I am thinking that I cat get the port during the first call and then use that port for the rest of calls. Maybe that first call will fail but after that, all calls will go fine.
Example of a Trying showing received port: 52548
¿Do you know what pseudovariable represent that value?
I tested with all variables I could find but I could not find anyone.
Thank you
---------------------------------------------------------------------------------------------------------------------------------------------------------
2016/01/19 17:38:38.981987 VENDOR-IP:5060 -> KAMAILIO-IP:5060 SIP/2.0 100 trying -- your call is important to us Via: SIP/2.0/UDP PUBLIC-IP:52548;branch=z9hG4bK8b5c.b122371ac0ac2f3ef3204b0f192cb16c.1;rport=52548 Via: SIP/2.0/UDP ASTERISK-IP:5060;received=ASTERISK-IP;branch=z9hG4bK4082d124;rport=5060 From: 888888888 sip:888888888@ASTERISK-IP;tag=as34f971fe To: sip:999999999@VENDOR-DOMAIN Call-ID: 0b5307fa290674a97b47970643fce42a@ASTERISK-IP:5060 CSeq: 102 INVITE Server: kamailio Content-Length: 0
2016-01-15 9:50 GMT+01:00 Nelson Migliaro eng.migliaro@gmail.com:
Hello Daniel,
Yes, I am registered to the vendor.
Regards,
Nelson.-
2016-01-15 7:58 GMT+01:00 Daniel-Constantin Mierla miconda@gmail.com:
Ahh, I thought Asterisk is in the public internet, but actually you connect to a provider (vendor), which seems to run Kamailio as well.
Using information from 100 trying is too late, as the INVITE was already sent... so one more question before trying to propose a solution. Do you have to register to the provider?
Cheers, Daniel
On 14/01/16 18:51, Nelson Migliaro wrote:
Yes it is possible, but is there an easy way to workaround the issue using Kamailio.
Because I have the port because vendor is sending that info in Trying:
2016/01/13 20:10:15.842055 VENDOR-IP:5060 -> PRIVATE-IP-KAMAILIO:5060 SIP/2.0 100 trying -- your call is important to us Via: SIP/2.0/UDP PUBLIC-IP:52548;branch= z9hG4bKdd74.992e238037882e809653f713a5a580a9.1;rport=*52548*
I need to find the way to discover the port used by firewall (maybe getting that info from Trying) and then advertise that port.
2016-01-14 18:32 GMT+01:00 Daniel-Constantin Mierla < miconda@gmail.com miconda@gmail.com>:
Not really up to date with all Asterisk features -- do you know if you can append a custom header to a SIP response that is going to be generated by Asterisk? Eventually the reply for an OPTIONS request.
Cheers, Daniel
On 14/01/16 17:19, Nelson Migliaro wrote:
Yes, I manage all devices, even the internet router but it does not allow static pat.
2016-01-14 16:07 GMT+01:00 Daniel-Constantin Mierla miconda@gmail.com:
Do you control the Asterisk? If yes, depending on Asterisk capabilities of building replies, you may be able to do some automation to detect the external port.
Cheers, Daniel
On Thu, Jan 14, 2016 at 3:47 PM, Nelson Migliaro < eng.migliaro@gmail.comeng.migliaro@gmail.com> wrote:
There is not a public Kamailio, only one Kamailio behind NAT,
Right now the configuration is:
Asterisk <-> Kamailio (Private IP + advertise public IP + RTP Proxy ) <-> Internet router (public IP + symmetric na) <-> Internet
Regards,
2016-01-14 15:43 GMT+01:00 Daniel-Constantin Mierla < miconda@gmail.commiconda@gmail.com>:
Is the kamailio behind nat communicating with another kamailio on a public IP?
