Asterisk Portforwarding NAT

T

Thomas-B

New Member
May 28, 2014
2
0
1
Dear community,
Does anyone have an idea how to forward RTP ports right? Port 10000-20000 for Asterisk. Without RTP no sound.

Here is my example of what does not work: (Does everything work. Only no sound at Sip Port 5060)

auto vmbr100
iface vmbr100 inet static
address 192.168.100.254
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.100.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.100.0/24' -o vmbr0 -j MASQUERADE
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 192.168.100.1:80
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 192.168.100.1:80
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 1022 -j DNAT --to 192.168.100.1:22
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 1022 -j DNAT --to 192.168.100.1:22

post-up iptables -t nat -A PREROUTING -i vmbr0 -p udp --dport 4569 -j DNAT --to 192.168.100.1:4569
post-down iptables -t nat -D PREROUTING -i vmbr0 -p udp --dport 4569 -j DNAT --to 192.168.100.1:4569



post-up iptables -t nat -A PREROUTING -p udp -m multiport --dport 5060,10000:20000 -j DNAT --to-destination 192.168.100.1
post-down iptables -t nat -D PREROUTING -p udp -m multiport --dport 5060,10000:20000 -j DNAT --to-destination 192.168.100.1
post-up iptables -A FORWARD -p udp -s 192.168.100.1 -j ACCEPT
post-down iptables -D FORWARD -p udp -s 192.168.100.1 -j ACCEPT
>>>>> post-up iptables -A FORWARD -p udp -m multiport --dport 5060,10000:20000 -d 192.168.100.1 -j ACCEPT
>>>>> post-down iptables -D FORWARD -p udp -m multiport --dport 5060,10000:20000 -d 192.168.100.1 -j ACCEPT

Thank you for help

Thomas
 
Thomas-B said:
Dear community,
Does anyone have an idea how to forward RTP ports right? Port 10000-20000 for Asterisk. Without RTP no sound.

Here is my example of what does not work: (Does everything work. Only no sound at Sip Port 5060)

auto vmbr100
iface vmbr100 inet static
address 192.168.100.254
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.100.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.100.0/24' -o vmbr0 -j MASQUERADE
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 192.168.100.1:80
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 192.168.100.1:80
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 1022 -j DNAT --to 192.168.100.1:22
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 1022 -j DNAT --to 192.168.100.1:22

post-up iptables -t nat -A PREROUTING -i vmbr0 -p udp --dport 4569 -j DNAT --to 192.168.100.1:4569
post-down iptables -t nat -D PREROUTING -i vmbr0 -p udp --dport 4569 -j DNAT --to 192.168.100.1:4569



post-up iptables -t nat -A PREROUTING -p udp -m multiport --dport 5060,10000:20000 -j DNAT --to-destination 192.168.100.1
post-down iptables -t nat -D PREROUTING -p udp -m multiport --dport 5060,10000:20000 -j DNAT --to-destination 192.168.100.1
post-up iptables -A FORWARD -p udp -s 192.168.100.1 -j ACCEPT
post-down iptables -D FORWARD -p udp -s 192.168.100.1 -j ACCEPT
>>>>> post-up iptables -A FORWARD -p udp -m multiport --dport 5060,10000:20000 -d 192.168.100.1 -j ACCEPT
>>>>> post-down iptables -D FORWARD -p udp -m multiport --dport 5060,10000:20000 -d 192.168.100.1 -j ACCEPT

Thank you for help

Thomas
Click to expand...


Hi mate,
I am facing almost same issue, but am using elasix, can you tel me in your case, if I call elastix UI which port would be used with the IP address?
cheers
 
You must log in or register to reply here.
Top Bottom