Michael: Thanks for the suggestion on DHCP. Sure enough, that worked! I found I needed to leave the cable off for a a minute or two. When I did a really quick power cycle it did not work. But when I turned the cable modem off, waited a minute, turned it on, then turned on my Astlinux box, it was able to obtain an address. So, that issue has now been resolved.
I think you are correct on the firewall config. I think that all I need to open to the outside are 5060-5064 or there abouts. These are the "trigger" ports the SIP provider tickles to establish the connection. After that, the two machines negotiate for the high ports used to carry audio. So my concern about having to manually declare each of 2000 or more ports is probably worrying about nothing. On the version issue. I am using the latest and greatest 0.4.2. I have noted that there are a few advertised features that either do not work or require a lot of messing with to get to work. As a really "green newbie" to Aslinux, do you think I would be better off reverting to the version 0.3.x distribution? I did try this over the weekend, but strangly enough when I ran "astup" it seems to have updated my system to version 0.4.0. And most of the issues I was running up against are still there. So I went back to the current release thinking I would find it better supported with issue resolutions. I am not easily discouraged and am willing to continue beating my head against the wall if I think that a solution is possible. I am not the sharpest tool in the shed and tend to shoot self in foot a lot. But normally, I end up breaking through the wall eventually. But at the same time, I want the darn thing to work. If the version 0.4.2 stuff is beta and reverting to the 0.3.x release might be easier on my patience, would like to know this. Any advice? Now that I have a solution to the DHCP client issue, I will be concentrating on the firewall config and setting up the VPN. This is really the only major item left on my punch list that I need to get working. I am assuming that now that DHCP is getting an address, the registration with DynDNS will work as advertised. I am going to have to figure out how to implement a RADIUS service on the Astlinux box to support my WiFi hot spot setup but this is a low priority and will be the last thing I work on. Right now I use a m0n0wall firewall running on another machine. My intent is to use Astlinux in its place. I understand that Aslinux is not as robust a firewall as the single minded m0n0wall, but my requirement is really modest and it would be advantageous for me to consolodate the functions. Any advice for the newbie on this? G.Hendershot -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Sprague Sent: Tuesday, August 08, 2006 8:16 AM To: 'Discussion of AstLinux - Asterisk on Compact Flash' Subject: Re: [Astlinux-users] OPENVPN remote access needed On 8/7/06, Gary Hendershot <[EMAIL PROTECTED]> wrote: > > Kevin: > ... > > So far, no joy getting EXTIF to do DHCP client against my cable provider. > Interesting thing is it will pick up DHCP against another Linux server > I have. But when I connect the EXTIF directly to the Toshiba cable > modem (on > COX Cable), it seems unable to get an address allocated. This is > probably something stupid I have done. Am still working on it. Once > I figure out that one, I also have to figure out how to get it to > register with DynDNS.org so my SIP provider can find me to ring my DID. > ... I was having the same problem with getting DHCP assignment from cable modem. After monkeying around with it for a while I decided to cycle power on the cable modem. That did the trick! It seems that it doesn't like a switch of client's MAC address without a power cycle. This may not be your situation, but that was what I ran into. > Part of the problem may be the number of ports that need to be open to > the outside world to support SIP. The settings in rc.conf will not > allow you to > set a "range of ports" like "u8000-u10000". Instead, it looks to me > like you actually have to declare all 2000 individual ports. But this > may just be "lack of documentation" and I may yet figure out how to > delare a port range. For me, just opening u5060 is required. The rest are negotiated and routed properly. I am not an iptables expert though. However, I was able to add in forwarding of a couple ports to another IP on the lan for a specific app (not voip related). I am using version 0.3 scripts though, not 0.4. Have fun! ~michael _______________________________________________ Astlinux-users mailing list [email protected] http://lists.kriscompanies.com/mailman/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED] _______________________________________________ Astlinux-users mailing list [email protected] http://lists.kriscompanies.com/mailman/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED]