Cheers, DAniel
On Thu, Jan 14, 2016 at 1:33 PM, Nelson Migliaro < eng.migliaro@gmail.comeng.migliaro@gmail.com> wrote:
> Thank you Daniel for your answer, > > As you mention, there is a symmetric nat and router does not allow a > static NAT. > > By sniffing traffic I can see the port is using new but in case it > change, how can automate the process of advertising the correct port? > > Cheers! > > > ---------- Forwarded message ---------- > From: Daniel-Constantin Mierla < miconda@gmail.com > miconda@gmail.com> > Date: 2016-01-13 23:28 GMT+01:00 > Subject: Re: [SR-Users] Kamailio and NAT > To: "Kamailio (SER) - Users Mailing List" < > sr-users@lists.sip-router.orgsr-users@lists.sip-router.org> > > > Hello, > > it looks like you have a symmetric nat router, so the allocated port > is randomly selected. > > If you don't control the nat router to set a static forwarding rule > or it doesn't provide the option to set static forwarding, then you are > pretty much left with sniffing the traffic to discover the external port > and advertise it. > > Cheers, > Daniel > > > > > On 13/01/16 20:31, Nelson Migliaro wrote: > > Hello, > > I finally were able to run my Kamailio behind NAT but in order to > accomplish that I included: > > listen=udp:SOURCE-IP:5060 advertise PUBLIC-IP:52548 > > 52548 is the port my internet router change when doing NAT > (5060->52548). I found this port sniffing traffic > > Conclusions at this point are: > > > ---------------------------------------------1-------------------------------------------------------------------------------------------------- > If I use this line: > > listen=udp:SOURCE-IP:5060 advertise PUBLIC-IP:5060 it does not work > :( > > When I dial a call, INVITE / ACK / Trying / OK goes fine because > they are part of the same transaction > When remote party disconnects the call, BYE goes to PUBLIC-IP port > 5060 and router blocks de request. I assume vendor sends BYE to 5060 > because it is a new transaction > > -----------------------------------------------2-------------------------------------------------------------------------------------------------- > > If I use this line: > > listen=udp:SOURCE-IP:5060 advertise PUBLIC-IP:52548 it work !!!!!! > > When I dial a call, INVITE / ACK / Trying / OK goes fine because > they are part of the same transaction > When remote party disconnects the call, BYE goes to PUBLIC-IP port > 52548 and router forward the request to Kamailio. Since there is an open > connection. > > I need to find the way to find the way to advertise the public port > internet router is doing NAT (PAT). > > > --------------------------------------------------------------------------------------------------------------------------------------------------- > This trace is a call that worked fine because I included line: > > listen=udp:SOURCE-IP:5060 advertise PUBLIC-IP:52548 > > > This trace is an INVITE with this line: listen=udp:SOURCE-IP:5060 > advertise PUBLIC-IP:52548 > 2016/01/13 20:10:15.793568 PRIVATE-IP-KAMAILIO:5060 -> VENDOR-IP:5060 > INVITE sip:NUM-DESTINATION@VENDOR-IP SIP/2.0 > Record-Route: < > sip:PUBLIC-IP:52548;lr=on;ftag=as3b72a453;vsf=AAAAAAEECQkCAgsNAXBeL0NPXVQfU0suMTY5LjIzMQ--;vst=AAAAAAAAAAAAAAAAAABCUEIAX1lKWF5MF0tB > A-;nat=yes> > Via: SIP/2.0/UDP > PUBLIC-IP:52548;branch=z9hG4bKdd74.992e238037882e809653f713a5a580a9.0 > Via: SIP/2.0/UDP > PRIVATE-IP-SOFTPHONE:5060;received=PRIVATE-IP-SOFTPHONE;branch=z9hG4bK2f4e76ba;rport=5060 > Max-Forwards: 69 > From: NUM-SOURCE sip:NUM-SOURCE@PRIVATE-IP-KAMAILIO;tag=as3b72a453 > To: sip:NUM-DESTINATION@sip.VENDOR-IP > Contact: > sip:NUM-SOURCE@PRIVATE-IP-SOFTPHONE:5060;alias=PUBLIC-IP~5060~1 > Call-ID: 329950447629810f7bdeaeed0cc034e1@PRIVATE-IP-SOFTPHONE:5060 > CSeq: 102 INVITE > User-Agent: Kamailio > Date: Wed, 13 Jan 2016 19:10:15 GMT > Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, > INFO, PUBLISH, MESSAGE > Supported: replaces, timer > Content-Type: application/sdp > Content-Length: 255 > > > Trying..... > > 2016/01/13 20:10:15.842055 VENDOR-IP:5060 -> PRIVATE-IP-KAMAILIO:5060 > SIP/2.0 100 trying -- your call is important to us > Via: SIP/2.0/UDP > PUBLIC-IP:52548;branch=z9hG4bKdd74.992e238037882e809653f713a5a580a9.1;rport=52548 > Via: SIP/2.0/UDP > PRIVATE-IP-SOFTPHONE:5060;received=PRIVATE-IP-SOFTPHONE;branch=z9hG4bK2f4e76ba;rport=5060 > From: NUM-SOURCE sip:NUM-SOURCE@PRIVATE-IP-KAMAILIO;tag=as3b72a453 > To: sip:NUM-DESTINATION@VENDOR-IP > Call-ID: 329950447629810f7bdeaeed0cc034e1@PRIVATE-IP-SOFTPHONE:5060 > CSeq: 102 INVITE > Server: kamailio > Content-Length: 0 > > > > > And finally a BYE > > 2016/01/13 20:10:28.545526 VENDOR-IP:5060 -> PRIVATE-IP-KAMAILIO:5060 > BYE sip:34982298000@PRIVATE-IP-SOFTPHONE:5060;alias=PUBLIC-IP~5060~1 > SIP/2.0 > Via: SIP/2.0/UDP > VENDOR-IP;branch=z9hG4bK26d8.847e6e14eef37e2cfc8b5e81d33de73d.0 > From: sip:675896262@PRIVATE-IP-KAMAILIO;tag=gK0293ed93 > To: "NUM-SOURCE" sip:NUM-SOURCE@VENDOR-IP;tag=as3b72a453 > Call-ID: 