Page 130 - Asterisk™: The Future of Telephony
P. 130
Toronto Osaka
Figure 4-5. SIP trunking topology
Configuring a Local Firewall
If you’re running iptables on the same machine as the Asterisk box, then you can run
the following commands to open port 5060 for SIP signaling, and ports 10,000 through
20,000 for the RTP traffic. You can also narrow the range of RTP ports in the rtp.conf
file located in /etc/asterisk. An excellent book on iptables firewalls is Linux Firewalls by
Steve Suehring and Robert Ziegler (Novell Press):
# iptables -I RH-Firewall-1-INPUT -p udp --dport 5060 -j ACCEPT
# iptables -I RH-Firewall-1-INPUT -p udp --dport 10000:20000 -j ACCEPT
# service iptables save
Be aware that this will allow all UDP traffic from any source access to ports 5060 and
10,000 through 20,000.
Our topology will consist of a SIP phone (Alice) registered to Asterisk A (Toronto), and
a separate SIP phone (Bob) registered to Asterisk B (Osaka). At the end of this section,
you will be able to set up a call from Alice to Bob (and vice versa) through your pair of
Asterisk boxes (see Figure 4-5). This is a common scenario when you have two physical
locations, such as a company with multiple offices that wants a single logical extension
topology.
First, let’s configure our Asterisk boxes.
Configuring Our Asterisk Boxes
We have a pair of Asterisk boxes that we’re going to call Toronto and Osaka and that
we’re going to have register to each other. We’re going to use the most basic sip.conf
file that will work in this scenario. Just like the SIP phone configuration earlier in this
chapter, it’s not necessarily the best way to do it, but it’ll work.
Here is the configuration for the Toronto box:
[general]
register => toronto:welcome@192.168.1.101/osaka
[osaka]
102 | Chapter 4: Initial Configuration of Asterisk
