Problems with Audio

Hello

Asterisk - 1.8.6.0
Freepbx - 2.9.0.7

I have am extension connected to the PBX through 2 Routers, each both performing NAT

Calling the externsion in both directions works OK, however Audio does not working in either direction

Port Forwarding is setup for both SIP and RDP UDP/5060, UDP/10001-20000

In my quest to find a solution, I came across the suggsetion to change the Extension NAT setting from YES (current setting) to NAT = 1

Inorder to change this i assume the file sip_custom_post.conf should be modified, and a couple of lines should be added the 1st to remove the existing setting, the 2nd to add the new setting ie…

660
NAT = Yes

660
NAT = 1

Is this the correct method ? or is only the (+) line required, ie overwriting the previous setting

Does anyone else have any sugsestions on resolving a my double natting problem ?

Thank you
Stephen

You need to fully explain your “2 router” setup. Chances are you have a fundamental design flaw in your network.

NAT=1 is not a valid setting.

Below is the documentation on Asterisk and NAT, Please not lines 721 and 722, it does not mention trying random settings you found on a post somewhere.


;----------------------------------------- NAT SUPPORT ------------------------
 
720 ;
 
721 ; WARNING: SIP operation behind a NAT is tricky and you really need
 
722 ; to read and understand well the following section.
 
723 ;
 
724 ; When Asterisk is behind a NAT device, the "local" address (and port) that
 
725 ; a socket is bound to has different values when seen from the inside or
 
726 ; from the outside of the NATted network. Unfortunately this address must
 
727 ; be communicated to the outside (e.g. in SIP and SDP messages), and in
 
728 ; order to determine the correct value Asterisk needs to know:
 
729 ;
 
730 ; + whether it is talking to someone "inside" or "outside" of the NATted network.
 
731 ;   This is configured by assigning the "localnet" parameter with a list
 
732 ;   of network addresses that are considered "inside" of the NATted network.
 
733 ;   IF LOCALNET IS NOT SET, THE EXTERNAL ADDRESS WILL NOT BE SET CORRECTLY.
 
734 ;   Multiple entries are allowed, e.g. a reasonable set is the following:
 
735 ;
 
736 ;      localnet=192.168.0.0/255.255.0.0 ; RFC 1918 addresses
 
737 ;      localnet=10.0.0.0/255.0.0.0      ; Also RFC1918
 
738 ;      localnet=172.16.0.0/12           ; Another RFC1918 with CIDR notation
 
739 ;      localnet=169.254.0.0/255.255.0.0 ; Zero conf local network
 
740 ;
 
741 ; + the "externally visible" address and port number to be used when talking
 
742 ;   to a host outside the NAT. This information is derived by one of the
 
743 ;   following (mutually exclusive) config file parameters:
 
744 ;
 
745 ;   a. "externaddr = hostname[:port]" specifies a static address[:port] to
 
746 ;      be used in SIP and SDP messages.
 
747 ;      The hostname is looked up only once, when [re]loading sip.conf .
 
748 ;      If a port number is not present, use the port specified in the "udpbindaddr"
 
749 ;      (which is not guaranteed to work correctly, because a NAT box might remap the
 
750 ;      port number as well as the address).
 
751 ;      This approach can be useful if you have a NAT device where you can
 
752 ;      configure the mapping statically. Examples:
 
753 ;
 
754 ;        externaddr = 12.34.56.78          ; use this address.
 
755 ;        externaddr = 12.34.56.78:9900     ; use this address and port.
 
756 ;        externaddr = mynat.my.org:12600   ; Public address of my nat box.
 
757 ;        externtcpport = 9900   ; The externally mapped tcp port, when Asterisk is behind a static NAT or PAT. 
 
758 ;                               ; externtcpport will default to the externaddr or externhost port if either one is set. 
 
759 ;        externtlsport = 12600  ; The externally mapped tls port, when Asterisk is behind a static NAT or PAT.
 
760 ;                               ; externtlsport port will default to the RFC designated port of 5061.	
 
