Re: [Astlinux-users] RFC: IMPORTANT astfw changes

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Mar 2, 2007, at 3:12 PM, Kristian Kielhofner wrote:

>   In this scenario, the NAT code in the Linux kernel will attempt to
> use port 5060 on the external interface of the AstLinux machine.  It
> does this for three reasons:
>
> 1)  5060 is above 1023
> 2)  It defaults to using the same port that is used on the internal
> side (if possible)
> 3)  It doesn't know that there is something listening on that port  
> locally.

Kristian,

I don't understand your #3.
If you want your asterisk box to 'listen' on 5060, you have to port  
forward 5060 to your asterisk box (192.168.1.10)

using "ipnat" on FreeBSD
rdr sis1 0/0 port 5060 -> 192.168.1.10 port 5060 udp

This would make port 5060 on the WAN interface unavailable, when a  
SIP phone registered out the WAN, correct?

I instincts say your suggested changes are unnecessary,

but then again, I use m0n0wall. <smile>

Lonnie