From owner-freebsd-questions@FreeBSD.ORG  Sun Dec  3 14:49:23 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id EE56716A412
	for <freebsd-questions@freebsd.org>;
	Sun,  3 Dec 2006 14:49:23 +0000 (UTC)
	(envelope-from kurt-list-freebsd@androme.com)
Received: from fafnir.androme.com (fafnir.androme.com [62.58.96.158])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9A1B343CA3
	for <freebsd-questions@freebsd.org>;
	Sun,  3 Dec 2006 14:48:56 +0000 (GMT)
	(envelope-from kurt-list-freebsd@androme.com)
Received: by fafnir.androme.com (Postfix, from userid 1003)
	id B2EC7B9C27C; Sun,  3 Dec 2006 15:49:21 +0100 (CET)
Message-ID: <4572E3F1.3040904@androme.com>
Date: Sun, 03 Dec 2006 15:49:21 +0100
From: Kurt Dethier <kurt-list-freebsd@androme.com>
User-Agent: Thunderbird 1.5.0.8 (Windows/20061025)
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
References: <BAY104-F21ED0CAD9C2EF5A63780D99AD90@phx.gbl>
In-Reply-To: <BAY104-F21ED0CAD9C2EF5A63780D99AD90@phx.gbl>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Marwan Sultan <dead_line@hotmail.com>
Subject: Re: VoIP behind NAT and FreeBSD
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Dec 2006 14:49:24 -0000

Marwan Sultan wrote:
> First thanks for you all, for the cooperating,
> 
>  My setup is as follow,
> 
>  Router <-> vr0 FreeBSD fxp0 <-> Switch <-> Clients
>  Two NICs attached,
>   vr0 connected to the router (internet interface) has the static 
> 192.168.0.2
>   fxp0 connected to the Switch connected to clients acting as DHCP 
> 192.168.182.1
>   and clients are assigned 192.168.182.* ofcourse..
> 
>   kernel as you know configured for ipfw and NAT
>   chillispot installed, and controlling the fxp0 device thro the DHCP
>   assigning for clients the IPs. however chillispot is not an issue.
> 
>   This is the configuration,
>   I think chillispot using pf rules. once a user will sign in, all 
> blocks will be remmoved.
>   just for the info,

Hi Marwan,
I have never used ipfw before, so I suggest to do a quick check what the
NAT type is. Last time I checked, there was a simple client in the 
vovidia stun implementation. They also run a public server for testing.

If your NAT type is not symmetric NAT, you can use STUN (you will need
2 ip addresses on the internet side of your gateway for STUN to work).

If your NAT type is symmetric NAT, I suggest to look at UPNP. Most 
clients support it.
If UPNP is not an options, I guess proxying the media streams, or 
rewriting the signaling is your only options left.

Kurt