> Seriously, I've tried to read everything I could find (& search for) on > voip-info.org and other sites about this problem, but have been unsuccesful. > > Equipment: > xten lite > X100P > Whitebox linux running Asterisk / AMP > D-Link DI-804HV (VPN router) > > I have installed another DI-804HV at a second location and created a tunnel. > For the computers behind that unit, everything works fine throught x-lite. > However, for any people (ie Family members) that I'm trying to connect to my > system that aren't going through a tunnel, it isn't working. > > Symptoms: > > They show up in "Sip Show Peers" however the NAT column is stating "N" > I can call them and they can hear me fine, but I can't here them. > > I'm thinking this has to do with RTP, but not sure. > > In the router I have the following setup under "Virtual Server": > SIP TCP/UDP 5060 > IAX TCP/UDP 4569 > KS1 UDP 5004 > RTP1 UDP 5000 > SIP3 UDP 5036 > SIP4 UDP 2727 > > In the firewall section I've said to allow UDP on 9999-20001 to go to the > asterisk server > It looks like this in the firewall rules; > Source *,* Dest *,192.168.x.x UDP,9999-20001 > > Also on those extensions that are coming from an external source I've added > the externip attribute in the form of > > externip="my_dynamic_domain_name_attached_to_my_ip" > > here's one of the extensions: > > [254] > username=254 > type=friend > secret=******* > port=5060 > nat=yes > mailbox=254 > host=dynamic > dtmfmode=rfc2833 > context=from-sip-external > canreinvite=no > callerid="Scott Knight" <254> > externip=my.dyndns.org
Yes, your problem is rtp and probably a lack of understanding it. There have been at least hundreds of postings regarding nat issues in the last 18 months, and some reference data in the wiki. The bottom line is that sip and rtp use different udp ports, and the exact udp ports in use are choosen from a range that is specified by each vendor for rtp. Cisco uses one range, xlite another, asterisk another, etc, etc. Mapping the sip port (udp 5060) is easy; mapping the rtp ports and using the proper nat statements (possibly at both the phone location and asterisk location) tends to be difficult. Then when you add unusual implementations of nat functions into the mix, it becomes even more difficult to find a working config (eg, not all nat boxes operate the same). Using something like Ethereal to observe what each device is trying to use (both in front of and behind nat boxes) will help understand what each box is trying to do in terms of both IP addresses and udp port numbers. The rtp port range as noted above is specified by each vendor, and in many cases can be modified to some other predetermined prot range. For example, asterisk uses udp ports 10,000 to 20,000 as specified in rtp.conf. Cisco 7960's use udp ports 16,384 to 32,766 as specified in SIPDefault.cnf, while if I remember correctly xlite uses something like 8,000 to 8,050 (or whatever). The easiest nat & sip implementation are those where asterisk has a registered IP address and the phones are behind a nat box. The most difficult implementation is when both asterisk and remote phones are both behind their own nat boxes. You'll want to research the use of nat statements in your sip.conf config files, and the nat support provided by each of your remote sip phones. But, ethereal will help point to the issue. _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users