On Fri, Nov 16, 2012 at 12:36 AM, Kyle Haefner <[email protected]>wrote:
> Hi All, > > Finally getting around to putting phones on my fresh install of openUC > 4.6. If I have the firewall disabled the phones get time from the sipx > cluster. If I have the firewall enabled then they do not. I have tried > setting the permit time synchronization and provide time settings under NTP > to no avail. It doesn't look like iptables is taking ntp into account, but > maybe I'm missing something? > > Here is what I see fro iptables -L > > ACCEPT tcp -- anywhere anywhere tcp dpt:http > state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp dpt:https > state NEW,ESTABLISHED > ACCEPT udp -- anywhere anywhere udp > dpt:domain state NEW,ESTABLISHED > ACCEPT udp -- anywhere anywhere udp > dpts:irisa:12999 state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp dpt:ftp > state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp > dpt:ftp-data state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp > dpts:50000:50050 state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp > dpt:xmpp-server state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp > dpt:hpvirtgrp state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp > dpt:xmpp-client state NEW,ESTABLISHED > ACCEPT udp -- anywhere anywhere udp > dpts:30000:31000 state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp > dpts:fmtp:asterix state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp > dpts:irdmi:xprint-server state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp dpt:8185 > state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp dpt:sip > state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp > dpt:sip-tls state NEW,ESTABLISHED > ACCEPT udp -- anywhere anywhere udp dpt:sip > state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp > dpt:ircu-2 state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp > dpt:onscreen state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp > dpt:sdl-ets state NEW,ESTABLISHED > ACCEPT tcp -- anywhere anywhere tcp dpt:ssh > state NEW,ESTABLISHED > ACCEPT udp -- anywhere anywhere udp dpt:tftp > state NEW,ESTABLISHED > ACCEPT all -- anywhere anywhere state > RELATED,ESTABLISHED > ACCEPT icmp -- anywhere anywhere > ACCEPT all -- anywhere anywhere > It looks like port 123 not allowed in firewall, to verify if it works check if with firewall eanbled and adding rule manually phones get time sync. To allow port 123 do iptables -A INPUT -p udp --dport 123 -j ACCEPT Please raise an issue Thanks George
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
