I'm by no means an iptables guru...

Not sure if it's necessary to enable forwarding via:
    echo "1" > /proc/sys/net/ipv4/ip_forward

Also have you tried without the "POSTROUTING" rule?

I seem to recall that "iptables" is smart enough to correctly route packets back out without that rule.

On Sat, 15 Oct 2016, Jerry Geis wrote:

I have a host that wants to run SIP on 5068 (long story).My host is
My host needs to stay on 5060 because of all the other devices I have connected.

I tried putting port=5068 in my SIP extension definition but that did not work.

So I thought about using iptables to accomplish this:

iptables -t nat -A PREROUTING  -p tcp --dport 5068                -j REDIRECT 
--to-port 5060
iptables -t nat -A POSTROUTING -p tcp --dport 5060 -d -j REDIRECT 
--to-port 5068

Do I not have the right format of the command?
Anything incoming destined for 5068 redirect to 5060...
Anything going out to and port 5060 redirect to 5068.

Seems like that should have worked?

Thoughts?  sip show peers still says unreachable.



-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Join the Asterisk Community at the 13th AstriCon, September 27-29, 2016

New to Asterisk? Start here:

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:

Reply via email to