FreeBSD, Asterisk 16, pf, and pjsip, nat

David Mehler dave.mehler at gmail.com
Sat Mar 9 21:49:25 UTC 2019 

Hello,

I'm running Asterisk 16 via ports on a FreeBSD 11 system. I'm running
pf and believe I have things correct, I'm allowing ports UDP 5060 and
5061, as well as for rtp UDP 10000 to 20000 through. I'm running this
on a vps with an public IP, it is not natted. My local connection to
the internet is behind a natted cable modem. I can connect via soft
phone to the asterisk sip server, says account ready. Everything works
except audio. I believe I'm having a nat issue as the connecting
client is behind a nat and I'm using chan_pjsip so the pjsip.conf
file. Currently here is my account-is-ready though no audio
configuration:

; PJSIP Configuration
[transport-udp]
type=transport
protocol=udp
bind=0.0.0.0

;Templates for the necessary configuration sections
[endpoint_internal](!)
type=endpoint
context=from-internal
disallow=all
allow=gsm
;allow=g729
;allow=ulaw

[auth_userpass](!)
type=auth
auth_type=userpass

[aor_dynamic](!)
type=aor
max_contacts=1

;Definitions for our phones, using the templates above
[demo-test](endpoint_internal)
auth=demo-test
aors=demo-test
[demo-test](auth_userpass)
password=unsecuredpassword ; put a strong, unique password here instead
username=demo-test
;direct_media=no
;rtp_symmetric=yes
;force_rport=yes
;rewrite_contact=yes
[demo-test](aor_dynamic)

if in the phone definition I add/uncomment these lines I get a
registration failed.

; PJSIP Configuration
[transport-udp]
type=transport
protocol=udp
bind=0.0.0.0

;Templates for the necessary configuration sections
[endpoint_internal](!)
type=endpoint
context=from-internal
disallow=all
allow=gsm
;allow=g729
;allow=ulaw

[auth_userpass](!)
type=auth
auth_type=userpass

[aor_dynamic](!)
type=aor
max_contacts=1

;Definitions for our phones, using the templates above
[demo-test](endpoint_internal)
auth=demo-test
aors=demo-test
[demo-test](auth_userpass)
password=unsecuredpassword ; put a strong, unique password here instead
username=demo-test
direct_media=no
rtp_symmetric=yes
force_rport=yes
rewrite_contact=yes
[demo-test](aor_dynamic)


Suggestions welcome.

Thanks.
Dave.

More information about the freebsd-questions mailing list