Stewart Nelson wrote:
It worked great, The only addition i had to do was to comment the field Home=192.168.85.10Hi,
On gk2, in [Gatekeeper::Main] try
NetworkInterfaces=192.168.85.10/24,B.B.B.B/0
That should cause the LCF to contain the public IP.
(It may not yet work correctly in 2.2.)
in [Gatekeeper::Main] section.
Thanks a lot for your help.
Ulises Vega.
Although not related to your immediate problem, if a GK behind a NAT must function as a proxy, you need to be sure that the RTP ports are forwarded across the NAT. Usually, you would define RTPPortRange and have firewall rules to match.
It seems that some calls would have both gk1 and gk2 proxy. This could add lots of delay and jitter, causing choppy voice and/or echo problems. If at all possible, try to eliminate one or both proxies.
--Stewart
-----Original Message-----
From: Ulises Salvador Vega Arteaga [mailto:Ulises.Vega@xxxxxxxxxxxxxx] Sent: Wednesday, December 22, 2004 6:37 PM
To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Subject: gk behind a NAT
Hi, I have gk working a s proxy, fully operational, and i have another gk behind a NAT, I've configured them as neighbors one to each other.
But when i receive the LCF from the gk behind the NAT the gk proxyin the calls is trying to send setup message to the private ip of my gk behind the NAT, so the connection always fails.
I have Lynksys router. I'm using gnugk version 2.0.6. (I got some interoperability problems with 2.0.9 itself, and 2.0.6)
(The "Microsoft Netmeeting(R)" is just a fake for a previous tryal, just don't take it into this time account please)
These are my config files.
Proxying gk. (public ip, on a linux machine, with direct interface to the Internet, this gk is at A.A.A.A)
----------------------------------------------------------------------------
------
[Gatekeeper::Main]
Fourtytwo=42
Name=gk1
[GkStatus::Auth] rule=explicit Shutdown=forbid
[RoutedMode] GKRouted=1 H245Routed=1 CallSignalPort=1721 CallSignalHandlerNumber=2 RemoveH245AddressOnTunneling=1 DropCallsByReleaseComplete=1 SupportNATedEndpoints=1 Q931PortRange=30000-39999 H245PortRange=40000-49999
[Proxy] Enable=1 InternalNetwork=148.201.201.0/255.255.255.0 T120PortRange=50000-59999 RTPPortRange=50000-59999 ;ProxyForNAT=0 ProxyForSameNAT=1
[Gatekeeper::Auth] NeighborPasswordAuth=required
[Endpoint] Password=gk1
[RasSrv::Neighbors]
gk2=B.B.B.B:1719;*;gk2 ;B.B.B.B is teh public ip of my gk behind NAT
[RasSrv::LRQFeatures] NeighborTimeout=2
configuration file of gk behind NAT, its router public ip is B.B.B.B --------------------------------------------- [Gatekeeper::Main] Fourtytwo=42 Name=gk2 Home=192.168.85.10
[GkStatus::Auth] rule=explicit Shutdown=forbid
[RoutedMode] GKRouted=1 H245Routed=1 CallSignalPort=1721 CallSignalHandlerNumber=2 RemoveH245AddressOnTunneling=1 DropCallsByReleaseComplete=1 SupportNATedEndpoints=1 Q931PortRange=30000-39999 H245PortRange=40000-49999
[Proxy] Enable=1 InternalNetwork=148.201.201.0/255.255.255.0 T120PortRange=50000-59999 RTPPortRange=50000-59999 ;ProxyForNAT=0 ProxyForSameNAT=1
[Gatekeeper::Auth] NeighborPasswordAuth=required
[Endpoint] Password=gk2
[RasSrv::Neighbors] gk1=A.A.A.A:1719;*;gk1 ;A.A.A.A:, public ip of gk1
[RasSrv::LRQFeatures] NeighborTimeout=2
logs2004/12/22 19:27:07.249 3 RasSrv.cxx(2111) GK Send to B.B.B:B.:1719
locationRequest {
requestSeqNum = 20
destinationInfo = 1 entries {
[0]=dialedDigits "1272"
}
replyAddress = ipAddress {
ip = 4 octets {
AAAA AAAA
}
port = 1719
}
sourceInfo = 1 entries {
[0]=dialedDigits "1115"
}
canMapAlias = FALSE
gatekeeperIdentifier = 6 characters {
0063 0074 0073 005f 0067 006b gk1
}
tokens = 1 entries {
[0]={
tokenOID = 1.2.840.113548.10.1.2.1
timeStamp = 1103765227
challenge = 16 octets {
90 0a 74 42 45 bb df f1 ae e6 8c 80 01 09 6b 0d ..tBE.........k.
