It's been a long day and I'm at my wits end with Shoreline and Trixbox. I'm
hoping someone here can help me whip up a config that will actually work.
I have my Trixbox on the internet and am trying to secure it now. I have a SIP
trunk provider. Here's my config.
Cable modem with multiple IPs. One goes to the ASA, one to the Trixbox. The
ASA connects to a switch and handles the entire network, PCs and phones.
Private lan (phones, servers, pcs, tribox) is 10.1.0.0/255.255.255.0
Trixbox interface eth1 - public interface with ip 208.xxx.xxx.163, gateway
208.xxx.xxx.161
Trixbox interface eth0 - private interface IP of 10.1.0.15, no gateway assigned
At this point I've tried every configuration I can think of with no real
success. It always end up so that inside callers can hear the outside caller,
but outside can't hear inside.
Since it's a SIP trunk, I tried setting it up to allow all packets to and from
the two sip trunk IPs. No luck.
I tried allowing UDP 5060 and UDP 10000-20000 inbound. Allowed all access from
LOC -> FW, LOC -> NET, FW -> NET, FW -> LOC. Same one way audio results.
No matter what configuration I chose, once I enable the firewall, some of the
phones drop their registration to Trixbox, but SIP/RTP still goes through (I
can dial in/out).
All I know is that when the firewall is off, everything works fine.
Can someone people help me keep my head sane...it's only Monday.
Thanks.
Max
------------------------------------------------------------------------------
Come build with us! The BlackBerry® Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9-12, 2009. Register now!
http://p.sf.net/sfu/devconf
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
