VoIP Mailing List Archives
Mailing list archives for the VoIP community |
|
| View previous topic :: View next topic |
| Author |
Message |
wuerhui at gmail.com
Guest
|
 Posted: Sat Apr 05, 2014 12:39 pm Post subject: [asterisk-users] Asterisk and SRTP |
 |
|
Hi experts,
I am trying Asterisk SRTP in my environment, and find that when Asterisk is behind a NAT, the audi/video UDP ports opened for SRTP relay by Asterisk are local ports on the Asterisk server, media from the two clients out of the NAT (for example from Internet) can not reach the ports, and thus the two client can not establish the secure call via Asterisk. I have set up a STUN server and configured in rtp.conf, but seems Asterisk does not do STUN before it opens ports for SRTP. BTW, Non-SRTP call can work though.
Anyone can give advice on how to make SRTP work in such an env?
Thanks a lot in advance!
William Wu |
|
| Back to top |
|
 |
patrick at laimbock.com
Guest
|
| Posted: Sat Apr 05, 2014 4:38 pm Post subject: [asterisk-users] Asterisk and SRTP |
|
|
On 04/05/2014 07:56 PM, William Wu wrote:
| Quote: | Hi experts,
I am trying Asterisk SRTP in my environment, and find that when
Asterisk is behind a NAT, the audi/video UDP ports opened for SRTP relay
by Asterisk are local ports on the Asterisk server, media from the two
clients out of the NAT (for example from Internet) can not reach the
ports, and thus the two client can not establish the secure call via
Asterisk. I have set up a STUN server and configured in rtp.conf, but
seems Asterisk does not do STUN before it opens ports for SRTP. BTW,
Non-SRTP call can work though.
Anyone can give advice on how to make SRTP work in such an env?
|
I have no problems with a TLS/SRTP call between a GSM with CSipSimple
and Asterisk 11.8.1 behind NAT. Have you configured the NAT options in
sip.conf?
externip=...
localnet=...
nat=...
You may also need to add/change the options below. Check the sip.conf
example file to see what these options do and use what's best for your
situation.
canreinvite=no
directmedia=no
directrtpsetup=no
HTH,
Patrick
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users |
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
Search
