HI,
Thanks for your reply.
1. All the servers and Workstation in same subnet.
2. I'm not altering iptables. Just cut and paste the Port forward from server-manager
--------------------------------------------------------------------------
Below you will find a table summarizing the current port-forwarding rules installed on this server. Click on the "Remove" link to remove the corresponding rule.
Protocol Source Port(s) Destination Host IP Address Destination Port(s) Action
UDP 10000-20000 192.168.96.10 10000-20000 Remove
UDP 8000-8005 192.168.96.10 8000-8005 Remove
UDP 5060 192.168.96.10 5060 Remove
----------------------------------------------------------------------------------
I just change to UDP now and open port 8000-8005, But not sure this just did it.
3. Turn Off the firewall. " To be on the safe side, reboot your box and check that the tables are empty"
CentOS release 4.2 (Final) - SME Server 7.0rc1
[root@websvr ~]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
state_chk all -- anywhere anywhere
local_chk all -- anywhere anywhere
PPPconn all -- anywhere anywhere
denylog all -- BASE-ADDRESS.MCAST.NET/4 anywhere
denylog all -- anywhere BASE-ADDRESS.MCAST.NET/4
InboundICMP icmp -- anywhere anywhere
denylog icmp -- anywhere anywhere
InboundTCP tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN
denylog tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN
InboundUDP udp -- anywhere anywhere
denylog udp -- anywhere anywhere
gre-in gre -- anywhere anywhere
denylog gre -- anywhere anywhere
denylog all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
state_chk all -- anywhere anywhere
local_chk all -- anywhere anywhere
ForwardedTCP tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN
ForwardedUDP udp -- anywhere anywhere
denylog all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PPPconn all -- anywhere anywhere
denylog all -- BASE-ADDRESS.MCAST.NET/4 anywhere
denylog all -- anywhere BASE-ADDRESS.MCAST.NET/4
ACCEPT all -- anywhere anywhere
Chain ForwardedTCP (1 references)
target prot opt source destination
ForwardedTCP_2165 all -- anywhere anywhere
denylog tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN
Chain ForwardedTCP_2165 (1 references)
target prot opt source destination
Chain ForwardedUDP (1 references)
target prot opt source destination
ForwardedUDP_2165 all -- anywhere anywhere
denylog udp -- anywhere anywhere
Chain ForwardedUDP_2165 (1 references)
target prot opt source destination
Chain InboundICMP (1 references)
target prot opt source destination
InboundICMP_2165 all -- anywhere anywhere
denylog icmp -- anywhere anywhere
Chain InboundICMP_2165 (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp source-quench
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
denylog all -- anywhere anywhere
Chain InboundTCP (1 references)
target prot opt source destination
InboundTCP_2165 all -- anywhere anywhere
denylog tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN
Chain InboundTCP_2165 (1 references)
target prot opt source destination
denylog all -- anywhere !websvr.ausnetit.local
REJECT tcp -- anywhere websvr.ausnetit.local tcp dpt:auth reject-with tcp-reset
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:pop3
ACCEPT tcp -- anywhere websvr.ausnetit.local tcp dpt:auth
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:auth
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:imap
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:1723
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:ftp
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:ssh
ACCEPT tcp -- anywhere websvr.ausnetit.local tcp dpt:smtp
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:smtp
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:squid
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:ldap
ACCEPT tcp -- anywhere websvr.ausnetit.local tcp dpt:https
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:https
ACCEPT tcp -- anywhere websvr.ausnetit.local tcp dpt:smtps
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:smtps
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:domain
ACCEPT tcp -- anywhere websvr.ausnetit.local tcp dpt:http
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:http
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:http-admin
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:imaps
denylog tcp -- anywhere websvr.ausnetit.local tcp dpt:pop3s
Chain InboundUDP (1 references)
target prot opt source destination
InboundUDP_2165 all -- anywhere anywhere
denylog udp -- anywhere anywhere
Chain InboundUDP_2165 (1 references)
target prot opt source destination
denylog all -- anywhere !websvr.ausnetit.local
denylog udp -- anywhere websvr.ausnetit.local udp dpt:domain
Chain PPPconn (2 references)
target prot opt source destination
PPPconn_1 all -- anywhere anywhere
Chain PPPconn_1 (1 references)
target prot opt source destination
Chain denylog (37 references)
target prot opt source destination
DROP udp -- anywhere anywhere udp dpt:router
DROP udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn
DROP tcp -- anywhere anywhere tcp dpts:netbios-ns:netbios-ssn
ULOG all -- anywhere anywhere ULOG copy_range 0 nlgroup 1 prefix denylog:' queue_threshold 1
DROP all -- anywhere anywhere
Chain gre-in (1 references)
target prot opt source destination
denylog all -- anywhere !websvr.ausnetit.local
denylog all -- anywhere anywhere
Chain local_chk (2 references)
target prot opt source destination
local_chk_2165 all -- anywhere anywhere
Chain local_chk_2165 (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- 192.168.96.0/24 anywhere
Chain state_chk (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
[root@websvr ~]#
Is that Disable??
