<div dir="ltr"><div>Hi <span style="font-family:arial,sans-serif;font-size:13px">Afshin,</span></div><div><br></div><div>I have the same scenario as you and 100% functional, this is my setup.<br><div><br></div><div>&lt;X-PRE-PROCESS cmd=&quot;set&quot; data=&quot;external_rtp_ip=stun:<a href="http://stun.freeswitch.org">stun.freeswitch.org</a>&quot;/&gt;</div>
<div>&lt;X-PRE-PROCESS cmd=&quot;set&quot; data=&quot;external_sip_ip=stun:<a href="http://stun.freeswitch.org">stun.freeswitch.org</a>&quot;/&gt;</div><br>&lt;param name=&quot;apply-nat-acl&quot; value=&quot;nat.auto&quot;/&gt;<br>
<br><div>&lt;param name=&quot;rtp-ip&quot; value=&quot;$${local_ip_v4}&quot;/&gt;</div><div>&lt;param name=&quot;sip-ip&quot; value=&quot;$${local_ip_v4}&quot;/&gt;</div><div>&lt;param name=&quot;ext-rtp-ip&quot; value=&quot;$${external_rtp_ip}&quot;/&gt;<br>
</div><div>&lt;param name=&quot;ext-sip-ip&quot; value=&quot;$${external_sip_ip}&quot;/&gt;</div></div><div><br></div><div><div><div>I&#39;m new around here, so let&#39;s wait for a response from some expert. </div><div><br>
</div><div>good settings</div></div></div><div><br></div><div>Doug</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Sat, Aug 16, 2014 at 2:02 PM, afshin afzali <span dir="ltr">&lt;<a href="mailto:a.afzali2003@gmail.com" target="_blank">a.afzali2003@gmail.com</a>&gt;</span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div>Hi<span name="Douglas Adami"> Douglas,<br><br></span></div><span name="Douglas Adami">Thanks for your reply,<br>
</span></div><div><span name="Douglas Adami">I)<br></span> <br>
In my scenario both of FreeSWITCH and client are behind the firewall.<br><br></div><div>II)<br> <br>&lt;X-PRE-PROCESS cmd=&quot;set&quot; data=&quot;bind_server_ip=auto&quot;/&gt;<br>&lt;X-PRE-PROCESS cmd=&quot;set&quot; data=&quot;external_rtp_ip=X.Y.Z.W&quot;/&gt;<br>

&lt;X-PRE-PROCESS cmd=&quot;set&quot; data=&quot;external_sip_ip=X.Y.Z.W&quot;/&gt;<br><br></div><div>I have a static public IP (for Freeswitch) and I know what it is so I specified it explicitly.<br><br>Do I have to set bind_server_ip to a specific IP in case of NAT traversal as I specified local IP addresses for sip and rtp?<br>

<br></div><div>III) <br>in the SIP profile<br>&lt;param name=&quot;sip-ip&quot; value=&quot;192.168.10.59&quot;/&gt;<br>&lt;param name=&quot;rtp-ip&quot; value=&quot;192.168.10.59&quot;/&gt;<br>&lt;param name=&quot;ext-sip-ip&quot; value=&quot;X.Y.Z.W&quot;/&gt;<br>

&lt;param name=&quot;ext-rtp-ip&quot; value=&quot;X.Y.Z.W&quot;/&gt;<br></div><div>for apply-nat-acl I examined nat.auto, rfc1918, ... :(<br><br></div><div>I did not refer to external_sip_ip / external_rtp_ip vaiables in the SIP profile and explicitly defined external static IP.<br>

</div><div><br></div><div><br></div><div>BEST,<br><br></div><div>Afshin<br></div><span name="Douglas Adami"><br></span></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><br><div class="gmail_quote">On Sat, Aug 16, 2014 at 5:01 PM, Douglas Adami <span dir="ltr">&lt;<a href="mailto:webmaster.rumodigital@gmail.com" target="_blank">webmaster.rumodigital@gmail.com</a>&gt;</span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi,<div><br></div><div><div>NAT scenario, correct?</div><div><a href="https://confluence.freeswitch.org/display/FREESWITCH/NAT+Traversal" target="_blank">https://confluence.freeswitch.org/display/FREESWITCH/NAT+Traversal</a><br>


</div><div><br></div><div>try this:<br><br><div>vars.xml</div><div>&lt;X-PRE-PROCESS cmd=&quot;set&quot; data=&quot;bind_server_ip=<a href="http://my.domain.com" target="_blank">my.domain.com</a>&quot;/&gt;</div><div>&lt;X-PRE-PROCESS cmd=&quot;set&quot; data=&quot;external_sip_ip=stun:<a href="http://stun.freeswitch.org" target="_blank">stun.freeswitch.org</a>&quot;/&gt;</div>


<div>&lt;X-PRE-PROCESS cmd=&quot;set&quot; data=&quot;external_rtp_ip=stun:<a href="http://stun.freeswitch.org" target="_blank">stun.freeswitch.org</a>&quot;/&gt;</div><div><br></div><div><br></div><div>sip_profiles:</div>

<div><br></div>
<div><span style="font-family:arial,sans-serif;font-size:13px">sipinterface_1</span>.xml</div><div>&lt;param name=&quot;apply-nat-acl&quot; value=&quot;nat.auto&quot;/&gt;<br></div><div><div>&lt;param name=&quot;ext-sip-ip&quot; value=&quot;$${external_sip_ip}&quot;/&gt;</div>


