Scenario:
private IP address range : Internet
10.0.0.x : (public IP address range)
:
: foo.bar.org
+-------------+ +--------------+
! !.10 .1 ! masquerading ! publicIP
! SIP UA !---------------! Firewall !------------>>
! BT-100 ! ! siproxd !
+-------------+ +--------------+
eth0 : ppp0 |
Siproxd is running on the same host as the masquerading
firewall. The SIP phone is a Grandstream BudgeTone-100.
In this example the external SIP registrar used is
sipphone.com.
siproxd.conf:
if_inbound = eth0
if_outbound = ppp0
hosts_allow_reg = 10.0.0.0/24
sip_listen_port = 5060
daemonize = 1
silence_log = 1
user = siproxd
registration_file = /var/lib/siproxd_registrations
pid_file = /var/run/siproxd/siproxd.pid
rtp_proxy_enable = 1
rtp_port_low = 7070
rtp_port_high = 7089
rtp_timeout = 300
default_expires = 600
debug_level = 0
debug_port = 0 |
Firewall configuration (iptables):
# allow incoming SIP and RTP traffic
iptables -A INPUT -m udp -p udp -i ppp0 --dport 5060 -j ACCEPT
iptables -A INPUT -m udp -p udp -i ppp0 --dport 7070:7089 -j ACCEPT |
Phone configuration (only the relevant items are listed):
IP Address: 10.0.0.10
Subnet Mask: 255.255.255.0
Default Router: 10.0.0.1
DNS Server 1: <DNS Server of your Internet provider>
SIP Server: proxy01.sipphone.com
Outbound Proxy: 10.0.0.1
SIP User ID: 1747669xxxx
Authenticate ID: 1747660xxxx
Authenticate Passwd: *********
Name: Your Name Here
Use DNS SRV: no
User ID is phone #: no
Sip Registration: yes
Unregister on reboot:no
Register expiration: 60
Early Dial: no
local SIP port: 5060
local RTP port: 5004
Use random port: yes
NAT traversal: no
Use NAT IP: <empty>
Subscribe for MWI: No
Send DTMF: via RTP (RFC2833) |