Well there it goes my IP. lol that was stupid.
On Tue, Sep 20, 2011 at 1:29 PM, Fernando Fuentes
<digitaldis...@gmail.com>wrote:
> Lonnie,
>
> Due to a more complex WAN I have to keep a firewall in front. I am running
> AstLinux in an Alix box and the alix box wont be able to handle the WAN pipe
> of 100/50
>
> Sorry about the "/" that was a tipo.
>
> ok so I fixed some of the rules and here is what it looks like now:
>
> Pass EXT->Local TCP 10.30.2.0/24 22
> Comment: Allow ssh from external
> + Pass EXT->Local TCP 10.30.2.0/24 443
> Comment: Allow https from Ext
> + Pass EXT->Local UDP 209.62.1.2 10000-10100
> Comment: houston.voip.ms RST
> + Pass EXT->Local UDP 209.62.1.2 4569
> Comment: houston.voip.ms IAX2
> + Pass EXT->Local UDP 209.62.1.2 5060
> Comment: houston.voip.ms SIP
> + Pass EXT->Local UDP 76.31.169.54 10000-10100
> Comment: Allow all RST
> + Pass EXT->Local UDP 76.31.169.54 4569
> Comment: Allow IAX2
> + Pass EXT->Local UDP 76.31.169.54 5060
> Comment: Allow all SIP
>
> My firewall "pfsense" has all of the port forward it as well.
>
> I am using IAX2 to try and circumvent the nat issues I have faced. I have
> been successful at getting the trunk online and register as well as to make
> outbound calls but the issue I have been facing for some time now is that
> the end user can hear me but I can not hear them. This should be simple
> using IAX2 since it uses 1 port only... But it has not been the case for me.
>
> Any ideas that can shed me some light?
>
> TIA!
>
> On Tue, Sep 20, 2011 at 12:59 PM, Lonnie Abelbeck <
> li...@lonnie.abelbeck.com> wrote:
>
>> Hi Fernando,
>>
>> Currently AstLinux does not support "nagios", though "zabbix" is similar
>> and is included by default in AstLinux.
>>
>> For your Firewall settings, I see some possible issues.
>> 1) what is the backslash doing in the ports?, ie 22\22, why not just 22
>> and 10000-101000
>>
>> 2) If AstLinux is behind NAT via another router, all the ports you are
>> allowing in AstLinux must also be NAT-Forwarded on your external firewall to
>> the internal IP of your AstLinux box.
>>
>> 2b) In addition, the source address range (10.30.2.0/24) is probably not
>> correct, if NAT-Forwarded via your external firewall the source address will
>> be the original public address for the remote client.
>>
>> 2c) Placing asterisk behind NAT can work, though tricky. I personally
>> have AstLinux as my edge router so no NAT is involved.
>>
>> Lonnie
>>
>>
>>
>> On Sep 20, 2011, at 12:24 PM, Fernando Fuentes wrote:
>>
>> > Hello all.
>> >
>> > Just wanted to see if is possible to load nrpev2 in astlinux? I am
>> trying to monitor space, process, users, uptime with nagios.
>> >
>> > Second question is that I have my sip peers been monitor and they show
>> off line. Though I can make calls just fine asterisk think they are off
>> line.
>> >
>> > Here are my firewall rules just in case:
>> >
>> > Note: the Ext port is behind a nated firewall.
>> >
>> > + Pass EXT->Local TCP 10.30.2.0/24 22\22
>> > Comment: Allow ssh from external
>> > + Pass EXT->Local TCP 10.30.2.0/24 443\443
>> > Comment: Allow https from Ext
>> > + Pass EXT->Local UDP 10.30.2.0/24 10000\10100
>> > Comment: Allow all internal RST
>> > + Pass EXT->Local UDP 10.30.2.0/24 4569
>> > Comment: Internal IAX2
>> > + Pass EXT->Local UDP 10.30.2.0/24 5060\5060
>> > Comment: Allow all internal SIP
>> > + Pass EXT->Local UDP voipservice 10000\10100
>> > Comment: houston.voip.ms RST
>> > + Pass EXT->Local UDP voipservice 4569
>> > Comment: houston.voip.ms IAX2
>> > + Pass EXT->Local UDP voipservice 5060\5060
>> > Comment: houston.voip.ms SIP
>> >
>> ------------------------------------------------------------------------------
>>
>>
>>
>> ------------------------------------------------------------------------------
>> All the data continuously generated in your IT infrastructure contains a
>> definitive record of customers, application performance, security
>> threats, fraudulent activity and more. Splunk takes this data and makes
>> sense of it. Business sense. IT sense. Common sense.
>> http://p.sf.net/sfu/splunk-d2dcopy1
>> _______________________________________________
>> Astlinux-users mailing list
>> Astlinux-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>
>> Donations to support AstLinux are graciously accepted via PayPal to
>> pay...@krisk.org.
>>
>
>
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
