Hello, Thank you for your reply
1) Regarding the network tooplogy It is two networks structure, local lan interface is connected to a switch, where the rest of servers are there 2) for Asterisk , we have TrixBox 3) the strange think that I need feed back on is that i) we used to run rc.firewall and Asterisk used to work ii) now with ShoreWall Asterisk does not work iii) all what I have done is to stop rc.firewall (rc.firewall stop) iiii) I did alter rc.firewall or any other files v) I installed/Configured Shorewall Is that enough or I should something more 4) the strange thing when I nmap the server, I find closed ports although that I opened them through shorewall but nmap reports them closed 5) NMAP able to scan the server and report open ports , as well as closed/filtered (so the ISP i snot block NMAP Please note that I scan from another network (completely ISP) Your replies are highly appreciated Kind Regards Samer ----- Original Message ----- From: "Simon Hobson" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Sunday, November 12, 2006 11:07 AM Subject: Re: [Shorewall-users] ShoreWall and Asterisk > Samer Y. Azmy wrote: > >>I'm trying to configure Asterisk box beyond Shorewall >> >>I have done Static NAT from the External Address to the Address of >>the Asterisk Box >> >>I added some rules like >>ACCEPT net loc:192.168.1.250 tcp 5060 5060 >>ACCEPT net loc:192.168.1.250 udp 5060 5060 > > OK, what is your network topology ? Where did you do the static nat ? > Have you tried just turning off the Shorewall until you get the > network right ? > > >>but it never works, and when I try to nmap the External Address, I >>find that the port 5060 is closed > > Where are you doing your scan from ? Don't forget that you can't do > that from the inside of the network (very few gateways support > hairpinning). > >>P.S. I'm using Centos 4.4 , and Shorewall 3.2.5, > > Are you running [EMAIL PROTECTED]/Trixbox or a manual install of Asterisk ? > > For AAH or Trixbox, you will need to populate sip_nat.conf so that > Asterisk can put the right address/port in it's outbound SIP > messages. Not sure which file it belongs in for a manual Asterisk > install. > > > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job > easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
