I have the following setup: an AWS Application Load Balancer (ALB) forwarding WebRTC connections to FreeSWITCH. The ALB also acts as an SSL terminator. Given that the ALB and FreeSWITCH (EC2) are in the same VPC, FreeSWITCH thinks the request is coming from the internal private network (VPC), and in the SDP response, it sends a private IP. I tried to fix it with the following line of code in the SIP profile without any luck:
<param name="apply-nat-acl" value="rfc1918"/>
I assume the above configuration tells that all RFC1918 addresses are from NAT, so it should advertise the external IP in the SDP.
The confusing thing is that sometimes FreeSWITCH advertises the external IP as the SDP address. It's very random.
I also tried to assign external ip address to rtp-ip, it didn't work given that in EC2 external ip are not assigned to machine and hence Freeswitch couldn't bind to external ip.
Late to the party but here's what I do:
ext-sip-ip and ext-rtp-ip I prepend autonat:, so it ends up being something like: <param name="ext-sip-ip" value="autonat:$${external_sip_ip}"/>
<param name="ext-rtp-ip" value="autonat:$${external_rtp_ip}"/>
<param name="apply-nat-acl" value="deny"/>
<param name="apply-inbound-acl" value="deny"/>
<param name="local-network-acl" value="deny"/>
deny acl is one I created in autoload_configs/acl.xml: <list name="deny" default="deny"></list>
After all those changes either reload the acl and mod_sofia or just restart FreeSWITCH.
In my specific scenario I was originating a call from the same box I was running FreeSWITCH on, my guess is that loopback and/or LAN were getting caught in the ACL and by denying everything FreeSWITCH doesn't have another option than thinking it has to use the external IPs.
hope this helps!