multi-nat problem

Discussion in 'General' started by Roshdy, May 22, 2009.

  1. Roshdy

    Joined:
    Apr 12, 2009
    Messages:
    23
    Likes Received:
    0
    I have my elastix server using a real IP (running behind multi-nat)
    I have some remote extensions run behind another multi-nat (there are some devices with real IP in the same lan)
    the remote extensions can call but can not be called.
    If the solution is the stun please tell me where can find in details the settings and installation of the stun servers
     
  2. telecomtechnician

    Joined:
    Jan 8, 2008
    Messages:
    422
    Likes Received:
    0
    Hi there, can you explain what is multinat?, when you say real IP, you mean is a static ip? As I know, all the IP addresses are real, the difference is if the IP address belongs to a private nerwork, or if it is in the public internet or if the IP address is assigned from a VPN, but still they are real IP address.

    Based on your answers, maybe I can help you.

    Waiting for your comments

    David Medina
     
  3. Roshdy

    Joined:
    Apr 12, 2009
    Messages:
    23
    Likes Received:
    0
    I mean by

    real IP : public internet IP
    virtual IP : local network IP
    multi-nat : a site has some real IPs, consequently the router routes between the internet and two subnets(192.168.1.x and the real IPs subnet)

    I have the server in real (internet public IP), the remote extensions are in another site and have virtual IPs behind multi-nat.
    so, if the remote extension tries to call it reaches the server because the server has real IP, but when the server try to forward call to the remote extension, it can not locate it because it is in local IP in another network.

    I need a solution to this problem
     
  4. telecomtechnician

    Joined:
    Jan 8, 2008
    Messages:
    422
    Likes Received:
    0
    Hi there, everything understood.

    1) If your sip extensions are inside a LAN, you have to verify that the LAN has open (forwarded to the local IP) the following ports 5060 TCP, 4000 to 31000 in UDP.
    2) Another way is to create a noip free domain and link the local IP of the sip extension to that noip free domain. In both cases you have to forward ports in the router of the LAN.
    3)Another way to do it, is to have remote IAX2 extensions and only open the port 4569 or 5034 TCP/UDP in the LAN. You have to forward ports in your router.

    If this is the first time you are doing this, let me tell you !ENJOY THE LEARNING, because is NOT STRAIGHT FORWARD THE FIRST TIME!


    Waiting for your comments

    David Medina
     
  5. Roshdy

    Joined:
    Apr 12, 2009
    Messages:
    23
    Likes Received:
    0
    please explain in details, it will be great help

    please tell me if I can (using port forwarding) have more than 1 remote extension in the same lan

    thanks in advance
     
  6. telecomtechnician

    Joined:
    Jan 8, 2008
    Messages:
    422
    Likes Received:
    0
    As I see it:

    Elastix server in public internet?
    Sip extensions inside a LAN which is connected to a router and then to the public internet?

    If this is correct, then you should do the following:

    1)In the router or in the firewall administration, please verify that you can access to the elastix server, remember that you can block outgoing and incoming traffic. Take your time with this issue. Do not overlook these issue, please be patient and see the details.

    2) In the elastix server, verify that the extensions are correctly configured and that it is up and running.

    3) Try registering a sip extension from another place (your home, a friends home, or another office that does not have any special LAN security) and verify that you can register the extension.

    Waiting for your comments

    David Medina
     
  7. Roshdy

    Joined:
    Apr 12, 2009
    Messages:
    23
    Likes Received:
    0
    in the same lan all extensions work properly even it has private addresses

    from another lan (our neighbor internet cafe and home configured without nat (routed ppp)) it works properly but sometimes (most of time) can not be called.

    from another lan (home configured with multi-nat), works properly only if IP configured with public IP, otherwise it can not be called anyway
     
  8. donhwyo

    Joined:
    Aug 8, 2008
    Messages:
    293
    Likes Received:
    0
    One solution may be to set up a vpn connection. There are a few fairly simple ones out there. It kind of depends on how many locations and if you want roaming users or are they all static locations. Also if you want the roaming users on soft phones or real hardware. I use Untangle.com to connect to my office and home office. It is not perfect but works with a little tweaking. I use a soft phone to connect on my laptop. I suppose you could set up internet sharing on the laptop and connect a hard phone if that was a requirement. It has many features and uses openvpn for its vpn and is free.

    Other vpn options would include himachi, openvpn or actual hardware based solutions. A linksys with hacked firmware could support small networks nicely.

    Other benefits are sharing servers and files etc.

    Don
     

Share This Page