Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
I got my Cisco PIX reconfigured as the below given. The issue one-way audio, still exists. Here is the call flow. The call comes on an inbound trunk to asterisk. Asterisk plays an IVR. When the user presses 5 it makes an outbound call Dial(SIP/[EMAIL PROTECTED],30) using the same inbound trunk. The dialing happens but there is one way audio. Please help/advise. On 2/10/08, Adam KOSA [EMAIL PROTECTED] wrote: permit udp any host 192.168.5.0 range 1 2 and then I didn't home users typically use /24 netmask. If this is the case, i don't understand why do you write keyword host following a network address. either specify a valid host address, or write 192.168.5.0 255.255.255.0 to specify the whole subnet. if the netmask isn't /24 then, of course the above 5.0 may be a valid host address. regards adam ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- Thanks and Regards Ravi Rajagopal Vaishnavy LLC 3910 N 153rd Ct, #113 Omaha, NE 68116 Ph: 402-880-5362 Fax: 209-755-6257 email: [EMAIL PROTECTED] Web: http://www.vaishnavy.com Under Bill S.1618 Title III passed by the 105th U.S. congress, this mail can not be considered spam as long as we include a way to be removed from our mailing list. Simply send us an e-mail with REMOVE in the subject and we will gladly REMOVE you from our mailing list. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
Otis, Can I call and talk to you if you have a US number or chat with you using Gmail talk etc. Please email me the same to [EMAIL PROTECTED] Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Monday, February 11, 2008 6:08 AM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Cc: 'Wendell Hamilton' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, Are you sure that is the IP address of your Asterisk server? If you are following / using CIDR then 192.168.5.0/24 192.168.5.0 = network address 192.168.5.255 = broadcast Valid IPs in that range are 192.168.5.1-254 usable Did you get everything working? --Otis Ravichandran Rajagopal wrote: This is what I implemented access-list asterisk permit udp any host 192.168.5.0 range 1 2 Thx Ravi -Original Message- From: Wendell Hamilton [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 11:07 PM To: [EMAIL PROTECTED] Cc: Joris Cras; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Did you only open up the one port (1)? You need to open up a range, if you're doing it this way, like 1-10020 and then set your rtp ports in asterisk to the same range. - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I made the following changes and I am still facing one way audio with my call flow. -Original Message- From: Wendell Hamilton [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 1:58 PM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Cc: Joris Cras; [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 try: access-list asterisk permit udp any host x.x.x.x eq 1 - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I tried the following ACL command access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 2 and I got the following response back [no] access-list id [line line-num] deny|permit icmp sip smask | interface if_name | object-group network_obj_grp_id dip dmask | interface if_name | object-group network_obj_grp_id [icmp_type | object-group icmp_type_obj_grp_id] [log [disable|default] | [level] [interval secs]] Restricted ACLs for route-map use: [no] access-list id deny|permit {any | prefix mask | host address} Command failed I don't know how to enter into the linux interface of the Cisco Pix 506 firewall -Original Message- From: Joris Cras [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 3:23 AM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, there is a easy way of creating all those commands in linux. just run the following in a shell: for x in $(seq 10001 10050); do echo 192.168.5.0 eq $x any conduit permit udp host 192.168.5.0 eq $x any conduit permit udp host;done This will create all your PIX rules at ones. I think you could also use Cisco ACL's access-list [name] permit udp [source] [destination] range This would be in your case something like: access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 10050 Good luck. Joris Ravichandran Rajagopal wrote: Otis, I wanted to clarify what you said and what I comprehended. the SIP protocols are disabled in fixup. Having said that I guess all I have to do is just the following. the inside IP of asterisk server is 192.168.5.0 On the cisco PIX firewall enter the following. 192.168.5.0 eq 1 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10002 any conduit permit udp host ... . 192.168.5.0 eq 10049 any conduit permit udp host 192.168.5.0 eq 10050 any conduit permit udp host in the rtp.conf in /etc/asterisk change the ending port 2 (which is what it currently is) to 10050 Is there an easier way to make the entries in Cisco PIX firewall ? Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 12:18 AM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 No problem. :-P I thought it might wise to include everything you needed just in case!! LOL! You are welcome!!! --Otis
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
Ravi, Are you sure that is the IP address of your Asterisk server? If you are following / using CIDR then 192.168.5.0/24 192.168.5.0 = network address 192.168.5.255 = broadcast Valid IPs in that range are 192.168.5.1-254 usable Did you get everything working? --Otis Ravichandran Rajagopal wrote: This is what I implemented access-list asterisk permit udp any host 192.168.5.0 range 1 2 Thx Ravi -Original Message- From: Wendell Hamilton [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 11:07 PM To: [EMAIL PROTECTED] Cc: Joris Cras; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Did you only open up the one port (1)? You need to open up a range, if you're doing it this way, like 1-10020 and then set your rtp ports in asterisk to the same range. - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I made the following changes and I am still facing one way audio with my call flow. -Original Message- From: Wendell Hamilton [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 1:58 PM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Cc: Joris Cras; [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 try: access-list asterisk permit udp any host x.x.x.x eq 1 - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I tried the following ACL command access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 2 and I got the following response back [no] access-list id [line line-num] deny|permit icmp sip smask | interface if_name | object-group network_obj_grp_id dip dmask | interface if_name | object-group network_obj_grp_id [icmp_type | object-group icmp_type_obj_grp_id] [log [disable|default] | [level] [interval secs]] Restricted ACLs for route-map use: [no] access-list id deny|permit {any | prefix mask | host address} Command failed I don't know how to enter into the linux interface of the Cisco Pix 506 firewall -Original Message- From: Joris Cras [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 3:23 AM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, there is a easy way of creating all those commands in linux. just run the following in a shell: for x in $(seq 10001 10050); do echo 192.168.5.0 eq $x any conduit permit udp host 192.168.5.0 eq $x any conduit permit udp host;done This will create all your PIX rules at ones. I think you could also use Cisco ACL's access-list [name] permit udp [source] [destination] range This would be in your case something like: access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 10050 Good luck. Joris Ravichandran Rajagopal wrote: Otis, I wanted to clarify what you said and what I comprehended. the SIP protocols are disabled in fixup. Having said that I guess all I have to do is just the following. the inside IP of asterisk server is 192.168.5.0 On the cisco PIX firewall enter the following. 192.168.5.0 eq 1 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10002 any conduit permit udp host ... . 192.168.5.0 eq 10049 any conduit permit udp host 192.168.5.0 eq 10050 any conduit permit udp host in the rtp.conf in /etc/asterisk change the ending port 2 (which is what it currently is) to 10050 Is there an easier way to make the entries in Cisco PIX firewall ? Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 12:18 AM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 No problem. :-P I thought it might wise to include everything you needed just in case!! LOL! You are welcome!!! --Otis Ravichandran Rajagopal wrote: LOL I guess all I was asking for the changes to be made in the Cisco PIX 506. I think you gave me a short tutorial on VI as well. Thanks once again for this help. Let me work on these changes and test the one-way audio problem and go from there. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
