multi-nat problem

Roshdy

Joined
Apr 12, 2009
Messages
23
Likes
0
Points
0
#1
I have my elastix server using a real IP (running behind multi-nat)
I have some remote extensions run behind another multi-nat (there are some devices with real IP in the same lan)
the remote extensions can call but can not be called.
If the solution is the stun please tell me where can find in details the settings and installation of the stun servers
 

telecomtechnician

Joined
Jan 8, 2008
Messages
422
Likes
0
Points
16
#2
Hi there, can you explain what is multinat?, when you say real IP, you mean is a static ip? As I know, all the IP addresses are real, the difference is if the IP address belongs to a private nerwork, or if it is in the public internet or if the IP address is assigned from a VPN, but still they are real IP address.

Based on your answers, maybe I can help you.

Waiting for your comments

David Medina
 

Roshdy

Joined
Apr 12, 2009
Messages
23
Likes
0
Points
0
#3
I mean by

real IP : public internet IP
virtual IP : local network IP
multi-nat : a site has some real IPs, consequently the router routes between the internet and two subnets(192.168.1.x and the real IPs subnet)

I have the server in real (internet public IP), the remote extensions are in another site and have virtual IPs behind multi-nat.
so, if the remote extension tries to call it reaches the server because the server has real IP, but when the server try to forward call to the remote extension, it can not locate it because it is in local IP in another network.

I need a solution to this problem
 

telecomtechnician

Joined
Jan 8, 2008
Messages
422
Likes
0
Points
16
#4
Hi there, everything understood.

1) If your sip extensions are inside a LAN, you have to verify that the LAN has open (forwarded to the local IP) the following ports 5060 TCP, 4000 to 31000 in UDP.
2) Another way is to create a noip free domain and link the local IP of the sip extension to that noip free domain. In both cases you have to forward ports in the router of the LAN.
3)Another way to do it, is to have remote IAX2 extensions and only open the port 4569 or 5034 TCP/UDP in the LAN. You have to forward ports in your router.

If this is the first time you are doing this, let me tell you !ENJOY THE LEARNING, because is NOT STRAIGHT FORWARD THE FIRST TIME!


Waiting for your comments

David Medina
 

Roshdy

Joined
Apr 12, 2009
Messages
23
Likes
0
Points
0
#5
please explain in details, it will be great help

please tell me if I can (using port forwarding) have more than 1 remote extension in the same lan

thanks in advance
 

telecomtechnician

Joined
Jan 8, 2008
Messages
422
Likes
0
Points
16
#6
As I see it:

Elastix server in public internet?
Sip extensions inside a LAN which is connected to a router and then to the public internet?

If this is correct, then you should do the following:

1)In the router or in the firewall administration, please verify that you can access to the elastix server, remember that you can block outgoing and incoming traffic. Take your time with this issue. Do not overlook these issue, please be patient and see the details.

2) In the elastix server, verify that the extensions are correctly configured and that it is up and running.

3) Try registering a sip extension from another place (your home, a friends home, or another office that does not have any special LAN security) and verify that you can register the extension.

Waiting for your comments

David Medina
 

Roshdy

Joined
Apr 12, 2009
Messages
23
Likes
0
Points
0
#7
in the same lan all extensions work properly even it has private addresses

from another lan (our neighbor internet cafe and home configured without nat (routed ppp)) it works properly but sometimes (most of time) can not be called.

from another lan (home configured with multi-nat), works properly only if IP configured with public IP, otherwise it can not be called anyway
 

donhwyo

Joined
Aug 8, 2008
Messages
293
Likes
0
Points
0
#8
One solution may be to set up a vpn connection. There are a few fairly simple ones out there. It kind of depends on how many locations and if you want roaming users or are they all static locations. Also if you want the roaming users on soft phones or real hardware. I use Untangle.com to connect to my office and home office. It is not perfect but works with a little tweaking. I use a soft phone to connect on my laptop. I suppose you could set up internet sharing on the laptop and connect a hard phone if that was a requirement. It has many features and uses openvpn for its vpn and is free.

Other vpn options would include himachi, openvpn or actual hardware based solutions. A linksys with hacked firmware could support small networks nicely.

Other benefits are sharing servers and files etc.

Don
 

Members online

No members online now.

Latest posts

Forum statistics

Threads
30,915
Messages
130,920
Members
17,594
Latest member
knethardsolutions
Top