michael, this is what I use for centOS 4, but I think its too loose... let me know if you don't know where to put it... daveC
# for asterisk -A RH-Firewall-1-INPUT -p udp -m udp --dport 5060 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 4569 -j ACCEPT <---- IAX -A RH-Firewall-1-INPUT -p udp -m udp --dport 5036 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 5004 -j ACCEPT Michael Munger wrote: > > It did change, which is what caused this problem in the first place, > but all the updates have been applied, propagated, and are > working….well, with the exception of this one. > > Does anyone know what the iptables command would be to forward these > IAX packets to a specific LAN ip? > > Michael Munger > > High Powered Help, Inc > > [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > > 404-438-2128 x 101 > > ------------------------------------------------------------------------ > > *From:* [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] *On Behalf Of *Dave Bour > *Sent:* Thursday, July 26, 2007 12:29 PM > *To:* asterisk-users@lists.digium.com > *Subject:* Re: [asterisk-users] IAX connections broken > > Are sites listed by IP or DN. If IP, dumb question but did it change? > If DN, can you resolve it from the respective boxea? > > Dave Bour > Desktop Solution Center > 905.381.0077 > [EMAIL PROTECTED] > > For those who just want it to work... > Giving you complete IT peace of mind. > > (Sent via Blackberry - hence message may be shorter than my usual > verbose responses) > PIN 4cc364db (as of March 24, 2007) > > ----- Original Message ----- > From: [EMAIL PROTECTED] > <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>; Asterisk > Users Mailing List - Non-Commercial Discussion > <asterisk-users@lists.digium.com> > Sent: Thu Jul 26 10:17:23 2007 > Subject: Re: [asterisk-users] IAX connections broken > > Not likely. > #1, I have a public IP on that firewall. > #2. If I block 4569 at our firewall, then it goes from closed to > stealth. If I forward the port, it goes from stealth to closed. > > The iaxping tool (http://www.bpvn.com/asterisk/iaxping.zip) has no > problems pinging the box from the lan, and our test machine can make an > IAX connection to the box. From outside the network, however, it times > out. > > It has to be a NAT problem, but forwarding doesn't appear to be working. > > Yours, > Michael Munger, dCAP > 404-438-2128 > [EMAIL PROTECTED] > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Baji > Panchumarti > Sent: Thursday, July 26, 2007 10:06 AM > To: Asterisk Users Mailing List - Non-Commercial Discussion > Subject: Re: [asterisk-users] IAX connections broken > > what if your internet provider is blocking inbound 4569 ? > > -- > > On 7/26/07, Michael Munger wrote: > > > Dear All: > > > > I have several boxes that up and running just great, then we changed > > internet equipment due to a lightning strike, now all my inbound IAX > > connections (iax2 show peers) have unknown status. If I log into the > > remote boxes, it says "Request sent." > > > > The authentications haven't changed at all, and all the iax.conf > > settings are correct. It looks like a firewall issue, but we've got > 4569 > > TCP & UDP forwarded to our Asterisk box. When I use Shields up from > > GRC.com to test the port, it is showing up as "closed" rather than > open, > > which normally means the port is open, but the service is not running, > > yet Asterisk is up and running just fine, and my outbound connections > to > > Voicepulse work fine. I see voicepulse, voicepulse sees me. > > > > There is something I am not seeing here. Any thoughts? > > > > -Michael > > > > _______________________________________________ > > _______________________________________________ > --Bandwidth and Colocation Provided by http://www.api-digital.com-- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > > > > _______________________________________________ > --Bandwidth and Colocation Provided by http://www.api-digital.com-- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > > _______________________________________________ > --Bandwidth and Colocation Provided by http://www.api-digital.com-- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > ------------------------------------------------------------------------ > > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.5.476 / Virus Database: 269.10.22/921 - Release Date: 07/26/2007 > 11:16 PM > -- My wife's sister is in California. I should buy her a Videophone2008! Truly, The Next Best Thing to Being There! -- WorldWideVideoPhones.com 856.380.0894 _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users