I get get this to solve part of the problem back in year 2K:
http://openh323proxy.sourceforge.net/
It never solved the problem entirely, and I had a lot of H.323 equipment at 
the time, so I was somewhat disappointed when the asterisk project said 
integration with H.323 was impossible due to licensing issues.  (Bummer)...

Your best bet is to abandon H.323 and find something other than GnomeMeeting.

That is unless you want to carry a portable asterisk box with you...

Wait a sec...  COME TO THINK OF IT!
Why not run asterisk on your linux box that you are running GnomeMeeting 
on, and use it to convert between H.323 and IAX and SIP???

After all, it is a penguin...

(it's getting late, and I have to be up at 6:00AM to set up the new data 
center, I'd have more to say but I need to get some sleep.  E-Mail me 
directly if you need more specifics.)


At 05:57 PM 4/14/2005, Jesse Guardiani wrote:
>Hello,
>
>I've been working a lot with asterisk lately. I've
>had a LOT of positive experience with various SIP
>clients (grandstream hardware phones & ATAs, X-Lite,
>SJPhone, etc...), and I've had no trouble getting
>asterisk behind a NAT to talk SIP to clients across
>the internet behind another NAT using STUN to traverse
>firewalls. In fact, I got to the point that I could
>take a hardware phone to just about any internet
>connected location, plug it in, turn it on, and have
>perfect connectivity (depending on internet connection
>quality, of course).
>
>But one of the difficulties I've had is in finding
>a good client for Linux. You know, there's the whole
>OSS vs ALSA vs arts vs esd issue. X-Lite under Wine
>isn't an option because the voice quality is way to
>delayed, and X-Lite under Wine crashes on my machine
>way too often. So recently I've standardized on ALSA,
>because ALSA + DMIX + DSNOOP + ASYM allows me to
>completely do away with my sound daemon(s) and do
>all of my sound mixing in kernel (sound quality is
>a bit worse than with artsd, but more reliable).
>However, gnomemeeting seems to be the only VoIP
>client capable of working with DMIX + DSNOOP + ASYM
>in full duplex!
>
>And guess what? gnomemeeting only speaks H.323 in the
>current production version.
>
>So I've compiled the OH323 module and I am using it
>with asterisk and trying desperately to get it to the
>same plug-and-play level that I had with SIP - and
>failing miserably. :(
>
>What appears to be happening is that asterisk's oh323.conf
>lacks the "nat=yes" and "externip" and
"localnet" config
>items found in sip.conf, so firewall traversal doesn't
>work nearly as well.
>
>What are my fellow listers doing in this situation?
>Running gnugk? Could you share a config with me? Or
>perhaps point me in the right direction? Here's my
>target network layout currently:
>
>gnomemeeting <-> NAT1 <-> internet <-> NAT2 <->
asterisk
>
>But I need to be able to do this also:
>
>gnomemeeting <-> internet <-> NAT2 <-> asterisk
>
>And also this:
>
>gnomemeeting <-> LAN <-> asterisk
>
>And I need calls to be able to be initiated from both
>ends.
>
>NAT2 has TCP/UDP ports 10,000 -> 20,000 pointed to the
>asterisk machine, as well as TCP ports 5060, 1720, and
>1721. NAT1 *must not* have port forwardings in place
>for RTP or H.323, as I don't necessarily have
>administrative access to it. In the first diagram, above,
>both gnomemeeting and asterisk have private IPs. In the
>second diagram above, asterisk has a private IP and
>gnomemeeting has a public IP. In the third diagram, there
>is no NAT and both asterisk and gnomemeeting have private
>IPs on the same LAN.
>
>Any ideas? Will gnugk + asterisk allow me to make this
>work? How? Thanks!
>
>--
>Jesse Guardiani, Systems Administrator
>WingNET Internet Services,
>P.O. Box 2605 // Cleveland, TN 37320-2605
>423-559-LINK (v)  423-559-5145 (f)
>http://www.wingnet.net
>
>
>
>_______________________________________________
>Asterisk-Users mailing list
>Asterisk-Users@lists.digium.com
>http://lists.digium.com/mailman/listinfo/asterisk-users
>To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
Best Regards,
Karl J. Vesterling
E-Mail: kjv@ken-ton.com
Yahoo Messenger: karl_vesterling
ICQ: 1548052
AOL Instant Messenger: n2vqm

----------
Telephone:
Washington DC: (202) 448-3009 Extension 0
Annapolis MD: (240) 524-6706 Extension 0
Bethesda MD: (301) 576-3014 Extension 0
Niagara Falls NY: (716) 286-9175 Extension 0
Buffalo NY: (716) 608-1121 Extension 0  
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.digium.com/pipermail/asterisk-users/attachments/20050417/0b04f988/attachment.htm