Ravi, I submitted the easiest way to implement this I think for administrators new to Cisco there are alternatives but it depends on your IOS. A GUI might help. . If you want reply with your network range and server IP and I will send you a script I will write for the Cisco. I did explain the ACL way because I thought it would be a bit large if you are not use to seeing the cisco command line. :-) Make sure the RTP ports on your Asterisk box reflect that of your ports open to the Internet. Reloading your config in Asterisk if not working could help. Let's do this in your RTP config file. change your RTP port range in asterisk to 1 to 10030 and reload asterisk. rtpstart=1 rtpend=10030 type asterisk -r Connected to Asterisk 1.2.x.x currently running on asterisk (pid = xx) asterisk*CLI reload or restart now (if you need or want) Copy and paste the below to notepad or wordpad and replace the outside ip with the real ip address of your WAN link or connection. and enter enable mode on the cisco pix and type config t and copy and paste the following in the terminal. 1. pix ena 2. pixpassword: blah 3. pix#config t 4. pix(config)# paste the config below after you change the outside IP here ( not line per line but the whole deal) 5. pix(config)# sh conduit ( you should see all list below, if everything seems valid then do next step) 6. pix(config)# write mem 7. pix(config)#exit 8. pix# sh run ( to see running config) replace the outside ip with your WAN IP. conduit permit udp host outside ip eq 1 any conduit permit udp host outside ip eq 10001 any conduit permit udp host outside ip eq 10002 any conduit permit udp host outside ip eq 10003 any conduit permit udp host outside ip eq 10004 any conduit permit udp host outside ip eq 10005 any conduit permit udp host outside ip eq 10006 any conduit permit udp host outside ip eq 10007 any conduit permit udp host outside ip eq 10008 any conduit permit udp host outside ip eq 10009 any conduit permit udp host outside ip eq 10010 any conduit permit udp host outside ip eq 10011 any conduit permit udp host outside ip eq 10012 any conduit permit udp host outside ip eq 10013 any conduit permit udp host outside ip eq 10014 any conduit permit udp host outside ip eq 10015 any conduit permit udp host outside ip eq 10016 any conduit permit udp host outside ip eq 10017 any conduit permit udp host outside ip eq 10018 any conduit permit udp host outside ip eq 10019 any conduit permit udp host outside ip eq 10020 any conduit permit udp host outside ip eq 10021 any conduit permit udp host outside ip eq 10022 any conduit permit udp host outside ip eq 10023 any conduit permit udp host outside ip eq 10024 any conduit permit udp host outside ip eq 10025 any conduit permit udp host outside ip eq 10026 any conduit permit udp host outside ip eq 10027 any conduit permit udp host outside ip eq 10028 any conduit permit udp host outside ip eq 10029 any conduit permit udp host outside ip eq 10030 any --Otis Wendell Hamilton wrote: Did you only open up the one port (1)? You need to open up a range, if you're doing it this way, like 1-10020 and then set your rtp ports in asterisk to the same range. - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I made the following changes and I am still facing one way audio with my call flow. -Original Message- From: Wendell Hamilton [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 1:58 PM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Cc: Joris Cras; [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 try: access-list asterisk permit udp any host x.x.x.x eq 1 - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I tried the following ACL command access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 2 and I got the following response back [no] access-list id [line line-num] deny|permit icmp sip smask | interface if_name | object-group network_obj_grp_id dip dmask | interface if_name | object-group network_obj_grp_id [icmp_type | object-group icmp_type_obj_grp_id] [log [disable|default] | [level] [interval secs]] Restricted ACLs for route-map use: [no] access-list id deny|permit {any | prefix mask | host address} Command failed I don't know how to enter into the linux interface of the Cisco Pix 506 firewall -Original Message- From: Joris Cras [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 3:23 AM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, there is a easy way of creating all those commands in linux. just run the following in a shell: for x in $(seq 10001 10050); do echo 192.168.5.0 eq $x
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
This is what I implemented access-list asterisk permit udp any host 192.168.5.0 range 1 2 Thx Ravi -Original Message- From: Wendell Hamilton [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 11:07 PM To: [EMAIL PROTECTED] Cc: Joris Cras; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Did you only open up the one port (1)? You need to open up a range, if you're doing it this way, like 1-10020 and then set your rtp ports in asterisk to the same range. - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I made the following changes and I am still facing one way audio with my call flow. -Original Message- From: Wendell Hamilton [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 1:58 PM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Cc: Joris Cras; [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 try: access-list asterisk permit udp any host x.x.x.x eq 1 - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I tried the following ACL command access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 2 and I got the following response back [no] access-list id [line line-num] deny|permit icmp sip smask | interface if_name | object-group network_obj_grp_id dip dmask | interface if_name | object-group network_obj_grp_id [icmp_type | object-group icmp_type_obj_grp_id] [log [disable|default] | [level] [interval secs]] Restricted ACLs for route-map use: [no] access-list id deny|permit {any | prefix mask | host address} Command failed I don't know how to enter into the linux interface of the Cisco Pix 506 firewall -Original Message- From: Joris Cras [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 3:23 AM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, there is a easy way of creating all those commands in linux. just run the following in a shell: for x in $(seq 10001 10050); do echo 192.168.5.0 eq $x any conduit permit udp host 192.168.5.0 eq $x any conduit permit udp host;done This will create all your PIX rules at ones. I think you could also use Cisco ACL's access-list [name] permit udp [source] [destination] range This would be in your case something like: access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 10050 Good luck. Joris Ravichandran Rajagopal wrote: Otis, I wanted to clarify what you said and what I comprehended. the SIP protocols are disabled in fixup. Having said that I guess all I have to do is just the following. the inside IP of asterisk server is 192.168.5.0 On the cisco PIX firewall enter the following. 192.168.5.0 eq 1 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10002 any conduit permit udp host ... . 192.168.5.0 eq 10049 any conduit permit udp host 192.168.5.0 eq 10050 any conduit permit udp host in the rtp.conf in /etc/asterisk change the ending port 2 (which is what it currently is) to 10050 Is there an easier way to make the entries in Cisco PIX firewall ? Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 12:18 AM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 No problem. :-P I thought it might wise to include everything you needed just in case!! LOL! You are welcome!!! --Otis Ravichandran Rajagopal wrote: LOL I guess all I was asking for the changes to be made in the Cisco PIX 506. I think you gave me a short tutorial on VI as well. Thanks once again for this help. Let me work on these changes and test the one-way audio problem and go from there. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:55 PM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, I will explain changing the config in asterisk and the pix: Asterisk Box - vi to /etc/asterisk/rtp.conf and change the port
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