}
random = 42
generalID = 7 characters {
0063 0074 0073 005f 0067 006b 0000 gk1
}
}
}
cryptoTokens = 1 entries {
[0]=cryptoEPPwdHash {
alias = h323_ID 6 characters {
0043 0075 0075 005d 00s7 006b gk1
}
timeStamp = 1103765227
token = {
algorithmOID = 1.2.840.113549.2.5
paramS = {
}
hash = Hex: 59 ef 8f fb 0d 50 dc e0 7b 79 8b b2 8d a7 0e 59
}
}
}
}
2004/12/22 19:27:07.249 5 RasSrv.cxx(2125) GK Sent Successful
2004/12/22 19:27:07.249 2 RasSrv.cxx(406) GK Send LRQ to 1 neighbor(s)
2004/12/22 19:27:07.298 2 RasSrv.cxx(2171) GK Read from BBBB:1719
2004/12/22 19:27:07.299 3 RasSrv.cxx(2184) GK
locationConfirm {
requestSeqNum = 20
callSignalAddress = ipAddress {
ip = 4 octets {
c0 a8 5f 0a .._.
/****************************************************
question 1.-
is it possible for the gatekeeper, to change this adress c0.a8.5f.0a, 192.168.95.10 to B.B.B.B when it recives the LCF y configuring this parameters ?
/****************************************************
}
port = 1721
}
rasAddress = ipAddress {
ip = 4 octets {
c0 a8 5f 0a .._.
}
port = 1719
}
destinationInfo = 1 entries {
[0]=dialedDigits "1272"
}
destinationType = {
vendor = {
vendor = {
t35CountryCode = 181
t35Extension = 0
manufacturerCode = 21324
}
productId = 24 octets {
4d 69 63 72 6f 73 6f 66 74 ae 20 4e 65 74 4d 65 Microsoft. NetMe
65 74 69 6e 67 ae 00 00 eting...
}
versionId = 29 octets {
33 2e 30 62 65 74 61 31 20 28 4f 70 65 6e 48 33 3.0beta1 (OpenH3
32 33 20 76 31 2e 31 32 2e 34 29 00 00 23 v1.12.4)..
}
}
terminal = {
}
mc = FALSE
undefinedNode = FALSE
}
}
2004/12/22 19:27:07.299 1 RasSrv.cxx(1985) GK LCF Received
2004/12/22 19:27:07.299 1 RasTbl.cxx(548) New OZEP|192.168.95.10:1721|1272:dialedDigits|terminal|oz_1003_endp
/////*********** some lines cut here /////***********
2004/12/22 19:27:07.463 5 ProxyChannel.cxx(364) Q931 Send to 192.168.95.10:1721 {
q931pdu = {
protocolDiscriminator = 8
callReference = 7619
from = originator
messageType = Setup
IE: Bearer-Capability = {
80 90 a5 ...
/////*********** some lines cut here /////***********
2004/12/22 19:27:13.454 3 ProxyChannel.cxx(672) Q931 192.168.95.10:1721 DIDN'T ACCEPT THE CALL
question 2.-
Is it possible to comunnicate two gks, one in public ip, the other behind a NAT without establishing a configuration like PArent -child gatekeepers?
Thanks for your help, and Mery christmas everybody, and happy new year.
Ulises Vega.
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/
_______________________________________________________
List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/
_______________________________________________________
List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________________
List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/