asterisk users - Jan 2017 - Asterisk 13.13.1

>>> On Jan 30, 2017, at 11:55 AM, Motty Cruz motty.cruz at gmail.com
wrote:
>>> Fresh installed CentOS 7.3 and Asterisk 13.13.1. Download Asterisk
from here:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-13-current.tar.gz
>>> I continue to see errors like this: 
>>> [2017-01-30 08:37:17] WARNING[2332]: chan_sip.c:4061 retrans_pkt:
Retransmission timeout reached on transmission 56849706-ba96a6d9-817305d0 at
192.168.125.173 for seqno 109 (Critical Request) -- See >>>
>>>
Firewall?

Doug

I thought it was a firewall issues. I disabled IP Tables & Selinux, but the
problem persist! I have not made changes on our firewall since the upgrade!

-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Doug Lytle
Sent: Monday, January 30, 2017 9:05 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] Asterisk 13.13.1
>>> On Jan 30, 2017, at 11:55 AM, Motty Cruz motty.cruz at gmail.com
wrote:
>>> Fresh installed CentOS 7.3 and Asterisk 13.13.1. Download Asterisk
from
here:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-13-current.tar
.gz 
>>> I continue to see errors like this: 
>>> [2017-01-30 08:37:17] WARNING[2332]: chan_sip.c:4061 retrans_pkt:
Retransmission timeout reached on transmission
56849706-ba96a6d9-817305d0 at 192.168.125.173 for seqno 109 (Critical Request)
-- See >>> >>> 

Firewall?

Doug

-- 
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at:
https://community.asterisk.org/

New to Asterisk? Start here:
      https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

CentOS 7 uses firewalld to control TCP amd UDP access.

The iptables configuration will be overwritten and dynamically changed 
by Firewalld so don't count on the old practice of manipulating iptables 
directly.

I recently moved our Asterisk from an old CentOS to CentOS 7 running 
FreePBX 14.0.1.beta2.

You can add a firewalld service yp /etc/firewalld/services like mine.
[root at firewall0 services]# cat Asterisk.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
   <short>asterisk</short>
   <description>Asterisk PBX</description>
   <port protocol="udp" port="10000-10100"/>
   <port protocol="tcp" port="8003"/>
   <port protocol="udp" port="4569"/>
   <port protocol="tcp" port="8088"/>
   <port protocol="udp" port="5060-5061"/>
</service>

You then permit this service in your interface (zones) as a service
  <service name="Asterisk"/>

I also added a rule to get some logging on the Asterisk ports while 
getting things up and running.
   <rule>
     <service name="Asterisk"/>
     <log level="warning"/>
     <accept/>
   </rule>
   <rule>


I did this all on my exterior firewall which is also a CentOS 7 system.
On the Asterisk server, I do not block anything which is not a best 
practice but the entire internal network is very small and I consider it 
to be secure.

You (and I) should control the interface using Firewalld with the same 
service and zone specifications.





On 30/01/2017 12:13 PM, Motty Cruz wrote:
> I thought it was a firewall issues. I disabled IP Tables & Selinux, but
the
> problem persist! I have not made changes on our firewall since the upgrade!
>
> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com
> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Doug Lytle
> Sent: Monday, January 30, 2017 9:05 AM
> To: Asterisk Users Mailing List - Non-Commercial Discussion
> Subject: Re: [asterisk-users] Asterisk 13.13.1
>
>>>> On Jan 30, 2017, at 11:55 AM, Motty Cruz motty.cruz at
gmail.com wrote:
>>>> Fresh installed CentOS 7.3 and Asterisk 13.13.1. Download
Asterisk from
> here:
>
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-13-current.tar
> .gz
>
>>>> I continue to see errors like this:
>>>> [2017-01-30 08:37:17] WARNING[2332]: chan_sip.c:4061
retrans_pkt:
> Retransmission timeout reached on transmission
> 56849706-ba96a6d9-817305d0 at 192.168.125.173 for seqno 109 (Critical
Request)
> -- See >>> >>>
>
> Firewall?
>
> Doug
>

-- 
Ron Wheeler
President
Artifact Software Inc
email: rwheeler at artifact-software.com
skype: ronaldmwheeler
phone: 866-970-2435, ext 102