[asterisk-users] Asterisk 13.13.1
rwheeler at artifact-software.com
Mon Jan 30 12:58:43 CST 2017
CentOS 7 uses firewalld to control TCP amd UDP access.
The iptables configuration will be overwritten and dynamically changed
by Firewalld so don't count on the old practice of manipulating iptables
I recently moved our Asterisk from an old CentOS to CentOS 7 running
You can add a firewalld service yp /etc/firewalld/services like mine.
[root at firewall0 services]# cat Asterisk.xml
<?xml version="1.0" encoding="utf-8"?>
<port protocol="udp" port="10000-10100"/>
<port protocol="tcp" port="8003"/>
<port protocol="udp" port="4569"/>
<port protocol="tcp" port="8088"/>
<port protocol="udp" port="5060-5061"/>
You then permit this service in your interface (zones) as a service
I also added a rule to get some logging on the Asterisk ports while
getting things up and running.
I did this all on my exterior firewall which is also a CentOS 7 system.
On the Asterisk server, I do not block anything which is not a best
practice but the entire internal network is very small and I consider it
to be secure.
You (and I) should control the interface using Firewalld with the same
service and zone specifications.
On 30/01/2017 12:13 PM, Motty Cruz wrote:
> I thought it was a firewall issues. I disabled IP Tables & Selinux, but the
> problem persist! I have not made changes on our firewall since the upgrade!
> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com
> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Doug Lytle
> Sent: Monday, January 30, 2017 9:05 AM
> To: Asterisk Users Mailing List - Non-Commercial Discussion
> Subject: Re: [asterisk-users] Asterisk 13.13.1
>>>> On Jan 30, 2017, at 11:55 AM, Motty Cruz motty.cruz at gmail.com wrote:
>>>> Fresh installed CentOS 7.3 and Asterisk 13.13.1. Download Asterisk from
>>>> I continue to see errors like this:
>>>> [2017-01-30 08:37:17] WARNING: chan_sip.c:4061 retrans_pkt:
> Retransmission timeout reached on transmission
> 56849706-ba96a6d9-817305d0 at 192.168.125.173 for seqno 109 (Critical Request)
> -- See >>> >>>
Artifact Software Inc
email: rwheeler at artifact-software.com
phone: 866-970-2435, ext 102
More information about the asterisk-users