Can you offer any suggestions / tips / reminders on how I can do one of these following ideas:
Say a hosted PBX (SangomaOS) is working great with SIP 5060/UDP (chan_SIP). All phones register (and have 2-way audio).
But:
Ref: Some clients face SIP ALG on their side (and/or) they cannot use port 5060/UDP on their side … (SIP mangling).
Is there a way (using either iptables or SangomaOS UI) … to do this: I have not done this in a rather long time, and I forgot how to do it.
Have a 2nd port for chan_SIP 5060/UDP (bind to 2 ports)
so that we have either / both ports 5060/UDP and/or 8060/UDP working for chan_SIP.
OR:
Mable: have an iptables entry for IF traffic for port 8060/UDP arrives “forward” this (internally) to port 5060/UDP …
If we could do the above: we would have no need to bind to a 2nd port, or change anything on the hosted PBX for port 5060/UDP because iptables is doing simple port forwarding.
I don’t think such a thing would work with chan_sip, but it’s past time to have migrated to pjsip anyway. If using pjsip, there is this post which may get you what you need
Generally when confronted with disagreeable routers, your time is better spent changing to TLS signaling.
I’m having difficulty understanding the scenario, but you should:
be using chan_pjsip;
not be using port 5060 (as it is well known to toll fraudsters).
I don’t understand why the port, for Asterisk, as seen by the remote user agents should be translated. I can envisage that the ports seen by Asterisk might be translated, but there is no requirement that the same remote port by used for each peer. It is only the local port that is constrained to be the same for everyone, and then only on chan_sip.