Otis, I don't have access to ssh into the Cisco PIX firewall. I have been logging in using https into the Cisco PIX (without a username and only with a password). The following is the information in the asterisk server. [rtp.conf] rtpstart=1 rtpend=2 With the Cisco I went in through the https and then I chose the Command line option and I typed the command asterisk permit udp any host 192.168.5.0 range 1 2 and then I didn't know whether I should have done anything else. Should I have issued any other command to save this changes. I am asking that question as in the below sequence of commands you are mentioning write mem One interesting thing that I found was I dialed 4025901000 and then punched 5 which routes the call to my cell phone. If I don't pick up the call it should go to my voicemail at which juncture I expect silence as the audio is not coming through. Instead I hear the dialtone and then after x number of rings I get a fast busy. I know not what happened. I guess with all of the below given the thing that I didn't do yet was touch the asterisk configurations yet. If I am struggling with all of this cisco pix. Can you tell me how to enable firewall in the linux-asterisk server and then disable cisco pix firewall from its firewall behaviours so that I can isolate the problem and move forward. Please advise. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Sunday, February 10, 2008 2:13 AM To: Asterisk Users Mailing List - Non-Commercial Discussion Cc: [EMAIL PROTECTED] Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, I submitted the easiest way to implement this I think for administrators new to Cisco there are alternatives but it depends on your IOS. A GUI might help. . If you want reply with your network range and server IP and I will send you a script I will write for the Cisco. I did explain the ACL way because I thought it would be a bit large if you are not use to seeing the cisco command line. :-) Make sure the RTP ports on your Asterisk box reflect that of your ports open to the Internet. Reloading your config in Asterisk if not working could help. Let's do this in your RTP config file. change your RTP port range in asterisk to 1 to 10030 and reload asterisk. rtpstart=1 rtpend=10030 type asterisk -r Connected to Asterisk 1.2.x.x currently running on asterisk (pid = xx) asterisk*CLI reload or restart now (if you need or want) Copy and paste the below to notepad or wordpad and replace the outside ip with the real ip address of your WAN link or connection. and enter enable mode on the cisco pix and type config t and copy and paste the following in the terminal. 1. pix ena 2. pixpassword: blah 3. pix#config t 4. pix(config)# paste the config below after you change the outside IP here ( not line per line but the whole deal) 5. pix(config)# sh conduit ( you should see all list below, if everything seems valid then do next step) 6. pix(config)# write mem 7. pix(config)#exit 8. pix# sh run ( to see running config) replace the outside ip with your WAN IP. conduit permit udp host outside ip eq 1 any conduit permit udp host outside ip eq 10001 any conduit permit udp host outside ip eq 10002 any conduit permit udp host outside ip eq 10003 any conduit permit udp host outside ip eq 10004 any conduit permit udp host outside ip eq 10005 any conduit permit udp host outside ip eq 10006 any conduit permit udp host outside ip eq 10007 any conduit permit udp host outside ip eq 10008 any conduit permit udp host outside ip eq 10009 any conduit permit udp host outside ip eq 10010 any conduit permit udp host outside ip eq 10011 any conduit permit udp host outside ip eq 10012 any conduit permit udp host outside ip eq 10013 any conduit permit udp host outside ip eq 10014 any conduit permit udp host outside ip eq 10015 any conduit permit udp host outside ip eq 10016 any conduit permit udp host outside ip eq 10017 any conduit permit udp host outside ip eq 10018 any conduit permit udp host outside ip eq 10019 any conduit permit udp host outside ip eq 10020 any conduit permit udp host outside ip eq 10021 any conduit permit udp host outside ip eq 10022 any conduit permit udp host outside ip eq 10023 any conduit permit udp host outside ip eq 10024 any conduit permit udp host outside ip eq 10025 any conduit permit udp host outside ip eq 10026 any conduit permit udp host outside ip eq 10027 any conduit permit udp host outside ip eq 10028 any conduit permit udp host outside ip eq 10029 any conduit permit udp host outside ip eq 10030 any --Otis Wendell Hamilton wrote: Did you only open up the one port (1)? You need to open up a range, if you're doing it this way, like 1-10020 and then set your rtp ports in asterisk to the same range. - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I made the following changes and I am still facing one way audio with my call
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
permit udp any host 192.168.5.0 range 1 2 and then I didn't home users typically use /24 netmask. If this is the case, i don't understand why do you write keyword host following a network address. either specify a valid host address, or write 192.168.5.0 255.255.255.0 to specify the whole subnet. if the netmask isn't /24 then, of course the above 5.0 may be a valid host address. regards adam ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
Ravi, there is a easy way of creating all those commands in linux. just run the following in a shell: for x in $(seq 10001 10050); do echo 192.168.5.0 eq $x any conduit permit udp host 192.168.5.0 eq $x any conduit permit udp host;done This will create all your PIX rules at ones. I think you could also use Cisco ACL's access-list [name] permit udp [source] [destination] range This would be in your case something like: access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 10050 Good luck. Joris Ravichandran Rajagopal wrote: Otis, I wanted to clarify what you said and what I comprehended. the SIP protocols are disabled in fixup. Having said that I guess all I have to do is just the following. the inside IP of asterisk server is 192.168.5.0 On the cisco PIX firewall enter the following. 192.168.5.0 eq 1 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10002 any conduit permit udp host ... . 192.168.5.0 eq 10049 any conduit permit udp host 192.168.5.0 eq 10050 any conduit permit udp host in the rtp.conf in /etc/asterisk change the ending port 2 (which is what it currently is) to 10050 Is there an easier way to make the entries in Cisco PIX firewall ? Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 12:18 AM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 No problem. :-P I thought it might wise to include everything you needed just in case!! LOL! You are welcome!!! --Otis Ravichandran Rajagopal wrote: LOL I guess all I was asking for the changes to be made in the Cisco PIX 506. I think you gave me a short tutorial on VI as well. Thanks once again for this help. Let me work on these changes and test the one-way audio problem and go from there. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:55 PM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, I will explain changing the config in asterisk and the pix: Asterisk Box - vi to /etc/asterisk/rtp.conf and change the port span to 1 to 10050 (to start, you will need to increase later as ports fill up) (use insert to make a change in a file) to save: 1. esc 2. shift + colon 3. wq (to save) If you made a mistake and do not want to save but you changed something in the file: 1. esc 2. shift + colon 3. q! (to exit) Cisco Pix - on my old Pix 520 UR I do not use the ACLs for this case the static and conduit commands so this is a example from my setup. Theses are not usable IPs on the Internet or my IPs but just an example outside (interface) - 192.168.1.0/24 (192.168.1.1-192.168.1.254) dmz (interface) - 192.168.254.0/24 (192.168.254.1-192.168.254.254) interface ethernet0 100full (sets the duplex and turns on interface) interface ethernet1 100full (sets the duplex and turns on interface) nameif ethernet0 outside security0 ( lower security) nameif ethernet1 dmz security50 (higher security) no fixup protocol sip 5060 no fixup protocol sip udp 5060 ! - this makes things easier so now the pix knows the IP of the asterisk box and maps the ip to the name just for configuration purposes only so if you had 20 servers or devices you wanted public access to it's just easier to remember their names versus IPs. name 192.168.254.11 dns name 192.168.254.10 asterisk ! - the static command is used as a permanent mapper from one inside, dmz, or other to the global ip vice versa. (Rule of thumb if you map using static make sure you have a conduit command) static (dmz,outside) 192.168.1.22 asterisk netmask 255.255.255.255 0 0 ! - here is where you open the ports on the global side to the asterisk box. (the conduit command allows connections from lower security interfaces to higher security interfaces) conduit permit udp host 192.168.1.22 eq 1 any conduit permit udp host 192.168.1.22 eq 10001 any conduit permit udp host 192.168.1.22 eq 10002 any conduit permit udp host 192.168.1.22 eq 10003 any conduit permit udp host 192.168.1.22 eq 10004 any conduit permit udp host 192.168.1.22 eq 10005 any Hope this helps! --Otis Ravichandran Rajagopal wrote: Otis, I am new to Cisco PIX 506 and I am learning this. If you can help me with how to do this change on Cisco PIX it would be greatly appreciated. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
