<div dir="ltr">Yeah, it sounds like pushing this logic into the firewall is the only way to go. We're going to do something similar. Thanks for the help!</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Jul 24, 2014 at 5:24 PM, Pasha <span dir="ltr"><<a href="mailto:pasha@prosperity4ever.com" target="_blank">pasha@prosperity4ever.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
See my other message for some comments on this... I am starting to
suspect that you problem isn't with needing multiple external IPs..<br>
<br>
In my setup (as described in the message before this) I set my
external ip and rtp address to my 10.0.0.X address of FS then I make
sure that the firewall does the appropriate translations based on
which network the traffic is coming from.<br>
<br>
As far as alias, I was referring to having a second IP address on
the same network interface not in FS itself.<br>
<br>
Paul<div><div class="h5"><br>
<br>
<div>On 14-07-22 10:52 PM, Kurtis Heimerl
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Comments in line:
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Tue, Jul 22, 2014 at 9:22 PM,
Pasha <span dir="ltr"><<a href="mailto:pasha@prosperity4ever.com" target="_blank">pasha@prosperity4ever.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"> The problem with
that though (if I understand your scenario correctly) is
that even if there was a way to set external IP in
freeswitch in the dial plan you say that you only have 1
external IP to deal with anyway, so what would you set
your second IP to for routing to work properly?<br>
<br>
</div>
</blockquote>
<div>There's only one actual IP on the box, but it's behind
*two* different NATs. Setting the ext-rtp/sip-ip to the
appropriate NAT IP works for both connections, but I need
to make that dynamic. </div>
<div> </div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"> In my mind what
might work for you is if you create an alias to your
single network controller with the second IP that you
need, then if you have access to the firewall perform
NAT so that if connection comes in from external IP of
vendor #1 on 5060 you forward that to 5060 on internal
IP 1 of your fresswitch box. If call comes in on
external IP of vendor #2 on 5060 you forward to port
5060 of your internal IP #2 (alias on freeswitch box)...
that's for incoming... <br>
<br>
</div>
</blockquote>
<div><br>
</div>
<div>I'm not sure I understand this. Does a FS alias allow
me to have multiple IPs on the same box somehow?</div>
<div> </div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"> I apologize if I
didn't fully understand your scenario. I'm not even sure
why you're having a conflict in this case because your
providers are different, the only time you have an issue
with single external IP is if you're trying to setup a
second trunk to the same provider (most of them won't
allow more than on trunk on a single IP).<br>
<br>
</div>
</blockquote>
<div><br>
</div>
<div>It's a relatively simple, but apparently uncommon,
case, I agree. My issue sounds very similar to having
multiple trunks to the same provider in a way, but I have
different external IPs for RTP and such instead. </div>
<div> </div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"> Paul
<div>
<div><br>
<br>
<div>On 14-07-22 05:28 PM, Kurtis Heimerl wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">I can't do that unfortunately. Our
providers are hitting the generic SIP Port: 5060
so that's not available. Our system behind the
two NATs has only one network interface, and as
such only one available public IP. So we can't
just set up a new profile. I can probably hack
around this in another way (port forwarding
through one of the NATs to allow a second
profile on the same IP) but that's pretty ugly
and unsustainable going forward. I'd much prefer
to simply set the expected external IP in the
outbound dialplan for each provider. </div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Tue, Jul 22, 2014 at
5:07 PM, Russell Treleaven <span dir="ltr"><<a href="mailto:rtreleaven@bunnykick.ca" target="_blank">rtreleaven@bunnykick.ca</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>Either give them separate ip addresses
or separate ports.
<div>
<div><br>
<br>
<div>Sent from my BlackBerry®
PlayBook™<br>
<a href="http://www.blackberry.com" target="_blank">www.blackberry.com</a></div>
<br>
<hr></div>
<div>
<div><strong>From:</strong> "Kurtis
Heimerl" <<a href="mailto:kheimerl@cs.berkeley.edu" target="_blank">kheimerl@cs.berkeley.edu</a>><br>
<strong>To:</strong> "FreeSWITCH
Users Help" <<a href="mailto:freeswitch-users@lists.freeswitch.org" target="_blank">freeswitch-users@lists.freeswitch.org</a>><br>
</div>
<strong>Sent:</strong> 22 July, 2014
8:04 PM<br>
<strong>Subject:</strong> Re:
[Freeswitch-users] MultiNAT<br>
</div>
<div>
<div><br>
<div dir="ltr">They all have to sit
on the same internal IP and Port,
so I don't think I can. </div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Tue,
Jul 22, 2014 at 4:57 PM, Russell
Treleaven <span dir="ltr"><<a href="mailto:rtreleaven@bunnykick.ca" target="_blank">rtreleaven@bunnykick.ca</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>Hi Kurtis,
<div><br>
</div>
<div>Why not make a separate
profile for each provider?<br>
<br>
<div>Sent from my
BlackBerry® PlayBook™<br>
<a href="http://www.blackberry.com" target="_blank">www.blackberry.com</a></div>
<br>
<hr>
<div><strong>From:</strong>
"Kurtis Heimerl" <<a href="mailto:kheimerl@cs.berkeley.edu" target="_blank">kheimerl@cs.berkeley.edu</a>><br>
<strong>To:</strong>
"FreeSWITCH Users Help"
<<a href="mailto:freeswitch-users@lists.freeswitch.org" target="_blank">freeswitch-users@lists.freeswitch.org</a>><br>
<strong>Sent:</strong>
22 July, 2014 7:14 PM<br>
<strong>Subject:</strong>
[Freeswitch-users]
MultiNAT<br>
</div>
<div>
<div><br>
<div dir="ltr">Hey
Users,
<div><br>
</div>
<div>I have an
interesting NAT
setup. I'm running
FS on the inside
of our network as
a router/proxy
between some SIP
phones and DID
providers.
However, each DID
provider is behind
a *different* NAT
(a property of our
VPN setups for
them). </div>
<div><br>
</div>
<div>For instance:
DID1 is at IP
192.168.1.1 and
DID2 is at
10.0.0.1. </div>
<div><br>
</div>
<div>I have calls
working for each
of them when I set
the following in
my external
profile:</div>
<div><br>
</div>
<div>
<div><param
name="ext-rtp-ip"
value="10.0.0.2"/></div>
<div><param
name="ext-sip-ip"
value="10.0.0.2"/></div>
</div>
<div><br>
</div>
<div>However, I need
to dynamically
route between
*both* of them. I
need a mechanism
for setting
ext-rtp-ip and
ext-sip-ip in the
dialplan itself! </div>
<div><br>
</div>
<div>Is there a set
way to do this? </div>
<div><br>
</div>
<div>Thanks!</div>
</div>
</div>
</div>
</div>
</div>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH
Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The
CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</div>
</div>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel
Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a>
FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
</pre>
</blockquote>
<br>
</div>
</div>
</div>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication
Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a>
FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
</pre>
</blockquote>
<br>
</div></div></div>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div>