Hi there
this is an interesting topic that I see here and a problem that I am trying to
solve too.
But I was wondering if the forwarding solution will work for my case.
So I have two Asterisk boxes A and B.
A is behind a corporate NAT such that A can SSH to B, but not vice versa(
"One-way SSH" ) . The UDP port 5060 of the corporate NAT is blocked off and I
will not be able to have it unblocked for security reasons.
Hence, is my only choice using an SSH tunnel between A and B for the IAX
connection to work? Will it work though with that "One-way SSH" factor
mentioned before?
Thanks
John
> From: [EMAIL PROTECTED]> To: asterisk-users@lists.digium.com> Date: Wed, 2
> Jan 2008 16:29:45 +0000> Subject: Re: [asterisk-users] Two Asterisks behind
> NAT and need to link them using IAX trunk> > Sure, but if (as is often the
> case) you only have control over the > firewall at one end of the> link, you
> set the forwarding at the end you control and have the far > end to register
> to you every> 30 seconds.> > Tim.> On 2 Jan 2008, at 15:13, Rob Hillis
> wrote:> > > Perhaps. I've never been one to trust that firewalls operate as >
> > they should - I've been bitten far too many times by a firewall that > >
> doesn't quite behave as you expect. Also, when diagnosing network > >
> connectivity problems, I find that it helps to have the rules in > > place
> rather than having to infer the rule.> >> > Tim Panton wrote:> >>> >> If you
> are careful, you only need to setup a port forward at one end> >> of the IAX
> trunk.> >>> >> Have one Asterisk register (regularly) with the other.> >> The
> second asterisk (server) will need to have port 4569 forwarded> >> through
> it's router.> >> The first asterisk (client) wont need any port forwarding.>
> >>> >> Tim.> >> On 2 Jan 2008, at 10:18, Rob Hillis wrote:> >>> >>> >>> The
> reason that IAX2 is considered good for NAT issues is that it> >>> uses only
> one port for both control messages and voice traffic as> >>> opposed to SIP
> that uses a predictable port for control messages and> >>> an unpredictable
> one for voice/video traffic.> >>>> >>> If both servers are behind NAT
> servers, you will need to ensure that> >>> the appropriate UDP port (by
> default 4569) are forwarded to your> >>> Asterisk servers. Only this port is
> required - RTP isn't used by> >>> IAX2.> >>>> >>> bilal ghayyad wrote:> >>>>
> >>>> Hi List;> >>>>> >>>> I heared that IAX is good for NATing issues, but I
> do> >>>> not know if it can help me in that senario:> >>>>> >>>> I have two
> Asterisks machines in different sites and> >>>> both are behind NAT (both
> have private IP address), I> >>>> need to link these two asterisks with IAX
> trunk (if it> >>>> help really in such senario), but I do not know if it>
> >>>> will work without doing special routing settings on> >>>> the router
> (like TCP/UDP port mapping or IP> >>>> forwarding)? How that will be it if
> possible? Or I> >>>> have to do a kind of port mapping?> >>>>> >>>> If I will
> need to use port mapping, then I have to map> >>>> the TCP and UDP ports that
> are determined in iax.conf> >>>> and rtp.conf files at site A for asterisk ip
> address> >>>> at site A? Or I have to map the TCP and UDP ports that> >>>>
> are in iax.conf and rtp.conf at site B for asterisk ip> >>>> address at site
> A? In other words, if I am at site B> >>>> then I have to go for router B and
> do mapping for> >>>> TCP/UDP ports of the asterisk at site B or the> >>>>
> asterisk at site A?> >>>>> >>>> Any help.> >>>> Regards> >>>> Bilal> >>>>>
> >>>>> >>>>> >>>>
> ____________________________________________________________________________________>
> >>>> Looking for last minute shopping deals?> >>>> Find them fast with
> Yahoo! Search.
> http://tools.search.yahoo.com/newsearch/category.php?category=shopping> >>>>>
> >>>> _______________________________________________> >>>> --Bandwidth and
> Colocation Provided by http://www.api-digital.com--> >>>>> >>>>
> asterisk-users mailing list> >>>> To UNSUBSCRIBE or update options visit:>
> >>>> http://lists.digium.com/mailman/listinfo/asterisk-users> >>>>> >>>>> >>>
> _______________________________________________> >>> --Bandwidth and
> Colocation Provided by http://www.api-digital.com--> >>>> >>> asterisk-users
> mailing list> >>> To UNSUBSCRIBE or update options visit:> >>>
> http://lists.digium.com/mailman/listinfo/asterisk-users> >>>> >>> >>
> _______________________________________________> >> --Bandwidth and
> Colocation Provided by http://www.api-digital.com--> >>> >> asterisk-users
> mailing list> >> To UNSUBSCRIBE or update options visit:> >>
> http://lists.digium.com/mailman/listinfo/asterisk-users> >>> >
> _______________________________________________> > --Bandwidth and Colocation
> Provided by http://www.api-digital.com--> >> > asterisk-users mailing list> >
> To UNSUBSCRIBE or update options visit:> >
> http://lists.digium.com/mailman/listinfo/asterisk-users> > >
> _______________________________________________> --Bandwidth and Colocation
> Provided by http://www.api-digital.com--> > asterisk-users mailing list> To
> UNSUBSCRIBE or update options visit:>
> http://lists.digium.com/mailman/listinfo/asterisk-users
_________________________________________________________________
Shed those extra pounds with MSN and The Biggest Loser!!
http://biggestloser.msn.com/
_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
