That looks better, so you are good? Lonnie
On Sep 20, 2011, at 1:29 PM, Fernando Fuentes wrote: > Well there it goes my IP. lol that was stupid. > > On Tue, Sep 20, 2011 at 1:29 PM, Fernando Fuentes <digitaldis...@gmail.com> > wrote: > Lonnie, > > Due to a more complex WAN I have to keep a firewall in front. I am running > AstLinux in an Alix box and the alix box wont be able to handle the WAN pipe > of 100/50 > > Sorry about the "/" that was a tipo. > > ok so I fixed some of the rules and here is what it looks like now: > > Pass EXT->Local TCP 10.30.2.0/24 22 > Comment: Allow ssh from external > + Pass EXT->Local TCP 10.30.2.0/24 443 > Comment: Allow https from Ext > + Pass EXT->Local UDP 209.62.1.2 10000-10100 > Comment: houston.voip.ms RST > + Pass EXT->Local UDP 209.62.1.2 4569 > Comment: houston.voip.ms IAX2 > + Pass EXT->Local UDP 209.62.1.2 5060 > Comment: houston.voip.ms SIP > + Pass EXT->Local UDP 76.31.169.54 10000-10100 > Comment: Allow all RST > + Pass EXT->Local UDP 76.31.169.54 4569 > Comment: Allow IAX2 > + Pass EXT->Local UDP 76.31.169.54 5060 > Comment: Allow all SIP > > My firewall "pfsense" has all of the port forward it as well. > > I am using IAX2 to try and circumvent the nat issues I have faced. I have > been successful at getting the trunk online and register as well as to make > outbound calls but the issue I have been facing for some time now is that the > end user can hear me but I can not hear them. This should be simple using > IAX2 since it uses 1 port only... But it has not been the case for me. > > Any ideas that can shed me some light? > > TIA! > > On Tue, Sep 20, 2011 at 12:59 PM, Lonnie Abelbeck <li...@lonnie.abelbeck.com> > wrote: > Hi Fernando, > > Currently AstLinux does not support "nagios", though "zabbix" is similar and > is included by default in AstLinux. > > For your Firewall settings, I see some possible issues. > 1) what is the backslash doing in the ports?, ie 22\22, why not just 22 and > 10000-101000 > > 2) If AstLinux is behind NAT via another router, all the ports you are > allowing in AstLinux must also be NAT-Forwarded on your external firewall to > the internal IP of your AstLinux box. > > 2b) In addition, the source address range (10.30.2.0/24) is probably not > correct, if NAT-Forwarded via your external firewall the source address will > be the original public address for the remote client. > > 2c) Placing asterisk behind NAT can work, though tricky. I personally have > AstLinux as my edge router so no NAT is involved. > > Lonnie > > > > On Sep 20, 2011, at 12:24 PM, Fernando Fuentes wrote: > > > Hello all. > > > > Just wanted to see if is possible to load nrpev2 in astlinux? I am trying > > to monitor space, process, users, uptime with nagios. > > > > Second question is that I have my sip peers been monitor and they show off > > line. Though I can make calls just fine asterisk think they are off line. > > > > Here are my firewall rules just in case: > > > > Note: the Ext port is behind a nated firewall. > > > > + Pass EXT->Local TCP 10.30.2.0/24 22\22 > > Comment: Allow ssh from external > > + Pass EXT->Local TCP 10.30.2.0/24 443\443 > > Comment: Allow https from Ext > > + Pass EXT->Local UDP 10.30.2.0/24 10000\10100 > > Comment: Allow all internal RST > > + Pass EXT->Local UDP 10.30.2.0/24 4569 > > Comment: Internal IAX2 > > + Pass EXT->Local UDP 10.30.2.0/24 5060\5060 > > Comment: Allow all internal SIP > > + Pass EXT->Local UDP voipservice 10000\10100 > > Comment: houston.voip.ms RST > > + Pass EXT->Local UDP voipservice 4569 > > Comment: houston.voip.ms IAX2 > > + Pass EXT->Local UDP voipservice 5060\5060 > > Comment: houston.voip.ms SIP > > ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
