| View previous topic :: View next topic |
| Author |
Message |
cliconnect at cliconne...
Guest
|
 Posted: Mon Aug 25, 2008 1:04 pm Post subject: [Freeswitch-users] No sound |
 |
|
Hello,
I've created a doublenat profile and the users are normally registered.
When I try to cal PSTN the phone answer but the parts cannot hear each
other. The firewall is disabled.
Any clues ?
Please check below
thanks
Duan
freeswitch@maui> 2008-08-25 10:23:26 [NOTICE] switch_channel.c:534
switch_channel_set_name() New Channel sofia/doublenat/1000@voipclic.com:5090
[b67119fe-c344-4a4f-9496-d9e1f31174bf]
2008-08-25 10:23:26 [INFO] mod_dialplan_xml.c:222 dialplan_hunt() Processing
Cliconnect->011555133349905@default
2008-08-25 10:23:26 [NOTICE] switch_channel.c:534 switch_channel_set_name()
New Channel sofia/external/011555133349905
[9c023b8a-204a-4128-b3f3-76788f9246bf]
2008-08-25 10:23:28 [NOTICE] switch_channel.c:1406
switch_channel_perform_mark_pre_answered() Ring-Ready
sofia/external/011555133349905!
2008-08-25 10:23:28 [NOTICE] sofia_glue.c:2010 sofia_glue_tech_media()
Pre-Answer sofia/external/011555133349905!
2008-08-25 10:23:28 [INFO] mod_sofia.c:1072 sofia_receive_message() Asked to
send early media by sofia/doublenat/1000@voipclic.com:5090
2008-08-25 10:23:28 [INFO] mod_sofia.c:1113 sofia_receive_message() Ring
SDP:
v=0
o=FreeSWITCH 1219656570 1219656571 IN IP4 24.67.78.200
s=FreeSWITCH
c=IN IP4 24.67.78.200
t=0 0
a=sendrecv
m=audio 28438 RTP/AVP 0 101 13
a=rtpmap:0 G711U/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=rtpmap:13 CN/8000
a=ptime:20
2008-08-25 10:23:28 [NOTICE] switch_channel.c:1406
switch_channel_perform_mark_pre_answered() Ring-Ready
sofia/doublenat/1000@voipclic.com:5090!
2008-08-25 10:23:28 [NOTICE] mod_sofia.c:1116 sofia_receive_message()
Pre-Answer sofia/doublenat/1000@voipclic.com:5090!
2008-08-25 10:23:37 [NOTICE] sofia.c:2439 sofia_handle_sip_i_state() Channel
[sofia/external/011555133349905] has been answered
2008-08-25 10:23:37 [NOTICE] sofia.c:2443 sofia_handle_sip_i_state() Channel
[sofia/doublenat/1000@voipclic.com:5090] has been answered
<profile name="doublenat">
<gateways>
<X-PRE-PROCESS cmd="include" data="doublenat/*.xml"/>
</gateways>
<settings>
<param name="debug" value="0"/>
<param name="sip-trace" value="no"/>
<param name="rfc2833-pt" value="101"/>
<param name="sip-port" value="5090"/>
<param name="dialplan" value="XML"/>
<param name="context" value="default"/>
<param name="dtmf-duration" value="100"/>
<param name="codec-prefs" value="$${outbound_codec_prefs}"/>
<param name="use-rtp-timer" value="true"/>
<param name="hold-music" value="$${hold_music}"/>
<param name="rtp-timer-name" value="soft"/>
<param name="manage-presence" value="false"/>
<param name="aggressive-nat-detection" value="true"/>
<param name="apply-nat-acl" value="rfc1918"/>
<param name="inbound-codec-negotiation" value="generous"/>
<param name="nonce-ttl" value="60"/>
<param name="auth-calls" value="false"/>
<param name="rtp-timeout-sec" value="1800"/>
<param name="rtp-ip" value="$${local_ip_v4}"/>
<param name="sip-ip" value="$${local_ip_v4}"/>
<param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
<param name="ext-sip-ip" value="$${external_sip_ip}"/>
<param name="force-register-domain" value="$${domain}"/>
<param name="rtp-timeout-sec" value="300"/>
<param name="rtp-hold-timeout-sec" value="1800"/>
</settings>
</profile>
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
| Back to top |
|
 |
brian at freeswitch.org
Guest
|
| Posted: Mon Aug 25, 2008 1:06 pm Post subject: [Freeswitch-users] No sound |
|
|
Did you also setup port forwarding or add the FreeSWITCH ip to the DMZ?