I tried the following ACL command access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 2 and I got the following response back [no] access-list id [line line-num] deny|permit icmp sip smask | interface if_name | object-group network_obj_grp_id dip dmask | interface if_name | object-group network_obj_grp_id [icmp_type | object-group icmp_type_obj_grp_id] [log [disable|default] | [level] [interval secs]] Restricted ACLs for route-map use: [no] access-list id deny|permit {any | prefix mask | host address} Command failed I don't know how to enter into the linux interface of the Cisco Pix 506 firewall -Original Message- From: Joris Cras [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 3:23 AM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, there is a easy way of creating all those commands in linux. just run the following in a shell: for x in $(seq 10001 10050); do echo 192.168.5.0 eq $x any conduit permit udp host 192.168.5.0 eq $x any conduit permit udp host;done This will create all your PIX rules at ones. I think you could also use Cisco ACL's access-list [name] permit udp [source] [destination] range This would be in your case something like: access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 10050 Good luck. Joris Ravichandran Rajagopal wrote: Otis, I wanted to clarify what you said and what I comprehended. the SIP protocols are disabled in fixup. Having said that I guess all I have to do is just the following. the inside IP of asterisk server is 192.168.5.0 On the cisco PIX firewall enter the following. 192.168.5.0 eq 1 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10002 any conduit permit udp host ... . 192.168.5.0 eq 10049 any conduit permit udp host 192.168.5.0 eq 10050 any conduit permit udp host in the rtp.conf in /etc/asterisk change the ending port 2 (which is what it currently is) to 10050 Is there an easier way to make the entries in Cisco PIX firewall ? Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 12:18 AM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 No problem. :-P I thought it might wise to include everything you needed just in case!! LOL! You are welcome!!! --Otis Ravichandran Rajagopal wrote: LOL I guess all I was asking for the changes to be made in the Cisco PIX 506. I think you gave me a short tutorial on VI as well. Thanks once again for this help. Let me work on these changes and test the one-way audio problem and go from there. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:55 PM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, I will explain changing the config in asterisk and the pix: Asterisk Box - vi to /etc/asterisk/rtp.conf and change the port span to 1 to 10050 (to start, you will need to increase later as ports fill up) (use insert to make a change in a file) to save: 1. esc 2. shift + colon 3. wq (to save) If you made a mistake and do not want to save but you changed something in the file: 1. esc 2. shift + colon 3. q! (to exit) Cisco Pix - on my old Pix 520 UR I do not use the ACLs for this case the static and conduit commands so this is a example from my setup. Theses are not usable IPs on the Internet or my IPs but just an example outside (interface) - 192.168.1.0/24 (192.168.1.1-192.168.1.254) dmz (interface) - 192.168.254.0/24 (192.168.254.1-192.168.254.254) interface ethernet0 100full (sets the duplex and turns on interface) interface ethernet1 100full (sets the duplex and turns on interface) nameif ethernet0 outside security0 ( lower security) nameif ethernet1 dmz security50 (higher security) no fixup protocol sip 5060 no fixup protocol sip udp 5060 ! - this makes things easier so now the pix knows the IP of the asterisk box and maps the ip to the name just for configuration purposes only so if you had 20 servers or devices you wanted public access to it's just easier to remember their names versus IPs. name 192.168.254.11 dns name 192.168.254.10 asterisk ! - the static command is used as a permanent mapper from one inside, dmz, or other to the global ip vice versa. (Rule of thumb
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
try: access-list asterisk permit udp any host x.x.x.x eq 1 - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I tried the following ACL command access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 2 and I got the following response back [no] access-list id [line line-num] deny|permit icmp sip smask | interface if_name | object-group network_obj_grp_id dip dmask | interface if_name | object-group network_obj_grp_id [icmp_type | object-group icmp_type_obj_grp_id] [log [disable|default] | [level] [interval secs]] Restricted ACLs for route-map use: [no] access-list id deny|permit {any | prefix mask | host address} Command failed I don't know how to enter into the linux interface of the Cisco Pix 506 firewall -Original Message- From: Joris Cras [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 3:23 AM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, there is a easy way of creating all those commands in linux. just run the following in a shell: for x in $(seq 10001 10050); do echo 192.168.5.0 eq $x any conduit permit udp host 192.168.5.0 eq $x any conduit permit udp host;done This will create all your PIX rules at ones. I think you could also use Cisco ACL's access-list [name] permit udp [source] [destination] range This would be in your case something like: access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 10050 Good luck. Joris Ravichandran Rajagopal wrote: Otis, I wanted to clarify what you said and what I comprehended. the SIP protocols are disabled in fixup. Having said that I guess all I have to do is just the following. the inside IP of asterisk server is 192.168.5.0 On the cisco PIX firewall enter the following. 192.168.5.0 eq 1 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10002 any conduit permit udp host ... . 192.168.5.0 eq 10049 any conduit permit udp host 192.168.5.0 eq 10050 any conduit permit udp host in the rtp.conf in /etc/asterisk change the ending port 2 (which is what it currently is) to 10050 Is there an easier way to make the entries in Cisco PIX firewall ? Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 12:18 AM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 No problem. :-P I thought it might wise to include everything you needed just in case!! LOL! You are welcome!!! --Otis Ravichandran Rajagopal wrote: LOL I guess all I was asking for the changes to be made in the Cisco PIX 506. I think you gave me a short tutorial on VI as well. Thanks once again for this help. Let me work on these changes and test the one-way audio problem and go from there. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:55 PM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, I will explain changing the config in asterisk and the pix: Asterisk Box - vi to /etc/asterisk/rtp.conf and change the port span to 1 to 10050 (to start, you will need to increase later as ports fill up) (use insert to make a change in a file) to save: 1. esc 2. shift + colon 3. wq (to save) If you made a mistake and do not want to save but you changed something in the file: 1. esc 2. shift + colon 3. q! (to exit) Cisco Pix - on my old Pix 520 UR I do not use the ACLs for this case the static and conduit commands so this is a example from my setup. Theses are not usable IPs on the Internet or my IPs but just an example outside (interface) - 192.168.1.0/24 (192.168.1.1-192.168.1.254) dmz (interface) - 192.168.254.0/24 (192.168.254.1-192.168.254.254) interface ethernet0 100full (sets the duplex and turns on interface) interface ethernet1 100full (sets the duplex and turns on interface) nameif ethernet0 outside security0 ( lower security) nameif ethernet1 dmz security50 (higher security) no fixup protocol sip 5060 no fixup protocol sip udp 5060 ! - this makes things easier so now the pix knows the IP of the asterisk box and maps the ip to the name just for configuration purposes only so if you had 20
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
