[asterisk-users] semi-OFF-TOPIC - SIP iptables and NAT - same source, different destination
Sebastian Nielsen
sebastian at sebbe.eu
Fri Jan 27 13:03:27 CST 2017
Yes its called the state table. This because connection IP:PORT has a relationship with inside IP 192.168.x.x port X.
I guess you have configured the redirect port to be same on both?
Eg 5070 goes to *1:5060 and 5080 goes to *2:5060
What you need to do, is to have different inside ports as well, and also configure the asterisk boxes to listen on a different SIP port.
Från: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-bounces at lists.digium.com] För Gabriel Ortiz Lour
Skickat: den 27 januari 2017 19:59
Till: Asterisk Users Mailing List - Non-Commercial Discussion <asterisk-users at lists.digium.com>
Ämne: [asterisk-users] semi-OFF-TOPIC - SIP iptables and NAT - same source, different destination
Hi all,
anyone with iptables master power pack knowledge :) ?
Having some problem with NAT!
I have a server that is the LAN gateway (A) with the public IP, and two asterisk boxes behind it.
I've configured port forward so port 5070 goes to *1 and 5080 goes to *2. Working fine.
The problem is when some machine outside tries to talk with both asterisks.
As soon as the 1st package gets routed to *1 the subsequent packets will all also get routed to *1, no matter that the destination port is now 5080.
Seams like some "nat cache", where it will decide to forward all packets to *1 that come from origin "IP:PORT" X (since it was the first one contacted)
anyone with iptables master power pack knowledge :) ?
Att.
Gabriel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20170127/7cff4ca3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6298 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20170127/7cff4ca3/attachment.bin>
More information about the asterisk-users
mailing list