[Serusers] serving a domain with two ser proxies on a private network and the internet -- RFC

Morten Kuehl ser at mck.li
Sat Sep 25 15:15:56 UTC 2004


Hi,

I do have two ser servers (0.8.14) and a pstn gateway (*) and a rather
complex setup to build.
One ser server and the pstn gateway are inside a private network that is
shielded from the internet by a cisco pix firewall. This ser server should
act as a sip registrar and outbound proxy for all clients that are inside
the private network and should furthermore handle incoming calls from the
pstn gateway.
The other ser is on the public internet (public ip) and the firewall that
secures the private network allows connection from the internal private
ser server to the external one and vice versa (translating the private ip
from the internal ser to a public one). Clients from the internal network
cannot and must not traverse the firewall.
I want to configure the internal ser in a way that it acts as a sip and a
rtp registrar and outbound proxy (rtp with mediaproxy for video if
possible). All calls from internal clients and the pstn gateway should be
accepted by the internal ser and either be handled on that server directly
(destination also on the internal network) or be forwarded to the external
server to be handled there. As stated above, all sip messages and rtp
streams can only leave the internal network via the internal ser server.
Calls from external clients to internal clients should be accepted from
the external ser server and be forwarded to the internal one with the rtp
streams and sip messages being proxied by the external ser server.
Incoming sip and rtp traffic for internal clients is only allowed from the
external ser to the internal ser by the firewall.
Both sers should serve the same domain as a registrar to allow clients to
be mobile and either connect to the internal ser if on site or to the
external ser if at home or somewhere else. There are two dns servers, one
internal on the private network and one external, the internal one (used
by all internal clients) replies with the private ip of the internal ser
and the external (public dns server) replies with the public ip of the
external ser when asked for sip.xyz.com.
The external ser has already a running version of mediaproxy on it and
both ser servers authenticate their users by a common database on another
server. Finally it would be great if presence would work across the two
servers as well as having accounting on a central database. Running a
common database for both sers on another server would be possible if
required.

Has anybody a similar setup or can provide me with some ideas et c.?

Thanks and have fun
Morten





More information about the Serusers mailing list