I made the following changes and I am still facing one way audio with my call flow. -Original Message- From: Wendell Hamilton [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 1:58 PM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Cc: Joris Cras; [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 try: access-list asterisk permit udp any host x.x.x.x eq 1 - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I tried the following ACL command access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 2 and I got the following response back [no] access-list id [line line-num] deny|permit icmp sip smask | interface if_name | object-group network_obj_grp_id dip dmask | interface if_name | object-group network_obj_grp_id [icmp_type | object-group icmp_type_obj_grp_id] [log [disable|default] | [level] [interval secs]] Restricted ACLs for route-map use: [no] access-list id deny|permit {any | prefix mask | host address} Command failed I don't know how to enter into the linux interface of the Cisco Pix 506 firewall -Original Message- From: Joris Cras [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 3:23 AM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, there is a easy way of creating all those commands in linux. just run the following in a shell: for x in $(seq 10001 10050); do echo 192.168.5.0 eq $x any conduit permit udp host 192.168.5.0 eq $x any conduit permit udp host;done This will create all your PIX rules at ones. I think you could also use Cisco ACL's access-list [name] permit udp [source] [destination] range This would be in your case something like: access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 10050 Good luck. Joris Ravichandran Rajagopal wrote: Otis, I wanted to clarify what you said and what I comprehended. the SIP protocols are disabled in fixup. Having said that I guess all I have to do is just the following. the inside IP of asterisk server is 192.168.5.0 On the cisco PIX firewall enter the following. 192.168.5.0 eq 1 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10002 any conduit permit udp host ... . 192.168.5.0 eq 10049 any conduit permit udp host 192.168.5.0 eq 10050 any conduit permit udp host in the rtp.conf in /etc/asterisk change the ending port 2 (which is what it currently is) to 10050 Is there an easier way to make the entries in Cisco PIX firewall ? Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 12:18 AM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 No problem. :-P I thought it might wise to include everything you needed just in case!! LOL! You are welcome!!! --Otis Ravichandran Rajagopal wrote: LOL I guess all I was asking for the changes to be made in the Cisco PIX 506. I think you gave me a short tutorial on VI as well. Thanks once again for this help. Let me work on these changes and test the one-way audio problem and go from there. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:55 PM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, I will explain changing the config in asterisk and the pix: Asterisk Box - vi to /etc/asterisk/rtp.conf and change the port span to 1 to 10050 (to start, you will need to increase later as ports fill up) (use insert to make a change in a file) to save: 1. esc 2. shift + colon 3. wq (to save) If you made a mistake and do not want to save but you changed something in the file: 1. esc 2. shift + colon 3. q! (to exit) Cisco Pix - on my old Pix 520 UR I do not use the ACLs for this case the static and conduit commands so this is a example from my setup. Theses are not usable IPs on the Internet or my IPs but just an example outside (interface) - 192.168.1.0/24 (192.168.1.1-192.168.1.254) dmz (interface) - 192.168.254.0/24 (192.168.254.1-192.168.254.254) interface ethernet0 100full (sets
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
Did you only open up the one port (1)? You need to open up a range, if you're doing it this way, like 1-10020 and then set your rtp ports in asterisk to the same range. - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I made the following changes and I am still facing one way audio with my call flow. -Original Message- From: Wendell Hamilton [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 1:58 PM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Cc: Joris Cras; [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 try: access-list asterisk permit udp any host x.x.x.x eq 1 - Ravichandran Rajagopal [EMAIL PROTECTED] wrote: I tried the following ACL command access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 2 and I got the following response back [no] access-list id [line line-num] deny|permit icmp sip smask | interface if_name | object-group network_obj_grp_id dip dmask | interface if_name | object-group network_obj_grp_id [icmp_type | object-group icmp_type_obj_grp_id] [log [disable|default] | [level] [interval secs]] Restricted ACLs for route-map use: [no] access-list id deny|permit {any | prefix mask | host address} Command failed I don't know how to enter into the linux interface of the Cisco Pix 506 firewall -Original Message- From: Joris Cras [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 3:23 AM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, there is a easy way of creating all those commands in linux. just run the following in a shell: for x in $(seq 10001 10050); do echo 192.168.5.0 eq $x any conduit permit udp host 192.168.5.0 eq $x any conduit permit udp host;done This will create all your PIX rules at ones. I think you could also use Cisco ACL's access-list [name] permit udp [source] [destination] range This would be in your case something like: access-list asterisk permit udp 0.0.0.0 192.168.5.0 range 1 10050 Good luck. Joris Ravichandran Rajagopal wrote: Otis, I wanted to clarify what you said and what I comprehended. the SIP protocols are disabled in fixup. Having said that I guess all I have to do is just the following. the inside IP of asterisk server is 192.168.5.0 On the cisco PIX firewall enter the following. 192.168.5.0 eq 1 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10002 any conduit permit udp host ... . 192.168.5.0 eq 10049 any conduit permit udp host 192.168.5.0 eq 10050 any conduit permit udp host in the rtp.conf in /etc/asterisk change the ending port 2 (which is what it currently is) to 10050 Is there an easier way to make the entries in Cisco PIX firewall ? Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 12:18 AM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 No problem. :-P I thought it might wise to include everything you needed just in case!! LOL! You are welcome!!! --Otis Ravichandran Rajagopal wrote: LOL I guess all I was asking for the changes to be made in the Cisco PIX 506. I think you gave me a short tutorial on VI as well. Thanks once again for this help. Let me work on these changes and test the one-way audio problem and go from there. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:55 PM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, I will explain changing the config in asterisk and the pix: Asterisk Box - vi to /etc/asterisk/rtp.conf and change the port span to 1 to 10050 (to start, you will need to increase later as ports fill up) (use insert to make a change in a file) to save: 1. esc 2. shift + colon 3. wq (to save) If you made a mistake and do not want to save but you changed something in the file: 1. esc 2. shift + colon 3. q! (to exit) Cisco Pix
[asterisk-users] oneway audio with asterisk behind cisco pix 506
Hi, I have the Cisco PIX 506 firewall right in front of the asterisk and I am getting a one-way audio. I need your help/guidance to resolve this problem. I have the fixups disabled for SIP in the Cisco PIX 506. Any help rendered by you in this subject is greatly appreciated. I have been breaking my head trying to resolve this problem for more than one month. I have included the sip.conf and the extensions.conf below. [SIP.conf] ; SIP Configuration example for Asterisk [general] context=incoming allowoverlap=no bindport=5060 bindaddr=0.0.0.0 localnet=192.168.5.0/255.255.255.0 externip=a.b.ccc.dd srvlookup=yes allow=ulaw allow=alaw [incoming] type=peer nat=no canreinvite=no host=xx.y.z.aaa qualify=yes dtmfmode=rfc2833 context=default [extensions.conf] [general] static=yes writeprotect=yes clearglobalvars=no [default] include = customer exten = h,1,Hangup exten = i,1,Congestion exten = i,2,Hangup [agnosco] include = local-extensions include = customer_ivr include = incoming [customer_ivr] include = local-extensions exten = s,1,Answer exten = s,n,Background(agnosco_intro) exten = s,n,WaitExten ;Dial said extensions exten = 5,1,Dial(SIP/[EMAIL PROTECTED],30) [incoming] exten = 4025901000,1,Goto(1000,1) exten = 1000,1,Goto(customer_ivr,s,1) Thanks sunMoonstar. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
