Problemas de NAT

GuayO!

Joined
Feb 18, 2011
Messages
10
Likes
0
Points
0
#1
Estimados.

Les cuento un poco mi problema.

Tengo instalado una central Elastix, funcionando sin problemas entre anexos, pero al tratar de comunicarme a un anexo al exterior, no tengo audio.
He vistos muchos post que indican que configurar el NAT, esto deberia solucionarlo, pero no lo he podido resolver.

Acontinuación adjunto mi configuracion de nat, sip, rtp etc.


;
; RTP Configuration
;
[general]
;
; RTP start and RTP end configure start and end addresses
; These are the addresses where your system will RECEIVE audio and video streams.
; If you have connections across a firewall, make sure that these are open.
;
rtpstart=10000
rtpend=20000

----------------------------
SIP_NAT.CONF

nat=yes
externip=190.151.93.234
localnet=192.168.100.0/255.255.255.240
localnet=192.168.16.0/255.255.255.0
localnet=10.254.210.0/255.255.255.240
qualify=yes
externrefresh=120


redireccioné lo que venía del puerto 5060 a mi IP publica.

------------------------------------------------------------
CONFIGURACIÓN DE MI TRUNK

PEER Details

host=10.254.210.82
type=peer
context=from-trunk
port=5060
allow=all
disallow=all
qualify=yes
nat=yes

User Details
context=from-trunk
host=10.254.210.82
type=friend
allow=all
disallow=all
nat=yes

---------------------------
Sip show peer
190*CLI> sip show peers
Name/username Host Dyn Nat ACL Port Status
101/101 200.54.156.100 D N A 1056 OK (76 ms)
2000 (Unspecified) D A 5060 UNKNOWN
2001/2001 186.40.103.240 D N A 6954 OK (1545 ms)
2002 (Unspecified) D N A 5060 UNKNOWN
2004 (Unspecified) D N A 5060 UNKNOWN
892000 10.254.210.82 N 5060 UNREACHABLE
sip_entel 10.254.210.82 N 5060 UNREACHABLE

