Hi All: Has anybody been able to get Asterisk work behind a openBSD firewall/NAT? If you have then would it be possible to share your pf.config file?
I am trying to get Asterisk which is behind an openBSD firewall/NAT to register with FWD but can't get it to talk. I have captured IP traffic on udp port 5060 using tcpdump on both internal and external interfaces of my openBSD gateway (the logs are at the end of this e-mail). From the tcpdump logs I can see that a message is sent to FWD out from the external interface and response is received from FWD on udp port 5060 but the response is not forwarded to Asterisk. Here are my NAT and FILTER rules: (tl0 is the external interface, xl0 is the internal interface) nat on tl0 inet from 192.168.0.0/24 to any -> (tl0) round-robin rdr on xl0 inet proto tcp from any to any port = ftp -> 127.0.0.1 port 8021 rdr pass on tl0 inet proto tcp from any to (tl0) port = sip -> 192.168.0.3 rdr pass on tl0 inet proto udp from any to 209.89.66.243 port = sip -> 192.168.0.3 port 5060 Tcpdump output on the external interface of gateway (filtered for udp port 5060): tcpdump: listening on tl0 05:51:58.622714 243.209-89-66-0.interbaun.com.57199 > 192.246.69.223.sip: udp 376 (DF) (ttl 63, id 23576) 05:51:58.716031 192.246.69.223.sip > 243.209-89-66-0.interbaun.com.sip: udp 462 (DF) (ttl 47, id 0) 05:51:59.622771 243.209-89-66-0.interbaun.com.57199 > 192.246.69.223.sip: udp 376 (DF) (ttl 63, id 23577) 05:51:59.716004 192.246.69.223.sip > 243.209-89-66-0.interbaun.com.sip: udp 462 (DF) (ttl 47, id 0) 05:52:00.623539 243.209-89-66-0.interbaun.com.57199 > 192.246.69.223.sip: udp 376 (DF) (ttl 63, id 23578) 05:52:00.719989 192.246.69.223.sip > 243.209-89-66-0.interbaun.com.sip: udp 462 (DF) (ttl 47, id 0) 05:52:01.624328 243.209-89-66-0.interbaun.com.57199 > 192.246.69.223.sip: udp 376 (DF) (ttl 63, id 23579) 05:52:01.716980 192.246.69.223.sip > 243.209-89-66-0.interbaun.com.sip: udp 462 (DF) (ttl 47, id 0) 05:52:02.624107 243.209-89-66-0.interbaun.com.57199 > 192.246.69.223.sip: udp 376 (DF) (ttl 63, id 23580) 05:52:02.715968 192.246.69.223.sip > 243.209-89-66-0.interbaun.com.sip: udp 462 (DF) (ttl 47, id 0) 05:52:03.623884 243.209-89-66-0.interbaun.com.57199 > 192.246.69.223.sip: udp 376 (DF) (ttl 63, id 23581) 05:52:03.715954 192.246.69.223.sip > 243.209-89-66-0.interbaun.com.sip: udp 462 (DF) (ttl 47, id 0) 05:52:18.645348 243.209-89-66-0.interbaun.com.57199 > 192.246.69.223.sip: udp 376 (DF) (ttl 63, id 23582) 05:52:18.737143 192.246.69.223.sip > 243.209-89-66-0.interbaun.com.sip: udp 462 (DF) (ttl 47, id 0) Tcpdump output at the internal interface tcpdump: listening on xl0 06:05:00.451172 192.168.0.3.sip > fwd.pulver.com.sip: udp 376 (DF) (ttl 64, id 23811) 06:05:01.450934 192.168.0.3.sip > fwd.pulver.com.sip: udp 376 (DF) (ttl 64, id 23812) 06:05:02.450711 192.168.0.3.sip > fwd.pulver.com.sip: udp 376 (DF) (ttl 64, id 23813) 06:05:03.451502 192.168.0.3.sip > fwd.pulver.com.sip: udp 376 (DF) (ttl 64, id 23814) 06:05:04.451286 192.168.0.3.sip > fwd.pulver.com.sip: udp 376 (DF) (ttl 64, id 23815) Regards, Karim Mardhani ZeeCore Consulting _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
