[asterisk-users] Problem connecting to 4569/UDP
Roland
asterisk at rolandow.com
Fri Jan 6 05:00:46 CST 2012
iptables -L -n | grep icmp gives you the same on both machines?
Is it possible that the other public IP is behind a "main" firewall,
provided by your ISP? I know our hosting provider has this. They filter all
traffic through their main router, and after that locally with iptables.
On Tue, Jan 3, 2012 at 6:53 PM, kazabe <kazabe at gmail.com> wrote:
> Hi.
>
> Im trying to connect 2 asterisk servers between linux firewalls (iptables).
>
> Im using exactly the same iptables script in both firewall servers,
> but i dont obtain the same answer in both.
>
> this is the scenarie.
>
>
> [ASTERISK-NetA]-----[FIREWALL-NetA]-----INTERNET---[FIREWALL-NetB]----[ASTERISK-NetB]
>
> Now i do a test on NetA
>
> <Test on net A>
>
> root at FIREWAL-NetA# nmap -sU -sV -p4569 public.ip.net.B
>
> Starting Nmap 5.00 ( http://nmap.org ) at 2012-01-03 12:17 GMT
> Interesting ports on public.ip.net.B (5.6.7.8):
> PORT STATE SERVICE VERSION
> 4569/udp open iax2
>
> </Test on net A>
>
> All fine. Now i test the NetB
>
> <Test in net B>
>
> root at FIREWAL-NetB# nmap -sU -sV -p4569 public.ip.net.A
>
> Starting Nmap 5.00 ( http://nmap.org ) at 2012-01-03 12:24 GMT
> Interesting ports on public.ip.net.A (1.2.3.4):
> PORT STATE SERVICE VERSION
> 4569/udp open iax2
>
> </Test in net B>
>
> Fine too. But when i do a ping test to the udp port, the answer is
> not the same:
>
> <Ping From A>
> root at FIREWAL-NetA# hping3 public.ip.net.B --udp -V -p 4569
> using eth0, addr: 1.2.3.4, MTU: 1500
> HPING public.ip.net.B (eth0 1.2.3.4): udp mode set, 28 headers + 0 data
> bytes
> len=46 ip=5.6.7.8 ttl=57 id=60657 tos=18 iplen=40 seq=0 rtt=0.0 ms
> len=46 ip=5.6.7.8 ttl=57 id=60658 tos=18 iplen=40 seq=0 rtt=0.0 ms
> len=46 ip=5.6.7.8 ttl=57 id=60659 tos=18 iplen=40 seq=0 rtt=0.0 ms
> ^C
> --- public.ip.net.B hping statistic ---
> 19 packets transmitted, 3 packets received, 85% packet loss
> round-trip min/avg/max = 0.0/0.0/0.0 ms
>
> </Ping From A>
>
> Ping From A work Fine; but Ping from B obtain a "Port Unreachable"
>
> <Ping From B>
> root at FIREWAL-NetB# hping3 public.ip.net.A --udp -V -p 4569
> using eth0, addr: 5.6.7.8, MTU: 1500
> ICMP Port Unreachable from ip=1.2.3.4 name=UNKNOWN
> ICMP Port Unreachable from ip=1.2.3.4 name=UNKNOWN
> ICMP Port Unreachable from ip=1.2.3.4 name=UNKNOWN
> ICMP Port Unreachable from ip=1.2.3.4 name=UNKNOWN
> ^C
> --- 1.2.3.4 hping statistic ---
> 31 packets transmitted, 4 packets received, 88% packet loss
> round-trip min/avg/max = 0.0/0.0/0.0 ms
>
> </Ping From B>
>
> So both Asterisk servers cant be connected.
>
> What can i check? i dont understand why if use the same rules, the
> answer is different.
>
> Thanks in advance for your help.
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
> http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20120106/04b73f3c/attachment.htm>
More information about the asterisk-users
mailing list