Hi List,
I wonder if you could share your experience with me of running SER behind NAT. Are there any known problems with doing it this way? - Server side NAT and have SER fix NAT'ed clients and (Media)Proxying them where needed.
My specific setup is as follows:- SER(0.9.13) with a static private IP Firewall performing static on-to-one NAT
Users will be on public IP's/(behind NAT)
Does this cause any problems with the SIP/SDP packets?
Also it is the intention to run Asterisk in the same way to provide voicemail, will this setup produce any foreseeable problems?
Many Thanks,
Alan
No problems. You just have to make sure that your ser.cfg announces the public IP using record_route_preset("public_ip") and that you have an alias with the public IP. However, running mediaproxy or rtpproxy behind NAT requires a small patch to make sure the public and not listening address. See below for the patch for version 1.2.1, it adds a --vip option for you to specify the public IP to be used in the payload. g-)
*** mediaproxy-1.2.1/mediaproxy.py 2005-01-24 18:54:54.000000000 +0100 --- ../mediaproxy/mediaproxy.py 2005-04-18 14:28:36.000000000 +0200 *************** *** 27,32 **** --- 27,35 ---- parser.add_option("--ip", dest="proxyIP", type="ip", default=None, help="use this IP to talk to the RTP parties (first found)", metavar="IP") + parser.add_option("--vip", dest="virtualIP", type="ip", default=None, + help="use this IP in SDP payload (for NATed mediaproxy servers)", + metavar="IP") parser.add_option("--ports", dest="ports", type='ports', default=(35000, 65000), help="rtp port range (35000:65000)", metavar="min:max") *************** *** 70,75 **** --- 73,79 ---- if options.listenAddr is not None: rtphandler.tcpListenAddress = options.listenAddr rtphandler.proxyIP = proxyIP + rtphandler.virtualIP = options.virtualIP rtphandler.minPort = options.ports[0] rtphandler.maxPort = options.ports[1] rtphandler.TOS = options.tos
*** mediaproxy-1.2.1/modules/rtphandler.py 2005-02-04 22:31:24.000000000 +0100 --- ../mediaproxy/modules/rtphandler.py 2005-04-18 14:25:45.000000000 +0200 *************** *** 25,30 **** --- 25,31 ---- forceClose = 0 ## Close a sesion after this much time (0 for no timeout)
proxyIP = '0.0.0.0' + virtualIP = '0.0.0.0' minPort = 35000 ## Must be even!!! maxPort = 65000 ## Must be even!!! crtPort = minPort ## Must be even!!! *************** *** 1076,1080 **** def endpointAddresses(self): '''Return the IP address and the RTP data port(s) that will be used by this session''' ports = [str(stream.rtpStream.addr[1]) for stream in self.mediaStreams] ! return " ".join([proxyIP] + ports)
--- 1077,1083 ---- def endpointAddresses(self): '''Return the IP address and the RTP data port(s) that will be used by this session''' ports = [str(stream.rtpStream.addr[1]) for stream in self.mediaStreams] ! return " ".join([virtualIP] + ports) ! !
Alan wrote:
Hi List,
I wonder if you could share your experience with me of running SER behind NAT. Are there any known problems with doing it this way? - Server side NAT and have SER fix NAT'ed clients and (Media)Proxying them where needed.
My specific setup is as follows:- SER(0.9.13) with a static private IP Firewall performing static on-to-one NAT
Users will be on public IP's/(behind NAT)
Does this cause any problems with the SIP/SDP packets?
Also it is the intention to run Asterisk in the same way to provide voicemail, will this setup produce any foreseeable problems?
Many Thanks,
Alan
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
-
Alan -
Greger V. Teigre