[Asterisk-Users] Re: Asterisk-Users Digest, Vol 16, Issue 85

Enrique Leon enrique.leon.acedo at gmail.com
Fri Nov 11 06:02:21 MST 2005


I have installed Asterisk on SuSE 10.0 with an active firewall/NAT filter.
The server has connection to my own Intranet (private IP) and to Internet
Everything works well for clients behind and in front-of the firewall
but they can not communicate with each other. Signalling gets through
but the audio gets blocked by the firewall/NAT.

So, I open-up ports 10.000 -to- 20.000 in the fw so that the udp/rtp packages
cuold get through but it has not been successful.

I am using xlite for clients and have no pot cards installed ( digium
fxo,fxs, etc).

Does anyone knows what else to do?

Has anyone come accross (and solved) this type of problem?

Firewall configuration is as follows:


FW_DEV_EXT="eth-id-00:0d:87:5c:44:e5" #eth1
FW_DEV_INT="eth-id-00:06:4f:0e:ca:99
eth-id-00:40:f4:9f:12:25" #eth0 wlan0
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_DEV="$FW_DEV_EXT"
FW_MASQ_NETS="192.168.100.0/255.255.255.0"
FW_SERVICES_EXT_TCP="53 http https ssh"
FW_SERVICES_EXT_UDP="5060 5061 53"
FW_SERVICES_INT_TCP="21 3128 5056 53 5801 5901 80 8080
epmap http microsoft-ds netbios-ssn smtp ssh"
FW_SERVICES_INT_UDP="5060:5075 53 bootps netbios-dgm
netbios-ns"
FW_SERVICES_INT_RPC="mountd nfs nfs_acl nlockmgr
portmap status ypbind"
FW_SERVICES_ACCEPT_EXT="0/0,udp,5060:5075"
FW_TRUSTED_NETS="192.168.100.0/255.255.255.0"
FW_FORWARD="0/0,192.168.100.0/255.255.255.0,udp,5060"
FW_FORWARD="0/0,192.168.100.0/255.255.255.0,udp,10000"
FW_FORWARD="192.168.100.0/255.255.255.0,0/0,udp,10000"


Sip Configuration:

[general]
bindport=5060
bindaddr=0.0.0.0
srvlookup=no
externrefresh=10
externip=201.208.246.178
nat=yes
localnet=192.168.100.0/255.255.255.0;


RTP configuration:

[general]
rtpstart=10000
rtpend=20000
rtpchecksums=yes

Regards, Enrique Leon



More information about the asterisk-users mailing list