329950447629810f7bdeaeed0cc034e1@PRIVATE-IP-SOFTPHONE:5060 > CSeq: 28731 BYE > Max-Forwards: 69 > Route: < > sip:PUBLIC-IP:52548;lr=on;ftag=as3b72a453;vsf=AAAAAAEECQkCAgsNAXBeL0NPXVQfU0suMTY5LjIzMQ--;vst=AAAAAAAAAAAAAAAAAABCUEIAX1lKWF5MF0tBMzA-;na > yes> > Reason: Q.850;cause=16 > Content-Length: 0 > > > > > ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > Finally, It is finally working because I hardcoded NAT´d port. > I would like to find a way to avoid setting the port in "hard". > > Thank you > > > > > > -- > Daniel-Constantin Mierlahttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda > Book: SIP Routing With Kamailio - http://www.asipto.comhttp://miconda.eu > > > _______________________________________________ > SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing > list > sr-users@lists.sip-router.orgsr-users@lists.sip-router.org > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users > > > > _______________________________________________ > SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing > list > sr-users@lists.sip-router.orgsr-users@lists.sip-router.org > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users > >
-- Daniel-Constantin Mierla - http://www.asipto.com http://www.asipto.com http://twitter.com/#%21/micondahttp://twitter.com/#!/miconda - http://www.linkedin.com/in/micondahttp://www.linkedin.com/in/micond
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierla - http://www.asipto.comhttp://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/micond http://www.linkedin.com/in/miconda
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing listsr-users@lists.sip-router.orghttp://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierlahttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Book: SIP Routing With Kamailio - http://www.asipto.comhttp://miconda.eu
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierlahttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Book: SIP Routing With Kamailio - http://www.asipto.comhttp://miconda.eu
To get rport you can use transformations.
If you restart kamailio, is the firewall preserving the same value for rport?
Cheers, Daniel
On 19/01/16 18:18, Nelson Migliaro wrote:
I am thinking that I cat get the port during the first call and then use that port for the rest of calls. Maybe that first call will fail but after that, all calls will go fine.
Example of a Trying showing received port: 52548
¿Do you know what pseudovariable represent that value?
I tested with all variables I could find but I could not find anyone.
Thank you
2016/01/19 17:38:38.981987 VENDOR-IP:5060 -> KAMAILIO-IP:5060 SIP/2.0 100 trying -- your call is important to us Via: SIP/2.0/UDP PUBLIC-IP:52548;branch=z9hG4bK8b5c.b122371ac0ac2f3ef3204b0f192cb16c.1;rport=52548 Via: SIP/2.0/UDP ASTERISK-IP:5060;received=ASTERISK-IP;branch=z9hG4bK4082d124;rport=5060 From: 888888888 sip:888888888@ASTERISK-IP;tag=as34f971fe To: sip:999999999@VENDOR-DOMAIN Call-ID: 0b5307fa290674a97b47970643fce42a@ASTERISK-IP:5060 CSeq: 102 INVITE Server: kamailio Content-Length: 0
From what I saw, Nat´d por does not change. It always use 52548.
Questions:
1 - In order to get rport, as you mentioned, i can use transformation. ¿What variable / pseudovariable I can use to get a string that contains rport?
2 - After I get that info, what would be the best way to insert that info in kamailio.cfg file
3 - After updating the file in some way, how can I restart the service?
and last but not least, Is there a more elegant way to do this? I am feeling like reinvent the wheel.
Thank you for all your support
2016-01-19 19:06 GMT+01:00 Daniel-Constantin Mierla miconda@gmail.com:
To get rport you can use transformations.
If you restart kamailio, is the firewall preserving the same value for rport?
Cheers, Daniel
On 19/01/16 18:18, Nelson Migliaro wrote:
I am thinking that I cat get the port during the first call and then use that port for the rest of calls. Maybe that first call will fail but after that, all calls will go fine.
Example of a Trying showing received port: 52548
¿Do you know what pseudovariable represent that value?
I tested with all variables I could find but I could not find anyone.
Thank you
2016/01/19 17:38:38.981987 VENDOR-IP:5060 -> KAMAILIO-IP:5060 SIP/2.0 100 trying -- your call is important to us Via: SIP/2.0/UDP
PUBLIC-IP:52548;branch=z9hG4bK8b5c.b122371ac0ac2f3ef3204b0f192cb16c.1;rport=52548
Via: SIP/2.0/UDP ASTERISK-IP:5060;received=ASTERISK-IP;branch=z9hG4bK4082d124;rport=5060 From: 888888888 sip:888888888@ASTERISK-IP;tag=as34f971fe To: sip:999999999@VENDOR-DOMAIN Call-ID: 0b5307fa290674a97b47970643fce42a@ASTERISK-IP:5060 CSeq: 102 INVITE Server: kamailio Content-Length: 0
-- Daniel-Constantin Mierla http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Book: SIP Routing With Kamailio - http://www.asipto.com http://miconda.eu
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-
Daniel-Constantin Mierla -
Nelson Migliaro