[asterisk-users] IAX connections broken

dave cantera david.cantera at iacnet.net
Sat Jul 28 21:50:58 CDT 2007 

michael,
this is what I use for centOS 4, but I think its too loose... let me 
know if you don't know where to put it...
daveC

# for asterisk
-A RH-Firewall-1-INPUT -p udp -m udp --dport 5060 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 4569 -j ACCEPT <---- IAX
-A RH-Firewall-1-INPUT -p udp -m udp --dport 5036 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 5004 -j ACCEPT





Michael Munger wrote:
>
> It did change, which is what caused this problem in the first place, 
> but all the updates have been applied, propagated, and are 
> working….well, with the exception of this one.
>
> Does anyone know what the iptables command would be to forward these 
> IAX packets to a specific LAN ip?
>
> Michael Munger
>
> High Powered Help, Inc
>
> michael at highpoweredhelp.com <mailto:michael at highpoweredhelp.com>
>
> 404-438-2128 x 101
>
> ------------------------------------------------------------------------
>
> *From:* asterisk-users-bounces at lists.digium.com 
> [mailto:asterisk-users-bounces at lists.digium.com] *On Behalf Of *Dave Bour
> *Sent:* Thursday, July 26, 2007 12:29 PM
> *To:* asterisk-users at lists.digium.com
> *Subject:* Re: [asterisk-users] IAX connections broken
>
> Are sites listed by IP or DN. If IP, dumb question but did it change? 
> If DN, can you resolve it from the respective boxea?
>
> Dave Bour
> Desktop Solution Center
> 905.381.0077
> dcbour at desktopsolutioncenter.ca
>
> For those who just want it to work...
> Giving you complete IT peace of mind.
>
> (Sent via Blackberry - hence message may be shorter than my usual 
> verbose responses)
> PIN 4cc364db (as of March 24, 2007)
>
> ----- Original Message -----
> From: asterisk-users-bounces at lists.digium.com 
> <asterisk-users-bounces at lists.digium.com>
> To: Baji.Panchumarti at gmail.com <Baji.Panchumarti at gmail.com>; Asterisk 
> Users Mailing List - Non-Commercial Discussion 
> <asterisk-users at lists.digium.com>
> Sent: Thu Jul 26 10:17:23 2007
> Subject: Re: [asterisk-users] IAX connections broken
>
> Not likely.
> #1, I have a public IP on that firewall.
> #2. If I block 4569 at our firewall, then it goes from closed to
> stealth. If I forward the port, it goes from stealth to closed.
>
> The iaxping tool (http://www.bpvn.com/asterisk/iaxping.zip) has no
> problems pinging the box from the lan, and our test machine can make an
> IAX connection to the box. From outside the network, however, it times
> out.
>
> It has to be a NAT problem, but forwarding doesn't appear to be working.
>
> Yours,
> Michael Munger, dCAP
> 404-438-2128
> michael at highpoweredhelp.com
>
> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com
> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Baji
> Panchumarti
> Sent: Thursday, July 26, 2007 10:06 AM
> To: Asterisk Users Mailing List - Non-Commercial Discussion
> Subject: Re: [asterisk-users] IAX connections broken
>
> what if your internet provider is blocking inbound 4569 ?
>
> --
>
> On 7/26/07, Michael Munger wrote:
>
> > Dear All:
> >
> > I have several boxes that up and running just great, then we changed
> > internet equipment due to a lightning strike, now all my inbound IAX
> > connections (iax2 show peers) have unknown status. If I log into the
> > remote boxes, it says "Request sent."
> >
> > The authentications haven't changed at all, and all the iax.conf
> > settings are correct. It looks like a firewall issue, but we've got
> 4569
> > TCP & UDP forwarded to our Asterisk box. When I use Shields up from
> > GRC.com to test the port, it is showing up as "closed" rather than
> open,
> > which normally means the port is open, but the service is not running,
> > yet Asterisk is up and running just fine, and my outbound connections
> to
> > Voicepulse work fine. I see voicepulse, voicepulse sees me.
> >
> > There is something I am not seeing here. Any thoughts?
> >
> > -Michael
> >
> > _______________________________________________
>
> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
>
>
> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
> ------------------------------------------------------------------------
>
> No virus found in this incoming message.
> Checked by AVG Free Edition. 
> Version: 7.5.476 / Virus Database: 269.10.22/921 - Release Date: 07/26/2007 11:16 PM
>   

-- 
My wife's sister is in California.  
I should buy her a Videophone2008!

Truly, The Next Best Thing to Being There!
--

WorldWideVideoPhones.com
856.380.0894

More information about the asterisk-users mailing list