Hi. Im trying to connect 2 asterisk servers between linux firewalls (iptables).
Im using exactly the same iptables script in both firewall servers, but i dont obtain the same answer in both. this is the scenarie. [ASTERISK-NetA]-----[FIREWALL-NetA]-----INTERNET---[FIREWALL-NetB]----[ASTERISK-NetB] Now i do a test on NetA <Test on net A> root@FIREWAL-NetA# nmap -sU -sV -p4569 public.ip.net.B Starting Nmap 5.00 ( http://nmap.org ) at 2012-01-03 12:17 GMT Interesting ports on public.ip.net.B (5.6.7.8): PORT STATE SERVICE VERSION 4569/udp open iax2 </Test on net A> All fine. Now i test the NetB <Test in net B> root@FIREWAL-NetB# nmap -sU -sV -p4569 public.ip.net.A Starting Nmap 5.00 ( http://nmap.org ) at 2012-01-03 12:24 GMT Interesting ports on public.ip.net.A (1.2.3.4): PORT STATE SERVICE VERSION 4569/udp open iax2 </Test in net B> Fine too. But when i do a ping test to the udp port, the answer is not the same: <Ping From A> root@FIREWAL-NetA# hping3 public.ip.net.B --udp -V -p 4569 using eth0, addr: 1.2.3.4, MTU: 1500 HPING public.ip.net.B (eth0 1.2.3.4): udp mode set, 28 headers + 0 data bytes len=46 ip=5.6.7.8 ttl=57 id=60657 tos=18 iplen=40 seq=0 rtt=0.0 ms len=46 ip=5.6.7.8 ttl=57 id=60658 tos=18 iplen=40 seq=0 rtt=0.0 ms len=46 ip=5.6.7.8 ttl=57 id=60659 tos=18 iplen=40 seq=0 rtt=0.0 ms ^C --- public.ip.net.B hping statistic --- 19 packets transmitted, 3 packets received, 85% packet loss round-trip min/avg/max = 0.0/0.0/0.0 ms </Ping From A> Ping From A work Fine; but Ping from B obtain a "Port Unreachable" <Ping From B> root@FIREWAL-NetB# hping3 public.ip.net.A --udp -V -p 4569 using eth0, addr: 5.6.7.8, MTU: 1500 ICMP Port Unreachable from ip=1.2.3.4 name=UNKNOWN ICMP Port Unreachable from ip=1.2.3.4 name=UNKNOWN ICMP Port Unreachable from ip=1.2.3.4 name=UNKNOWN ICMP Port Unreachable from ip=1.2.3.4 name=UNKNOWN ^C --- 1.2.3.4 hping statistic --- 31 packets transmitted, 4 packets received, 88% packet loss round-trip min/avg/max = 0.0/0.0/0.0 ms </Ping From B> So both Asterisk servers cant be connected. What can i check? i dont understand why if use the same rules, the answer is different. Thanks in advance for your help. -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
