Robert La Ferla
2005-Dec-26 23:37 UTC
[Asterisk-Users] iptables rules for forwarding SIP/RTP to Asterisk server from behind nat firewall/router
Can someone please send me your iptables rules for forwarding SIP/RTP udp to your * server? I tried this but I think I need more rules like DNAT or something... iptables -A FORWARD -i $EXT_IF -o $INT_IF -p udp -m udp --sport 5060 -d $ASTERISK_IP --dport 5060 -j ACCEPT iptables -A FORWARD -i $EXT_IF -o $INT_IF -p udp -m udp --sport 10000:20000 -d $ASTERISK_IP --dport 10000:20000 -j ACCEPT
Aryanto Rachmad
2005-Dec-27 02:52 UTC
[Asterisk-Users] iptables rules for forwarding SIP/RTP to Asterisk server from behind nat firewall/router
Hello Robert, I have this following setting on my WRT54GS: # RTP ports iptables -t nat -A PREROUTING -i $WAN -m udp -p udp --dport 10000:20000 -j DNAT --to-destination $ASTERISK_IP iptables -A FORWARD -i $WAN -o $DMZ -m udp -p udp --dport 10000:20000 -d $ASTERISK_IP -j ACCEPT # IAX port iptables -t nat -A PREROUTING -i $WAN -m udp -p udp --dport 4569 -j DNAT --to-destination $ASTERISK_IP iptables -A FORWARD -i $WAN -o $DMZ -m udp -p udp --dport 4569 -d $ASTERISK_IP -j ACCEPT # SIP port iptables -t nat -A PREROUTING -i $WAN -m udp -p udp --dport 5060 -j DNAT --to-destination $ASTERISK_IP iptables -A FORWARD -i $WAN -o $DMZ -m udp -p udp --dport 5060 -d $ASTERISK_IP -j ACCEPT Cheers, Anto ----- Original Message ----- From: "Robert La Ferla" <robertlaferla@comcast.net> To: "Asterisk Users Mailing List - Non-Commercial Discussion" <asterisk-users@lists.digium.com> Sent: Tuesday, December 27, 2005 7:37 AM Subject: [Asterisk-Users] iptables rules for forwarding SIP/RTP to Asterisk server from behind nat firewall/router> Can someone please send me your iptables rules for forwarding SIP/RTP > udp to your * server? > > I tried this but I think I need more rules like DNAT or something... > > iptables -A FORWARD -i $EXT_IF -o $INT_IF -p udp -m udp --sport 5060 -d > $ASTERISK_IP --dport 5060 -j ACCEPT > iptables -A FORWARD -i $EXT_IF -o $INT_IF -p udp -m udp --sport > 10000:20000 -d $ASTERISK_IP --dport 10000:20000 -j ACCEPT > > _______________________________________________ > --Bandwidth and Colocation provided by Easynews.com -- > > Asterisk-Users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >