Hi all,
I've been banging my head against a wall for several days and after numerous
attempts at ini changes and google searches, I figured it was time to come
begging for help...
I have a single gnugk system (2.3.1) behind my firewall. It only has one
(private IP) interface. It is NATed to the Internet and all the appropriate
ports are allowed in. I have endpoints in other VLANs behind the firewall (with
full IP access to/from gnugk for now). I also have external endpoints on
different networks that are NATed out. Note that ALL endpoints are Tandbergs.
All units register fine, either to the private IP or the NATed IP of gnugk.
However, I cannot get a call to connect from external to internal endpoint or
vice-versa. If I call from ext to int, it rings, and as soon as the other side
connects, the ext shows call cleared/disconnected. Here's a chunk of the logs
(using -ttttt) when I call from the external unit to the internal unit (via
alias): (all IPs have been changed :) )
------------------------------------------------------------------
2010/05/04 23:39:29.332 3 RasSrv.cxx(2569)
GK ARQ will request bandwith of 10240
2010/05/04 23:39:29.332 5 Routing.h(177)
ROUTING Checking policy Explicit for the request ARQ 2572
2010/05/04 23:39:29.332 5 Routing.h(177)
ROUTING Checking policy Internal for the request ARQ 2572
2010/05/04 23:39:29.332 4 RasTbl.cxx(1697)
Alias match for EP 10.1.1.1:1719
2010/05/04 23:39:29.332 5 Routing.h(183)
ROUTING Policy Internal applied to the request ARQ 2572
2010/05/04 23:39:29.332 2 RasTbl.cxx(3321)
CallTable::Insert(CALL) Call No. 1, total sessions : 1
2010/05/04 23:39:29.332 5 RasTbl.cxx(3087)
RAS
NAT Offload (H460.23/.24) calculation inputs for Call No: 1
Rule : Must Proxy Media
Calling Endpoint:
Proxy IP: 22.22.22.22
Called Endpoint:
Proxy IP: 10.1.1.1
2010/05/04 23:39:29.332 4 RasTbl.cxx(3092)
RAS Disable H.460.24 Offload as neither party supports it.
2010/05/04 23:39:29.332 4 RasSrv.cxx(2744)
RAS NAT strategy for Call No: 1 set to Unknown Strategy
2010/05/04 23:39:29.332 2 RasSrv.cxx(394)
ACF|22.22.22.22:1719|5423_endp|16845|222:dialedDigits|224:dialedDigits|false|02-b2-8b-0e-26-8e-19-50-34-48-00-50-60-01-25-4a;
2010/05/04 23:39:29.332 3 RasSrv.cxx(236)
RAS Send to 22.22.22.22:1719
.....
2010/05/04 23:39:39.786 1 ProxyChannel.cxx(4536)
H245d Could not open/connect H.245 socket at 0.0.0.0:31001 - error
12/1073751885: Connection refused
2010/05/04 23:39:39.786 3 ProxyChannel.cxx(4538)
H245 10.1.1.1:11025 DIDN'T ACCEPT THE CALL
-------------------------------------------------------------------------
Few things... Why would NAT strategy be set to "Unknown Strategy"? Also what
does the connection refused for 0.0.0.0 signify?
Here's my config:
[Gatekeeper::Main]
Fortytwo=42
TimeToLive=600
ExternalIP=[nated external IP of gnugk]
ExternalIsDynamic=0
[RoutedMode]
GKRouted=1
H245Routed=1
CallSignalPort=1720
RemoveH245AddressOnTunneling=1
DropCallsByReleaseComplete=1
SupportNATedEndpoints=1
;SupportCallingNATedEndpoints=1
Q931PortRange=30000-30999
H245PortRange=31000-31999
EnableH46018=1 <----- without this, I got immediate route errors
NATStdMin=18
[Proxy]
Enable=1
T120PortRange=50000-59999
RTPPortRange=50000-59999
InternalNetwork=[various endpoint vlans behind firewall],127.0.0.0/8 <-----
without the internal vlans, I couldn't get a call to even start
[GkStatus::Auth]
rule=allow
[RasSrv::RRQFeatures]
SupportDynamicIP=1
Thank you for any hints you have for me...!
Ken
------------------------------------------------------------------------------
_______________________________________________________
Posting: mailto:[email protected]
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users
Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users
Homepage: http://www.gnugk.org/
