Discussion:
[SR-Users] Kamailio behind NAT (Asterisk - Kamailio - RTPEngine - Browser)
(too old to reply)
Marko Seidenglanz
2014-10-23 16:11:57 UTC
Permalink
Hello,

I have a problem with the following configuration.

I want to make calls from Asterisk to a browser using RTPEngine as relay.

Everything works fine, if Kamailio is not natted (See
kamailio_without_nat.log).

If it's address is translated, then 200 OK responses from the browser don't
seem to be received by kamailio.

I have configured Kamailio (4.2) and RTPEngine (3.3) both with
advertisement of the public IP.

Asterisk has public IP: 146.148.113.245
Kamilio has public IP: 104.155.11.255
Browser has public IP: 79.241.195.106

The INVITE after SDP Rewrite looks like this:

INVITE sip:eIh66yyxjlWNvNcuKWskH-***@public.gmane.org SIP/2.0
Record-Route: <sip:104.155.11.255;lr=on;nat=yes>
Via: SIP/2.0/UDP 104.155.11.255:5060
;branch=z9hG4bK683.5e75aa8b7f88561a91033a9b611fc0aa.0
Via: SIP/2.0/UDP 10.240.215.73:5060
;rport=5060;received=146.148.113.245;branch=z9hG4bK5a79a7cf
Max-Forwards: 69
From: "Anonymous" <sip:anonymous-7sGlIlNGn3WhjG8JX1ygEWCgeU+***@public.gmane.org>;tag=as53a7de72
To: <sip:eIh66yyxjlWNvNcuKWskH-***@public.gmane.org>
Contact: <sip:anonymous-***@public.gmane.org:5060;alias=146.148.113.245~5060~1>
Call-ID: 523c5fda707c565c51b78c586247818e-***@public.gmane.org:5060
CSeq: 102 INVITE
User-Agent: Asterisk PBX 12.5.0
Date: Thu, 23 Oct 2014 15:29:17 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO,
PUBLISH, MESSAGE
Supported: replaces, timer
Content-Type: application/sdp
Content-Length: 738
P-hint: outbound

v=0
o=root 985629145 985629145 IN IP4 104.155.11.255
s=Asterisk PBX 12.5.0
c=IN IP4 104.155.11.255
t=0 0
a=ice-lite
m=audio 31630 RTP/SAVPF 3 0 8 101
a=rtpmap:3 GSM/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=ptime:20
a=maxptime:150
a=sendrecv
a=rtcp:31631
a=rtcp-mux
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:H9uLHKvstgjd58cZKa0LeRaxvf5XNJhaHgxDut7L
a=setup:actpass
a=fingerprint:sha-1
D9:26:45:E1:D6:E7:01:A4:04:90:F2:15:AF:A3:AD:01:3C:39:9B:7D
a=ice-ufrag:YoTvWbLM
a=ice-pwd:eifInSr3Oh8ZvMXjlE89mh8kF1OC
a=tDndidate:krhMgLYHbAxWidfK 1 UDP 2130706431 104.155.11.255 31630 typ host
a=candidate:krhMgLYHbAxWidfK 2 UDP 2130706430 104.155.11.255 31631 typ host


The 200 OK like this:

SIP/2.0 200 OK
Via: SIP/2.0/UDP 104.155.11.255:5060
;branch=z9hG4bK683.5e75aa8b7f88561a91033a9b611fc0aa.0;rport=5060;received=104.155.11.255
, SIP/2.0/UDP 10.240.215.73:5060
;rport=5060;received=146.148.113.245;branch=z9hG4bK5a79a7cf
;tag=6QTSN6N2SBW2FW49TMGJQJYZMGHQZ7LCUMQT
;tag=6QTSN6N2SBW2FW49TMGJQJYZMGHQZ7LCUMQT
Call-ID: 523c5fda707c565c51b78c586247818e-***@public.gmane.org:5060
CSeq: 102 INVITE
Content-Type: application/sdp
Content-Length: 938

v=0
o=- 1907956949290984340 2 IN IP4 127.0.0.1
s=-
t=0 0
m=audio 43590 UDP/TLS/RTP/SAVPF 0 8 101
c=IN IP4 79.241.195.106
a=rtcp:1 IN IP4 0.0.0.0
a=candidate:290309024 1 udp 2122260223 192.168.35.78 43590 typ host
generation 0
a=candidate:2416297236 1 udp 1686052607 79.241.195.106 43590 typ srflx
raddr 192.168.35.78 rport 43590 generation 0
a=candidate:1607352144 1 tcp 1518280447 192.168.35.78 0 typ host tcptype
active generation 0
a=candidate:2416297236 1 udp 1686052607 79.241.195.106 43590 typ srflx
raddr 192.168.35.78 rport 43590 generation 0
a=ice-ufrag:ZtbtZieUG9l22iCb
a=ice-pwd:kRkmd0XuFdj+CKXVpInmK3yV
a=fingerprint:sha-256
ED:DB:B8:D5:4D:38:1F:81:DC:94:9F:EB:6D:07:56:75:57:45:F4:F7:57:4D:C6:89:70:CC:13:6D:35:C0:8B:45
a=setup:active
a=mid:audio
a=sendrecv
a=rtcp-mux
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000
a=msid-semantic: WMS mPbtogqqqsv8DygpyOmxrTkjgW9aGzkbP3Vk


Unfortunately Kamailio log does not tell me, that the response get's
processed. (See kamailio_behind_nat.log). I traced with TShark and can see
that the SIP/200 OK arrive at kamailio host.

Any Idea, what might be missing in my routing script?

The attachements can be found here:

https://drive.google.com/folderview?id=0BxwAyaFvy_7fdHVnWXdFa2hEeHM&usp=sharing

I would be very grateful for any help.

Regards,
Marko

Loading...