thanks for the great reply ! See below for my comments:
Stewart Nelson wrote:
However, even though I've added the 192.168.6.10 as the gw for the 192.168.6.xx network, the phones cannot access the 192.168.5.xx network (or the internet).
Well, if you can open a TCP connection from 192.168.5.xx to 192.168.6.xx, then routing in the reverse direction must be working. If you can't connect from 192.168.6.xx back to 192.168.5.xx, two things come to mind:
Your * box might be acting as a NAT (aka IP masquerading) router, rather than a normal router. When you connect from a host on 192.168.5.xx to a phone, verify that the source IP seen by the phone is 192.168.5.xx . You can do this with debug features in the phone, by running Ethereal on * on the 192.168.6.10 interface, or with an external monitor. If you see 192.168.6.10 as the source address, then you are running NAT and need to disable it.
I will look into this. Is NAT enabled by default on Fedora core 1 (latest patches) ?
The connection might be blocked by a software firewall on the destination host, e.g. Windows Firewall, on by default in XP SP2. Note that a service enabled with Local Subnet scope won't be accessible from the phones.
The target machines can be pinged from the * box, but not the phones.
If it's neither of the above, you'll just have to debug it. Run Ethereal on the 192.168.5.10 interface, and check for SYN packets going out and responses coming in.
Will do.
Accessing the Internet from the phones is another story. First, do you need it? If you are coming into * in SIP
I was trying to be simplistic - we do have other machines / switches on that network that would benefit from being able to download firmware upgrades etc.
and going out to a provider or another * in IAX, * will have to proxy the call anyhow, so Internet access is not required. If both sides are SIP, and you want to get the performance benefits of reinvite, then you can try to get it working. Your firewall needs to have a static route for 192.168.6.0/24 with gw 192.168.5.10 , and it also must know to perform NAT on packets coming in from 192.168.6.xx . Some routers will do this automatically, some need a configuration setting, and with others you're out of luck. In the latter case, you could tell the router that the LAN subnet is 192.168.4.0/22, and set up * to do proxy ARP. Once you have NAT and the static route configured, you should be able to plug a PC into the 192.168.6.xx net and browse the Web. But whether you can make phone calls through this system is a complex issue. NAT traversal for SIP is often problematic, and many on this list have had to set canreinvite=no.
Regards,
Stewart
Many thanks for the help.
_______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
_______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