Ravi, Open up the RTP (UDP) ports on your pix. (EX. conduit permit udp host x.x.x.x eq 10049 any). Also set your asterisk rtp config span to something you can configure (1 to 10200) unless you write a script to just copy and paste about 1 to 2 ports in your config on the pix. Cisco's are strange but secure. It took me about two hours to figure out after taking off the fixup and no more logging/debugging from the cisco. I actually fixed while a call was coming in. LOL! Let me know!!! --Otis Ravichandran Rajagopal wrote: Hi, I have the Cisco PIX 506 firewall right in front of the asterisk and I am getting a one-way audio. I need your help/guidance to resolve this problem. I have the “fixups” disabled for SIP in the Cisco PIX 506. Any help rendered by you in this subject is greatly appreciated. I have been breaking my head trying to resolve this problem for more than one month. I have included the sip.conf and the extensions.conf below. [SIP.conf] ; SIP Configuration example for Asterisk [general] context=incoming allowoverlap=no bindport=5060 bindaddr=0.0.0.0 localnet=192.168.5.0/255.255.255.0 externip=a.b.ccc.dd srvlookup=yes allow=ulaw allow=alaw [incoming] type=peer nat=no canreinvite=no host=xx.y.z.aaa qualify=yes dtmfmode=rfc2833 context=default [extensions.conf] [general] static=yes writeprotect=yes clearglobalvars=no [default] include = customer exten = h,1,Hangup exten = i,1,Congestion exten = i,2,Hangup [agnosco] include = local-extensions include = customer_ivr include = incoming [customer_ivr] include = local-extensions exten = s,1,Answer exten = s,n,Background(agnosco_intro) exten = s,n,WaitExten ;Dial said extensions exten = 5,1,Dial(SIP/[EMAIL PROTECTED],30) [incoming] exten = 4025901000,1,Goto(1000,1) exten = 1000,1,Goto(customer_ivr,s,1) Thanks sunMoonstar. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
Otis, I am new to Cisco PIX 506 and I am learning this. If you can help me with how to do this change on Cisco PIX it would be greatly appreciated. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:11 PM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, Open up the RTP (UDP) ports on your pix. (EX. conduit permit udp host x.x.x.x eq 10049 any). Also set your asterisk rtp config span to something you can configure (1 to 10200) unless you write a script to just copy and paste about 1 to 2 ports in your config on the pix. Cisco's are strange but secure. It took me about two hours to figure out after taking off the fixup and no more logging/debugging from the cisco. I actually fixed while a call was coming in. LOL! Let me know!!! --Otis Ravichandran Rajagopal wrote: Hi, I have the Cisco PIX 506 firewall right in front of the asterisk and I am getting a one-way audio. I need your help/guidance to resolve this problem. I have the fixups disabled for SIP in the Cisco PIX 506. Any help rendered by you in this subject is greatly appreciated. I have been breaking my head trying to resolve this problem for more than one month. I have included the sip.conf and the extensions.conf below. [SIP.conf] ; SIP Configuration example for Asterisk [general] context=incoming allowoverlap=no bindport=5060 bindaddr=0.0.0.0 localnet=192.168.5.0/255.255.255.0 externip=a.b.ccc.dd srvlookup=yes allow=ulaw allow=alaw [incoming] type=peer nat=no canreinvite=no host=xx.y.z.aaa qualify=yes dtmfmode=rfc2833 context=default [extensions.conf] [general] static=yes writeprotect=yes clearglobalvars=no [default] include = customer exten = h,1,Hangup exten = i,1,Congestion exten = i,2,Hangup [agnosco] include = local-extensions include = customer_ivr include = incoming [customer_ivr] include = local-extensions exten = s,1,Answer exten = s,n,Background(agnosco_intro) exten = s,n,WaitExten ;Dial said extensions exten = 5,1,Dial(SIP/[EMAIL PROTECTED],30) [incoming] exten = 4025901000,1,Goto(1000,1) exten = 1000,1,Goto(customer_ivr,s,1) Thanks sunMoonstar. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
Ravi, I will explain changing the config in asterisk and the pix: Asterisk Box - vi to /etc/asterisk/rtp.conf and change the port span to 1 to 10050 (to start, you will need to increase later as ports fill up) (use insert to make a change in a file) to save: 1. esc 2. shift + colon 3. wq (to save) If you made a mistake and do not want to save but you changed something in the file: 1. esc 2. shift + colon 3. q! (to exit) Cisco Pix - on my old Pix 520 UR I do not use the ACLs for this case the static and conduit commands so this is a example from my setup. Theses are not usable IPs on the Internet or my IPs but just an example outside (interface) - 192.168.1.0/24 (192.168.1.1-192.168.1.254) dmz (interface) - 192.168.254.0/24 (192.168.254.1-192.168.254.254) interface ethernet0 100full (sets the duplex and turns on interface) interface ethernet1 100full (sets the duplex and turns on interface) nameif ethernet0 outside security0 ( lower security) nameif ethernet1 dmz security50 (higher security) no fixup protocol sip 5060 no fixup protocol sip udp 5060 ! - this makes things easier so now the pix knows the IP of the asterisk box and maps the ip to the name just for configuration purposes only so if you had 20 servers or devices you wanted public access to it's just easier to remember their names versus IPs. name 192.168.254.11 dns name 192.168.254.10 asterisk ! - the static command is used as a permanent mapper from one inside, dmz, or other to the global ip vice versa. (Rule of thumb if you map using static make sure you have a conduit command) static (dmz,outside) 192.168.1.22 asterisk netmask 255.255.255.255 0 0 ! - here is where you open the ports on the global side to the asterisk box. (the conduit command allows connections from lower security interfaces to higher security interfaces) conduit permit udp host 192.168.1.22 eq 1 any conduit permit udp host 192.168.1.22 eq 10001 any conduit permit udp host 192.168.1.22 eq 10002 any conduit permit udp host 192.168.1.22 eq 10003 any conduit permit udp host 192.168.1.22 eq 10004 any conduit permit udp host 192.168.1.22 eq 10005 any Hope this helps! --Otis Ravichandran Rajagopal wrote: Otis, I am new to Cisco PIX 506 and I am learning this. If you can help me with how to do this change on Cisco PIX it would be greatly appreciated. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:11 PM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, Open up the RTP (UDP) ports on your pix. (EX. conduit permit udp host x.x.x.x eq 10049 any). Also set your asterisk rtp config span to something you can configure (1 to 10200) unless you write a script to just copy and paste about 1 to 2 ports in your config on the pix. Cisco's are strange but secure. It took me about two hours to figure out after taking off the fixup and no more logging/debugging from the cisco. I actually fixed while a call was coming in. LOL! Let me know!!! --Otis Ravichandran Rajagopal wrote: Hi, I have the Cisco PIX 506 firewall right in front of the asterisk and I am getting a one-way audio. I need your help/guidance to resolve this problem. I have the fixups disabled for SIP in the Cisco PIX 506. Any help rendered by you in this subject is greatly appreciated. I have been breaking my head trying to resolve this problem for more than one month. I have included the sip.conf and the extensions.conf below. [SIP.conf] ; SIP Configuration example for Asterisk [general] context=incoming allowoverlap=no bindport=5060 bindaddr=0.0.0.0 localnet=192.168.5.0/255.255.255.0 externip=a.b.ccc.dd srvlookup=yes allow=ulaw allow=alaw [incoming] type=peer nat=no canreinvite=no host=xx.y.z.aaa qualify=yes dtmfmode=rfc2833 context=default [extensions.conf] [general] static=yes writeprotect=yes clearglobalvars=no [default] include = customer exten = h,1,Hangup exten = i,1,Congestion exten = i,2,Hangup [agnosco] include = local-extensions include = customer_ivr include = incoming [customer_ivr] include = local-extensions exten = s,1,Answer exten = s,n,Background(agnosco_intro) exten = s,n,WaitExten ;Dial said extensions exten = 5,1,Dial(SIP/[EMAIL PROTECTED],30) [incoming] exten = 4025901000,1,Goto(1000,1) exten = 1000,1,Goto(customer_ivr,s,1) Thanks sunMoonstar. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
