[SR-Users] set_advertised_address
Sergiu Pojoga
pojogas at gmail.com
Tue Dec 4 23:42:22 CET 2018
Sure, eliminate NAT altogether? Haha
Don't see how else.
On Tue, Dec 4, 2018, 5:34 PM Kjeld Flarup <kjeld.flarup at liberalismen.dk
wrote:
> Hello
>
> I have a PBX behind NAT.
> Thus I advertise the public IP, and forwards the port to my PBX.
>
> listen=LOCALIP:5070 advertise EXTERNALIP:5070
>
> Now clients can connect to the PBX from the Internet. And also inside
> the LAN, because I have enabled NAT loopback.
>
> However some customers sysadmins complains that NAT loopback is a
> security risk. I have not been able to find any exploits of this, but
> the sales and support people asks if it is possible to remove this NAT
> loopback requirement.
>
> I could look at $rd and if it is local, then I could advertise LOCALIP.
> I found set_advertised_address("LOCALIP");
>
> set_advertised_address however only seems to modify the latest Via
> header, not the Record-route, and audio neither works.
>
> Could I do something to make this work, or is it a dead end?
>
>
> --
> -------------------- Med Liberalistiske Hilsner ----------------------
> Civilingeniør, Kjeld Flarup - Mit sind er mere åbent end min tegnebog
> Sofienlundvej 6B, 7560 Hjerm, Tlf: 40 29 41 49
> Den ikke akademiske hjemmeside for liberalismen - www.liberalismen.dk
>
>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20181204/9b8561e9/attachment.html>
More information about the sr-users
mailing list