asterisk users - Feb 2007 - SIP Redirect from Asterisk behind a NAT

SetUp:
- Asterisk behind a NAT,
- Red Hat 9.0
- Asterisk 1.2.14

My Asterisk box is behind a NAT and I have a DiD from an ITSP.  I have my
dial plan set up so that when outside callers dial the DiD, the call is
answered by my auto-attendant.  The caller can then select who they'd like
to speak to and the call is transferred to the  external line associated
with that person (usually a mobile phone) using a Dial() command.

Because both parties are external, I don't want the media to pass through my
Asterisk box once the two parties connect. This is the default behaviour for
the Dial command if you avoid the tT options and the codec is supported all
the way through - this is true in my case.

I have this working great with IAX - I can even disconnect the Ethernet
cable from my Asterisk box once the call is established and the call is not
affected.  Unfortunately I cannot get it to work with SIP and my ITSP is
dropping support for  IAX.

Can you help me?

I have canreinvite=yes in sip.conf and I've tried with nat=yes and nat=no,
but no luck either way - the call goes through in each case but the media is
passing through my Asterisk box and i'd like to avoid that.

I have tried without the attendant too.  I've tried answering, waiting 5
seconds then direct to a Dial command.  I've also tried, not answering, and
go straight to the Dial command.  No luck either way.  The sip.conf and
extensions.conf for the former are below.

Anxiously awaiting a reply.

Thanks,
H


;************************ SIP.conf **********************************
[general]
;
context=incoming-bogus-calls
bindport=5060                 ; Port to bind to (SIP is 5060)
bindaddr=0.0.0.0          ; Address to bind to (all addresses on machine)
maxexpirey=3600			  ; Must be larger than the re-register timeout on the
router
defaultexpirey=3600
notifymimetype=text/plain
rtptimeout=60
rtpholdtimeout=300
disallow=all
allow=ulaw
;
; This section is because i'm behind nat
;
externip=999.99.999.99 ;Outside address
localnet=192.168.0.148/255.255.255.0 ;Inside Network
;
;===================== myITSP ===========================register =>
myuserid:mypassword@sw1.myITSP.com:5060
register => myuserid:mypassword@sw2.myITSP.com:5060
;
[myITSP-sw1]
context=incoming-sip
type=friend
host=sw1.myITSP.com
username=myuserid
secret=mypassword
nat=yes
canreinvite=yes
insecure=port,invite ; do NOT remove this
qualify=yes ; do NOT remove this
dtmfmode=rfc2833 ; should match what is set on your account
disallow=all
allow=ulaw ; set in/out codec here
;
[myITSP-sw2]
context=incoming-sip
type=friend
host=sw2.myITSP.com
username=myuserid
secret=mypassword
nat=yes
canreinvite=yes
insecure=port,invite ; do NOT remove this
qualify=yes ; do NOT remove this
dtmfmode=rfc2833 ; should match what is set on your account
disallow=all
allow=ulaw ; set in/out codec here

;************************ EXTENSIONS.conf **********************************

; -----------------------------------------------------------
; /etc/asterisk/extensions.conf
;
;---------------------------------------------------------------------
;============================== GENERAL
=============================;---------------------------------------------------------------------
[general]
;
static=yes       ; These two lines prevent the command-line interface
writeprotect=yes ; from overwriting the config file. Leave them here.
;
;---------------------------------------------------------------------
;============================== GLOBALS
=============================;---------------------------------------------------------------------
;
[globals]
;
;Dial Patterns
LOCAL_PATTERN=_NXXXXXX
LD_PATTERN=_1XXXXXXXXXX
INT_PATTERN=_011.

FORCE_SIP_LOCAL_PATTERN=_8NXXXXXX
FORCE_SIP_LD_PATTERN=_81XXXXXXXXXX
FORCE_SIP_INT_PATTERN=_8011.

FORCE_FXO_LOCAL_PATTERN=_9NXXXXXX
FORCE_FXO_LD_PATTERN=_91XXXXXXXXXX
FORCE_FXO_INT_PATTERN=_9011.
;
;---------------------------------------------------------------------
;============================= MACRO
=============================;---------------------------------------------------------------------
[macro-dialmyITSP]
exten => s,1,Dial(SIP/${ARG1}@myITSP-sw2,60)
exten => s,2,Goto(s-${DIALSTATUS},1)
exten => s-ANSWER,1,Hangup
exten => s-CONGESTION,1,Dial(SIP/${ARG1}@myITSP-sw1,60)
exten => s-CONGESTION,2,Goto(ss-${DIALSTATUS},1)
exten => s-CANCEL,1,Hangup
exten => s-BUSY,1,Busy(30)
exten => s-CHANUNAVAIL,1,Dial(SIP/${ARG1}@myITSP-sw1,60)
exten => s-CHANUNAVAIL,2,Goto(ss-${DIALSTATUS},1)
exten => ss-ANSWER,1,Hangup
exten => ss-CONGESTION,1,Congestion(30)
exten => ss-CANCEL,1,Hangup
exten => ss-BUSY,1,Busy(30)
exten => ss-CHANUNAVAIL,1,Congestion(30)

