[Asterisk-Users] T100P & Integrated (D&V) T1 -> Public IP Range

Fri Apr 30 18:20:15 MST 2004

Hello,

I have a T100P card on a Red Hat 8 machine with Asterisk installed on it and I'm trying to get the data routing properly through it.

I purchased an Integrated Data/Voice T1 Line with channels 1-6 voice and 13-24 data. The line is plugged directly into the Asterisk machine's T100P card.

Previous to the asterisk set up we had an Adtran router that connected everything to what the telco called a "66 block" which worked seemlessly with our analog telephone system. On the adtran router there was a network jack which I just connected directly to our hubs then pointed all of our computers at it's ip address 193.169.0.1 effectively routing our data properly and allowing internet access.

Thanks to a lot of help (thank you Shido/Twisted) we now have the machine running with the T1 line plugged directly into it. The data/internet is all running properly and the driver that pulls the data out of the T1 channels (hdlc) is loaded properly and running. It looks just like an ethernet card to the Operating System.

The IP addresses assigned by my telco/isp to use for the serial (ppp) interface is 67.153.163.202 with a gateway of 67.153.163.201 and a netmask of 255.255.255.252. Thanks to Shido I have a nice firewall script which routes all the network traffic behind the asterisk server out the data channels and to the internet. If I go to www.network-tools.com it shows my ip address as 67.153.163.202.

Going back in time to when I was using the Adtran router I was provided by my isp with the public ip address range of 67.153.163.210-67.153.163.214 with a gateway of 67.153.163.209 and a netmask of 255.255.255.248. With these settings I was supposedly able to use public "real" ip addresss on my own servers so that I could host miscellaneous things on it (mail, http, dns, etc).

What I would like to do is map all or at least one of those ip addresses to an internal server. After doing a lot of reasearch and asking many questions I found out that to do what I need means that in theory no server anywhere will be assigned the ipaddress of 67.153.163.210 but only a simple routing rule will do the trick which is what I was trying to do with the following iptables rules.

iptables -t nat -A PREROUTING -p tcp --dst 67.153.163.210 -j DNAT --to-destination 193.169.0.210
iptables -A FORWARD -d 193.169.0.210 -j ACCEPT

Other information about my server - Firewall script & ifconfig Output:
www.titaniumsoft.net/hdlc.txt

Thank you in advance,
Mitchel

---------------------------------
Do you Yahoo!?
Win a $20,000 Career Makeover at Yahoo! HotJobs 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20040430/3a1e74aa/attachment.htm