VOIP behind shorewall firewall not work
667 views
Skip to first unread message
Vinod_Parmar
Sep 15, 2009, 7:14:08 AM9/15/09
to VG...@googlegroups.com
Hi All,
I have linksys pap2t VOIP adaptor which uses SIP protocol In its configuration 5061 and 5062 ports are bind for two voip links.
I have open ports using /etc/shorewall/rules
DNAT net loc:192.168.x.x udp 5061
DNAT net loc:192.168.x.x tcp 5061
DNAT net loc:192.168.x.x tcp 5061
But when I tried to call my voice not reached to other end I am able to hear voice from other end
If I bypass shorewall this VOIP device works perfectly.
Is there any other port or kernel module i need to install?
--
With Regards,
Vinod Parmar
(Mobile : - 9825414974)
bhavin mehta
Sep 15, 2009, 8:06:22 AM9/15/09
to vg...@googlegroups.com
Hi,
check sip port threw below command
cat /etc/services | grep sip
5060 and 5061 is sip protocol port
here is my output
cat /etc/services | grep sip
sip 5060/tcp # Session Initiation Protocol
sip 5060/udp
sip-tls 5061/tcp
sip-tls 5061/udp--
Thanks & regards,
Bhavin Mehta
complitech solution
(www.complitech.net)
check sip port threw below command
cat /etc/services | grep sip
5060 and 5061 is sip protocol port
here is my output
cat /etc/services | grep sip
sip 5060/tcp # Session Initiation Protocol
sip 5060/udp
sip-tls 5061/tcp
sip-tls 5061/udp
Thanks & regards,
Bhavin Mehta
complitech solution
(www.complitech.net)
Vinod_Parmar
Sep 15, 2009, 8:19:22 AM9/15/09
to vg...@googlegroups.com
I have already open all ports .. 5060, 5061, 5062 both tcp and udp
Kaushal Patel
Sep 15, 2009, 10:15:23 AM9/15/09
to vg...@googlegroups.com
Hi,
I have one question regarding your VOIP configuration. Does your clients configure with NAT configuration in VOIP or all traffic goes through the VOIP server only?
It might require SIP plugin for iptables if required.
Regards,
Kaushal Palte
I have one question regarding your VOIP configuration. Does your clients configure with NAT configuration in VOIP or all traffic goes through the VOIP server only?
It might require SIP plugin for iptables if required.
Regards,
Kaushal Palte
Vinod_Parmar
Sep 15, 2009, 11:54:21 PM9/15/09
to vg...@googlegroups.com
Local IP of VOIP adaptor is NAT as I mention before in shorewall rules and it is connect to SIP server.
There is a kernel module ip_conntrac_sip in my shorewall, is I require nf_conntrac_sip kernel module?
There is a kernel module ip_conntrac_sip in my shorewall, is I require nf_conntrac_sip kernel module?
ElectroMech :- Vibrant GNU/Linux User Group
Sep 16, 2009, 12:10:24 AM9/16/09
to VGLUG
Hi,
On Sep 15, 4:14 pm, Vinod_Parmar <vinodpar...@gmail.com> wrote:
> Hi All,
>
> I have linksys pap2t VOIP adaptor which uses SIP protocol In its
> configuration 5061 and 5062 ports are bind for two voip links.
> I have open ports using /etc/shorewall/rules
>
> DNAT net loc:192.168.x.x udp 5061
> DNAT net loc:192.168.x.x tcp 5061
>
Why you required to DNAT it ??
If you want to open it then it should be in allow in INPUT not as
DNAT.
I do not know what is your purpose to do that.
Nilesh J. Vaghela
ElectroMech
On Sep 15, 4:14 pm, Vinod_Parmar <vinodpar...@gmail.com> wrote:
> Hi All,
>
> I have linksys pap2t VOIP adaptor which uses SIP protocol In its
> configuration 5061 and 5062 ports are bind for two voip links.
> I have open ports using /etc/shorewall/rules
>
> DNAT net loc:192.168.x.x udp 5061
> DNAT net loc:192.168.x.x tcp 5061
>
If you want to open it then it should be in allow in INPUT not as
DNAT.
I do not know what is your purpose to do that.
Nilesh J. Vaghela
ElectroMech
Vinod_Parmar
Sep 16, 2009, 12:31:59 AM9/16/09
to vg...@googlegroups.com
I have also tried this rule in shorewall but still I got same problem
ACCEPT net loc:192.168.40.105 udp 5061
ACCEPT net loc:192.168.40.105 tcp 5061
ACCEPT net loc:192.168.40.105 tcp 5060
ACCEPT net loc:192.168.40.105 udp 5060
ACCEPT net loc:192.168.40.105 tcp 5061
ACCEPT net loc:192.168.40.105 tcp 5060
ACCEPT net loc:192.168.40.105 udp 5060
VGLUG Admin
Sep 17, 2009, 7:46:14 AM9/17/09
to VG...@googlegroups.com
I had these problem in my server that was because of port 5061 and 5062 get
blocked . Now it is working ...saas [1]
blocked . Now it is working ...saas [1]
[1] http://www.saaslisting.com
Tajummal Abbass
Oct 9, 2019, 7:45:26 AM10/9/19
to VGLUG
same problem with me user is get registered but not able to receive voice
is there any solution???
riddhesh bhandari
Oct 10, 2019, 6:54:18 AM10/10/19
to vg...@googlegroups.com
Hi,
VoIP has voice travelling through RTP and you need to open RTP port on your firewall. RTP is not listening only 1 port you need to open port range somewhere around 10000-20000.
Checkout below link for your reference
--
Please read http://www.catb.org/~esr/faqs/smart-questions.html before posting.
You received this message because you are subscribed to the "Vibrant GNU/Linux User Group".
To stop receiving emails from this group, mail to VGLUG+un...@googlegroups.com
To post to this group, send email to VG...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/VGLUG
---
You received this message because you are subscribed to the Google Groups "VGLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vglug+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vglug/d8179cc5-676b-47c4-9598-b6d86fc33e0d%40googlegroups.com.
Tajummal Abbass
Oct 14, 2019, 2:19:20 AM10/14/19
to vg...@googlegroups.com
all the RTP ports are open but not able to receive voice and you please share your configuration files
my all files are attached below
Regards:Tajummal Hussain
To view this discussion on the web visit https://groups.google.com/d/msgid/vglug/CAELRBXh7mPLj69%2B44OR0TFZ5FR%2BtMsWGGBUi8TLAOjt7QmNceg%40mail.gmail.com.
Tajummal Abbass
Oct 15, 2019, 7:40:31 AM10/15/19
to vg...@googlegroups.com
i want to compile shorewall from its source code do you have any knowledge to compile shorewall from its master source code
regards: Tajummal
Reply all
Reply to author
Forward
0 new messages