If you want people from the outside world to be able to contact you via SIP, there are a few things you need to configure.
The Asterisk configuration file sip.conf defines the parameters for accepting incoming SIP calls. We need to make some changes to this file to correctly process incoming calls. From the Trixbox Admin web page, click Asterisk, Config Edit, then sip.conf on the left hand side. Modify the contents of this file so it reflects what is shown below.
bindport=5060 ; UDP Port to bind to
bindaddr=0.0.0.0 ; (0.0.0.0 binds to all)
;------------- Ryan's Mods --------------
externip=188.8.131.52 ;required behind NAT
localnet=192.168.0.0/255.255.255.0 ;required behind NAT
canreinvite=no ;Required for UM calls to work
srvlookup=yes ;Required for outbound calls
bindport - The UDP Port to bind to. Standard is 5060
bindaddr - The IP address to listen on
disallow - Always specified first to disable all codecs, then we use allow to specify only the ones we want to use
context - The section to send SIP calls to for processing. From-sip-external will process calls provided that Allow Anonymous Inbound SIP Calls is set to Yes. Otherwise, it will just give a busy tone.
tos - Type of Service - used for traffic prioritization if supported on the network
externip - If you are behind a NAT, set this value to your public IP address. If you are not behind a NAT, delete this line.
localnet - If you are behind a NAT, set this value to your local subnet and network mask values. Note you can have multiple localnet= lines
fromdomain - Use if you want asterisk will append a domain (rather than its own hostname) to outgoing calls. Note that for people external to your organization to be able to contact you using this domain, the appropriate DNS SRV records must be configured on your public facing DNS servers.
canreinvite - Must be set to 'no' to enable diversions to Exchange UM to be processed correctly. Setting to 'yes' will result in calls being dropped and Event ID 1150 logged on the UM server by UMCore saying "The Unified Messaging server was unable to create a message for the fax call with ID...".
srvlookup - Must be set to 'yes' to allow Asterisk to make outbound SIP calls external to your organization. See Understanding DNS SRV records and SIP for more details.
Some people suggest using nat=yes in sip.conf if your Asterisk server is behind a NAT. I have found that this is not needed, and tends to break calls/diversions to Exchange when enabled. As long as the externip and localnet settings are present, Asterisk should have no problem processing the call from behind a NAT. If you have individual extensions are behind a NAT, you can set nat=yes in each extension definition in sip_additional.conf. This is required in this scenario, and will not break diversions or calls to Exchange.
A detailed guide on all the options available in sip.conf is available on the voip-info.org wiki.
If your Asterisk server is behind a NAT, you will need to configure port forwarding on your router. You will need to forward the following ports to the Asterisk server.
Service Name: SIP
Service Name: RTP
If you need to change the RTP port range, use the Config Edit web interface to modify the rtp.conf. Read my post on RTP and SIP to understand their relationship and why you need this.
DNS SRV Records
SIP relies heavily on DNS SRV records to be able to route calls through over the internet. To ensure people are able to contact you, configure the following SRV records on your public facing DNS servers.
_sip._udp.mydomain.com. 86400 IN SRV 10 5 5060 asterisk.mydomain.com.
_sip._udp.asterisk.mydomain.com. 86400 IN SRV 10 5 5060 asterisk.mydomain.com.
I have created instructions for configuring these records using Windows Server DNS, as well as a description of how SIP uses SRV records.