Using a different port for Asterisk is not a bad idea. I might just try that. I will return with the results or any follow up questions.

 

 

 

/M

 

From: Daniel-Constantin Mierla <miconda@gmail.com>
Date: Wednesday, 3 September 2025 at 10:54
To: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org>
Cc: Martin Nyström <martin.nystrom@connectel.se>
Subject: Re: [SR-Users] Kamailio behind NAT

CAUTION: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

 

Hello,

 

the simplest way is to listen on another port (e.g., 5080) and use that socket to communicate with Asterisk. For that listen parameter, do not set the advertise address. You can use $fs or force_send_socket() to specify the socket to be used for sending out to Asterisk.

 

The alternative is to play in the config file with the function of the rr module that allow you to set the address in the Record-/Route headers, but it may increase the complexity of the config.

 

Cheers,
Daniel

 

On 03.09.25 10:42, Martin Nyström via sr-users wrote:

Hello,

 

I am not successful in my attempts to configure my Kamailio to work behind NAT.

 

The flow of an incoming call is Provider (Internet) -> AWS LoadBalancer -> Kamailio -> Asterisk

 

Both the Kamailio and Asterisk is on the internal network. The issue I am having is that I need to add Record-Route to the traffic sent back towards the provider, but not to the Asterisk. Currently when I add the record_route() the header is sent to Asterisk which makes it reply to the Kamailio advertised external address for ACKs, BYEs etc.

 

I have dumbed down my Kamailio config as much as possible for this, to show what I am currently doing.

 

 

debug=2

log_stderror=yes

fork=yes

tcp_accept_no_cl=yes

onsend_route_reply=yes

pv_buffer_size=2048

enable_tls=1

 

listen=udp:<LOCAL_IP>:5060 advertise <EXTERNAL_DOMAIN>:5060

listen=tcp:<LOCAL_IP>:5060 advertise <EXTERNAL_DOMAIN>:5060

listen=tls:<LOCAL_IP>:5061 advertise <EXTERNAL_DOMAIN>:5061

 

local_rport=on

 

mpath="/usr/local/lib/kamailio/modules_k/:/usr/lib/x86_64-linux-gnu/kamailio/modules/"

 

# MODULES

loadmodule "..."

 

route {

 

                route(FROM_PROVIDER);

 

}

 

 

route[RELAY] {

 

                if(!t_relay()) {

 

                                sl_reply_error();

 

                }

 

                exit;

 

}

 

route[FROM_PROVIDER] {


               # The Asterisk that should not receive the external dns in the record route header

                ds_select_dst(100, 4);

 

                # INFO: This adds the Record-Route in all directions

                if(!has_totag()) {

                                record_route();

                }

                               

                route(RELAY);

                exit;

 

}

 

 

 

 

 

/M



__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions -- sr-users@lists.kamailio.org
To unsubscribe send an email to sr-users-leave@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender!

 

-- 
Daniel-Constantin Mierla (@ asipto.com)
twitter.com/miconda -- linkedin.com/in/miconda
Kamailio Consultancy, Training and Development Services -- asipto.com