I have based my attached SER config file on the very informative
'getting started 5' instructions/sample from
http://www.onsip.org/.
I have SER on a DMZ with Asterisk on the same box, listening on 5065. I
can register two internal phones with SER and talk. I can register a
phone to the Asterisk and talk to the rest of the Asterisk
infrastructure through IAX2. I entered a log statement for my forward to
asterisk and I can see that it is being executed.
What I can't get to work is external phones. When I capture the RTP
packets with ethereal, I can see that the ones from SER to the phones
are properly addressed to the public IP of my NAT-ed phone. However the
return packets are addressed to the private IP of SER and thus never
make it back.
Is this double NAT configuration supported? It looks that way on the
getting started diagrams (both SER and Internet phones are behind NAT
routers). I understand that the NAT traversal mechanism in SER is there
to help clients overcome their NAT. Is there a similar mechanism for the
SER server itself, or does SER only work if it has a direct public
interface?
How do I convince my client phones to send their packets back to the
public IP of SER, rather than the private IP? What ser.cfg line
determines the source IP that SER gives out to the RTP stream? It would
be elegant if I can make this dependent on the source IP of the phones
(internal or external) but I really only need it to work for external
clients, as internal ones can simply register with Asterisk.
Any hints would be most appreciated,
Thanks,
Bart...