4. log in to the asterisk console in highly verbose mode, Now, fetch up your softphones and see if they register with asterisk
asterisk -rvvvvvvvvvvvvvvvvvvvv
asterisk -rvvvvvvvvvvvvvvvvvvvv == Parsing '/etc/asterisk/asterisk.conf': Found
== Parsing '/etc/asterisk/extconfig.conf': Found
Asterisk 1.2.3, Copyright (C) 1999 - 2006 Digium, Inc. and others.
Created by Mark Spencer <markster@digium.com>
Asterisk comes with ABSOLUTELY NO WARRANTY; type 'show warranty' for details.
This is free software, with components licensed under the GNU General Public
License version 2 and other licenses; you are welcome to redistribute it under
certain conditions. Type 'show license' for details.
=========================================================================
Connected to Asterisk 1.2.3 currently running on websvr (pid = 3204)
Verbosity was 0 and is now 20
Apr 17 23:01:57 NOTICE[3324]: chan_sip.c:5267 sip_reg_timeout: -- Registration for '88887389 @sip03.astrasip.com.au' timed out, trying again (Attempt #10850)
Apr 17 23:01:57 NOTICE[3324]: chan_sip.c:5267 sip_reg_timeout: -- Registration for '88887389 @sip03.astrasip.com.au' timed out, trying again (Attempt #10856)
Apr 17 23:01:57 NOTICE[3324]: chan_sip.c:5267 sip_reg_timeout: -- Registration for '88887389 @sip03.astrasip.com.au' timed out, trying again (Attempt #10677)
Apr 17 23:02:07 NOTICE[3324]: chan_sip.c:5267 sip_reg_timeout: -- Registration for '88887389 @sip03.astrasip.com.au' timed out, trying again (Attempt #7413)
-- Registered SIP '5000' at 192.168.96.101 port 5060 expires 180
-- Saved useragent "X-Lite release 1105x" for peer 5000
Why this is not registering????
5. Now try your calls and see how you get on. A good start-point is to issue *56* at one of the phones.
I can hear my extention from PBX
-- Executing AGI("SIP/5000-fb6c", "selintra|*56*") in new stack
-- Launched AGI Script /var/lib/asterisk/agi-bin/selintra
-- AGI Script Executing Application: (Playback) Options: (vm-extension)
-- Playing 'vm-extension' (language 'en')
-- Playing 'digits/5' (language 'en')
-- Playing 'digits/0' (language 'en')
-- Playing 'digits/0' (language 'en')
Apr 17 23:03:17 NOTICE[3324]: chan_sip.c:5267 sip_reg_timeout: -- Registration for '88887389 @sip03.astrasip.com.au' timed out, trying again (Attempt #10854)
Apr 17 23:03:17 NOTICE[3324]: chan_sip.c:5267 sip_reg_timeout: -- Registration for '88887389 @sip03.astrasip.com.au' timed out, trying again (Attempt #10860)
Apr 17 23:03:17 NOTICE[3324]: chan_sip.c:5267 sip_reg_timeout: -- Registration for '88887389 @sip03.astrasip.com.au' timed out, trying again (Attempt #10681)
-- Playing 'digits/0' (language 'en')
-- AGI Script selintra completed, returning 0
Apr 17 23:03:27 NOTICE[3324]: chan_sip.c:5267 sip_reg_timeout: -- Registration for '88887389 @sip03.astrasip.com.au' timed out, trying again (Attempt #7417)
-- Timeout on SIP/5000-fb6c
== CDR updated on SIP/5000-fb6c
-- Executing Hangup("SIP/5000-fb6c", "") in new stack
== Spawn extension (internal, t, 1) exited non-zero on 'SIP/5000-fb6c'
-- Executing Hangup("SIP/5000-fb6c", "") in new stack
== Spawn extension (internal, h, 1) exited non-zero on 'SIP/5000-fb6c'
-- Executing AGI("SIP/5000-66e5", "selintra|*56*") in new stack
-- Launched AGI Script /var/lib/asterisk/agi-bin/selintra
-- AGI Script Executing Application: (Playback) Options: (vm-extension)
-- Playing 'vm-extension' (language 'en')
-- Playing 'digits/5' (language 'en')
-- Playing 'digits/0' (language 'en')
-- Playing 'digits/0' (language 'en')
-- Playing 'digits/0' (language 'en')
-- AGI Script selintra completed, returning 0
Pease help.