/b
On Aug 25, 2008, at 12:39 PM, Cliconnect wrote:
| Quote: |
Hello,
I've created a doublenat profile and the users are normally
registered.
When I try to cal PSTN the phone answer but the parts cannot hear
each
other. The firewall is disabled.
Any clues ?
Please check below
thanks
Duan
|
Brian West
sip:brian@freeswitch.org
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
| Back to top |
|
|
cliconnect at cliconne...
Guest
|
|
| Back to top |
|
|
cliconnect at cliconne...
Guest
|
|
| Back to top |
|
|
brian at freeswitch.org
Guest
|
| Posted: Mon Aug 25, 2008 2:13 pm Post subject: [Freeswitch-users] No sound |
|
|
If auth-calls=true its secure.
/b
On Aug 25, 2008, at 2:09 PM, Cliconnect wrote:
| Quote: | I set the FS IP addr box to DMZ and it is now working. Is this not and
insecure installation ? How to secure it ? Any alternatives?
Thanks
Duan
|
Brian West
sip:brian@freeswitch.org
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
| Back to top |
|
|
cliconnect at cliconne...
Guest
|
|
| Back to top |
|
|
brian at freeswitch.org
Guest
|
| Posted: Mon Aug 25, 2008 2:29 pm Post subject: [Freeswitch-users] No sound |
|
|
Your security policy isn't something we can comment on. You need to
have a firewall to block everything you don't want the world to
access. Just like with anything else.
/b
On Aug 25, 2008, at 2:24 PM, Cliconnect wrote:
| Quote: |
I am wondering if I am not exposing the full box to the internet .
Duan
|
Brian West
sip:brian@freeswitch.org
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
| Back to top |
|
|
cliconnect at cliconne...
Guest
|
|
| Back to top |
|
|
cliconnect at cliconne...
Guest
|
|
| Back to top |
|
|
brian at freeswitch.org
Guest
|
| Posted: Mon Aug 25, 2008 2:56 pm Post subject: [Freeswitch-users] No sound |
|
|
Just opening them isn't all you have to do.. you need to make sure they are pointed at the FS box behind the nat... Or better... toss NAT in the trash where it belongs. Move FS to a public IP 
/b
On Aug 25, 2008, at 2:48 PM, Cliconnect wrote:
| Quote: | Agree.
But I have iptables set with the ports as described in the wiki
http://wiki.freeswitch.org/wiki/Getting_Started_Guide and it doesn't work.
If I set DMZ to open it works, so I am wondering if there are any other
ports that I have to open in the firewall.
Duan.
|
Brian West
[url=sip:brian@freeswitch.org]sip:brian@freeswitch.org[/url] |
|
| Back to top |
|
|
undrhil at hotmail.com
Guest
|
| Posted: Mon Aug 25, 2008 3:19 pm Post subject: [Freeswitch-users] No sound |
|
|
Sitting a machine on a public IP is just asking for trouble since there are people out there who look for boxes which they can try to hack into. Securing the box just makes them want to try harder. Also, not everyone has a static public IP which they can use in this way.
From: freeswitch-users-bounces@lists.freeswitch.org [mailto:freeswitch-users-bounces@lists.freeswitch.org] On Behalf Of Brian West
Sent: Monday, August 25, 2008 2:53 PM
To: freeswitch-users@lists.freeswitch.org
Subject: Re: [Freeswitch-users] No sound
Just opening them isn't all you have to do.. you need to make sure they are pointed at the FS box behind the nat... Or better... toss NAT in the trash where it belongs. Move FS to a public IP
/b
On Aug 25, 2008, at 2:48 PM, Cliconnect wrote:
Agree.
But I have iptables set with the ports as described in the wiki
http://wiki.freeswitch.org/wiki/Getting_Started_Guide and it doesn't work.
If I set DMZ to open it works, so I am wondering if there are any other
ports that I have to open in the firewall.
Duan.
Brian West
[url=sip:brian@freeswitch.org]sip:brian@freeswitch.org[/url] |
|
| Back to top |
|
|
cliconnect at cliconne...
