Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
Y
Y
yarleshiy2017-03-29 11:07:24
Asterisk
yarleshiy, 2017-03-29 11:07:24

How to forward ports in an Asterisk tunnel?

Task:
There is a server with Asterisk with a gray IP address in the office, SIP-phones are connected to it. An analog gateway is also connected to it.
Everything works, inside the office everyone calls each other. also make calls to the outside world via an analog line.
It is necessary that softphones, sipphones and other backgrounds from the outside connect to this server.
We rented a VDS server with a white IP, rolled out OPENVPN on it. An office Asterisk was connected to it. There is a connection between them, both ping.
specified the following rules in IPtables on OPENVPN:
iptables -t nat -A PREROUTING -p udp -d 194.xx.yy.zz --dport 5060 -j DNAT --to-destination 10.0.0.2:5060
iptables -A FORWARD -i eth0 -d 10.0.0.2 -p tcp --dport 5060 -j ACCEPT
in IPtables on Asterisk:
iptables -t nat -A PREROUTING -p udp -d 10.0.0.2 --dport 5060 -j DNAT --to-destination 192.168.0.2:5060
in sip.conf
localnet 10.0.0.2
localnet 192.168.0.2
externip 194.xx.yy .zz
d8a6c1536b724bd4a8f5ef88ab18f179.png
Registration from the softphone does not work =(
Please help me, I'm confused about the rules, where and how to specify whom. Or maybe I need to dig in the other direction altogether. I would be grateful for good advice. Good luck everyone!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
Y
yarleshiy, 2017-03-31
@yarleshiy

The connection scheme has changed slightly
From the terminal (optical Huawei Rostelecom), forwarding to the VPN Server has been made;
from VPN server through the tunnel to Asterisk.
VPN server
-A PREROUTING -i eth1 -p udp -m udp --dport 5060 -j DNAT --to-destination 10.0.0.2:5060
-A PREROUTING -i eth1 -p udp -m udp --dport 5061 -j DNAT --to-destination 10.0.0.2:5061
-A PREROUTING -i eth1 -p udp -m udp --dport 10000:20000 -j DNAT --to-destination 10.0.0.2:10000-20000
-A FORWARD -d 10.0. 0.2/32 -i eth1 -p udp -m udp --dport 5060 -j ACCEPT
-A FORWARD -d 10.0.0.2/32 -i eth1 -p udp -m udp --dport 5061 -j ACCEPT
-A FORWARD -d 10.0.0.2/32 -i eth1 -p udp -m udp --dport 10000:20000 -j
ACCEPT
Now authorization passes, even I call. But, clients who are connected locally to the SIP server by dialers do not hear me from the SOFT dialer from the outside.
As I understand it, the voice gets stuck, hence the RTP ports. But where to dig further, I do not know. I tried on clients and turn STUN on and off, on Asterisk turn on and off NAT passage modes, it does not help =(

Report
D
Dmitry Shitskov, 2017-03-29
@Zarom

It is not clear why click on Asterisk?
In addition to SIP ports, RTP ports also need to be forwarded.
externip you have 194.xx.yy.zz It is
better to install Sip-proxy on the VDS, rather than forwarding ports.
And even easier - rent a white IP from a provider

Report
A
Antydrchert, 2017-04-26
@Antydrchert

Hello! You have something moved. I have a similar problem and diagram. Also, calls go through and there is no voice on both sides.

Similar questions
N
Nazariy Lugovoy2020-04-22 17:40:33
How to make Issabell(Asterisk 11) and Vtiger(SalesPlatform)7.1 SPAsteriskConnector-1.4.0 work? 2Reply
B
bad_guy2011-06-19 01:24:22
Diploma in Asterisk? 7Reply
M
MoyMirok2021-06-22 16:56:24
What Asterisk files can be deleted? 1Reply
Y
Yarosh8412015-10-23 23:55:28
IP telephony and use of the old city number? 5Reply
M
MoyMirok2021-06-28 22:02:10
Will the chan_sccp module from asterisk 1.8 work on asterisk 18? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question