<div dir="ltr">Aside from the obvious question: why do you need to use STUN in the first place considering you already have a proxy that handles far-end NAT traversal...?<div><br></div><div>All those FLT/FLB NAT related flags are quite frankly confusing, especially if you didn't take your time to really understand what's going on. You don't need all that, none I'd say. Just get to really understand what is to be done at the proxy level when a request/reply is received.<br></div><div><br></div><div>The default NATMANAGE route is written to handle phones registering directly with the proxy. Your setup is different by interacting between UACs and Asterisk on the other side, which has his own techniques of handling NAT (another hint for you here).</div><div><br></div><div>One last but important thing: do yourself a favor and install <a href="https://github.com/irontec/sngrep">sngrep</a>. Use it and you'll find the problem in no time.</div><div><br></div><div>Good luck.</div></div><br><div class="gmail_quote"><div dir="ltr">On Fri, Oct 5, 2018 at 8:40 AM Kevin Olbrich <<a href="mailto:ko@sv01.de" target="_blank">ko@sv01.de</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr">Hi!<div><br></div><div>I noticed a minor problem when I set up the STUN config of my phone.</div><div>When the server is set, I am unable to reach the endpoint from kamailio (Phone1 -> Kamailio -> Asterisk -> same Kamilio -> no outgoing SIP flow to Phone2).</div><div>If I do not set it, it seems to fallback to it's RFC1918 address which is then detected by nat_uac_test() and I can reach the phone.</div><div><br></div><div>During my tests with Asterisk directly, this did not make any difference. Seems like Asterisk checks more than FLAG 19/8 in nat_uac_test().</div><div>If I am right, I strictly used the SIP source port for answers instead of any self-detection using STUN or similar.</div><div><br></div><div>My kamailio node is connected to the internet directly and 95 percent of (planned) phones are behind random NATs.</div><div><br></div><div>In example kamailio.cfg there are these settings:</div><div><br></div><div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"># Caller NAT detection<br>route[NATDETECT] {<br>#!ifdef WITH_NAT<br><span style="white-space:pre-wrap"> </span>force_rport();<br><span style="white-space:pre-wrap"> </span>if (nat_uac_test("19")) {<br><span style="white-space:pre-wrap"> </span>if (is_method("REGISTER")) {<br><span style="white-space:pre-wrap"> </span>fix_nated_register();<br><span style="white-space:pre-wrap"> </span>} else {<br><span style="white-space:pre-wrap"> </span>if(is_first_hop()) {<br><span style="white-space:pre-wrap"> </span>set_contact_alias();<br><span style="white-space:pre-wrap"> </span>}<br><span style="white-space:pre-wrap"> </span>}<br><span style="white-space:pre-wrap"> </span>setflag(FLT_NATS);<br><span style="white-space:pre-wrap"> </span>}<br>#!endif<br><span style="white-space:pre-wrap"> </span>return;<br>}</blockquote><div><br></div><div>AND (modified for direct RTP flow):</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> # RTPProxy control and signaling updates for NAT traversal<br>route[NATMANAGE] {<br>#!ifdef WITH_NAT<br><span style="white-space:pre-wrap"> </span>if (is_request()) {<br><span style="white-space:pre-wrap"> </span>if(has_totag()) {<br><span style="white-space:pre-wrap"> </span>if(check_route_param("nat=yes")) {<br><span style="white-space:pre-wrap"> </span>setbflag(FLB_NATB);<br><span style="white-space:pre-wrap"> </span>}<br><span style="white-space:pre-wrap"> </span>}<br><span style="white-space:pre-wrap"> </span>}<br><span style="white-space:pre-wrap"> </span>if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return;<br><span style="white-space:pre-wrap"> </span>if(nat_uac_test("8")) {<br><span style="white-space:pre-wrap"> </span>fix_nated_sdp("15");<br><span style="white-space:pre-wrap"> </span>if (is_request()) {<br><span style="white-space:pre-wrap"> </span>if (!has_totag()) {<br><span style="white-space:pre-wrap"> </span>if(t_is_branch_route()) {<br><span style="white-space:pre-wrap"> </span>add_rr_param(";nat=yes");<br><span style="white-space:pre-wrap"> </span>}<br><span style="white-space:pre-wrap"> </span>}<br><span style="white-space:pre-wrap"> </span>}<br><span style="white-space:pre-wrap"> </span>if (is_reply()) {<br><span style="white-space:pre-wrap"> </span>if(isbflagset(FLB_NATB)) {<br><span style="white-space:pre-wrap"> </span>if(is_first_hop())<br><span style="white-space:pre-wrap"> </span>set_contact_alias();<br><span style="white-space:pre-wrap"> </span>}<br><span style="white-space:pre-wrap"> </span>}<br>#!endif<br><span style="white-space:pre-wrap"> </span>return;<br>}</blockquote><div><br></div><div>I checked the docs but I am not sure which FLAGs are safe to use (or break things).</div><div><br></div></div><div>Any thoughts or hints are welcome.</div><div><br></div><div>Thank you very much!</div><div><br></div><div>Kind regards</div><div>Kevin</div></div></div></div></div>
_______________________________________________<br>
Kamailio (SER) - Users Mailing List<br>
<a href="mailto:sr-users@lists.kamailio.org" target="_blank">sr-users@lists.kamailio.org</a><br>
<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><br>
</blockquote></div>