I put a small Asterisk based VoIP appliance behind my test NethServer appliance today. I forwarded the sip ports and management interface ports to the VoIP appliance’s IP.
I can access the web interface for the VoIP appliance externally, I can call in and out, but all voice traffic is being blocked; there’s always silence on the line.
I don’t see anything relevant being logged in firewall.log. I’ve tried restarting shorewall in debug mode. I still see(hear ) the same result. I temporarily put a cheap Linksys router in place with the same port forwards and it works perfectly.
Can anyone else give me ideas of things I should look at and/or try?
I’m not sure what you mean. I’m using the same port forwarding as with the Linksys router that worked:
5060 UDP & TCP
443 TCP
I’m still a little unclear on what firewall rules would be required, so I added these two rules, which I thought would allow everything:
I don’t see a way to add a range of ports in a firewall service object, which may be a problem. As far as forwarding RTP ports, I shouldn’t need to. The SIP provider says this in their documentation after listing their server IPs:
“You must ensure that each of these IPs is allowed to pass UDP 5060 traffic into your network and that this traffic is port‐forwarded (if necessary) to the internal IP of your PBX.”
I’m aware that RTP ports are UDP ports used for streaming. I’m not clear on what you’re saying here:
I have the required port forwards. I even tried adding the port forwarding you mentioned.
I tried adding 1:1 NAT, but I had to create an alias, which should be a separate WAN IP address, right? Since this test is supposed to be testing for a customer who has a single static IP, I set the alias as the same as the WAN IP I’m using for testing. It still doesn’t work.
Anyone want to PM me so I can give access to poke around in my NS?
I have the same problem, only multiport 10000:20000 redirect to pbx dont send audio, the 5060 port function correct, sip client register but dont have audio.
Glad I’m not alone. I’ve tried a fresh install of NS and with Nas’s help, tweaking a bunch of settings. He’s still attempting to help, but at this point I have random occurrences of either one of the three:
-no audio
-one-way audio
-two-way audio (working! …but never happens two calls in a row)
I’m not a specialist, but at first look I see two things that hurt my eyes.
you had opened entirely your firewall from red to green for any service. It’s really risky. Remove this rules. And the fisrt rule green to red is pointless.
Let your green network safe !
why your asterisk instance is on the green part? Put it on the DMZ ( orange). And adjust only what you need to open.