Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 9 Mar 2019 16:49:22 -0500
From:      David Mehler <dave.mehler@gmail.com>
To:        freebsd-questions <freebsd-questions@freebsd.org>
Subject:   FreeBSD, Asterisk 16, pf, and pjsip, nat
Message-ID:  <CAPORhP4nb_a5gFwpgk5zXKuKN48yOYCv1vjKyuZaYMxFZjMXaQ@mail.gmail.com>

next in thread | raw e-mail | index | archive | help
Hello,

I'm running Asterisk 16 via ports on a FreeBSD 11 system. I'm running
pf and believe I have things correct, I'm allowing ports UDP 5060 and
5061, as well as for rtp UDP 10000 to 20000 through. I'm running this
on a vps with an public IP, it is not natted. My local connection to
the internet is behind a natted cable modem. I can connect via soft
phone to the asterisk sip server, says account ready. Everything works
except audio. I believe I'm having a nat issue as the connecting
client is behind a nat and I'm using chan_pjsip so the pjsip.conf
file. Currently here is my account-is-ready though no audio
configuration:

; PJSIP Configuration
[transport-udp]
type=transport
protocol=udp
bind=0.0.0.0

;Templates for the necessary configuration sections
[endpoint_internal](!)
type=endpoint
context=from-internal
disallow=all
allow=gsm
;allow=g729
;allow=ulaw

[auth_userpass](!)
type=auth
auth_type=userpass

[aor_dynamic](!)
type=aor
max_contacts=1

;Definitions for our phones, using the templates above
[demo-test](endpoint_internal)
auth=demo-test
aors=demo-test
[demo-test](auth_userpass)
password=unsecuredpassword ; put a strong, unique password here instead
username=demo-test
;direct_media=no
;rtp_symmetric=yes
;force_rport=yes
;rewrite_contact=yes
[demo-test](aor_dynamic)

if in the phone definition I add/uncomment these lines I get a
registration failed.

; PJSIP Configuration
[transport-udp]
type=transport
protocol=udp
bind=0.0.0.0

;Templates for the necessary configuration sections
[endpoint_internal](!)
type=endpoint
context=from-internal
disallow=all
allow=gsm
;allow=g729
;allow=ulaw

[auth_userpass](!)
type=auth
auth_type=userpass

[aor_dynamic](!)
type=aor
max_contacts=1

;Definitions for our phones, using the templates above
[demo-test](endpoint_internal)
auth=demo-test
aors=demo-test
[demo-test](auth_userpass)
password=unsecuredpassword ; put a strong, unique password here instead
username=demo-test
direct_media=no
rtp_symmetric=yes
force_rport=yes
rewrite_contact=yes
[demo-test](aor_dynamic)


Suggestions welcome.

Thanks.
Dave.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPORhP4nb_a5gFwpgk5zXKuKN48yOYCv1vjKyuZaYMxFZjMXaQ>