;---------------------------------------------------------------------
;============================= CONTEXTS
=============================;---------------------------------------------------------------------
[cleanup]
;
; If the line hangs up, it's always good to have the "h"
;  extension in each context that is the "master" handler
;  for calls.  This cleanly exits and closes dial path routes.
;
exten => t,1,NoOp("Timeout extension in context
"${CONTEXT}".")
exten => t,n,Hangup
;
exten => T,1,NoOp("Timeout on AbsoluteTimeout
"${CONTEXT}".")
exten => T,n,Hangup
;
exten => h,1,Hangup
;
; The user has dialed an "i"nvalid number, which means that
;  there was no match by any other matching routines.  Set an
;  absolute timeout on the call (15 seconds), play a Congestion
;  tone, and hangup.  We set the absolute timeout to prevent easy
;  DoS attacks from consuming too much bandwidth.  However, it
;  is possible that we could still be attacked in some fashion
;  by someone making many calls to bogus numbers on our server.
;  We could reduce this threat by removing the Congestion
;  playback and going straight to hangup, but that is very
;  difficult to debug at the remote end, so we are good VoIP
;  citizens and we create some audio if the call reaches us.
;
exten => i,1,AbsoluteTimeout(15)
exten => i,n,Playtones(congestion)
exten => i,n,Congestion
exten => i,n,Hangup
;
;---------------------------------------------------------------------
;
[Local-Calls-PBX]
;Contains dial patterns for calls within the same area code as the Asterisk
server.
;
;This particular context [*-PBX] is used by clients and/or devices that are
directly
;connected to the Asterisk PBX.  We allow these calls to be transferred.
;
;Default
;
exten => ${LOCAL_PATTERN},1,Macro(dialmyITSP,1613${EXTEN})
;
;---------------------------------------------------------------------
;
[Toll-Free-Calls-PBX]
;Contains dial patterns for toll free calls.
;
;This particular context [*-PBX] is used by clients and/or devices that are
directly
;connected to the Asterisk PBX.  We allow these calls to be transferred.
;
;Default
exten => _1888.,1,Macro(dialmyITSP,${EXTEN})
exten => _1877.,1,Macro(dialmyITSP,${EXTEN})
exten => _1866.,1,Macro(dialmyITSP,${EXTEN})
exten => _1855.,1,Macro(dialmyITSP,${EXTEN})
exten => _1800.,1,Macro(dialmyITSP,${EXTEN})
;
;---------------------------------------------------------------------
;
[NA-Long-Distance-Calls-PBX]
;Contains dial patterns for North American long distance calls.
;
;This particular context [*-PBX] is used by clients and/or devices that are
directly
;connected to the Asterisk PBX.  We allow these calls to be transferred.
;
;Default
exten => ${LD_PATTERN},1,Macro(dialmyITSP,${EXTEN})
;
;---------------------------------------------------------------------
;
[INT-Long-Distance-Calls-PBX]
;Contains dial patterns for International (from a North American view point)
long
;distance calls.
;
;This particular context [*-PBX] is used by clients and/or devices that are
directly
;connected to the Asterisk PBX.  We allow these calls to be transferred.
;
;Default
exten => ${INT_PATTERN},1,Macro(TrunkDial,ANY_INT_TRUNK,${EXTEN},0,t)
;

;---------------------------------------------------------------------
;======================= INCOMING CONTEXTS
==========================;---------------------------------------------------------------------
;
[incoming-sip]
;
;This context is used for incoming calls on SIP channels.
;
exten => _16132885759,1,NoOp(${CONTEXT})
exten => _16132885759,n,Answer()
exten => _16132885759,n,Ringing()
exten => _16132885759,n,Wait(5)
exten => _16132885759,n,Dial(SIP/16137451576@myITSP-sw1)
exten => _16132885759,n,Hangup()
;
;TODO - Clean this up:
;Play tones for bogus calls:
exten => i,1,Answer
exten => i,2,Playtones(congestion)
exten => i,3,Congestion
;
exten => h,1,Hangup
;
[incoming-bogus-calls]
exten => s,1,NoOp(${CONTEXT})
exten => s,n,Answer
exten => s,n,Playtones(congestion)
exten => s,n,Congestion
;
;---------------------------------------------------------------------
;======================= OUTGOING CONTEXTS
==========================;---------------------------------------------------------------------
[outgoing-PBX]
;
; This is the context used when calls are being made by internal
; devices.  By definition these devices are on the same LAN as
; Asterisk so leaving Asterisk in the media path is OK.  Use the
; t option as these extensions will want to transfer the call.
;
exten => s,1,NoOp(${CONTEXT})
;
;-------- PBX --------
include => Extensions-PBX
;
;-------- Local --------
include => Local-Calls-PBX
;
;-------- Toll-free --------
include => Toll-Free-Calls-PBX
;
;-------- NA-long-distance-calls --------
include => NA-Long-Distance-Calls-PBX
;
;-------- INT-long-distance-calls --------
include => INT-Long-Distance-Calls-PBX
;
include => cleanup
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.411 / Virus Database: 268.17.36/681 - Release Date: 11/02/2007