Hello I'm trying to run Kamailio in front of an asterisk server due to security issues. Both servers have a public ip address. It works fine but the RTP voice traffic goes directly from the VOIP client to the asterisk server without going through the kamailio server. I want to shut down the asterisk server so that it only talks to the kamailio server.
UA -> Kamailio public IP addr <-> Asterisk public ip addr
How do I force RTP traffic to go through kamailio. Apparently I don't have NAT so I don't need rtpproxy. But you need something that relays RTP traffic? If anyone has an idea I'll take it. Thank you for your help. Hugues.
-- Sent from: http://sip-router.1086192.n5.nabble.com/Users-f3.html
You'll need to use an rtp proxy such as rtpengine or rtpproxy for this.
This is a great example of when you need an rtp proxy outside of NAT.
Try to remove the public IP from your Asterisk Box, this will even provide additional security. Then install RTPEngine, configure the RTP Engine accordingly, setup NAT to your Kamailio configuration and try. the following URLs are very good info on how to integrate everything: http://www.evaristesys.com/blog/server-side-nat-traversal-with-kamailio-the-...
https://blog.voipxswitch.com/2015/08/11/rtpengine-with-kamailio-as-load-bala...
Hope this helps!
*Sérgio Charrua*
*www.voip.pt http://www.voip.pt/* Mobile: +351 91 callto:+351+91+104+12+66631 11 44
Email : *sergio.charrua@voip.pt sergio.charrua@voip.pt* Esta mensagem e quaisquer ficheiros anexos a ela são confidenciais e destinam-se a uso exclusivo da pessoa ou entidade a quem são dirigidos. Se, por lapso, recebeu este e-mail, não o deverá revelar, copiar ou distribuir a terceiros. É favor alertar de imediato o remetente e eliminar a mensagem juntamente com os documentos anexados.
On Mon, Apr 27, 2020 at 8:06 PM hugues huguesmax@gmail.com wrote:
Hello I'm trying to run Kamailio in front of an asterisk server due to security issues. Both servers have a public ip address. It works fine but the RTP voice traffic goes directly from the VOIP client to the asterisk server without going through the kamailio server. I want to shut down the asterisk server so that it only talks to the kamailio server.
UA -> Kamailio public IP addr <-> Asterisk public ip addr
How do I force RTP traffic to go through kamailio. Apparently I don't have NAT so I don't need rtpproxy. But you need something that relays RTP traffic? If anyone has an idea I'll take it. Thank you for your help. Hugues.
-- Sent from: http://sip-router.1086192.n5.nabble.com/Users-f3.html
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Thanks for your email I can't change the asterisk server configurations too much because they're in production. I have already installed and configured rtpproxy, but as there are two public ip addresses I have the impression that it does not activate and the RTP flow goes directly from the client to the asterisk server. ( however kamailio indicates that the proxy is activated ) As for rtpengine I have not yet tested, it requires to compile a kernel module which is not ideal for my config docker/Linux container. I will test tomorrow on VM. regards
Hugues.
-- Sent from: http://sip-router.1086192.n5.nabble.com/Users-f3.html
You can also consider use of userspace mode of rtpengine if you don't want to use kernel module. AFAIK it is used as fallback if kernel modules are not available.
вт, 28 апр. 2020 г., 9:36 hugues huguesmax@gmail.com:
Thanks for your email I can't change the asterisk server configurations too much because they're in production. I have already installed and configured rtpproxy, but as there are two public ip addresses I have the impression that it does not activate and the RTP flow goes directly from the client to the asterisk server. ( however kamailio indicates that the proxy is activated ) As for rtpengine I have not yet tested, it requires to compile a kernel module which is not ideal for my config docker/Linux container. I will test tomorrow on VM. regards
Hugues.
-- Sent from: http://sip-router.1086192.n5.nabble.com/Users-f3.html
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-
Dmitry Sytchev -
Fred Posner -
hugues -
Sergio Charrua