[Freeswitch-users] RTP NAT problem in Freeswitch 1.2.3
Steven Ayre
steveayre at gmail.com
Fri Jul 12 23:05:55 MSD 2013
If STUN isn't available you can also check if your router supports SIP ALG
which will let your router rewrite the IPs for you. If it works it should
fix both signalling (Contact) and media (SDP).
It's not normally our recommended option though. Some implementations don't
work as well as others, and it can never work with TLS. It might also fail
to recognise any SIP on a non-standard port (eg 5080). It might also
interfere with other SIP clients on your LAN that are handling the NAT
traversal correctly themselves.
-Steve
On 12 July 2013 20:01, Steven Ayre <steveayre at gmail.com> wrote:
> Basically when softphone makes an INVITE to FS it always sends the private
>> IP on the SDP and when the media flow starts it's being sent out by FS to
>> the public lan address resulting on a audioless call. However if the phone
>> sends the public IP on the SDP there's no issue at all.
>
> I know there's a variable available disable_rtp_auto_adjust that shoud
>> make freeswitch ignore the SDP IP and use the INVITE IP instead, but it
>> isn't working for me.
>
>
> The phone needs to send the external IP:port in its SDP, not its internal
> one. That can be done easily if the phone supports STUN. Ditto for the
> Contact header.
>
> Otherwise you'll have to resort to FreeSWITCH's workarounds. For the
> Contact header use
> http://wiki.freeswitch.org/wiki/NDLB#NDLB-connectile-dysfunction, but
> that only covers the SIP signalling.
>
> For SDP the only workaround is rtp auto adjust. Note you want it enabled,
> ie disable_rtp_auto_adjust=false.
>
> FS cannot autoadjust until it receives media from the phone so it knows
> where to send back to. That means you will not hear any ringback, and won't
> hear anything until shortly after the call is answered (the softphone won't
> send media until then).
>
> The best fix is to enable STUN on the phone.
>
> -Steve
>
>
>
>
>
> On 12 July 2013 14:34, Nuno Reis <nreis at wavecom.pt> wrote:
>
>> Good day all.
>>
>> I'm experiencing the following sinptom when using some softphones behind
>> nat on a private LAN, sometimes the same happen with hardphones.
>>
>> Here's the scenario:
>>
>> FS : <public IP> _______ <public IP>LAN ROUTER <private LAN> ---
>> softphone
>>
>> Basically when softphone makes an INVITE to FS it always sends the
>> private IP on the SDP and when the media flow starts it's being sent out by
>> FS to the public lan address resulting on a audioless call. However if the
>> phone sends the public IP on the SDP there's no issue at all.
>> I know there's a variable available disable_rtp_auto_adjust that shoud
>> make freeswitch ignore the SDP IP and use the INVITE IP instead, but it
>> isn't working for me.
>>
>> Here's what i currently have on my internal SIP profile:
>>
>> <profile name="internal">
>> <aliases>
>> </aliases>
>> <gateways>
>> </gateways>
>> <domains>
>> <domain name="all" alias="true"
>> parse="false"/>
>> </domains>
>> <settings>
>> <param name="debug" value="0"/>
>> <param name="sip-trace" value="no"/>
>> <param name="sip-capture" value="no"/>
>> <param name="watchdog-enabled"
>> value="no"/>
>> <param name="watchdog-step-timeout"
>> value="30000"/>
>> <param name="watchdog-event-timeout"
>> value="30000"/>
>> <param name="log-auth-failures"
>> value="true"/>
>> <param
>> name="forward-unsolicited-mwi-notify" value="false"/>
>> <param name="context" value="public"/>
>> <param name="rfc2833-pt" value="101"/>
>> <param name="sip-port" value="5060"/>
>> <param name="dialplan" value="XML"/>
>> <param name="dtmf-duration" value="2000"/>
>> <param name="inbound-codec-prefs"
>> value="H264,G722,PCMA,GSM"/>
>> <param name="outbound-codec-prefs"
