最後更新: 2015-01-21
介紹
Most conventional voip protocols (SIP, h323, …) are not programmed with NAT in mind
Call signaling(call setup, teardown) ... WORK
Voice ... Not
=> you can pick up and hangup the call, but no audio in one or both directions.
Voice packet exchange occur over two separate sessions (SIP, RTP)
The actual voice packets travel between the two phones directly, without the aid of a VoIP or SIP intermediary device.
目錄
- Router Port Forward
- RTP Port
- SIP Settings
- Keep A Live
Router Port Forward
Internet -- Router --- PBX
- UDP: 5060 <-- Sip
- UDP: 5061 <-- Sip with TLS
- UDP: 10000-11000 <-- RTP Port
RTP Port
設定檔: rtp.conf
# default 10000 - 20000 rtpstart=10000 rtpend=11000
Other Setting
# UDP package 要 checksum 嗎 ?
rtpchecksums=no
# drop RTP packets that do not come from the source of the RTP stream
# Default: NO !!
strictrtp=no
SIP Settings
Port: 5060/tcp
設定檔: sip.conf
# This is only needed when asterisk is behind a NAT and trying to communicate with devices outside of the
localnet=192.168.88.0/24
# work with NAT’d remote devices
nat=yes
Nat=route
Asterisk will send the audio to the port and ip where its receiving the audio from.
Instead of relying on the addresses in the SIP and SDP messages.
This will only work if the phone behind nat send and receive audio on the same port and if they send and receive the signaling on the same port.
(The signaling port does not have to be the same as the RTP audio port).
NAT=rfc3581
This is the default behaviour, is no nat=… line is found for that user, this is the option used.
Asterisk will add an rport to the via header of the SIP messages, as described in rfc3581 (see http://www.faqs.org/rfcs/rfc3581.html),
this will allow a client to request that the server send the response back to the source IP address and port where the request came from.
The "rport" parameter is analogous to the "received" parameter in the VIA line, except "rport" contains a port number, not the IP address.
NAT=never
This will cause asterisk not to add an rport "rport" in the VIA line of the sip invite header,
as introduced in rfc3581. (see http://www.faqs.org/rfcs/rfc3581.html)
as some sip ua’s seem to have problems with them.
(one of those UAs being the Uniden SIP phone UIP200 – Olle E. Johanson.)
# 如果 Server 在 NAT 後, 那一定要
strictrtp=no
Public IP
; put in outbound SIP messages if we're behind a NAT externhost=X.X.X.X ;externhost=foo.dyndns.net ;externrefresh=10
Keep A Live
設定檔: sip.conf
# Asterisk will send a SIP OPTIONS command regularly to check that the device is still online.
# If the device does not answer within the configured (or default: 2s) period (in ms) Asterisk considers the device off-line for future calls.
qualify=yes
# tells Asterisk to send a kind of ping message to the remote device (Default: 60)
# If the packet is not responded within 1 second, asterisk will keep trying until 7 packets have failed.
# Unit: second qualifyfreq=10
Doc