|
Hello, To make things clearer I
decided to write again where the problem really is because we are turning
around in a circle. So, I have GnuGK configured to accept any registration of endpoint,
then configured to register GnuGK with parent GK
which is located in outside network behind NAT (GnuGK
behind NAT, Parent GK – public IP) and I have, THIS IS IMPORTANT, NetworkInterfaces set to 192.168.120.32/24 (Local network).
Other settings are irrelevant (but still same like before). Now I register with 2 local
endpoints to GnuGK and try to call each other –
OK, call established And the other test, call from
local endpoint to Parent GK destination – OK, call established As you can see, everything is
ok, I can place calls inside my local network ok to destinations handled by Pareny GK. BUT NOW THE INTERESTING
THINGS WILL COME When I change NetworkInterfaces to 192.168.120.32/24,212.5.203.53/0 (the
second - public IP of my NAT) and again I will do some tests. Try to establish call between
2 local endpoints – OK, call established Call from local endpoint to
Parent GK destination – FAIL, DIDN’T ACCEPT THE CALL error appears
in GnuGK log and call is dropped!!! So let’s make some
summary. In the first case, everything
passed successfully so this is a proof that all communication needed is correctly
allowed by all FWs, NATs on
the way. In the second case the only
different thing is NetworkInterfaces set to another
value (no reconfiguration of NAT, FW …) and it FAILs
to establish call with parents GK destination. And this is the major
problem, no matter external endpoints, wrong IPs sent
in messages or even no RTP streams working properly (not
tested) Answers to Stewart Nelson: The reason why any broadcasts
aren’t received may be that I’m doing this tests often about midnight
so whole corporate LAN is ‘dead’ I think there is only one another
server running except mine. Behind long respond times can
be also the fact that I’m filtering SSH packets and it’s
pretty lot of traffic because of writing log info on screen. Hmm … I can’t see
blinking LED trough SSH :D But I will have to go there
in near future. I’m not running any FW
on my machine. The company uses HW firewall
(NAT) so I can’t use my server instead of it and another public IP is not
available to me. I maybe can put GnuGK machine into
DMZ zone but this is insecure – I don’t want to do that. I hope this revising :-)
helped to make things clearer, thanx to all of you
for your support I appreciate it. Best regards, Igor |
