[Asterisk-Users] Maximum retries exceeded w/SIP

Brad Waite brad at wcubed.net
Sat Sep 20 20:00:23 MST 2003


Steve,

If that's the case, why is it that I could get the first 6 seconds of the 
demo-abouttotry message?

As it turns out, if I set up a static route for my inside network on Laptop with 
the external interface of the firewall as the gateway, everything works fine. 
Of course, I had to turn off my anti-spoofing rules.

And what's the nat=yes option supposed to do in sip.conf?

Brad


Stephen Varga wrote:

> Unfortunetly this setup does not work, when * sends SDP info in the
> INVITE process on how to establish the audio session *'s real IP address
> is in the packet and the outside phone tries to connect to this IP
> address, which of course is unreachable because of the firewall. For
> this to work you need to move * to the firewall and the firewall's ip
> address in the SIP.CONF file.
> 
> HTH,
> Steve
> 
> On Sat, 2003-09-20 at 12:07, Brad Waite wrote:
> 
>>First of all, I'd like to send a big "thank you" to all the folks who have 
>>helped me get this far.
>>
>>Now on to the next problem.  Here's my current network setup:
>>
>>
>>The Big I ---+--- FreeBSD FW --- * (10.0.0.253) ---- PC (10.0.0.1)
>>              |
>>              +--- Laptop (public IP)
>>
>>natd is set up with the following rules:
>>
>>redirect_port udp 10.0.0.253:10000-20000 10000-20000
>>redirect_port udp 10.0.0.253:5060 5060
>>
>>* is set up with the demo/sandbox config.
>>
>>I'm using XLite as my SIP client and have configured it on PC to work with *. 
>>I'm able to do everything I've tried so far.  I should, though - I'm on the inside.
>>
>>However, when trying to make a call from the outside (via Laptop), something's 
>>breaking.  I've set up the SIP proxy in XLite to be the external interface on 
>>the firewall, and am able to log into the proxy without difficulty.  And while I 
>>can begin conversations, I can't keep them going for long.
>>
>>For instance, when trying to call 500 at 10.0.0.253 (or 500 at FWpublicIP), I get most 
>>of the "demo-abouttotry" message - "I am about to attempt an IAX connection to a 
>>demonstration server located at Di" - at which point it gets cut off.  The 
>>console spits out the following error:
>>
>>File chan_sip.c, Line 443 (retrans_pkt): Maximum retries exceeded on call 
>>FB9CEC48-7CE1-4171-895B-2DF048ED5D1F at 12.252.156.250 for seqno 12384 (Response)
>>
>>
>>Any ideas what could be going on?  My first guess is the firewall, but I can't 
>>figure out why some of the packets would get through while others apparently are 
>>not.  I'm at a loss.
>>
>>Brad Waite
>>aka HankPoacher
>>
>>_______________________________________________
>>Asterisk-Users mailing list
>>Asterisk-Users at lists.digium.com
>>http://lists.digium.com/mailman/listinfo/asterisk-users
>>
> 
> 
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> 




More information about the asterisk-users mailing list