Jump to content
2600Hz Community

KAZOO server behind NAT


80tech
 Share

Recommended Posts

Hi everyone!

I have set a KAZOO server behind NAT. The problem is that Kamailio fills the private IP address in SIP messages.
By modifying some parameters of Kamailio, SIP signaling transmission works well, but RTP forwarding still has problems.
Does anyone know how to configure SDP to use a public IP address?

Any guidance would be appreciated.

Tommy

Link to comment
Share on other sites

Hey Tommy,

I would highly suggest you look at this post for help getting Kazoo working behind a NAT.  This discusses using Azure and AWS, all of which use NAT'ng.  Should get you all squared away... 

 

And to directly add some guidance to your question there, if your signaling is working correctly then you've most likely got Kamailio setup correctly (still double check with link above).  Freeswitch is what handles your media in the Kazoo setup and it needs to be told as well that it's behind a NAT.  

Link to comment
Share on other sites

Hi all,

Thanks for all the answers, much appreciated. It finally worked by referring to Meat's detailed information.
 
Here is my configuration.


On Freeswitch  

vi /etc/kazoo/freeswitch/sip_profiles/sipinterface_1.xml

<param name="ext-rtp-ip" value="x.x.x.x"/>     ##x.x.x.x is the external IP address you have assigned to this instance

<param name="local-network-acl" value="NOPE"/>  ##this is the setting I hadn't configured before, so the RTP routing had problems.

systemctl restart kazoo-freeswitch

 


On Kamailio

vi /etc/kazoo/kamailio/local.cfg  

listen=udp:a.a.a.a:5060 advertise x.x.x.x:5060     ##a.a.a.a is your private IP address    x.x.x.x is the external IP address

systemctl restart kazoo-kamailio


 

Thanks
Tommy

 
  • Like 1
Link to comment
Share on other sites

  • 2 months later...

Hi,

I have Kazoo set up in aws providing the public IP address for NAT and kamailio bound to the private IP - as per https://forums.2600hz.com/forums/topic/11827-kazoo-in-azure-is-it-supporteddoes-it-work/?tab=comments#comment-61838

The issue I am having is that for any SIP Request (e.g INVITE).... KAMAILIO is inserting a record route of the public IP, regardless of whether the message is routing to a freeswitch box within AWS (bound on private IP) or externally to a sip device.

Is there anyway to set up Kamailio to NOT advertise the public IP (in RR header) if connecting to a freeswitch box bound on a private IP and ONLY advertise a public IP (in RR) if routing outside of the private IP subnet.

Many Thanks,
Rhys

Link to comment
Share on other sites

A connection issue - The problem I have is that freeswitch is generating a bye in a play scenario but the bye can't be routed to kamailio because freeswitch cannot reach the public IP (honouring record-route using a route header to direct bye).

Edited by Rhys (see edit history)
Link to comment
Share on other sites

23 hours ago, naveed6865 said:

you can enable double record route in kamailio, so kamailio will put both public and private ips, but actual communication will be on private ips between freeswitch and kamailio, 

Hi Naveed,

When enabling dourble record routing (setting 'modparam("rr", "enable_double_rr", 2)') in kamailio config.... kamalio will insert the advertised sip address in both headers - which in my case is the AWS Elastic IP/NAT IP.

Is it possible to tell kamailio to advertise both the Public/NAT IP and Private IP in the two RR headers? 

Cheers

Link to comment
Share on other sites

is your NAT ip of kamailio and private ip are different in your kamailio? Normally, in AWS, kamailio has one private IP and advertised ip will be the elastic public ip of aws node. So when double RR enabled in the kamailio, it will put both private and public ips in the record route,  you have  use Alias of both private ip and public ip then it will insert both.

Link to comment
Share on other sites

@naveed6865 Yeh I have set up an elastic IP for Kamailio and Kamailio is bound to private IP but advertising the elastic IP ie:

listen=udp:a.a.a.a:5060 advertise x.x.x.x:5060     ##a.a.a.a is your private IP address    x.x.x.x is the external IP address

I then configure the modparam to enable the double RR setting, but at this point I get two RR both containing the elastic IP.  

For aliasing are you suggesting I set up a vip of the elastic IP on an alias interface ie eth0:0?? OR Alias in kamailio config ie alias=xxx.xxx.xxx.xxx??

Its worth noting I only have a single nic.

 

Edited by Rhys (see edit history)
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...