Hi, Sorry for my bad english but I?ll try to explain my problem I got an Asterisk running in my house with ADSL... I?m using X100P and TDM400P cards.... My intention is get calls via PSTN to my house and Redirect to my computer in my work using X-Lite by SIP... Here?s the map with Firewalls Call for anyone to my house => PSTN => X100P => EXTENSIONS => SIP/RTP => ISA MICROSOFT FIREWALL => COMPUTER IN MY WORK WITH XLITE It?s working very nice, but I had to disable iptables in my Asterisk Box(Home)... I was using my linux with PPPoe Client, DynamicDnsClient and IPTABLES... I?d like to know if is possible to using IPTABLES again. My stupid question is: Can I restrict the ports that Asterisk uses to transmit RTP. When I was using IPTABLES with only port 5060 open , the SIP registration works nice but I didn?t receive sound... Andre Lomonaco -----Mensagem original----- De: Low, Adam [mailto:ALow@Prioritytelecom.com] Enviada em: Friday, September 26, 2003 9:06 AM Para: 'asterisk-users@lists.digium.com' Assunto: RE: [Asterisk-Users] RTP routing.. WipeOut, I just started to whiteboard this and had some realisations/questions: 1. I guess/hope your ADSL connection is not NAT'd ? 2. You will need two NIC's as I assume you will have two separate next hop gateways with each ADSL connection! 3. How would you load balance the inbound calls over the two connections (ensuring each doesn't exceed capacity)? The more I think about this the more I feel that a better solution would be to place a router between the Asterisk server and the two ADSL modems with some kind of NAT setup ... Adam ********* DISCLAIMER ********* This message and any attachment are confidential and may be privileged or otherwise protected from disclosure and may include proprietary information. If you are not the intended recipient, please telephone or email the sender and delete this message and any attachment from your system. If you are not the intended recipient you must not copy this message or attachment or disclose the contents to any other person _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users
On Fri, 2003-09-26 at 14:30, Andre Lomonaco wrote:> My stupid question is: Can I restrict the ports that Asterisk uses > to transmit RTP.rtp.conf> > When I was using IPTABLES with only port 5060 open , the SIP registration > works nice but I didn?t receive sound...because you have no ports open for the RTP, just open those you have defined in rtp.conf -- Dave Cotton <dcotton@linuxautrement.com>
Andre, Yes this is simply controlled using the rtp.conf.. the default is to use UDP ports 10000-20000.. So if you set IPTABLES to allow inbound traffic to UDP port 5060 and 10000-20000 your SIP client should work fine.. Later.. Andre Lomonaco wrote:>Hi, > >Sorry for my bad english but I?ll try to explain my problem > >I got an Asterisk running in my house with ADSL... >I?m using X100P and TDM400P cards.... > >My intention is get calls via PSTN to my house and >Redirect to my computer in my work using X-Lite by SIP... > >Here?s the map with Firewalls > >Call for anyone to my house => PSTN => X100P => EXTENSIONS => >SIP/RTP => ISA MICROSOFT FIREWALL => COMPUTER IN MY WORK WITH XLITE > >It?s working very nice, but I had to disable iptables in my >Asterisk Box(Home)... > >I was using my linux with PPPoe Client, DynamicDnsClient and IPTABLES... > >I?d like to know if is possible to using IPTABLES again. >My stupid question is: Can I restrict the ports that Asterisk uses >to transmit RTP. > >When I was using IPTABLES with only port 5060 open , the SIP registration >works nice but I didn?t receive sound... > > Andre Lomonaco > > >-----Mensagem original----- >De: Low, Adam [mailto:ALow@Prioritytelecom.com] >Enviada em: Friday, September 26, 2003 9:06 AM >Para: 'asterisk-users@lists.digium.com' >Assunto: RE: [Asterisk-Users] RTP routing.. > >WipeOut, > >I just started to whiteboard this and had some realisations/questions: > >1. I guess/hope your ADSL connection is not NAT'd ? >2. You will need two NIC's as I assume you will have two separate next hop >gateways with each ADSL connection! >3. How would you load balance the inbound calls over the two connections >(ensuring each doesn't exceed capacity)? > >The more I think about this the more I feel that a better solution would be >to place a router between the Asterisk server and the two ADSL modems with >some kind of NAT setup ... > >Adam > > >********* DISCLAIMER ********* > >This message and any attachment are confidential and may be privileged or >otherwise protected from disclosure and may include proprietary information. >If you are not the intended recipient, please telephone or email the sender >and delete this message and any attachment from your system. If you are not >the intended recipient you must not copy this message or attachment or >disclose the contents to any other person > > >_______________________________________________ >Asterisk-Users mailing list >Asterisk-Users@lists.digium.com >http://lists.digium.com/mailman/listinfo/asterisk-users >_______________________________________________ >Asterisk-Users mailing list >Asterisk-Users@lists.digium.com >http://lists.digium.com/mailman/listinfo/asterisk-users > > > >
Yes you can specify which RTP port to use in rtp.conf then you can nicely allow those ports to be open in your iptables. Doing the same thing here myself. Greetings, Tj ----- Original Message ----- From: "Andre Lomonaco" <Lomonaco@microcity.com.br> To: <asterisk-users@lists.digium.com> Sent: Friday, September 26, 2003 2:30 PM Subject: RES: [Asterisk-Users] RTP routing.. Hi, Sorry for my bad english but I?ll try to explain my problem I got an Asterisk running in my house with ADSL... I?m using X100P and TDM400P cards.... My intention is get calls via PSTN to my house and Redirect to my computer in my work using X-Lite by SIP... Here?s the map with Firewalls Call for anyone to my house => PSTN => X100P => EXTENSIONS => SIP/RTP => ISA MICROSOFT FIREWALL => COMPUTER IN MY WORK WITH XLITE It?s working very nice, but I had to disable iptables in my Asterisk Box(Home)... I was using my linux with PPPoe Client, DynamicDnsClient and IPTABLES... I?d like to know if is possible to using IPTABLES again. My stupid question is: Can I restrict the ports that Asterisk uses to transmit RTP. When I was using IPTABLES with only port 5060 open , the SIP registration works nice but I didn?t receive sound... Andre Lomonaco -----Mensagem original----- De: Low, Adam [mailto:ALow@Prioritytelecom.com] Enviada em: Friday, September 26, 2003 9:06 AM Para: 'asterisk-users@lists.digium.com' Assunto: RE: [Asterisk-Users] RTP routing.. WipeOut, I just started to whiteboard this and had some realisations/questions: 1. I guess/hope your ADSL connection is not NAT'd ? 2. You will need two NIC's as I assume you will have two separate next hop gateways with each ADSL connection! 3. How would you load balance the inbound calls over the two connections (ensuring each doesn't exceed capacity)? The more I think about this the more I feel that a better solution would be to place a router between the Asterisk server and the two ADSL modems with some kind of NAT setup ... Adam ********* DISCLAIMER ********* This message and any attachment are confidential and may be privileged or otherwise protected from disclosure and may include proprietary information. If you are not the intended recipient, please telephone or email the sender and delete this message and any attachment from your system. If you are not the intended recipient you must not copy this message or attachment or disclose the contents to any other person _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users