Guest
|
| Posted: Mon Aug 25, 2008 3:23 pm Post subject: [Freeswitch-users] No sound |
|
|
| Quote: | | Quote: | Move FS to a public IP
|
|
I believe you are talking about IPV6. Where can I find information about how to do that? Do I have to talk to my internet provider ? Or can I do it myself ?
Duan
| Quote: |
-----Original Message-----
From: freeswitch-users-bounces@lists.freeswitch.org [mailto:freeswitch-users-bounces@lists.freeswitch.org] On Behalf Of Brian West
Sent: Monday, August 25, 2008 12:53 PM
To: freeswitch-users@lists.freeswitch.org
Subject: Re: [Freeswitch-users] No sound
Just opening them isn't all you have to do.. you need to make sure they are pointed at the FS box behind the nat... Or better... toss NAT in the trash where it belongs. Move FS to a public IP
/b
On Aug 25, 2008, at 2:48 PM, Cliconnect wrote:
| Quote: | Agree.
But I have iptables set with the ports as described in the wiki
http://wiki.freeswitch.org/wiki/Getting_Started_Guide and it doesn't work.
If I set DMZ to open it works, so I am wondering if there are any other
ports that I have to open in the firewall.
Duan.
|
Brian West
[url=sip:brian@freeswitch.org]sip:brian@freeswitch.org[/url]
|
|
|
| Back to top |
|
|
brian at freeswitch.org
Guest
|
| Posted: Mon Aug 25, 2008 3:30 pm Post subject: [Freeswitch-users] No sound |
|
|
You can secure a box on a public IP very easily. The reason nat is hell is SIP. His scenario would be simpler without NAT involved.
I have personally been pushing ipv6 which if you have that setup internal-ipv6 profile comes up and just works along side the ipv4 profile.
The bottom line is if you want a secure machine.. unplug it.. pack it up into a box and put it in the closet.
/b
On Aug 25, 2008, at 3:16 PM, Ken Livingston wrote:
| Quote: | Sitting a machine on a public IP is just asking for trouble since there are people out there who look for boxes which they can try to hack into. Securing the box just makes them want to try harder. Also, not everyone has a static public IP which they can use in this way.
|
Brian West
[url=sip:brian@freeswitch.org]sip:brian@freeswitch.org[/url] |
|
| Back to top |
|
|
brian at freeswitch.org
Guest
|
| Posted: Mon Aug 25, 2008 3:33 pm Post subject: [Freeswitch-users] No sound |
|
|
Dream on getting ipv6 from your provider. The best you can do right now is get a tunnel and set it up. Which is what I do.
On Aug 25, 2008, at 3:22 PM, Cliconnect wrote:
| Quote: | >>Move FS to a public IP
I believe you are talking about IPV6. Where can I find information about how to do that? Do I have to talk to my internet provider ? Or can I do it myself ?
Duan
|
Brian West
[url=sip:brian@freeswitch.org]sip:brian@freeswitch.org[/url] |
|
| Back to top |
|
|
cliconnect at cliconne...
Guest
|
| Posted: Mon Aug 25, 2008 5:31 pm Post subject: [Freeswitch-users] No sound |
|
|
All right,
forwarding the UDP range 16384-32768 and openning these ports on IPTables did the trick. It is now working.
Does anybody know how can I narrow this range ? Or to discover exactly what ports I have to open ?
I'd like to keep open only the necessary ports.
thanks
Duan
| Quote: |
-----Original Message-----
From: freeswitch-users-bounces@lists.freeswitch.org [mailto:freeswitch-users-bounces@lists.freeswitch.org] On Behalf Of Brian West
Sent: Monday, August 25, 2008 1:32 PM
To: freeswitch-users@lists.freeswitch.org
Subject: Re: [Freeswitch-users] No sound
Dream on getting ipv6 from your provider. The best you can do right now is get a tunnel and set it up. Which is what I do.
On Aug 25, 2008, at 3:22 PM, Cliconnect wrote:
| Quote: | >>Move FS to a public IP
I believe you are talking about IPV6. Where can I find information about how to do that? Do I have to talk to my internet provider ? Or can I do it myself ?
Duan
|
Brian West
[url=sip:brian@freeswitch.org]sip:brian@freeswitch.org[/url]
|
|
|
| Back to top |
|
|
|
Search
