Hi again,
Michal Zygmuntowicz wrote:
As far as I remember, setting Home to your public IP should solve your issue (assuming your firewall/NAT does not remap ports). I personally found this working in 2.0, but it should also work fine in 2.2, I guess.
In order to avoid problems with the new 2.2beta4 release I decided to try the stable 2.0.8 release instead.
Now, when I specify the 'Home=<my.public.ip.address>' directive in the configuration file GnuGK fails to even start properly, and I have to kill it.
This is the output I receive when starting GnuGK:
___________________________________________________________
D:\Program Files\GNUGK\openh323gk-2.0.8\bin>gnugk -tt
2004/06/28 13:41:17.170 2 Toolkit.cxx(90) Network=127.0.0.0/255.0.0.0, IP=127.0.0.1
2004/06/28 13:41:17.180 2 Toolkit.cxx(90) Network=192.168.0.0/255.255.255.0, IP=192.168.0.x
2004/06/28 13:41:17.190 2 Toolkit.cxx(90) Network=192.168.0.x/255.255.255.255, IP=127.0.0.1
2004/06/28 13:41:17.200 2 Toolkit.cxx(90) Network=192.168.0.255/255.255.255.255, IP=192.168.0.x
2004/06/28 13:41:17.210 2 Toolkit.cxx(90) Network=224.0.0.0/224.0.0.0, IP=192.168.0.x
2004/06/28 13:41:17.220 2 Toolkit.cxx(90) Network=255.255.255.255/255.255.255.255, IP=192.168.0.x
2004/06/28 13:41:17.240 2 Toolkit.cxx(91) Default IP=192.168.0.x
2004/06/28 13:41:17.250 2 Toolkit.cxx(158) GK H.323 Proxy enabled
2004/06/28 13:41:17.260 2 gkacct.cxx(924) GKACCT Successfully logged event 8
OpenH323 Gatekeeper - The GNU Gatekeeper with ID 'OpenH323GK' started on MY.PUBLIC.IP.ADDRESS
Gatekeeper(GNU) Version(2.0.8) Ext(pthreads=0,acct=1,radius=1,mysql=1,pgsql=0,ldap=0,large_fdset=0) Build(Jun 1 2004, 10:14:28)
Sys(NT i586 v4.0.1381)
2004/06/28 13:41:17.280 1 gk.cxx(542) OpenH323 Gatekeeper - The GNU Gatekeeper with ID 'OpenH323GK' started on
MY.PUBLIC.IP.ADDRESS
Gatekeeper(GNU) Version(2.0.8) Ext(pthreads=0,acct=1,radius=1,mysql=1,pgsql=0,ldap=0,large_fdset=0) Build(Jun 1 2004, 10:14:28)
Sys(NT i586 v4.0.1381)
This program is free software. You can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version.
Disable Bandwidth Management
Enter <Ctrl>+<C> or <Ctrl>+<Break> to exit
2004/06/28 13:41:17.491 2 gk.cxx(589) GK TimeToLive for Registrations: 300
2004/06/28 13:41:17.511 2 WaitingARQ.cxx(60) GK Virtual Queue disabled for aliases
2004/06/28 13:41:17.531 2 WaitingARQ.cxx(70) GK Virtual Queue disabled for prefixes
2004/06/28 13:41:17.541 2 WaitingARQ.cxx(80) GK Virtual Queue disabled for regular expression
2004/06/28 13:41:17.551 2 ProxyChannel.cxx(74) Q931PortRange: 30000-39999
2004/06/28 13:41:17.561 2 ProxyChannel.cxx(74) H245PortRange: 40000-49999
2004/06/28 13:41:17.581 2 ProxyChannel.cxx(74) T120PortRange: 50000-59999
2004/06/28 13:41:17.591 2 ProxyChannel.cxx(74) RTPPortRange: 50000-59999
2004/06/28 13:41:17.601 1 ProxyThread.cxx(495) ProxyL Can't listen port 1721
2004/06/28 13:41:17.611 2 RasSrv.cxx(602) GK Using Routed Signalling
2004/06/28 13:41:17.621 2 RasSrv.cxx(603) GK H.245 Routed Enabled
2004/06/28 13:41:17.641 2 thread.cxx(31) ProxyHandleThread 339 started
2004/06/28 13:41:17.671 1 RasSrv.cxx(2359) GK RasThread 435 started
2004/06/28 13:41:17.681 2 RasSrv.cxx(2362) GK Entering connection handling loop
2004/06/28 13:41:17.691 1 RasSrv.cxx(2366) GK Bind to RAS port failed!
