Home > Asterisk, networking > Asterisk (Trixbox) and NAT

Asterisk (Trixbox) and NAT

I’ve run into this several times. If an asterisk server is behind a firewall using NAT, you need to modify sip.conf for sip clients to work properly. Without it audio can be one-way or broken altogether.

You’ll need the external hostname of the asterisk server (e.g. asterisk.company.com) external ip of the asterisk server (e.g. 123.123.123.123), and the internal network addressing (e.g. 192.168.1.x with subnet mask of 255.255.255.0)

from a ssh session in terminal:

nano /etc/asterisk/sip.conf

replace contents of file with this:

; Note: If your SIP devices are behind a NAT and your Asterisk
; server isn’t, try adding “nat=1” to each peer definition to
; solve translation problems.

[general]
externhost = asterisk.company.com
externip=123.123.123.123 ; the ip address your ISP gives you
localnet=192.168.1.0/255.255.255.0
nat=yes
port = 5060 ; Port to bind to (SIP is 5060)
bindaddr = 0.0.0.0 ; Address to bind to (all addresses on machine)
disallow=all ; Modify these to meet your codec needs
allow=ulaw
allow=alaw
allow=g729
allow=gsm

; If you need to answer unauthenticated calls, you should change this
; next line to ‘from-trunk’, rather than ‘from-sip-external’.
; You’ll know this is happening if when you call in you get a message
; saying “The number you have dialed is not in service. Please check the
; number and try again.”
context = from-sip-external ; Send unknown SIP callers to this context
callerid = Unknown
tos=0x68

; #, in this configuration file, is NOT A COMMENT. This is exactly
; how it should be.
#include sip_nat.conf
#include sip_custom.conf
#include sip_additional.conf

[control-x to exit, Y to save the file]

amportal stop

amportal start

The last two commands will stop and start your server quickly (and rather rudely to users), so restart asterisk in whatever way makes sense.

For NAT to work for external phones, the extension will need to have nat=yes specified, and the phone will have to have it specified as well. The procedure for different types of phones varies.

Advertisements
Categories: Asterisk, networking
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: