asterisk users - Apr 2008 - NAT when outbound call leg is not a local subscriber?

Hi,

I have been experimenting with NAT and Asterisk a bit now. Though I have
made progress along the way, I have come across the following problem. I'll
really appreciate if anyone can provide me any help or pointers. Thanks!

Successful Scenario:
-------------------
All sorts of NAT calls are successful with full two-way media when both end
points are locally subscribed users. 

Problem Scenario:
----------------
UA-Local: Locally subscribed & registered user (configured in sip.conf) that
is hidden behind NAT.
UA-External: Some remote user hidden behind NAT, but registered with some
publically accessible registrar/proxy.
My Asterisk is also publically accessible (i.e. not hidden behind NAT)

When UA-Local calls out UA-External, I only get one-way audio. Specifically,
when I debugged using ethereal traces, I found that Asterisk is sending RTP
packets to the private IP of UA-External and not to the corresponding
NAT-mapped IP accessible to the outside world. So, UA-Local is able to hear
UA-External, but UE-External can't hear UA-Local. It all works perfectly
fine, if UA-External were to call UA-Local. Then I get full two-way media.
The problem is only when Asterisk calls out a non-locally subscribed user.

Brief Setup Background:
----------------------
UA1 at mydomain.com: user subscribed in sip.conf
UA2 at mydomain.com: user subscribed in sip.conf
UAE at external.com: some user actively registered with some domain
external.com.

I am using OpenSER as my external proxy for external.com and I have my DNS
setup all right.

Following scenario is working fine in my setup:

UA1 <---> NAT <---> Asterisk <---> NAT <---> UA2.

Calls go through perfectly fine - with two-way media - when initiated in
either direction.

Following scenario works fine when UAE calls out UA1. But when UA1 calls out
UAE, I only get one-way audio, wherein only UA1 can hear UAE. UAE can't hear
UA1, as Asterisk keeps sending RTP packets to the private address of UAE.

UAE <--> (NAT + External-Proxy) <--> Asterisk <--> NAT
<--> UA1

I am using iptable's MASQUERADE target for NAT, which by default implements
a 'Port Restricted Cone NAT' as per STUN RFC's terminology.

All my UAs are XLite-on-Windows. My Asterisk is running on Fedora Core 6.

I have the following flags set in the [general] section of my sip.conf
[general]
nat=yes
qualify=yes
rtpkeepalive=60
rtptimeout=90
rtpholdtimeout=300
canreinvite=no
context=sip_incoming
(... among others ...)

Following is the relevant portion of my extensions.conf
[sip_incoming]
exten => _.,1,GotoIf($[${SIPDOMAIN}=mydomain.com]?4)
exten => _.,2,Dial(SIP/${EXTEN}@${SIPDOMAIN})
exten => _.,3,HangUp()
exten => _.,4,Dial(SIP/${EXTEN})
exten => _.,5,HangUp()
exten => h,1,HangUp()

Am I doing something wrong? Or is there a bug in Asterisk, wherein, while
calling out to non-locally subscribed users, it blindly trusts the notion of
their IP address when it comes to RTP. 

Any help is highly appreciated.

Regards,
Amit.