[Asterisk-Users] Asterisk, IAX2 and iptables
Androtech
androtech at gigliesi.it
Fri Mar 11 16:56:16 MST 2005
I'm not exactly sure but I think what are you talking about.
My linux PC has twp IP, one public (80.xxx.xxx.xxx) and one private, assigned by me (192.168.0.1)
I should allow incoming packet from outside:
iptables -A INPUT -p udp -m udp --dport 4569 -j ACCEPT
and I should forward these packets to the private IP address:
iptables -A FORWARD -i $EXTERNAL_INTERFACE -p udp -d 192.168.0.1 --dport 4569 -j ACCEPT
Is it right?
Regards,
----- Original Message -----
From: Wiley Siler
To: Asterisk Users Mailing List - Non-Commercial Discussion
Sent: Saturday, March 12, 2005 12:41 AM
Subject: RE: [Asterisk-Users] Asterisk, IAX2 and iptables
Hello Androtech,
The issue you are having is by design. >From a firewall stand point, you would never want packets coming in from the external unsecured to terminate at the internal nic IP. That is counter-intuitive. You might FORWARD that traffic somewhere internal but you would not move it to the internal NIC.
If Asterisk is listening on your internal NIC because you have set an explicit IP in the configs, then change that reference to 0.0.0.0 so Asterisk will listen on all available IPs.
Then Open the sip port on your external IP. Restart and Asterisk will be listening both ways and the external IP should now be accessible via the correct port.
Regards,
Wiley
------------------------------------------------------------------------------
From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Androtech
Sent: Friday, March 11, 2005 4:30 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: [Asterisk-Users] Asterisk, IAX2 and iptables
Does someone experienced these kind of configuration:
linux box connected to internet by USB modem. It runs iptables for firewall. Iptables is set to masquerade (NAT) all the other PCs of the LAN. In the same PC Asterisk is running.
PROBLEM: when I try to register my software phone to Asterisk and I'm out of my LAN, I cannot do it. The problem seems to be related to the firewall that does not allow incoming packets for the IAX2 protocol
I already set the following rule, as described to http://www.voip-info.org/wiki-Asterisk+firewall+rules,
but I didn't get any good result.
iptables -A INPUT -p udp -m udp --dport 4569 -j ACCEPT
Any idea?
Regards,
------------------------------------------------------------------------------
_______________________________________________
Asterisk-Users mailing list
Asterisk-Users at lists.digium.com
http://lists.digium.com/mailman/listinfo/asterisk-users
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20050311/ff896a62/attachment.htm
More information about the asterisk-users
mailing list