<p dir="ltr">You need to have a seperate sofia profile handling your authenticated traffic outside the lan (your remote ip phones). We call it doublenat. It makes no difference if your switch has a private IP and public IP or just private IP, it works the same. </p>
<p dir="ltr">See: <br>
<a href="http://wiki.freeswitch.org/wiki/Example_Offsite_phones">http://wiki.freeswitch.org/wiki/Example_Offsite_phones</a></p>
<p dir="ltr"><a href="http://wiki.freeswitch.org/wiki/General_NAT_example_scenarios">http://wiki.freeswitch.org/wiki/General_NAT_example_scenarios</a></p>
<p dir="ltr">It generally works well for us. We have an FS server tied to a private IP, one interface.</p>
<p dir="ltr">Thank you,</p>
<p dir="ltr">Brian Foster<br>
Project Manager/Owner's Rep.<br>
Davri Investments, Inc.<br>
O: 317-787-2686 x2102<br>
M: 317-600-9753<br>
E: <a href="mailto:bdfoster@davri.com">bdfoster@davri.com</a><br>
Indianapolis, Indiana</p>
<p dir="ltr">Sent from a mobile device.</p>
<div class="gmail_quote">On Aug 7, 2013 11:17 PM, "Vincent Xia" <<a href="mailto:gmangudai@gmail.com">gmangudai@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr"><div><div>im having my FS box behind NAT, the network topology is something like:</div><div><br></div><div>IP PHONE A(Public IP)<------->NAT<------>FS(Private IP, with a public IP)<------->IP PHONE B(Private IP)</div>
<div><br></div><div>i was trying to have IP PHONE B able to make call to IP PHONE A and have two-way talk.</div><div><br></div><div>with the default FS configuration when IP PHONE B calls IP PHONE A, there's only one-way talk, A can hear B but B cannot hear A.</div>
<div><br></div><div>then i decided to use stun by modifying:</div><div>vars.xml</div><div><X-PRE-PROCESS cmd="set" data="external_rtp_ip=stun:<a href="http://stun.freeswitch.org" target="_blank">stun.freeswitch.org</a>"/> // this is the default config</div>
<div><X-PRE-PROCESS cmd="set" data="external_sip_ip=stun:<a href="http://stun.freeswitch.org" target="_blank">stun.freeswitch.org</a>"/> // this is the default config</div><div><br></div><div>internal.xml</div>
<div><param name="ext-rtp-ip" value="stun:<a href="http://stun.freeswtich.org" target="_blank">stun.freeswtich.org</a>"/></div><div><param name="ext-sip-ip" value="stun:<a href="http://stun.freeswtich.org" target="_blank">stun.freeswtich.org</a>"/></div>
<div><br></div><div>external.xml</div><div><param name="ext-rtp-ip" value="stun:<a href="http://stun.freeswtich.org" target="_blank">stun.freeswtich.org</a>"/></div><div><param name="ext-sip-ip" value="stun:<a href="http://stun.freeswtich.org" target="_blank">stun.freeswtich.org</a>"/></div>
<div><br></div><div>but while restarting FS, there's error reporting:</div><div>2013-08-08 10:33:58.933096 [ERR] sofia_glue.c:1043 STUN Failed! <a href="http://stun.freeswitch.org:3478" target="_blank">stun.freeswitch.org:3478</a> [Bind Error!]</div>
<div>2013-08-08 10:33:58.933096 [ERR] sofia.c:4074 Failed to get external ip.</div><div>2013-08-08 10:33:58.934072 [NOTICE] sofia.c:4754 Started Profile external [sofia_reg_external]</div><div>...</div><div>2013-08-08 10:34:00.859927 [ERR] sofia_glue.c:1043 STUN Failed! <a href="http://stun.freeswitch.org:3478" target="_blank">stun.freeswitch.org:3478</a> [Bind Error!]</div>
<div>2013-08-08 10:34:00.859927 [ERR] sofia.c:4074 Failed to get external ip.</div><div>2013-08-08 10:34:00.860904 [NOTICE] sofia.c:4754 Started Profile internal [sofia_reg_internal]</div><div><br></div><div>so am i still missing some configuration or anything else was wrong?</div>
</div><div><br></div></div>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div>