----------------------------
190*CLI> sip set debug 2001
No such command 'sip set debug 2001' (type 'core show help sip set debug' for ot her possible commands)
== Using SIP RTP TOS bits 184
== Using SIP RTP CoS mark 5
-- Executing [650720@from-internal:1] Macro("SIP/2001-00000000", "user-calle rid,SKIPTTL,") in new stack
-- Executing [s@macro-user-callerid:1] Set("SIP/2001-00000000", "AMPUSER=200 1") in new stack
-- Executing [s@macro-user-callerid:2] GotoIf("SIP/2001-00000000", "0?report ") in new stack
-- Executing [s@macro-user-callerid:3] ExecIf("SIP/2001-00000000", "1?Set(RE ALCALLERIDNUM=2001)") in new stack
-- Executing [s@macro-user-callerid:4] Set("SIP/2001-00000000", "AMPUSER=200 1") in new stack
-- Executing [s@macro-user-callerid:5] Set("SIP/2001-00000000", "AMPUSERCIDN AME=Claudio") in new stack
-- Executing [s@macro-user-callerid:6] GotoIf("SIP/2001-00000000", "0?report ") in new stack
-- Executing [s@macro-user-callerid:7] Set("SIP/2001-00000000", "AMPUSERCID= 2001") in new stack
-- Executing [s@macro-user-callerid:8] Set("SIP/2001-00000000", "CALLERID(al l)="Claudio" <2001>") in new stack
-- Executing [s@macro-user-callerid:9] ExecIf("SIP/2001-00000000", "0?Set(CH ANNEL(language)=)") in new stack
-- Executing [s@macro-user-callerid:10] GotoIf("SIP/2001-00000000", "1?conti nue") in new stack
-- Goto (macro-user-callerid,s,19)
-- Executing [s@macro-user-callerid:19] NoOp("SIP/2001-00000000", "Using Cal lerID "Claudio" <2001>") in new stack
-- Executing [650720@from-internal:2] Set("SIP/2001-00000000", "_NODEST=") i n new stack
-- Executing [650720@from-internal:3] Macro("SIP/2001-00000000", "record-ena ble,2001,OUT,") in new stack
-- Executing [s@macro-record-enable:1] GotoIf("SIP/2001-00000000", "1?check" ) in new stack
-- Goto (macro-record-enable,s,4)
-- Executing [s@macro-record-enable:4] ExecIf("SIP/2001-00000000", "0?MacroE xit()") in new stack
-- Executing [s@macro-record-enable:5] GotoIf("SIP/2001-00000000", "0?Group: OUT") in new stack
-- Goto (macro-record-enable,s,15)
-- Executing [s@macro-record-enable:15] GotoIf("SIP/2001-00000000", "0?IN") in new stack
-- Executing [s@macro-record-enable:16] ExecIf("SIP/2001-00000000", "1?Macro Exit()") in new stack
-- Executing [650720@from-internal:4] Macro("SIP/2001-00000000", "dialout-tr unk,2,650720,,") in new stack
-- Executing [s@macro-dialout-trunk:1] Set("SIP/2001-00000000", "DIAL_TRUNK= 2") in new stack
-- Executing [s@macro-dialout-trunk:2] GosubIf("SIP/2001-00000000", "0?sub-p incheck,s,1") in new stack
-- Executing [s@macro-dialout-trunk:3] GotoIf("SIP/2001-00000000", "0?disabl etrunk,1") in new stack
-- Executing [s@macro-dialout-trunk:4] Set("SIP/2001-00000000", "DIAL_NUMBER =650720") in new stack
-- Executing [s@macro-dialout-trunk:5] Set("SIP/2001-00000000", "DIAL_TRUNK_ OPTIONS=tr") in new stack
-- Executing [s@macro-dialout-trunk:6] Set("SIP/2001-00000000", "OUTBOUND_GR OUP=OUT_2") in new stack
-- Executing [s@macro-dialout-trunk:7] GotoIf("SIP/2001-00000000", "1?nomax" ) in new stack
-- Goto (macro-dialout-trunk,s,9)
-- Executing [s@macro-dialout-trunk:9] GotoIf("SIP/2001-00000000", "0?skipou tcid") in new stack
-- Executing [s@macro-dialout-trunk:10] Set("SIP/2001-00000000", "DIAL_TRUNK _OPTIONS=") in new stack
-- Executing [s@macro-dialout-trunk:11] Macro("SIP/2001-00000000", "outbound -callerid,2") in new stack
-- Executing [s@macro-outbound-callerid:1] ExecIf("SIP/2001-00000000", "0?Se t(CALLERPRES()=)") in new stack
-- Executing [s@macro-outbound-callerid:2] ExecIf("SIP/2001-00000000", "0?Se t(REALCALLERIDNUM=2001)") in new stack
-- Executing [s@macro-outbound-callerid:3] GotoIf("SIP/2001-00000000", "1?no rmcid") in new stack
-- Goto (macro-outbound-callerid,s,6)
-- Executing [s@macro-outbound-callerid:6] Set("SIP/2001-00000000", "USEROUT CID=") in new stack
-- Executing [s@macro-outbound-callerid:7] Set("SIP/2001-00000000", "EMERGEN CYCID=") in new stack
-- Executing [s@macro-outbound-callerid:8] Set("SIP/2001-00000000", "TRUNKOU TCID=892000") in new stack
-- Executing [s@macro-outbound-callerid:9] GotoIf("SIP/2001-00000000", "1?tr unkcid") in new stack
-- Goto (macro-outbound-callerid,s,12)
-- Executing [s@macro-outbound-callerid:12] ExecIf("SIP/2001-00000000", "1?S et(CALLERID(all)=892000)") in new stack
-- Executing [s@macro-outbound-callerid:13] ExecIf("SIP/2001-00000000", "0?S et(CALLERID(all)=)") in new stack
-- Executing [s@macro-outbound-callerid:14] ExecIf("SIP/2001-00000000", "0?S et(CALLERID(all)=)") in new stack
