[asterisk-users] Terrible,
horrible firewall issues in * to * setup
Tim Panton
tim at mexuar.com
Fri Nov 24 03:19:55 MST 2006
On 22 Nov 2006, at 22:21, Lachek Butalek wrote:
> My mission is to get one * box to dial another * box' extensions. I
> have set this up previously without any issues by making a simple IAX
> trunk/extension pair on the two boxes and create a dial plan with a
> prefix like 9|XXX to select an extension on the other box.
>
> My problem is that I now have to do this with extremely restrictive
> firewalls thrown into the mix - firewalls I have no control over.
> Basically, the setup is:
>
> *1 <---> FW1 <---> (Internet) <---> FW2 <---> FW3 <---> *2
>
> I have control over firewall 1 and 3, but not 2. Using port forwarding
> (4569 UDP) on FW1, I have been able to make calls from *2 to *1. My
> problem lies with making calls the other way, as I have no way of port
> forwarding on FW2.
If FW2 and FW3 permit outbound UDP and associated replies you won't
need to.
(even if they NAT them).
Set up 4569 on FW1 to go to *1
Add *2 as a peer (and user) in iax.conf on *1
Do _nothing_ with FW3
Set up *2 to _register_ with *1
The repeated registration from 2 to 1 will keep the any
NAT's and port maps open and tell 1 how to reach 2.
(IAX is great)
Tim.
More information about the asterisk-users
mailing list