Use these rules for an Asterisk server that sits behind a standalone iptables firewall and router:
$ipt -t nat -A PREROUTING -p tcp -i $WAN_IFACE --dport 4569 -j \ DNAT --to-destination 192.168.2.25:4569 $ipt -A FORWARD -p tcp -i $WAN_IFACE -o $DMZ_IFACE -d 192.168.2.25 \ --dport 4569 -j ACCEPT
These rules are for an Asterisk server with a public IP address that is directly exposed to the Internet, and is running iptables:
$ipt -A INPUT -p udp --dport 4569 -j ACCEPT $ipt -A FORWARD -o eth0 -p udp --dport 4569 -j ACCEPT
Reload your rules, and you're in business.
These examples follow the conventions in Chapter 3.
IAX is a native Asterisk protocol that is efficient, firewall friendly, and able to carry a number of SIP calls over a single IAX trunk.