</div><div>&lt;param name=&quot;ext-rtp-ip&quot; value=&quot;$${external_rtp_ip}&quot;/&gt; <br></div><div><br>Doug</div></div></div><div><div style="margin:0px;padding:0px;color:rgb(51,51,51);font-size:14px;line-height:20px;overflow:hidden;border-bottom-left-radius:3px;border-bottom-right-radius:3px;font-family:Arial,sans-serif;background-image:initial;background-repeat:initial">


<div style="margin:0px;padding:0px"></div></div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote"><div><div>On Sat, Aug 16, 2014 at 7:26 AM, afshin afzali <span dir="ltr">&lt;<a href="mailto:a.afzali2003@gmail.com" target="_blank">a.afzali2003@gmail.com</a>&gt;</span> wrote:<br>


</div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div><div dir="ltr"><div><div><div>Hi Miguel,<br><br></div>I do not understand how the ACL (if you mean apply-nat-acl) can effects on using public IP in SDP when I specified both ext-sip-ip and ext-rtp-ip in sip profile! <br>


</div>
I changed the apply-nat-acl to a &quot;always allow&quot; and &quot;rfc1918&quot; but does not make difference.<span><font color="#888888"><br><br></font></span></div><span><font color="#888888">Afshin<br>
</font></span></div><div><div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Aug 14, 2014 at 3:18 PM, Miguel Oyarzo <span dir="ltr">&lt;<a href="mailto:miguelaustro@gmail.com" target="_blank">miguelaustro@gmail.com</a>&gt;</span> wrote:<br>



<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><br>Wrong ACL?</div></div><div class="gmail_extra"><br><br><div class="gmail_quote"><div><div>
On Wed, Aug 13, 2014 at 10:06 PM, afshin afzali <span dir="ltr">&lt;<a href="mailto:a.afzali2003@gmail.com" target="_blank">a.afzali2003@gmail.com</a>&gt;</span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div><div dir="ltr"><div><div><div>Hi FreeSWITCHers:<br><br></div>I configured a sip profile as bellow:<br>



<br>=================================================================================================<br>
Name                    sipinterface_1<br>
Domain Name             N/A<br>Auto-NAT                false<br>DBName                  sofia_reg_sipinterface_1<br>Pres Hosts       <br>Dialplan                XML<br>Context                 context_1<br>Challenge Realm         auto_to<br>





RTP-IP                  192.168.10.59<br>Ext-RTP-IP              <span style="background-color:rgb(61,133,198)">X.Y.Z.W</span><br>SIP-IP                  192.168.10.59<br>Ext-SIP-IP               <span style="background-color:rgb(61,133,198)">X.Y.Z.W</span><br>





URL                     sip:mod_sofia@X.Y.Z.W:5060<br>BIND-URL                sip:mod_sofia@X.Y.Z.W:5060;maddr=192.168.10.59;transport=udp,tcp<br>HOLD-MUSIC              N/A<br>OUTBOUND-PROXY          N/A<br>CODECS IN               G722,PCMU,PCMA,GSM<br>





CODECS OUT              G722,PCMU,PCMA,GSM<br>TEL-EVENT               101<br>DTMF-MODE               rfc2833<br>CNG                     13<br>SESSION-TO              0<br>MAX-DIALOG              0<br>NOMEDIA                 false<br>





LATE-NEG                false<br>PROXY-MEDIA             false<br>ZRTP-PASSTHRU           false<br>AGGRESSIVENAT           true<br>CALLS-IN                0<br>FAILED-CALLS-IN         0<br>CALLS-OUT               0<br>FAILED-CALLS-OUT        0<br>





REGISTRATIONS           1<br><br></div>for every INVITE that comes in via this profile, FS replys with this SDP:<br>   <br>   v=0<br>   o=FreeSWITCH 1407905843 1407905844 IN IP4 <span style="background-color:rgb(255,0,0)">192.168.10.59</span><br>





   s=FreeSWITCH<br>   c=IN IP4 <span style="background-color:rgb(255,0,0)">192.168.10.59</span><br>   t=0 0<br>   m=audio 25142 RTP/AVP 0 101<br>   a=rtpmap:0 PCMU/8000<br>   a=rtpmap:101 telephone-event/8000<br>   a=fmtp:101 0-16<br>





   a=ptime:20<br><br></div>Although the Contact header of 200 OK is correct :<br>Contact: &lt;sip:4000@<span style="background-color:rgb(106,168,79)">X.Y.Z.W</span>:5060;transport=udp&gt;<br><div><br><br></div><div>Appreciate all comments,<br>





</div><div>-- Afshin<br></div></div>
<br></div></div>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><span><font color="#888888"><br><br clear="all"><br>-- <br><div dir="ltr"><div><span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">&quot;Efficiency is doing things right; effectiveness is doing the right things</span><span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> (Peter Drucker)</span>&quot;<br>




</span></div><br><div><span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">Miguel Oyarzo</span><br style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">




<span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">DevOps &amp; VoIP Engineer</span><br style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">




<span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">Linux User: # 483188 - </span><font color="#888888" face="arial, sans-serif"><a href="http://counter.li.org" target="_blank">counter.li.org</a></font><br style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">




<span style="background-color:rgb(255,255,255)"><font color="#888888" face="arial, sans-serif"><a href="http://au.linkedin.com/in/mikeaustralia" target="_blank">http://au.linkedin.com/in/mikeaustralia</a> </font><br><font color="#888888" face="arial, sans-serif">Melbourne, Australia</font></span>
</div></div>
</font></span></div>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div>
</div></div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
</div></div><a href="http://confluence.freeswitch.org" target="_blank">http://confluence.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><div><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br></div><div>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br></div></blockquote></div><br></div>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" target="_blank">http://confluence.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br></div>
</div></div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" target="_blank">http://confluence.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br></div>