It's easy. NAT has to have redirection. However IAX uses UDP 4569. If you include Trunk=yes in your IAX.CONF you will only need one trunk configured.
You can also do "TCPDUMP -i eth0 udp and port 4569" This will show you the traffic. You should see bidirectional traffic when the SIP or IAX tries to communicate. I had trouble with SIP over the internet. Sip would see the internal address of the Router's WAN. (static NAT) I haven't figured a way around it. Chris ----- Original Message ----- From: "mr. barker" <[EMAIL PROTECTED]> To: "'Asterisk Users Mailing List - Non-Commercial Discussion'" <asterisk-users@lists.digium.com> Sent: Thursday, May 05, 2005 5:35 PM Subject: RE: [Asterisk-Users] Connecting 2 * Together-Pulling hair out > Thank you to both Chris and Tim > > I could not get my head around this .. after seeing the examples it now > makes sense what needs to be done. I will give both a whirl tonight. > > I do like the RSA key idea. > > One question is this, will I need multiple accounts on the Static IP > machines so the Dynamic machine has the ability to make more then one > concurrent SIP call through the Static IP machine ? > > If I could get the Static IP box to go through the my SMC router it would be > great. I tried opening the ports. 5060udp/tcp, 10000-20000udp/tcp. > Tried even setting the machine in the DMZ zone. I think the VOIP provider > just has problems translating through the NAT or something. > The linux box is running [EMAIL PROTECTED] no firewall setting that I know of. > To much of a Newbie at linux .. lol and I have been at it for almost 1 year > now and still have soooo much to learn. > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Chris > Sent: Thursday, May 05, 2005 4:46 PM > To: Asterisk Users Mailing List - Non-Commercial Discussion > Subject: Re: [Asterisk-Users] Connecting 2 * Together-Pulling hair out > > I haven't gotten to keys yet. > The documentation out there doesn't seem to be very good. > > Chris > > > ----- Original Message ----- > From: "Tim Pushor" <[EMAIL PROTECTED]> > To: "Asterisk Users Mailing List - Non-Commercial Discussion" > <asterisk-users@lists.digium.com> > Sent: Thursday, May 05, 2005 4:06 PM > Subject: Re: [Asterisk-Users] Connecting 2 * Together-Pulling hair out > > > > Personally, if I owned both boxes and had full control of the dialplan > > on both, I'd stay away from passwords. (but be careful what I say, I'm a > > hack) > > > > I have a bunch of boxes connected together via IAX and authenticating > > via RSA. The entries in iax.conf are simple, and dialing across the > > connection is simple (no passwords in the dialplan) (thanks again Rich > > for taking the time). > > > > Tim > > > > Here is a sample of iax.conf entries on machine a: > > > > [machineb] > > type=user > > host=machineb.internal.net > > auth=rsa > > inkeys=machineb > > username=machineb > > context=inbound > > > > [machineb] > > type=peer > > host=machineb.internal.net > > auth=rsa > > outkey=machinea > > username=machinea > > > > And an example dialplan entry to dial an extention on machineb (in the > > inbound context): > > > > exten => 333,1,Dial(IAX2/machineb/333) > > > > And on machinea, the opposite of machineb: > > > > [machinea] > > type=user > > host=machinea.internal.net > > auth=rsa > > inkeys=machinea > > username=machinea > > context=inbound > > > > [machinea] > > type=peer > > host=machinea.internal.net > > auth=rsa > > outkey=machineb > > username=machineb > > > > To generate the keys: > > > > on machinea: > > > > astgenkey -n machinea > > mv machinea.* /var/lib/asterisk/keys > > > > copy machinea.pub to machineb's /var/lib/asterisk/keys > > > > on machineb: > > > > astgenkey -n machineb > > mv machineb.* /var/lib/asterisk/keys > > > > copy machineb.pub to machinea's /var/lib/asterisk/keys > > > > > > Chris wrote: > > > > > I have something similar. Both of my servers are behind a firewall > and NAT. You will need to allow UDP 4569 through the firewall for IAX2. If > you have NAT you will need to redirect 4569 to the internal server. > > > > > > I would suggest using AMP and then looking at IAX_ADDITIONAL.CONF to > see how it's done. You can modify the IAX.CONf because I don't believe AMP > rewrites that file. > > > > > > I think the user and passwords are required. I would suggest using > a strong password or someone may decide to make a few phone calls. After > this you will need the routing in Extensions.conf to allow calls to be made > on this trunk. > > > > > > Asterisk will handle the SIP > IAX. All my clients are SIP and > they have no trouble going over a IAX trunk to other SIP devices on the > other server. > > > > > >This is what my IAX_ADDITIONAL.CONF looks like > > > > > >SiteA - Dynamic IP > > >-------------- > > >[boxb-peer] > > >username=boxa-user > > >type=peer > > >trunk=yes > > >secret=mypassword > > >host=thehost.dyndns.org > > > > > >[boxb-user] > > >type=user > > >secret=mypassword2 > > >host=thehost.dyndns.org > > >context=from-internal > > > > > >--------------- > > >Site b - Static IP > > >---------------- > > > > > >[boxa-peer] > > >username=boxb-user > > >type=peer > > >trunk=yes > > >secret=mypassword2 > > >host=xxx.xxx.xxx.xxx > > > > > >[boxa-user] > > >type=user > > >secret=mypassword > > >host=xxx.xxx.xxx.xxx > > >context=from-internal > > > > > > > > >Regards, > > > > > >Chris > > > > > > > > >----- Original Message ----- > > >From: "mr. barker" <[EMAIL PROTECTED]> > > >To: "'Asterisk Users Mailing List - Non-Commercial Discussion'" > <asterisk-users@lists.digium.com> > > >Sent: