On Mon, Dec 11, 2006 at 06:48:18PM -0500, Andrew Joakimsen wrote: > You need to understand how NAT works, if you can chan2 and chan2 is behind a > NAT and suddenly someone else is invited to chan2's IP address port 5060 > chan2's router willl say "WTF I dont have an estabished connection on port > 5060" (to the client being reinvited to chan2) and it wont work. You need to > have the media path go through asterisk in that case.
Actually, it's more complex than that. If the NAT box has had a hole poked (in its config) for the RTP port (SIP port is only used by Asterisk) then any machine can send it RTP on that port. In addition, if the NAT is of the "full cone" type, any host can send to your port once you have sent a packet out that port. With Restricted cone and Port restricted cones, it also works as long as the Natted IP phone is sending packets out to the other host already. Which it should be if we have symmetric RTP. Symmetric NATs, which are rare, will change the port number when they start talking to a different host for RTP. This will screw up all but the cleverest implementations. (Though there are endpoints that notice if the RTP is coming from a port other than they were told, and start sending to that instead of the one in the SDP) What doesn't work is assymetric RTP with NAT. In this case we have the audio going through asterisk in one direction, and directly in the other direction. That will fail if the direct direction tries to go into a nat (it should work if it's only leaving a nat) Asterisk currently does assymetric RTP if it thinks it only has to listen to one end of the audio path. That's a good idea in general -- but not one that works through anything but a manually opened NAT. _______________________________________________ --Bandwidth and Colocation provided by Easynews.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users