On 02.05.21 at 10:08 Michael Maier wrote:
Hello!
I've just playing around some time to get NAT and pjsip running with asterisk 18.3
and 18.4 (w/o any patches added). NAT should be used for connection to the trunk.
I wasn't able to get it working, because SDP address rewriting just doesn't work
as it should.
The situation is like this (CentOS 7):
- Multihomed
- One small net for the trunk 10.15.13.17/32 as alias on one of the existing
devices.
- TLS for SIP
- Added complete masquerading for this IP address
- added dnsmanager which provides the global IP address
- used direct media no
- used rewrite contact yes or no
- force rport: yes
- transport:
external_media_address=external.mydom.org
external_signaling_address=external.mydom.org
bind to 10.15.13.17 (may I bind to a interface name?)
What are the problems?
Outbound calls:
- Biggest problem: even if the WAN IP is set everywhere correctly in the *initial*
INVITE, it's *always* missing in the INVITE *after* the 407 Proxy auth request in
the SDP. In the first Invite, the SDP was ok, in the second Invite, the SDP is
broken (rewriting doesn't seem to happen). Such calls naturally are dropped by the
ISP (ok, one of my providers seems to ignore the entry completely).
- Another problem is, that the given external IP just isn't used consistently,
some times it's there - mostly not (always the same easy call setup). I suspect /
fear different behavior between reload and restart with same configuration.
- I expect all IP addresses of mine in all sip headers have to be the WAN IP.
- Next finding: The via header in a simple Ack isn't rewritten, too. Seems all
packages sent by pjsip itself don't know anything about NAT.
- How can I check if NAT is involved at all?
- Maybe asterisk gets confused if it can see the WAN IP (it's on the system, too),
but is bound to a local IP? But why are some headers written correctly and some wrong?
Inbound calls:
- Playing announcements doesn't work at all (no sound though rtp packages are
flowing in both directions according tcpdump at the WAN interface).
- Calls given to local devices are working.
Could somebody maybe give me a reference configuration for a working NAT
configuration?
Thanks
Michael
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
Check out the new Asterisk community forum at: https://community.asterisk.org/
New to Asterisk? Start here:
https://wiki.asterisk.org/wiki/display/AST/Getting+Started
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users