Thursday, May 05, 2005 1:58 PM > > >Subject: RE: [Asterisk-Users] Connecting 2 * Together-Pulling hair out > > > > > > > > > > > > > > >>Yes trying to connect to boxes together. > > >> > > >>One sits outside the internal firewall and is on the inside. > > >> > > >>I am using AMP. However I can just put whatever I need in the > custom.conf > > >>sections. > > >>The users agents are SIP .. can SIP call go over a IAX trunk ? if so > great. > > >>To create the trunk do I need to use a users name and password ? or ? > > >> > > >>I need to have the *box that is behind the firewall to be able to place > a > > >>call out through the *box that has a public ip. > > >> > > >>Thank you > > >> > > >>-----Original Message----- > > >>From: [EMAIL PROTECTED] > > >>[mailto:[EMAIL PROTECTED] On Behalf Of Chris > > >>Sent: Thursday, May 05, 2005 8:20 AM > > >>To: Asterisk Users Mailing List - Non-Commercial Discussion > > >>Subject: Re: [Asterisk-Users] Connecting 2 * Together-Pulling hair out > > >> > > >> I am not sure what you are trying to do. I have created an IAX2 > trunk > > >>between the servers over an internet connection. > > >>Then all you have to do is put in call routing on the trunks to forward > the > > >>call to the right place. Are you using AMP or trying to do it manually. > > >>I found everything a little confusing as well, but it is simple now that > I > > >>understand it. > > >> > > >> > > >>Chris > > >> > > >>----- Original Message ----- > > >>From: "mr. barker" <[EMAIL PROTECTED]> > > >>To: "'Asterisk Users Mailing List - Non-Commercial Discussion'" > > >><asterisk-users@lists.digium.com> > > >>Sent: Thursday, May 05, 2005 4:43 AM > > >>Subject: [Asterisk-Users] Connecting 2 * Together-Pulling hair out > > >> > > >> > > >> > > >> > > >>> > > >>> > > >>> _____ > > >>> > > >>>Subject: [Asterisk-Users] Connecting 2 * Together-Pulling hair out > > >>> > > >>> > > >>> > > >>>I have read the docs on connecting 2* together but am unsure of a few > > >>> > > >>> > > >>things > > >> > > >> > > >>> > > >>> > > >>>Do I need a different account for each number that will be called from > one > > >>>box to the other ? ie. Do I set up a user account on one and then have > the > > >>>other box log into that account when it whats to make a call ? > > >>> > > >>> > > >>> > > >>>I have 2 asterisk boxes and only one of them has the ability to access > a > > >>>VoipAccount and PSTN connections.(*box 1). The other holds the SIP > > >>>extensions for the internal SIP users/exten(*box2) > > >>> > > >>>I would like to be able to have the box with the Sip UA(*box2) on it to > be > > >>>able to place a call using the box that has the VoipAccount and PSTN > > >>>connection. I am able to make multiple UA calls on the VoipAccount and > 3 > > >>> > > >>> > > >>on > > >> > > >> > > >>>the PSTN lines (only have 3 lines coming in). I can get it to work if > I > > >>>create a user exten on *box1 and map a trunk(which is really only an > > >>> > > >>> > > >>exten) > > >> > > >> > > >>>using the user/password login to that exten from *box2. However when I > > >>> > > >>> > > >>try > > >> > > >> > > >>>to place a second call when the VOIP line is in use it gives me error ( > > >>>basically saying can't use the trunk because it is in use) I would > like > > >>> > > >>> > > >>to > > >> > > >> > > >>>be able to have this exten/trunk to be able to use multiple connections > on > > >>>it. > > >>> > > >>> > > >>> > > >>>There must be an easier way to do this I am just not sure how. I > looked > > >>> > > >>> > > >>at > > >> > > >> > > >>>creating IAX trunks but still come up with the Trunk is really an Exten > > >>>name/password . > > >>> > > >>> > > >>> > > >>>Any help would be appreciated. (my brain is boiling eggs) > > >>> > > >>> > > >>> > > >>>Thank you. > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > > > >>-------------------------------------------------------------------------- > -- > > >>---- > > >> > > >> > > >> > > >> > > >>>_______________________________________________ > > >>>Asterisk-Users mailing list > > >>>Asterisk-Users@lists.digium.com > > >>>http://lists.digium.com/mailman/listinfo/asterisk-users > > >>>To UNSUBSCRIBE or update options visit: > > >>> http://lists.digium.com/mailman/listinfo/asterisk-users > > >>> > > >>> > > >>_______________________________________________ > > >>Asterisk-Users mailing list > > >>Asterisk-Users@lists.digium.com > > >>http://lists.digium.com/mailman/listinfo/asterisk-users > > >>To UNSUBSCRIBE or update options visit: > > >> http://lists.digium.com/mailman/listinfo/asterisk-users > > >> > > >>------------------------------------------------------------------------ > > >> > > >>_______________________________________________ > > >>Asterisk-Users mailing list > > >>Asterisk-Users@lists.digium.com > > >>http://lists.digium.com/mailman/listinfo/asterisk-users > > >>To UNSUBSCRIBE or update options visit: > > >> http://lists.digium.com/mailman/listinfo/asterisk-users > > >> > > _______________________________________________ > > Asterisk-Users mailing list > > Asterisk-Users@lists.digium.com > > http://lists.digium.com/mailman/listinfo/asterisk-users > > To UNSUBSCRIBE or update options visit: > > http://lists.digium.com/mailman/listinfo/asterisk-users > > _______________________________________________ > Asterisk-Users mailing list > Asterisk-Users@lists.digium.com > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >
_______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users