SIP Trunk --------- (WAN IP) Router ------ VM — 172.19.0.3 Container FreePBX — 192.168.253.4 VM — 192.168.253.16 IP Phone.
The SIP Trunk in this case is not a problem and is handled by external_media_address and external_signaling_address being configured.
The problem is for an example is an outbound call IP-Phone -> PSTN is that when the 200 OK is sent from FreePBX to the IP Phone the Contact header has the Container’s IP (172.19.0.3) and not the Static NAT IP of (192.168.253.4). The SDP was easily corrected using hte media_address parameter but there is not an equivelant for signaling.
Is there a different context to use perhaps? BTW if it makes a difference I am using pjsip.
The same type of issue would manifest itself the same way outside of a container enviornment if having a Remote FEU but over a different public IP than the SIP Trunk, or using floating ips in OpenStack or AWS.
the local_net no longer being 172.19.0.0/16 right?
I tried both and it did not seem to have any influence on the contact header. Would you expect it to? Remember these are “internal endpoints” which are using hte context from-internal. They are not trunks.
The local_net value is how the code determines if it should replace the various places with the configured external address or leave it alone. If the target IP address is within local_net it is left alone, if it is not it is modified.
Ok, that is moving in a positive direction. Thanks.
Oddly a core reload did not apply that config. I had to restart asterisk completely. So from my uploading/posting to you I didn’t change anything. It was only prior to that.
Just to confirm, because I hate working with ALG’s in general but I think I am going to be stuck with that.
I have for simplicity 2 external IPs because this install is in a container.
External to the world (public ip)
External to the local network. (private S-NAT (docker))
Right now ACK messages are going from my handset to the Router WAN interface and then back to hte private network and eventually hitting the container, instead of going directly to private’s network address and being NAT’d to the container.
I hope that makes sense as it can be a bit confusing.
Is there a way to have more than 1 external address. E.g. one assigned to extensions?