Christopher Chan wrote:
Now I have to hop over to the Asterisk list to figure why with one
firewall the INVITE properly redirects the RTP to the RTP server, and
the with the other firewall this is not in the INVITE so the RTP flow
does not..... ARGH!!!!!
I hope you are not trying to get around a double nat situation. client
-> nat <-> nat <- asterisk.
I never managed to get things to work in that scenario. I have a vpn
setup to get things to work.
No. That in part of my frustration. I have 64 publicly routed addresses.
My open net is 8 addresses, for 6 systems. DSL router and so far 2
firewalls standard (occational honeypot).
I assigned 8 addresses for my VoIPnet. All Trixboxes on VoIPnet have 2
NICs. Their second NIC is to an 192.168 addressed net with the various
VoIP clients.
So I have a WRT54g running sveasoft with NAT turned off. But even with
NAT turned off, the box is basically brain-dead. It would only allow
the ONE server defined as the DMZ server to be accessed even when the
firewall is disabled! And I have 2 Trixboxes (part of my testing. Have
to learn DUNDI too).
So I now have a REAL firewall; well Centos wiht Shorewall. And it
seemed to be working, but the SIP/SDP INVITE when I have the sveasoft
box has a redirect from the SIP server to the actual RTP server. But
with Shorewall, that information is NOT in the INVITE so the SIP server
responds with an ICMP of no such port. And so far I have not figured
this out...
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