2004/06/28 13:41:17.711 1 RasSrv.cxx(2422) GK RasThread terminated!
2004/06/28 13:41:17.761 2 thread.cxx(31) ProxyHandleThread 383 started
2004/06/28 13:41:17.771 1 MulticastGRQ.cxx(57) GK Multicast listener started
2004/06/28 13:41:17.781 1 MulticastGRQ.cxx(70) GK Can't join multicast group.
Shut down in progress...
2004/06/28 13:41:18.652 2 RasSrv.cxx(759) GK Closing RasThread
___________________________________________________________
Now that I've investigated some more in this...
My thoughts are:
1). If MyPhone can establish a working connection
with OpenAM at VoxGratia via my Firewall(NAT)
(which is specified to have H323 support),
then it should be able to work with GnuGK too - right?2). In order to make sure that MyPhone does not
talk with OpenAM at VoxGratia directly I've
explicitly configured it to only communicate
via 127.0.0.1 (i.e. the localhost interface,
*NOT* via the local machines LAN interface).
I have also specified to look for the GnuGK
on the localhost interface and made MyPhone
require a GK. (Monitored with TCPView)3). In order to verify that GnuGK can proxy a
call to a locally running openam-1.1.17,
I've started one like this:openam -g 192.168.0.x -i 192.168.0.x -u localam -m openam.wav
*** Note! openam is *NOT* connected to the 127.0.0.1 IF,
thus MyPhone and openam should not be able to communicate
directly via the 127.0.0.1 interface.4). Calling "localam" works fine with this setup.
Snooping with ethereal reveals no connections
to external addresses. (Also monitored with TCPView).5). Using the same setup, calling "openam@xxxxxxxxxxxxx",
seems to connect but I cannot hear the recorded message.This is the output of MyPhone:
MyPhone is ready...
Searching for Gatekeeper.... Please Wait!
Successfully registered with Gatekeeper: OpenH323GK@localhost
Started receiving GSM-06.10{sw} data (4 frames).
Started sending GSM-06.10{sw} data (4 frames).
Talking to openam [127.0.0.1]
Stopped sending GSM-06.10{sw} data.
Stopped receiving GSM-06.10{sw} data.
Connection with openam [127.0.0.1] cleared. Snooping with ethereal reveals that a lot of ICMP messages
are sent from the local machine's LAN IF to the inteface of
voxgratia.org, claiming "Destination unreachable".6). Together, he above raises the question what else parameter
do I have to specify in the configuration file of GnuGK?
The 'Home' parameter obviously doesn't seem to work. Considering that I had to specify my LAN's public IP to
MyPhone in order to make it work, I assume I have to
specify it to GnuGK too. But how?This is my GnuGK config file: ____________________________________________________ ## ## A very simple proxy configuration file. ##
[Gatekeeper::Main] Fourtytwo=42 Name=OpenH323GK ;;Home=MY.PUBLIC.IP.ADDRESS # -> Can't join multicast group. TimeToLive=300
[GkStatus::Auth] rule=allow
[RoutedMode] GKRouted=1 H245Routed=1 CallSignalPort=1721 CallSignalHandlerNumber=1 AcceptNeighborsCalls=0 AcceptUnregisteredCalls=0 RemoveH245AddressOnTunneling=1 DropCallsByReleaseComplete=1 SendReleaseCompleteOnDRQ=1 SupportNATedEndpoints=1 Q931PortRange=30000-39999 H245PortRange=40000-49999
[Proxy] Enable=1 ProxyForSameNAT=1 T120PortRange=50000-59999 RTPPortRange=50000-59999
# EOF ____________________________________________________
Any more input to this is most welcome and higly appreciated!
Kind Regards, Rolf Sponsel
-- ---- ------ --------
Rolf Sponsel
___________________________________________e_n_d___o_f___m_e_s_s_a_g_e_
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________________
List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
