[Freeswitch-users] AutoNAT - Local Networks not excluded
Phil Quesinberry
philq at qsystemsengineering.com
Fri Jul 27 18:49:09 MSD 2012
With that in mind - in my working configuration with phones both on the
local LAN with FS as well as remote natted networks, I have:
./sip_profiles/internal.xml: <param name="apply-nat-acl"
value="nat.auto"/> (All extensions are registered to the internal
profile)
In most cases, it was necessary to have FS rewrite the contact IP and port
for remote extensions.
- Phil
I found someone talking about similar problems. I read that
"... some lines of code in sofia_reg.c
if (is_nat && profile->local_network &&
switch_check_network_list_ip(network_ip, profile->local_network)) {
if (profile->debug) {
switch_log_printf(SWITCH_CHANNEL_LOG,
SWITCH_LOG_DEBUG, "IP %s is on local network, not seting NAT mode.\n",
network_ip);
}
is_nat = NULL;
}
"
So I think there is the possibility to set which are local networks.
Also I found in my sip_profiles for nat-mode contain (as it should be) the
ext-
IP declaration:
<param name="ext-sip-ip" value="auto-nat"/>
<param name="ext-rtp-ip" value="auto-nat"/>
but not the line
<param name="apply-nat-acl" value="rfc1918"/>
May be this line solve my problem.
I'll try as soon as possible, but all my FS servers ara actually in
production
environments :(
If someone has the chance to test it successfully, please report it.
g
_____________________________________________
From: Phil Quesinberry
Sent: Friday, July 27, 2012 10:31 AM
To: 'freeswitch-users at lists.freeswitch.org'
Subject: RE: re: AutoNAT - Local Networks not excluded
One other thing comes to mind. A lot of routers (especially SOHO routers)
have ALG functionality that can break the SIP signaling, even when the ALG
functionality is supposedly turned off. You can usually get around this by
changing the SIP port to something other than 5060. If the phones connect
via TLS (usually on port 5061) then this shouldn't be a problem, as they
can't mess with the encrypted traffic.
- Phil
_____________________________________________
From: Phil Quesinberry
Sent: Friday, July 27, 2012 10:24 AM
To: 'freeswitch-users at lists.freeswitch.org'
Subject: RE: re: AutoNAT - Local Networks not excluded
G,
Are you registering your phones to the internal sip profile? Do you have
anything like aggressive NAT detection enabled for that profile? For the
extensions, are you rewriting the contact IP/port (is
NDLB-connectile-dysfuncion or NDLB-tls-connectile-dysfunction specified for
sip-force-contact)?
Do a 'show registrations' from the fs_cli as well as a 'sofia status profile
internal reg' and post the results here (you may want to partially obscure
any external IP addresses shown before posting) to give us more of an idea
of what's going on.
- Phil
_____________________________________________
From: Phil Quesinberry
Sent: Tuesday, July 24, 2012 3:19 PM
To: 'freeswitch-users at lists.freeswitch.org'
Subject: re: AutoNAT - Local Networks not excluded
Set rtp-ip and sip-ip to your internal IP address. I believe that you
should also be able to set it to: $${local_ip_v4} or $${bind_server_ip}
as well.
- Phil
----------
VirteX g.d.monnezza at tiscali.it
<mailto:freeswitch-users%40lists.freeswitch.org?Subject=%5BFreeswitch-users%
5D%20%20AutoNAT%20-%20Local%20Networks%20not%20excluded&In-Reply-To=>
Tue Jul 24 16:12:08 MSD 2012
Hi guys. I appreciate so much the Auto-NAT for uPnP capable firewalls. But
I'm experiencing an issue.
I have a FreeSwitch server behind a NAT, but I can't find a way to avoid
FreeSwitch using external IP (for SIP and RTP) for local networks (i.e.
192.168.0.0/16).
In my sip profiles for various interfaces I have NOT set the .
Anyway, the sofia status for all interfaces shows the EXT-RTP-IP and
EXT-SIP-IP set (with my public gateway IP). That's ok, even if I didn'
declard it with
My SIP phones register from a network different from the server one, but
still a local network. Then, SIP phones receive (from the server) the rtp
and sip signalling with its external IP. This prevent any communication.
How it is possible to tell FreeSwitch to NOT use ext IP for particular
networks?
Thanks to anyone who will point me in the right direction.
g
--
View this message in context:
http://old.nabble.com/AutoNAT---Local-Networks-not-excluded-tp34201844p34201
844.html
Sent from the Freeswitch-users mailing list archive at Nabble.com.
Phil Quesinberry
Q Systems Engineering, Inc.
Electronic Controls and Embedded Systems Development
(410) 969-8002
http://www.qsystemsengineering.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120727/9b37e051/attachment.html
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list