LOL I guess all I was asking for the changes to be made in the Cisco PIX 506. I think you gave me a short tutorial on VI as well. Thanks once again for this help. Let me work on these changes and test the one-way audio problem and go from there. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:55 PM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, I will explain changing the config in asterisk and the pix: Asterisk Box - vi to /etc/asterisk/rtp.conf and change the port span to 1 to 10050 (to start, you will need to increase later as ports fill up) (use insert to make a change in a file) to save: 1. esc 2. shift + colon 3. wq (to save) If you made a mistake and do not want to save but you changed something in the file: 1. esc 2. shift + colon 3. q! (to exit) Cisco Pix - on my old Pix 520 UR I do not use the ACLs for this case the static and conduit commands so this is a example from my setup. Theses are not usable IPs on the Internet or my IPs but just an example outside (interface) - 192.168.1.0/24 (192.168.1.1-192.168.1.254) dmz (interface) - 192.168.254.0/24 (192.168.254.1-192.168.254.254) interface ethernet0 100full (sets the duplex and turns on interface) interface ethernet1 100full (sets the duplex and turns on interface) nameif ethernet0 outside security0 ( lower security) nameif ethernet1 dmz security50 (higher security) no fixup protocol sip 5060 no fixup protocol sip udp 5060 ! - this makes things easier so now the pix knows the IP of the asterisk box and maps the ip to the name just for configuration purposes only so if you had 20 servers or devices you wanted public access to it's just easier to remember their names versus IPs. name 192.168.254.11 dns name 192.168.254.10 asterisk ! - the static command is used as a permanent mapper from one inside, dmz, or other to the global ip vice versa. (Rule of thumb if you map using static make sure you have a conduit command) static (dmz,outside) 192.168.1.22 asterisk netmask 255.255.255.255 0 0 ! - here is where you open the ports on the global side to the asterisk box. (the conduit command allows connections from lower security interfaces to higher security interfaces) conduit permit udp host 192.168.1.22 eq 1 any conduit permit udp host 192.168.1.22 eq 10001 any conduit permit udp host 192.168.1.22 eq 10002 any conduit permit udp host 192.168.1.22 eq 10003 any conduit permit udp host 192.168.1.22 eq 10004 any conduit permit udp host 192.168.1.22 eq 10005 any Hope this helps! --Otis Ravichandran Rajagopal wrote: Otis, I am new to Cisco PIX 506 and I am learning this. If you can help me with how to do this change on Cisco PIX it would be greatly appreciated. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:11 PM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, Open up the RTP (UDP) ports on your pix. (EX. conduit permit udp host x.x.x.x eq 10049 any). Also set your asterisk rtp config span to something you can configure (1 to 10200) unless you write a script to just copy and paste about 1 to 2 ports in your config on the pix. Cisco's are strange but secure. It took me about two hours to figure out after taking off the fixup and no more logging/debugging from the cisco. I actually fixed while a call was coming in. LOL! Let me know!!! --Otis Ravichandran Rajagopal wrote: Hi, I have the Cisco PIX 506 firewall right in front of the asterisk and I am getting a one-way audio. I need your help/guidance to resolve this problem. I have the fixups disabled for SIP in the Cisco PIX 506. Any help rendered by you in this subject is greatly appreciated. I have been breaking my head trying to resolve this problem for more than one month. I have included the sip.conf and the extensions.conf below. [SIP.conf] ; SIP Configuration example for Asterisk [general] context=incoming allowoverlap=no bindport=5060 bindaddr=0.0.0.0 localnet=192.168.5.0/255.255.255.0 externip=a.b.ccc.dd srvlookup=yes allow=ulaw allow=alaw [incoming] type=peer nat=no canreinvite=no host=xx.y.z.aaa qualify=yes dtmfmode=rfc2833 context=default [extensions.conf] [general] static=yes writeprotect=yes clearglobalvars=no [default] include = customer exten = h,1,Hangup exten = i,1,Congestion exten = i,2,Hangup [agnosco] include = local-extensions include = customer_ivr include = incoming [customer_ivr] include = local-extensions exten = s,1,Answer exten = s,n,Background(agnosco_intro) exten = s,n,WaitExten ;Dial said extensions exten = 5,1
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
No problem. :-P I thought it might wise to include everything you needed just in case!! LOL! You are welcome!!! --Otis Ravichandran Rajagopal wrote: LOL I guess all I was asking for the changes to be made in the Cisco PIX 506. I think you gave me a short tutorial on VI as well. Thanks once again for this help. Let me work on these changes and test the one-way audio problem and go from there. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:55 PM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, I will explain changing the config in asterisk and the pix: Asterisk Box - vi to /etc/asterisk/rtp.conf and change the port span to 1 to 10050 (to start, you will need to increase later as ports fill up) (use insert to make a change in a file) to save: 1. esc 2. shift + colon 3. wq (to save) If you made a mistake and do not want to save but you changed something in the file: 1. esc 2. shift + colon 3. q! (to exit) Cisco Pix - on my old Pix 520 UR I do not use the ACLs for this case the static and conduit commands so this is a example from my setup. Theses are not usable IPs on the Internet or my IPs but just an example outside (interface) - 192.168.1.0/24 (192.168.1.1-192.168.1.254) dmz (interface) - 192.168.254.0/24 (192.168.254.1-192.168.254.254) interface ethernet0 100full (sets the duplex and turns on interface) interface ethernet1 100full (sets the duplex and turns on interface) nameif ethernet0 outside security0 ( lower security) nameif ethernet1 dmz security50 (higher security) no fixup protocol sip 5060 no fixup protocol sip udp 5060 ! - this makes things easier so now the pix knows the IP of the asterisk box and maps the ip to the name just for configuration purposes only so if you had 20 servers or devices you wanted public access to it's just easier to remember their names versus IPs. name 192.168.254.11 dns name 192.168.254.10 asterisk ! - the static command is used as a permanent mapper from one inside, dmz, or other to the global ip vice versa. (Rule of thumb if you map using static make sure you have a conduit command) static (dmz,outside) 192.168.1.22 asterisk netmask 255.255.255.255 0 0 ! - here is where you open the ports on the global side to the asterisk box. (the conduit command allows connections from lower security interfaces to higher security interfaces) conduit permit udp host 192.168.1.22 eq 1 any conduit permit udp host 192.168.1.22 eq 10001 any conduit permit udp host 192.168.1.22 eq 10002 any conduit permit udp host 192.168.1.22 eq 10003 any conduit permit udp host 192.168.1.22 eq 10004 any conduit permit udp host 192.168.1.22 eq 10005 any Hope this helps! --Otis Ravichandran Rajagopal wrote: Otis, I am new to Cisco PIX 506 and I am learning this. If you can help me with how to do this change on Cisco PIX it would be greatly appreciated. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:11 PM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, Open up the RTP (UDP) ports on your pix. (EX. conduit permit udp host x.x.x.x eq 10049 any). Also set your asterisk rtp config span to something you can configure (1 to 10200) unless you write a script to just copy and paste about 1 to 2 ports in your config on the pix. Cisco's are strange but secure. It took me about two hours to figure out after taking off the fixup and no more logging/debugging from the cisco. I actually fixed while a call was coming in. LOL! Let me know!!! --Otis Ravichandran Rajagopal wrote: Hi, I have the Cisco PIX 506 firewall right in front of the asterisk and I am getting a one-way audio. I need your help/guidance to resolve this problem. I have the fixups disabled for SIP in the Cisco PIX 506. Any help rendered by you in this subject is greatly appreciated. I have been breaking my head trying to resolve this problem for more than one month. I have included the sip.conf and the extensions.conf below. [SIP.conf] ; SIP Configuration example for Asterisk [general] context=incoming allowoverlap=no bindport=5060 bindaddr=0.0.0.0 localnet=192.168.5.0/255.255.255.0 externip=a.b.ccc.dd srvlookup=yes allow=ulaw allow=alaw [incoming] type=peer nat=no canreinvite=no host=xx.y.z.aaa qualify=yes dtmfmode=rfc2833 context=default [extensions.conf] [general] static=yes writeprotect=yes clearglobalvars=no [default] include = customer exten = h,1,Hangup exten = i,1,Congestion exten = i,2,Hangup [agnosco] include = local
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