>> value="H264,G722,PCMA,GSM"/>
>> <param name="rtp-timer-name"
>> value="soft"/>
>> <param name="rtp-ip" value="<PUBLIC_IP>"/>
>> <param name="sip-ip" value="<PUBLIC_IP>"/>
>> <param name="hold-music"
>> value="local_stream://moh"/>
>> <param name="apply-inbound-acl"
>> value="domains"/>
>> <param name="apply-nat-acl"
>> value="rfc1918"/>
>> <param name="local-network-acl"
>> value="localnet.auto"/>
>> <param name="record-path"
>> value="/opt/freeswitch/recordings"/>
>> <param name="record-template"
>> value="${caller_id_number}.${target_domain}.${strftime(%Y-%m-%d-%H-%M-%S)}.wav"/>
>> <param name="manage-presence"
>> value="true"/>
>> <param name="presence-privacy" value=""/>
>> <param name="inbound-codec-negotiation"
>> value="generous"/>
>> <param name="tls" value="true"/>
>> <param name="tls-only" value="false"/>
>> <param name="tls-bind-params"
>> value="transport=tls"/>
>> <param name="tls-sip-port" value="5061"/>
>> <param name="tls-cert-dir"
>> value="/opt/freeswitch/conf/ssl"/>
>> <param name="tls-passphrase" value=""/>
>> <param name="tls-verify-date"
>> value="true"/>
>> <param name="tls-verify-policy"
>> value="none"/>
>> <param name="tls-verify-depth" value="2"/>
>> <param name="tls-verify-in-subjects"
>> value=""/>
>> <param name="tls-version" value="sslv23"/>
>> <param name="odbc-dsn"
>> value="freeswitch:user:password"/>
>> <param name="nonce-ttl" value="60"/>
>> <param name="auth-calls" value="true"/>
>> <param
>> name="inbound-reg-force-matching-username" value="true"/>
>> <param name="auth-all-packets"
>> value="false"/>
>> <param name="rtp-timeout-sec"
>> value="300"/>
>> <param name="rtp-hold-timeout-sec"
>> value="1800"/>
>> <param name="challenge-realm"
>> value="auto_from"/>
>> <param name="ext-rtp-ip"
>> value="<PUBLIC_IP>"/>
>> <param name="ext-sip-ip"
>> value="<PUBLIC_IP>"/>
>> <param name="presence-hosts"
>> value="_DISABLED_"/>
>> <param
>> name="NDLB-received-in-nat-reg-contact" value="true"/>
>> <param name="NDLB-broken-auth-hash"
>> value="true"/>
>> <param name="dbname"
>> value="share_presence"/>
>> <param name="send-presence-on-register"
>> value="true"/>
>> <param name="manage-shared-appearance"
>> value="true"/>
>> <param
>> name="registration-thread-frequency" value="30"/>
>> <param name="enable-timer" value="false"/>
>> <param name="aggressive-nat-detection"
>> value="true"/>
>> <param
>> name="send-message-query-on-register" value="true"/>
>> <param name="all-reg-options-ping"
>> value="true"/>
>> <param name="sip-force-expires"
>> value="3600"/>
>> <param name="sip-expires-max-deviation"
>> value="300"/>
>> <param name="multiple-registrations"
>> value="contact"/>
>> </settings>
>> </profile>
>>
>> Any suggestions on how to make FS use the INVITE IP for RTP instead of
>> using the IP on the SDP?
>>
>> Looking forward to hear from you.
>>
>> Best Regards,
>> *
>>
>> Nuno Miguel Reis* | *Unified Communication** Systems*
>>
>> M. +351 913907481 | nreis at wavecom.pt
>> WAVECOM-Soluções Rádio, S.A.
>> Cacia Park | Rua do Progresso, Lote 15
>> 3800-639 AVEIRO | Portugal
>> T. +351 309 700 225 | F. +351 234 919 191
>> *GPS<http://maps.google.com/maps/ms?msa=0&msid=202333747613191340808.0004b4b227a6144f0df88>|
>> www.wavecom.pt** <http://www.wavecom.pt/>*
>>
>> [image: Description: Description: WavecomSignature]<http://www.wavecom.pt/pt/wavecom/premios.php>
>>
>> [image: Publicity] <http://www.wavecom.pt/pt/mail_eventos.php>
>>
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>>
>>
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130712/69d9c8d6/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 16423 bytes
Desc: not available
Url : http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130712/69d9c8d6/attachment-0001.png
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list