[asterisk-users] Firewall & audio : need a wide range to work !
Danny Nicholas
danny at debsinc.com
Wed Mar 24 08:33:18 CDT 2010
You should be able to establish a very narrow range (4 ports per line) by
monitoring the ports with netstat and adjusting accordingly.
_____
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of jonas kellens
Sent: Wednesday, March 24, 2010 6:21 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] Firewall & audio : need a wide range to work !
In rtp.conf the audio port range for the public Asterisk server is defined.
Why is this important for the firewall at client side ??
By the way the range defined is :
rtpstart=11500
rtpend=11600
Do I then need to open up the same range on the firewall at my customer ??
This has nothing to do with incoming traffic on the firewall at my
customer's site.
Jonas.
On Wed, 2010-03-24 at 06:39 -0400, Alex Balashov wrote:
Have a look at rtp.conf.
On 03/24/2010 06:33 AM, jonas kellens wrote:
> Hello list !
>
> I have the following problem at a customer :
>
> Their is a firewall in between the internal network (with IP-phones) and
> the public Asterisk-server.
>
> I see the following message when "sip debug" enabled :
>
> [Mar 24 11:19:36] VERBOSE[5087] logger.c: [Mar 24 11:19:36] --- (11
> headers 11 lines) ---
> [Mar 24 11:19:36] VERBOSE[5087] logger.c: [Mar 24 11:19:36] Found RTP
> audio format 8
> [Mar 24 11:19:36] VERBOSE[5087] logger.c: [Mar 24 11:19:36] Found RTP
> audio format 101
> [Mar 24 11:19:36] VERBOSE[5087] logger.c: [Mar 24 11:19:36] Peer audio
> RTP is at port *192.168.0.24:11772*
> [Mar 24 11:19:36] VERBOSE[5087] logger.c: [Mar 24 11:19:36] Found audio
> description format PCMA for ID 8
> [Mar 24 11:19:36] VERBOSE[5087] logger.c: [Mar 24 11:19:36] Found audio
> description format telephone-event for ID 101 alaw)
> d - 0x1 (telephone-event)
> [Mar 24 11:19:36] VERBOSE[5087] logger.c: [Mar 24 11:19:36] Peer audio
> RTP is at port *192.168.0.24:11772*
> [Mar 24 11:19:36] VERBOSE[5087] logger.c: [Mar 24 11:19:36] list_route:
> hop: <sip:ict00 at 192.168.0.24:5062 <sip:itczak00 at 192.168.0.24:5062>>
> [Mar 24 11:19:36] VERBOSE[5087] logger.c: [Mar 24 11:19:36]
> set_destination: Parsing <sip:ict00 at 192.168.0.24:5062> for address/port
> to send to
> [Mar 24 11:19:36] VERBOSE[5087] logger.c: [Mar 24 11:19:36]
> set_destination: set destination to 192.168.0.24, port 5062
>
>
> But when opening a range of ports on the firewall 11700 --> 11800, the
> audio is not coming through !!
>
> When opening the ports 11000 --> 11800, then the audio is coming through
> fine !
>
>
> Can someone explain me why range 1 is not enough fot the RTP-traffic ?!
>
>
> Jonas.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20100324/3b27b87c/attachment.htm
More information about the asterisk-users
mailing list