VitalPBX Connect Client - SDP Header Rewrite

Good Day,

I came across an issue while trying to do a direct SIP call from a mobile phone on a 4G network to a VitalPBX instance that sits behind a NAT. All necessary ports are forwarded as a destination NAT (3500-3501TCP, 5060-5061UDP and 12000-20000UDP). However, in the packet capture, my SDP header is showing the IP address of my client as the private IP address of my mobile phone within my Service Providers 4G network (behind a CGNAT), on a private IP. Therefore, the PBX sends the RTP to the private IP address which of course does not work as it should send it to the public IP that I am behind.
My question is, how do we tell VitalPBX Connect to use the outside address of the client (public) to send the RTP traffic. Is this possible or would it be better using the OpenVPN setup instead which will circumvent this issue. If using straight SIP to connect to the PBX, SDP would almost always be derived by the underlying network that the client is on unless specified otherwise in the client configuration. Not all implementations of SIP require a VPN, but what is usually done in this case? Any guidance would be greatly appreciated, thank you.

Asterisk would only send the local IP if you defined that subnet as a local network.

Hi @PtizKey,

Just to clarify, this is from the Client side not the Server side. So the Invite and SDP is sent from the Connect Client with the private IP on the 4G/LTE network that the phone resides in at the time which seems to be behind a CGNAT. This is causing the RTP to be blackholed as it sends its private IP from the Mobile network in the SDP header. I found this strange as it would be the same for any WiFi network as well, but I have not tested this yet. My local calls off of WiFi works, but the subnet exists on the same router/firewall that carries the Server subnet.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.