Hello Klaus,
I have changed the rtpproxy_manage() in the route(NATMANAGE) to no avail. The c= in the Invite that arrives to Asterisk still points to the public IP of the Phone1.
Code is as follows:
route[NATMANAGE] { #!ifdef WITH_NAT if (is_request()) { if(has_totag()) { if(check_route_param("nat=yes")) { setbflag(FLB_NATB); } } } if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return;
if (src_ip == ip.pbx.priva.te) { rtpproxy_manage(); } else { rtpproxy_manage("","ip.kamailio.priva.te"); }
if (is_request()) { if (!has_totag()) { add_rr_param(";nat=yes"); } } if (is_reply()) { if(isbflagset(FLB_NATB)) { fix_nated_contact(); } }
The next test has been to comment out the rtpproxy_manage at NATMANAGE function and to put it both at route[RELAY] and onreply(route) following your post in this list from January 2013: http://lists.sip-router.org/pipermail/sr-users/2013-January/076254.html.
Now the media flows from Phone1 to Kamailio, from Kamailio to Asterisk and back, but it gets stuck at Kamailio. I cannot see it flow towards the public IP of the Phone2.
The force_send_socket you used could be of any use here?
Thank you
----- Original Message ----- From: Klaus Darilion Sent: 01/21/14 07:25 AM To: Kamailio (SER) - Users Mailing List Subject: Re: [SR-Users] Kamailio behind NAT
Yes, when calling rtpproxy (whatever function you use, manage/offer/answer/force), every function accepts as second parameter the IP address which should be written into the SDP c=... line.
So, detect the direction (eg based on source-ip) and put the respective internal or external IP address into the SDP.
Of course the NAT must be a static 1:1 NAT without any PAT.
Btw: you have the same problem with some SIP headers, like Record-Route or Via. Kamailio has to insert the respective public/private IP, depending on where to send the message. If Kamailio uses only a single socket, then you have to do this manually. The automatic approach is to configure 2 listen=... sockets. One for the internal side, and one for the external side. On the "external" socket you add the "advertise" option - then Kamailio will automatically put the correct IP addresses in RR and Via, eg:
# public IP address of Kamailio/rtpproxy: 3.3.3.3 # internal socket listen=udp:10.10.0.2 # external socket listen=udp:10.10.0.3 advertise 3.3.3.3:5060 mhomed=0
You could use separate subnets for the 2 sockets, or you could also use only a single IP address with 2 different ports for the 2 sockets.
regards Klaus
On 21.01.2014 14:50, John Smith wrote:
The intended setup is as you described in option a.
And the behaviour of rewriting SDP using private/public ports is what I understood the rtpproxy_manage was tasked to do.
As it is not working the way I expected, what is the best way to proceed? To check if the IP is from the outside and then rewrite via rtpproxy_offer in the NATMANAGE block?
Thank you
----- Original Message ----- From: Klaus Darilion Sent: 01/21/14 05:25 AM To: Kamailio (SER) - Users Mailing List Subject: Re: [SR-Users] Kamailio behind NAT
On 21.01.2014 13:24, John Smith wrote:
I might be making wrong assumptions regarding this traffic flow. Is that correct?
That depends on your policy. It is up to you to define how RTP should be routed. There are basically 2 choices:
a) RTP from clients is handled by rtpproxy:
phone1 <-nat-> rtpproxy <--> Asterisk <--> rtpproxy <-nat-> phone2
In this case, only the private IP of Kamailio and rtpproxy (can be the same IP address) must be mapped to a public IP address.
b) RTP directly to Asterisk:
phone1 <-nat-> Asterisk <-nat-> phone2
In this case, the private IPs of Kamailio and Asterisk must be mapped to a public IP address.
When using version a) you have to make sure to set the proper IP address in the SDP. For example, SDPs in messages from Kamailio to the phone must contains the PUBLIC IP of rtpproxy in the c=... line. SDPs in messages from Kamailio to Asterisk must contain the PRIVATE IP of rtpproxy in the c=... line.
regards Klaus
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users