761 ;
 
762 ;   b. "externhost = hostname[:port]" is similar to "externaddr" except
 
763 ;      that the hostname is looked up every "externrefresh" seconds
 
764 ;      (default 10s). This can be useful when your NAT device lets you choose
 
765 ;      the port mapping, but the IP address is dynamic.
 
766 ;      Beware, you might suffer from service disruption when the name server
 
767 ;      resolution fails. Examples:
 
768 ;
 
769 ;        externhost=foo.dyndns.net       ; refreshed periodically
 
770 ;        externrefresh=180               ; change the refresh interval
 
771 ;
 
772 ;   Note that at the moment all these mechanism work only for the SIP socket.
 
773 ;   The IP address discovered with externaddr/externhost is reused for
 
774 ;   media sessions as well, but the port numbers are not remapped so you
 
775 ;   may still experience problems.
 
776 ;
 
777 ; NOTE 1: in some cases, NAT boxes will use different port numbers in
 
778 ; the internal<->external mapping. In these cases, the "externaddr" and
 
779 ; "externhost" might not help you configure addresses properly.
 
780 ;
 
781 ; NOTE 2: when using "externaddr" or "externhost", the address part is
 
782 ; also used as the external address for media sessions. Thus, the port
 
783 ; information in the SDP may be wrong!
 
784 ;
 
785 ; In addition to the above, Asterisk has an additional "nat" parameter to
 
786 ; address NAT-related issues in incoming SIP or media sessions.
 
787 ; In particular, depending on the 'nat= ' settings described below, Asterisk
 
788 ; may override the address/port information specified in the SIP/SDP messages,
 
789 ; and use the information (sender address) supplied by the network stack instead.
 
790 ; However, this is only useful if the external traffic can reach us.
 
791 ; The following settings are allowed (both globally and in individual sections):
 
792 ;
 
793 ;        nat = no                ; Default. Use rport if the remote side says to use it.
 
794 ;        nat = force_rport       ; Force rport to always be on.
 
795 ;        nat = yes               ; Force rport to always be on and perform comedia RTP handling.
 
796 ;        nat = comedia           ; Use rport if the remote side says to use it and perform comedia RTP handling.
 
797 ;
 
798 ; 'comedia RTP handling' refers to the technique of sending RTP to the port that the
 
799 ; the other endpoint's RTP arrived from, and means 'connection-oriented media'. This is
 
800 ; only partially related to RFC 4145 which was referred to as COMEDIA while it was in
 
801 ; draft form. This method is used to accomodate endpoints that may be located behind
 
802 ; NAT devices, and as such the port number they tell Asterisk to send RTP packets to
 
803 ; for their media streams is not actual port number that will be used on the nearer
 
804 ; side of the NAT.
 
805 ;
 
806 ; In addition to these settings, Asterisk *always* uses 'symmetric RTP' mode as defined by
 
807 ; RFC 4961; Asterisk will always send RTP packets from the same port number it expects
 
808 ; to receive them on.
 
809 ;
 
810 ; The IP address used for media (audio, video, and text) in the SDP can also be overridden by using
 
811 ; the media_address configuration option. This is only applicable to the general section and
 
812 ; can not be set per-user or per-peer.
 
813 ;
 
814 ; media_address = 172.16.42.1
 
815 ;
 
816 ; Through the use of the res_stun_monitor module, Asterisk has the ability to detect when the
 
817 ; perceived external network address has changed.  When the stun_monitor is installed and
 
818 ; configured, chan_sip will renew all outbound registrations when the monitor detects any sort
 
819 ; of network change has occurred. By default this option is enabled, but only takes effect once
 
820 ; res_stun_monitor is configured.  If res_stun_monitor is enabled and you wish to not
 
821 ; generate all outbound registrations on a network change, use the option below to disable
 
822 ; this feature.
 
823 ;
 
824 ; subscribe_network_change_event = yes ; on by default
 
825  
826 ;----------------------------------- MEDIA HANDLING --------------------------------
 
827 ; By default, Asterisk tries to re-invite media streams to an optimal path. If there's
 
828 ; no reason for Asterisk to stay in the media path, the media will be redirected.
 