-- Executing [s@macro-outbound-callerid:15] ExecIf("SIP/2001-00000000", "0?S et(CALLERPRES()=prohib_passed_screen)") in new stack
-- Executing [s@macro-dialout-trunk:12] ExecIf("SIP/2001-00000000", "1?AGI(f ixlocalprefix)") in new stack
-- Launched AGI Script /var/lib/asterisk/agi-bin/fixlocalprefix
== fixlocalprefix: Dialpattern . matched. 650720 -> 650720
-- <SIP/2001-00000000>AGI Script fixlocalprefix completed, returning 0
-- Executing [s@macro-dialout-trunk:13] Set("SIP/2001-00000000", "OUTNUM=650 720") in new stack
-- Executing [s@macro-dialout-trunk:14] Set("SIP/2001-00000000", "custom=SIP /sip_entel") in new stack
-- Executing [s@macro-dialout-trunk:15] ExecIf("SIP/2001-00000000", "0?Set(D IAL_TRUNK_OPTIONS=M(setmusic^))") in new stack
-- Executing [s@macro-dialout-trunk:16] Macro("SIP/2001-00000000", "dialout- trunk-predial-hook,") in new stack
-- Executing [s@macro-dialout-trunk-predial-hook:1] MacroExit("SIP/2001-0000 0000", "") in new stack
-- Executing [s@macro-dialout-trunk:17] GotoIf("SIP/2001-00000000", "0?bypas s,1") in new stack
-- Executing [s@macro-dialout-trunk:18] GotoIf("SIP/2001-00000000", "0?custo mtrunk") in new stack
-- Executing [s@macro-dialout-trunk:19] Dial("SIP/2001-00000000", "SIP/sip_e ntel/650720,300,") in new stack
== Using SIP RTP TOS bits 184
== Using SIP RTP CoS mark 5
== Everyone is busy/congested at this time (1:0/0/1)
-- Executing [s@macro-dialout-trunk:20] NoOp("SIP/2001-00000000", "Dial fail ed for some reason with DIALSTATUS = CHANUNAVAIL and HANGUPCAUSE = 20") in new s tack
-- Executing [s@macro-dialout-trunk:21] Goto("SIP/2001-00000000", "s-CHANUNA VAIL,1") in new stack
-- Goto (macro-dialout-trunk,s-CHANUNAVAIL,1)
-- Executing [s-CHANUNAVAIL@macro-dialout-trunk:1] Set("SIP/2001-00000000", "RC=20") in new stack
-- Executing [s-CHANUNAVAIL@macro-dialout-trunk:2] Goto("SIP/2001-00000000", "20,1") in new stack
-- Goto (macro-dialout-trunk,20,1)
-- Executing [20@macro-dialout-trunk:1] Goto("SIP/2001-00000000", "continue, 1") in new stack
-- Goto (macro-dialout-trunk,continue,1)
-- Executing [continue@macro-dialout-trunk:1] GotoIf("SIP/2001-00000000", "1 ?noreport") in new stack
-- Goto (macro-dialout-trunk,continue,3)
-- Executing [continue@macro-dialout-trunk:3] NoOp("SIP/2001-00000000", "TRU NK Dial failed due to CHANUNAVAIL HANGUPCAUSE: 20 - failing through to other tru nks") in new stack
-- Executing [continue@macro-dialout-trunk:4] Set("SIP/2001-00000000", "CALL ERID(number)=2001") in new stack
-- Executing [650720@from-internal:5] Macro("SIP/2001-00000000", "outisbusy, ") in new stack
-- Executing [s@macro-outisbusy:1] Progress("SIP/2001-00000000", "") in new stack
-- Executing [s@macro-outisbusy:2] GotoIf("SIP/2001-00000000", "0?emergency, 1") in new stack
-- Executing [s@macro-outisbusy:3] GotoIf("SIP/2001-00000000", "0?intracompa ny,1") in new stack
-- Executing [s@macro-outisbusy:4] Playback("SIP/2001-00000000", "all-circui ts-busy-now&pls-try-call-later, noanswer") in new stack
-- <SIP/2001-00000000> Playing 'all-circuits-busy-now.gsm' (language 'en')
-- <SIP/2001-00000000> Playing 'pls-try-call-later.gsm' (language 'en')
== Spawn extension (macro-outisbusy, s, 4) exited non-zero on 'SIP/2001-000000 00' in macro 'outisbusy'
== Spawn extension (from-internal, 650720, 5) exited non-zero on 'SIP/2001-000 00000'
-- Executing [h@from-internal:1] Macro("SIP/2001-00000000", "hangupcall") in new stack
-- Executing [s@macro-hangupcall:1] GotoIf("SIP/2001-00000000", "1?noautomon ") in new stack
-- Goto (macro-hangupcall,s,3)
-- Executing [s@macro-hangupcall:3] NoOp("SIP/2001-00000000", "TOUCH_MONITOR _OUTPUT=") in new stack
-- Executing [s@macro-hangupcall:4] GotoIf("SIP/2001-00000000", "1?noautomon 2") in new stack
-- Goto (macro-hangupcall,s,6)
-- Executing [s@macro-hangupcall:6] NoOp("SIP/2001-00000000", "MONITOR_FILEN AME=") in new stack
-- Executing [s@macro-hangupcall:7] GotoIf("SIP/2001-00000000", "1?skiprg") in new stack
-- Goto (macro-hangupcall,s,10)
-- Executing [s@macro-hangupcall:10] GotoIf("SIP/2001-00000000", "1?skipblkv m") in new stack
-- Goto (macro-hangupcall,s,13)
-- Executing [s@macro-hangupcall:13] GotoIf("SIP/2001-00000000", "1?theend") in new stack
-- Goto (macro-hangupcall,s,15)
-- Executing [s@macro-hangupcall:15] Hangup("SIP/2001-00000000", "") in new stack
== Spawn extension (macro-hangupcall, s, 15) exited non-zero on 'SIP/2001-0000 0000' in macro 'hangupcall'
== Spawn extension (from-internal, h, 1) exited non-zero on 'SIP/2001-00000000