Otis, I wanted to clarify what you said and what I comprehended. the SIP protocols are disabled in fixup. Having said that I guess all I have to do is just the following. the inside IP of asterisk server is 192.168.5.0 On the cisco PIX firewall enter the following. 192.168.5.0 eq 1 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10001 any conduit permit udp host 192.168.5.0 eq 10002 any conduit permit udp host ... . 192.168.5.0 eq 10049 any conduit permit udp host 192.168.5.0 eq 10050 any conduit permit udp host in the rtp.conf in /etc/asterisk change the ending port 2 (which is what it currently is) to 10050 Is there an easier way to make the entries in Cisco PIX firewall ? Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Saturday, February 09, 2008 12:18 AM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 No problem. :-P I thought it might wise to include everything you needed just in case!! LOL! You are welcome!!! --Otis Ravichandran Rajagopal wrote: LOL I guess all I was asking for the changes to be made in the Cisco PIX 506. I think you gave me a short tutorial on VI as well. Thanks once again for this help. Let me work on these changes and test the one-way audio problem and go from there. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:55 PM To: [EMAIL PROTECTED] Cc: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, I will explain changing the config in asterisk and the pix: Asterisk Box - vi to /etc/asterisk/rtp.conf and change the port span to 1 to 10050 (to start, you will need to increase later as ports fill up) (use insert to make a change in a file) to save: 1. esc 2. shift + colon 3. wq (to save) If you made a mistake and do not want to save but you changed something in the file: 1. esc 2. shift + colon 3. q! (to exit) Cisco Pix - on my old Pix 520 UR I do not use the ACLs for this case the static and conduit commands so this is a example from my setup. Theses are not usable IPs on the Internet or my IPs but just an example outside (interface) - 192.168.1.0/24 (192.168.1.1-192.168.1.254) dmz (interface) - 192.168.254.0/24 (192.168.254.1-192.168.254.254) interface ethernet0 100full (sets the duplex and turns on interface) interface ethernet1 100full (sets the duplex and turns on interface) nameif ethernet0 outside security0 ( lower security) nameif ethernet1 dmz security50 (higher security) no fixup protocol sip 5060 no fixup protocol sip udp 5060 ! - this makes things easier so now the pix knows the IP of the asterisk box and maps the ip to the name just for configuration purposes only so if you had 20 servers or devices you wanted public access to it's just easier to remember their names versus IPs. name 192.168.254.11 dns name 192.168.254.10 asterisk ! - the static command is used as a permanent mapper from one inside, dmz, or other to the global ip vice versa. (Rule of thumb if you map using static make sure you have a conduit command) static (dmz,outside) 192.168.1.22 asterisk netmask 255.255.255.255 0 0 ! - here is where you open the ports on the global side to the asterisk box. (the conduit command allows connections from lower security interfaces to higher security interfaces) conduit permit udp host 192.168.1.22 eq 1 any conduit permit udp host 192.168.1.22 eq 10001 any conduit permit udp host 192.168.1.22 eq 10002 any conduit permit udp host 192.168.1.22 eq 10003 any conduit permit udp host 192.168.1.22 eq 10004 any conduit permit udp host 192.168.1.22 eq 10005 any Hope this helps! --Otis Ravichandran Rajagopal wrote: Otis, I am new to Cisco PIX 506 and I am learning this. If you can help me with how to do this change on Cisco PIX it would be greatly appreciated. Thx Ravi -Original Message- From: ListAcct [mailto:[EMAIL PROTECTED] Sent: Friday, February 08, 2008 11:11 PM To: [EMAIL PROTECTED]; Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Ravi, Open up the RTP (UDP) ports on your pix. (EX. conduit permit udp host x.x.x.x eq 10049 any). Also set your asterisk rtp config span to something you can configure (1 to 10200) unless you write a script to just copy and paste about 1 to 2 ports in your config on the pix. Cisco's are strange but secure. It took me about two hours to figure out after taking off the fixup
Re: [asterisk-users] oneway audio with asterisk behind cisco pix 506
Note also that if you point to the DNS name rather than the IP address of the asterisk server on the phones trying to register, you can set NAT=NO on the asterisk side and the sip FIXUP command on the PIX will handle everything correctly making this workaround unnecessary - Original Message - From: Ravichandran Rajagopal [EMAIL PROTECTED] To: asterisk-users@lists.digium.com Sent: Friday, February 8, 2008 8:54:23 PM (GMT-0800) America/Los_Angeles Subject: [asterisk-users] oneway audio with asterisk behind cisco pix 506 Hi, I have the Cisco PIX 506 firewall right in front of the asterisk and I am getting a one-way audio. I need your help/guidance to resolve this problem. I have the “fixups” disabled for SIP in the Cisco PIX 506. Any help rendered by you in this subject is greatly appreciated. I have been breaking my head trying to resolve this problem for more than one month. I have included the sip.conf and the extensions.conf below. [SIP.conf] ; SIP Configuration example for Asterisk [general] context=incoming allowoverlap=no bindport=5060 bindaddr=0.0.0.0 localnet=192.168.5.0/255.255.255.0 externip=a.b.ccc.dd srvlookup=yes allow=ulaw allow=alaw [incoming] type=peer nat=no canreinvite=no host=xx.y.z.aaa qualify=yes dtmfmode=rfc2833 context=default [extensions.conf] [general] static=yes writeprotect=yes clearglobalvars=no [default] include = customer exten = h,1,Hangup exten = i,1,Congestion exten = i,2,Hangup [agnosco] include = local-extensions include = customer_ivr include = incoming [customer_ivr] include = local-extensions exten = s,1,Answer exten = s,n,Background(agnosco_intro) exten = s,n,WaitExten ;Dial said extensions exten = 5,1,Dial(SIP/[EMAIL PROTECTED],30) [incoming] exten = 4025901000,1,Goto(1000,1) exten = 1000,1,Goto(customer_ivr,s,1) Thanks sunMoonstar.___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Oneway audio
Hi list, I'm testingtransfer withsip re-inviteand bristuff-0.0.8-RCnusing anHFC pci card connetced directly to telco; this is what happen: 1.SIP phone calls a mobile phone (or another residential phone) 2. The called party answers the call 3. Now the sip phone puts on hold the calland calls another sip phone 4. They speak normally 5. Now hte phone that called the mobile transfer the session to the second one phone 6. The sip phone can hear the mobile phone, but not viceversa. This works perfectly if i try a blind transfer. Whaerecould be the problem? On the phoneon asterisk ? Anyone can help me? Thanks in advance Giordano ___ --Bandwidth and Colocation provided by Easynews.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[Asterisk-Users] Oneway Audio
Hi all, I did not get this error in Asterisk 1.2.5 release. I am testing on Asterisk SVN-trunk-r15187 to avail the PARKEDAT variable. - I park the call using ParkAndAnnounce - plays moh. - accept the call using ParkedCall The following errors are coming on the console and there is oneway audio - no audio after Music-On-Hold at caller's side. Please advice. I am testing using cisco 7902 phones and using cisco 2800 router. Codec is g711ulaw regards, -- Executing ParkedCall(SIP/192.168.50.2-09cbd610, 366) -- Channel SIP/192.168.50.2-09cbd610 connected to parked call 366Mar 29 17:59:16 WARNING[13774]: chan_sip.c:2692 sip_write: Asked to transmit frame type 64, while native formats is 4 (read/write = 4/4) Mar 29 17:59:16 WARNING[13774]: chan_sip.c:2692 sip_write: Asked to transmit frame type 64, while native formats is 4 (read/write = 4/4)Mar 29 17:59:16 WARNING[13774]: chan_sip.c:2692 sip_write: Asked to transmit frame type 64, while native formats is 4 (read/write = 4/4) Mar 29 17:59:16 WARNING[13774]: chan_sip.c:2692 sip_write: Asked to transmit frame type 64, while native formats is 4 (read/write = 4/4)Mar 29 17:59:17 WARNING[13774]: chan_sip.c:2692 sip_write: Asked to transmit frame type 64, while native formats is 4 (read/write = 4/4) Mar 29 17:59:17 WARNING[13774]: chan_sip.c:2692 sip_write: Asked to transmit frame type 64, while native formats is 4 (read/write = 4/4)Mar 29 17:59:17 WARNING[13774]: chan_sip.c:2692 sip_write: Asked to transmit frame type 64, while native formats is 4 (read/write = 4/4) Mar 29 17:59:17 WARNING[13774]: chan_sip.c:2692 sip_write: Asked to transmit frame type 64, while native formats is 4 (read/write = 4/4)Mar 29 17:59:17 WARNING[13774]: chan_sip.c:2692 sip_write: Asked to transmit frame type 64, while native formats is 4 (read/write = 4/4) Mar 29 17:59:17 WARNING[13774]: chan_sip.c:2692 sip_write: Asked to transmit frame type 64, while native formats is 4 (read/write = 4/4)Mar 29 17:59:17 WARNING[13774]: chan_sip.c:2692 sip_write: Asked to transmit frame type 64, while native formats is 4 (read/write = 4/4) ___ --Bandwidth and Colocation provided by Easynews.com -- Asterisk-Users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users