<html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">You need to define another listen= without the advertise for communication with internal servers. Either another IP or another port.<div class=""><br class=""></div><div class="">/O<br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On 6 Sep 2020, at 17:34, Moshe Katz <<a href="mailto:kohenkatz@gmail.com" class="">kohenkatz@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">Hello all,<div class=""><br class=""></div><div class="">(Note: I previously posted a more detailed version of this question on StackOverflow at <a href="https://stackoverflow.com/q/63760506/829970" class="">https://stackoverflow.com/q/63760506/829970</a> . This version is simplified to fit better in an email.)</div><div class=""><br class=""></div><div class="">I have Kamailio 5.4.1 (and RTPEngine) running on an internal server with a private IP address 172.31.7.96 and One-to-one NAT to an external IP address. The external IP is 192.0.2.100. (Note: The internal IP addresses are all unedited, but the public IPs have been replaced with TEST-NET-1 and TEST-NET-2 example addresses.) I will eventually be doing transcoding with RTPEngine, but for now this is a simple SIP Proxy.<br class=""></div><div class=""><br class=""></div><div class="">Kamailio is installed on Ubuntu 18.04 using the DEB packages from <a href="http://dev.kamailio.org/kamailio54" class="">dev.kamailio.org/kamailio54</a> and is using the stock configuration that comes with those packages, except for the following changes:</div><div class=""><br class=""></div><div class=""><pre style="margin-top:0px;margin-bottom:1.6em;padding:12px;border:0px;font-variant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;line-height:1.30769;font-family:Consolas,Menlo,Monaco,"Lucida Console","Liberation Mono","DejaVu Sans Mono","Bitstream Vera Sans Mono","Courier New",monospace,sans-serif;font-size:13px;vertical-align:baseline;box-sizing:inherit;width:auto;max-height:600px;overflow:auto;border-radius:5px" class=""><code style="margin:0px;padding:0px;border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;line-height:inherit;font-family:Consolas,Menlo,Monaco,"Lucida Console","Liberation Mono","DejaVu Sans Mono","Bitstream Vera Sans Mono","Courier New",monospace,sans-serif;vertical-align:baseline;box-sizing:inherit;background-color:transparent;white-space:inherit;border-radius:0px" class="">#!define WITH_NAT
#!define WITH_RTPENGINE
#!define WITH_MYSQL
#!define WITH_AUTH
#!define WITH_IPAUTH
listen=udp:<a href="http://0.0.0.0:5060/" class="">0.0.0.0:5060</a> advertise <a href="http://192.0.2.100:5060/" class="">192.0.2.100:5060</a>
#!define DBURL "mysql://<a href="http://kamailio:REAL_PASSWORD_HERE@127.0.0.1/kamailio" class="">kamailio:REAL_PASSWORD_HERE@127.0.0.1/kamailio</a>"</code></pre></div><div class=""><br class=""></div><div class="">I have internal SIP servers with private IP addresses in the <a href="http://172.31.7.0/24" class="">172.31.7.0/24</a> range that I want to have send all SIP traffic through the Kamailio server. The internal servers are running a Java SIP client with the `OUTBOUND_PROXY` setting set to 172.31.7.96.</div><div class=""><br class=""></div><div class="">The problem I have is that the SIP `200 OK` message sent by Kamailio to my SIP server has its `Record-Route` header set to the public IP address `192.0.2.100` instead of the private address `172.31.7.96`. The SIP client therefore tries to send the `ACK` message back to the public address, but it has no route to the public address so the ACK never gets sent.</div><div class=""><br class=""></div><div class="">How can I configure Kamailio to use the public IP for external traffic but the private IP for communicating with internal machines on the same subnet?</div><div class=""><br class=""></div><div class="">I tried setting `mhomed=1`, but the machine isn't actually multi-homed so that didn't work.</div><div class=""><br class=""></div><div class="">I thought of adding a second listen line `<span style="background-color:transparent;font-family:Consolas,Menlo,Monaco,"Lucida Console","Liberation Mono","DejaVu Sans Mono","Bitstream Vera Sans Mono","Courier New",monospace,sans-serif;font-style:inherit;font-variant-ligatures:inherit;font-variant-caps:inherit;font-weight:inherit;white-space:inherit;font-size:13px" class="">listen=udp:<a href="http://172.31.7.96:5061/" class="">172.31.7.96:5061</a></span>` and having the internal servers talk to port 5061, but that doesn't work because Kamailio uses the 5061 definition for the external side too.</div><div class=""><br class=""></div><div class="">I see in the docs that it is possible to name the listener lines, but I don't understand how to use those names in a way that would be relevant to my issue.</div><div class=""><br class=""></div><div class="">Thank you very much for your help,</div><div class=""><br class=""></div><div class="">Moshe</div></div>
_______________________________________________<br class="">Kamailio (SER) - Users Mailing List<br class=""><a href="mailto:sr-users@lists.kamailio.org" class="">sr-users@lists.kamailio.org</a><br class="">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users<br class=""></div></blockquote></div><br class=""></div></body></html>