Se me acaban las ideas, ojala me puedan echar alguna mano, les comento que desactivé los firewalls pensando que podía estar bloqueando los puertos 5060 y los de rtp

Saludos

y Gracias
 

fmvillares

Joined
Sep 8, 2007
Messages
1,785
Likes
0
Points
0
#2
redireccionaste solo el sip y el sonido por el rtp donde esta???
 

GuayO!

Joined
Feb 18, 2011
Messages
10
Likes
0
Points
0
#3
Estimado.

A donde tengo que redireccionar esos puertos, a mi enlace de internet o a mi LAN.

iptables -t nat -A PREROUTING -i eth2 -p UDP --dport 10000:20000 -j DNAT --to 192.168.100.201

Saludos y gracias por darte el tiempo de responder.

Claudio Urey
 

fmvillares

Joined
Sep 8, 2007
Messages
1,785
Likes
0
Points
0
#4
lo mismo que hiciste en el 5060 pero con los de rtp
 

GuayO!

Joined
Feb 18, 2011
Messages
10
Likes
0
Points
0
#5
Estimado

He escrito los siguientes comandos.

[root@200-54-156-100 ~]# iptables -t nat -A PREROUTING -i eth0 -p udp --dport 5060:5080 -j DNAT --to 192.168.16.11
[root@200-54-156-100 ~]# iptables -t nat -A PREROUTING -i eth0 -p udp --dport 10000:20000 -j DNAT --to 192.168.16.11

En mi firewall, pero sigo sin tener audio. :(
 

fmvillares

Joined
Sep 8, 2007
Messages
1,785
Likes
0
Points
0
#6
etnes qeu ser mas explicito no veo asi a simple vista razones de todas frmas con ip tables me agarraste ya que yo uso firewalls de hardware no maquinas por soft
 

Luis Diego

Joined
Nov 1, 2010
Messages
237
Likes
0
Points
0
#7
intenta con tcp y udp en tu iptables:

[root@200-54-156-100 ~]# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5060:5080 -j DNAT --to 192.168.16.11
[root@200-54-156-100 ~]# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 10000:20000 -j DNAT --to 192.168.16.11

Fernando que firewall usas???
 

GuayO!

Joined
Feb 18, 2011
Messages
10
Likes
0
Points
0
#8
Estimado.

Intente lo que me dijistes, pero sigo sin audio.

Help!

Buenos, para que se hagan una idea.

Esta es mi Red.

Asterisk 2 tarjetas de red 192.168.100.200 y 192.168.16.11
Firewall 192.168.16.250
Enlace de Internet 190.151.93.233

Una de las puertas del asterisk se conectar con el firewall y la otra director al router que me da el servicio de Trunk IP.

Asterisk ----> Firewall ----> Enlace de Internet
Asterisk ----> Router ISP Trunk

Abrí los puertos del firewall, y le indiqué que los paquetes UDP, los llevará a la IP 192.168.16.11

Mi duda es, ¿Los paquetes que llegan a mi Asterisk por la 192.168.16.11, se tienen que redireccionar a la 192.168.100.200, que es mi otra tarjeta de red, que me da el enlace de voz?

Saludos.
 

fmvillares

Joined
Sep 8, 2007
Messages
1,785
Likes
0
Points
0
#9
tenes q agregar las rutas estaticas entre las 2 redes...
 

Luis Diego

Joined
Nov 1, 2010
Messages
237
Likes
0
Points
0
#10
haber intenta dandole ping si te responde.
 

Members online

No members online now.

Latest posts

Forum statistics

Threads
30,901
Messages
130,885
Members
17,561
Latest member
marouen
Top