[Freeswitch-users] FreeSWITCH behind NAT

Tihomir Culjaga tculjaga at gmail.com
Thu Feb 1 20:14:51 UTC 2018 

well, here is something you may find interesting:
https://www.youtube.com/watch?v=_WSx-T6TriI

have fun :=)

On 30 January 2018 at 19:03, Mundkowsky, Robert <rmundkowsky at ets.org> wrote:

> I am not an expert, you should get help from FS staff, but anyways, here
> is some info:
>
> > 1. Do ports need to be opened on the firewall under all circumstances?
> > UDP ports for RTP, for instance.
>
> Yes. If you block the ports then nothing can get thru.  For SIP/RTP, you
> need the SIP port open, and you need a range of ports open for RTP. See the
> configuration files for the port numbers.
>
> If you use WSS, then you need the WSS port open.
>
>
> > 2. Is this always a good idea to enable in sip_profiles/internal.xml?
> > <param name="nat-options-ping" value="true"/>
>
> Maybe. Some software does not support OPTIONS messages. If it yours does
> then yeah use it.  See https://freeswitch.org/
> confluence/display/FREESWITCH/NAT+Traversal
>
> > 3. Is it necessary/recommended to have STUN enabled in vars.xml AND
> > setup the nat-options-ping?
>
> I guess here, if you or your client are behind an asymmetric NAT then you
> need a STUN server. If a symmetric NAT then you need TURN server.  Keep in
> mind your clients might have all kinds of different situations.
>
>
> > 4. my sip_profile/internal.xml has this:
> > <param name="ext-rtp-ip" value="auto-nat"/> <param name="ext-sip-ip"
> > value="auto-nat"/>
> >
> > Is this an improvement over what's  in confluence of:
> > <param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
>
> Not sure, read up on it https://freeswitch.org/
> confluence/display/FREESWITCH/Auto+Nat
>
>
> > 5. If the endpoints are configured to connect using TCP, does any of
> > this change what's above?
>
> Not sure, but my guess is no
>
> Robert
>
> -----Original Message-----
> From: FreeSWITCH-users [mailto:freeswitch-users-
> bounces at lists.freeswitch.org] On Behalf Of jungle boogie
> Sent: Tuesday, January 30, 2018 12:15 AM
> To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
> Subject: Re: [Freeswitch-users] FreeSWITCH behind NAT
>
> Hi All,
>
> Can anyone give me some advice? I'll update the docs, if it's needed.
>
> Thanks!
>
> Thus said Jungle Boogie on Sun, 28 Jan 2018 17:51:40 -0800
> > Hi All,
> >
> > I have some questions about this page and what folks do when
> > freeswitch is behind NAT:
> > https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffrees
> > witch.org%2Fconfluence%2Fdisplay%2FFREESWITCH%2FNAT%2BTraversal&data=0
> > 2%7C01%7Crmundkowsky%40ets.org%7C505306e6c453490da26708d567a0f5d5%7C0b
> > a6e9b760b34fae92f37e6ddd9e9b65%7C0%7C0%7C636528863387947052&sdata=L91K
> > SrefIPmwVZLdFSPioL6zcM7Be5MlgxPoyUOU70w%3D&reserved=0
> >
> > 1. Do ports need to be opened on the firewall under all circumstances?
> > UDP ports for RTP, for instance.
> >
> > 2. Is this always a good idea to enable in sip_profiles/internal.xml?
> > <param name="nat-options-ping" value="true"/>
> >
> >
> > 3. Is it necessary/recommended to have STUN enabled in vars.xml AND
> > setup the nat-options-ping?
> >
> >
> > 4. my sip_profile/internal.xml has this:
> > <param name="ext-rtp-ip" value="auto-nat"/> <param name="ext-sip-ip"
> > value="auto-nat"/>
> >
> > Is this an improvement over what's  in confluence of:
> > <param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
> >
> > 5. If the endpoints are configured to connect using TCP, does any of
> > this change what's above?
> >
> > thanks!
>
>
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.
> freeswitchsolutions.com&data=02%7C01%7Crmundkowsky%40ets.org%
> 7C505306e6c453490da26708d567a0f5d5%7C0ba6e9b760b34fae92f37e6ddd9e
> 9b65%7C0%7C0%7C636528863387947052&sdata=qvvmQaISaJ37%
> 2FHkzp8eNafIKcIfvWtYI9WYlMUb3HTs%3D&reserved=0
>
> Official FreeSWITCH Sites
> https://na01.safelinks.protection.outlook.com/?url=
> http%3A%2F%2Fwww.freeswitch.org&data=02%7C01%7Crmundkowsky%40ets.org%
> 7C505306e6c453490da26708d567a0f5d5%7C0ba6e9b760b34fae92f37e6ddd9e
> 9b65%7C0%7C0%7C636528863387947052&sdata=2YGYIAS02v0lG%
> 2ByUtZZdCkzFJCgpYU4eUeGuWfcfnfY%3D&reserved=0
> https://na01.safelinks.protection.outlook.com/?url=
> http%3A%2F%2Fconfluence.freeswitch.org&data=02%7C01%
> 7Crmundkowsky%40ets.org%7C505306e6c453490da26708d567a0f5d5%
> 7C0ba6e9b760b34fae92f37e6ddd9e9b65%7C0%7C0%7C636528863387947052&sdata=
> sWhGrHsJoqBxx9p%2BQ32vxrbyrclq0QCb4llrrfs3QRo%3D&reserved=0
> https://na01.safelinks.protection.outlook.com/?url=
> http%3A%2F%2Fwww.cluecon.com&data=02%7C01%7Crmundkowsky%40ets.org%
> 7C505306e6c453490da26708d567a0f5d5%7C0ba6e9b760b34fae92f37e6ddd9e
> 9b65%7C0%7C0%7C636528863387947052&sdata=wQP9XZziFFiMIkvWB5zr5DwDK5F5%
> 2BDbNJ3gtJCHhYt8%3D&reserved=0
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> https://na01.safelinks.protection.outlook.com/?url=
> http%3A%2F%2Flists.freeswitch.org%2Fmailman%2Flistinfo%
> 2Ffreeswitch-users&data=02%7C01%7Crmundkowsky%40ets.org%
> 7C505306e6c453490da26708d567a0f5d5%7C0ba6e9b760b34fae92f37e6ddd9e
> 9b65%7C0%7C0%7C636528863387947052&sdata=iKUQA2bDbZh4jgK4eN%
> 2F4sJCiHrEqRXTPyPHedufrJws%3D&reserved=0
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://na01.safelinks.protection.outlook.com/?url=
> http%3A%2F%2Fwww.freeswitch.org&data=02%7C01%7Crmundkowsky%40ets.org%
> 7C505306e6c453490da26708d567a0f5d5%7C0ba6e9b760b34fae92f37e6ddd9e
> 9b65%7C0%7C0%7C636528863387947052&sdata=2YGYIAS02v0lG%
> 2ByUtZZdCkzFJCgpYU4eUeGuWfcfnfY%3D&reserved=0
>
> ________________________________
>
> This e-mail and any files transmitted with it may contain privileged or
> confidential information. It is solely for use by the individual for whom
> it is intended, even if addressed incorrectly. If you received this e-mail
> in error, please notify the sender; do not disclose, copy, distribute, or
> take any action in reliance on the contents of this information; and delete
> it from your system. Any other use of this e-mail is prohibited.
>
>
> Thank you for your compliance.
>
> ________________________________
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20180201/b9ae6af1/attachment.html>

More information about the FreeSWITCH-users mailing list