Scenario:
private IP address range : Internet
10.0.0.x : (public IP address range)
:
: foo.bar.org
+-------------+ +--------------+
! !.10 .1 ! masquerading ! publicIP
! SIP UA !---------------! Firewall !------------>>
! BT-100 ! ! siproxd !
+-------------+ +--------------+
eth0 : ppp0Siproxd is running on the same host as the masquerading firewall. The SIP phone is a Grandstream BudgeTone-100. In this example the external SIP registrar used is sipphone.com.
siproxd.conf:
if_inbound = eth0 if_outbound = ppp0 hosts_allow_reg = 10.0.0.0/24 sip_listen_port = 5060 daemonize = 1 silence_log = 1 user = siproxd registration_file = /var/lib/siproxd_registrations pid_file = /var/run/siproxd/siproxd.pid rtp_proxy_enable = 1 rtp_port_low = 7070 rtp_port_high = 7089 rtp_timeout = 300 default_expires = 600 debug_level = 0 debug_port = 0
Firewall configuration (iptables):
# allow incoming SIP and RTP traffic iptables -A INPUT -m udp -p udp -i ppp0 --dport 5060 -j ACCEPT iptables -A INPUT -m udp -p udp -i ppp0 --dport 7070:7089 -j ACCEPT
Phone configuration (only the relevant items are listed):
IP Address: 10.0.0.10 Subnet Mask: 255.255.255.0 Default Router: 10.0.0.1 DNS Server 1: <DNS Server of your Internet provider> SIP Server: proxy01.sipphone.com Outbound Proxy: 10.0.0.1 SIP User ID: 1747669xxxx Authenticate ID: 1747660xxxx Authenticate Passwd: ********* Name: Your Name Here Use DNS SRV: no User ID is phone #: no Sip Registration: yes Unregister on reboot:no Register expiration: 60 Early Dial: no local SIP port: 5060 local RTP port: 5004 Use random port: yes NAT traversal: no Use NAT IP: <empty> Subscribe for MWI: No Send DTMF: via RTP (RFC2833)