lpa du morvan wrote: >I have a PC with asterisk on my lan, the registration to my sip provider is >good throught shorewall but i have not audio when I call a external sip >account. > >I will not make that on shorewall (very not secure but functionnal !): > >Forward UDP Port 5060-5082 to local_ip_asterisk >Forward UDP Port 10000 to 20000 to local_ip_asterisk > >I will use ip_conntrack_sip and ip_nat_sip, they are activated in >/usr/share/horewall/modules and good loaded, and the sip netfilter is >functionnal between 2 zones on shorewall. > >On shorewall the rule initiating for sip netfilter : lan ----> wan udp 5060 >is present > >tail -f /var/log/messages is quiet on shorewall for this problem !
First thought - do you use NAT ? Have your properly configured Asterisk for this (/etc/asterisk/sip_nat.conf IIRC) ? Also, you can open less ports for RTP by editing rtp.conf. And I think you only need port 5060, not ports 5060 to 5082. Finally, if you correctly configure Asterisk for the NAT then do NOT load ip_nat_sip which (I think) will mangle your SIP packets for you. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
