Curious Problem With NAT

Home » Asterisk Users » Curious Problem With NAT
Asterisk Users 11 Comments

Hi list!

Since the internal calls work as expected and I can register my Asterisk on an external provider, I’d like to add a new feature and allow my mobile phone to connect to my Asterisk and manage calls.

Well, first of all, my Asterisk is NOT direct on Internet available, but behind a NAT. So I configured my sip.conf:

localnet2.168.200.0/24
externhost=myhost.noip.com externrefresh0

Then I added the peer in my users.con:

[00491771111111]
fullname = 00491771111111
secret = MYVERYSECRET
type=peer nat=yes qualify=yes qualifyfreq`
hassip = yes dahdichan = 1
transport=udp,tcp callwaiting = no context = default host = dynamic dtmfmode=rfc2833
dial=SIP/00491771111111

and finally “core reload”.

On my Gateway I configured the NAT so:

/sbin/iptables -t nat -A PREROUTING -p udp –sport 6060 -j DNAT –to-destination 192.168.200.120:5060
/sbin/iptables -t nat -A PREROUTING -p tcp –sport 6060 -j DNAT –to-destination 192.168.200.120:5060
/sbin/iptables -t nat -A PREROUTING -p udp –dport 6060 -j DNAT –to-destination 192.168.200.120:5060
/sbin/iptables -t nat -A PREROUTING -p tcp –dport 6060 -j DNAT –to-destination 192.168.200.120:5060

Well, the phone connect to the server and I can see it reachable:

OpenWrt*CLI> sip show peers Name/username Host Dyn Forcerport ACL Port Status
00491771111111/0049177111 192.168.200.3 D N 40702 OK (1768 ms)

Well, now I call the mobile phone from another peer. It rings and I can answer the call. Wonderful!

But no word will be sent… 🙁
I cannot hear anything on my mobile phone and I cannot transmit a single word….

I tried to connect my mobile phone to a public VoIP-Provider and it works as expected, so I’m sure that the problem is on my network, but I can’t find it…

What am I doing wrong?

Thanks a lot Luca Bertoncello
(lucabert@lucabert.de)

11 thoughts on - Curious Problem With NAT

  • Ashwin Surendran schrieb:

    No, not yet… I’ll try later and report to the list…

    Have I to define (in Asterisk or Gateway) the ports?

    Thanks Luca bertoncello
    (lucabert@lucabert.de)

  • Ashwin Surendran schrieb:

    OK, tried… I can transmit from my phone (aka: I hear my voice on another phone), but I’m not able to receive data (aka: I cannot hear what I say on the other phone).

    Other suggestion?

    Thanks Luca Bertoncello
    (lucabert@lucabert.de)

  • What settings have you got for directmedia?

    Could you try

    nat=force_rport,comedia

    directmedia=no

    -Ashwin

    —–Original Message—

  • Ashwin Surendran schrieb:

    Tried. Peer always unreachable, call not possible… 🙁

    Other idea?

    Thanks Luca Bertoncello
    (lucabert@lucabert.de)

  • Are you using the wifi on on the cellphone? The peer IP is showing as
    192.168.200.3 which is not a routable address. Unless things have changed, double NAT configurations do not work.

    Thanks, Steve T

  • Zitat von Steve Totaro :

    Hi Steve,

    My Asterisk is behind a NAT, but my cellphone was NOT in NAT, but
    direct in Internet. But maybe my Provider does a NAT, too…

    Very strange is, that I have a very poorly audio-quality, if I use my
    cellphone in my WLAN and connect to my Asterisk. With THE SAME USER, but from a PC in the same Network, the audio
    quality is perfect.

    Any idea?

    Thanks Luca Bertoncello
    (lucabert@lucabert.de)

  • Zitat von Steve Totaro :

    I’m currently not at home. If you say me which debug output you wish, I can send them as soon
    I’ll be back…

    Thanks Luca Bertoncello
    (lucabert@lucabert.de)