Notices

Longtime linux user but new to maemo, recetly got my dream phone aka n900.
Background of what I am trying to do:
1. Home wireless network A
2. Work wireless network W
3. TMO 3G network - G
4. Home asterisk server : *

What I have already working:
1. my n900 successfully connects to my * server when I am at home and I can make and recv calls successfully.
2. I can connect to my work wifi and then ssh into my ssh server at home (different than * server).
3. I can ssh INTO n900 over my work/home LAN.

What I want to do:
1. When at home, no ssh tunnels, just connect over wifi and act as a * extension (I have this working).
2. When at work, I want to setup a ssh tunnel for port 5060 to register to my asterisk server at home but all my port 80 traffic continues to use network W, just SIP registration goes through this tunnel. The reason I want to do this is because network W block ALL OUTGOING traffic besides some well known ports (80,143, 443 etc).
3. When on 3G, I want to setup a tunnel home for port 5060 and register to my * server, rest of the traffic goes through 3G because * is not visible from outside my network.

Questions:
1. So I have the tunnel from port 143 from work going to my ssh server which tells n900 to map all 5060 traffic to remote 5060. But I cant get my phone to register, its like either the mapping is not correct, or I need some more ports besides 5060. So how to I tell n900 to send all 5060 traffic through the tunnel?
ssh -vvvvNL 5060:asteriskLANIP:5060 root@myip.com -p 143
2. What about RTP traffic? So even if I register, will I still not be able to make and recv calls or will I have send a range to UDP ports through the tunnel too ? I have "canreinvite" option set on my * server, so I hope n900 and ITSP to talk "directly" once the call is setup, is that a correct assumption?
2. I dont want to do VPN because I dont want to load my home network with my web traffic when I know my work network is NATted, so I am safe. But if #2 is a problem, then I might have to do VPN, but that would really suck!

What you want to do will be very difficult over an SSH tunnel. SIP and RTP are, typically, UDP traffic, and doesn't seamlessly translate over a TCP (SSH, in this case) protocol. VPN's take care of that process for you, and with little hassle. With a touch of work, you could set up a routed (TUN-based) OpenVPN network, and be able to better control what you send over it and what you don't. Alternatively, you could potentially (though I haven't remotely attempted this) set up Asterisk on your n900, establish an IAX2 connection between the two servers, and route calls across IAX2. The n900's Asterisk could then have SIP accounts accessible on it, that your phone would use to "connect" to.