829 ; This does not really work well in the case where Asterisk is outside and the
 
830 ; clients are on the inside of a NAT. In that case, you want to set directmedia=nonat.
 
831 ;
 
832 ;directmedia=yes                ; Asterisk by default tries to redirect the
 
833                                 ; RTP media stream to go directly from
 
834                                 ; the caller to the callee.  Some devices do not
 
835                                 ; support this (especially if one of them is behind a NAT).
 
836                                 ; The default setting is YES. If you have all clients
 
837                                 ; behind a NAT, or for some other reason want Asterisk to
 
838                                 ; stay in the audio path, you may want to turn this off.
 
839  
840                                 ; This setting also affect direct RTP
 
841                                 ; at call setup (a new feature in 1.4 - setting up the
 
842                                 ; call directly between the endpoints instead of sending
 
843                                 ; a re-INVITE).
 
844  
845                                 ; Additionally this option does not disable all reINVITE operations.
 
846                                 ; It only controls Asterisk generating reINVITEs for the specific
 
847                                 ; purpose of setting up a direct media path. If a reINVITE is
 
848                                 ; needed to switch a media stream to inactive (when placed on
 
849                                 ; hold) or to T.38, it will still be done, regardless of this 
 
850                                 ; setting. Note that direct T.38 is not supported.
 
851  
852 ;directmedia=nonat              ; An additional option is to allow media path redirection
 
853                                 ; (reinvite) but only when the peer where the media is being
 
854                                 ; sent is known to not be behind a NAT (as the RTP core can
 
855                                 ; determine it based on the apparent IP address the media
 
856                                 ; arrives from).
 
857  
858 ;directmedia=update             ; Yet a third option... use UPDATE for media path redirection,
 
859                                 ; instead of INVITE. This can be combined with 'nonat', as
 
860                                 ; 'directmedia=update,nonat'. It implies 'yes'.
 
861  
862 ;directrtpsetup=yes             ; Enable the new experimental direct RTP setup. This sets up
 
863                                 ; the call directly with media peer-2-peer without re-invites.
 
864                                 ; Will not work for video and cases where the callee sends
 
865                                 ; RTP payloads and fmtp headers in the 200 OK that does not match the
 
866                                 ; callers INVITE. This will also fail if directmedia is enabled when
 
867                                 ; the device is actually behind NAT.
 
868  
869 ;directmediadeny=0.0.0.0/0      ; Use directmediapermit and directmediadeny to restrict 
 
870 ;directmediapermit=172.16.0.0/16; which peers should be able to pass directmedia to each other
 
871                                 ; (There is no default setting, this is just an example)
 
872                                 ; Use this if some of your phones are on IP addresses that
 
873                                 ; can not reach each other directly. This way you can force 
 
874                                 ; RTP to always flow through asterisk in such cases.
 
875  
876 ;ignoresdpversion=yes           ; By default, Asterisk will honor the session version
 
877                                 ; number in SDP packets and will only modify the SDP
 
878                                 ; session if the version number changes. This option will
 
879                                 ; force asterisk to ignore the SDP session version number
 
880                                 ; and treat all SDP data as new data.  This is required
 
881                                 ; for devices that send us non standard SDP packets
 
882                                 ; (observed with Microsoft OCS). By default this option is
 
883                                 ; off.
 
884  
885 ;sdpsession=Asterisk PBX        ; Allows you to change the SDP session name string, (s=)
 
886                                 ; Like the useragent parameter, the default user agent string
 
887                                 ; also contains the Asterisk version.
 
888 ;sdpowner=root                  ; Allows you to change the username field in the SDP owner string, (o=)
 
889                                 ; This field MUST NOT contain spaces
 
890 ;encryption=no                  ; Whether to offer SRTP encrypted media (and only SRTP encrypted media)
 
891                                 ; on outgoing calls to a peer. Calls will fail with HANGUPCAUSE=58 if
 
892                                 ; the peer does not support SRTP. Defaults to no.
 
893