[Freeswitch-users] How to disable 5060-5080 with auto-nat at upnp?
Alex Wang
hadyn_whx at hotmail.com
Tue Jan 11 20:27:15 MSK 2011
I have trixbox running on my home LAN on the same ESX server, which is
my old pbx system. And I didn't map any port on the router and I use
google voice, freephoneline, voipcheap, etc and they all works fine.
I do need to setup the external ip, my local lan settings on *, but
that's it, nothing relate to the router.
I keep digging. If someone have the answer, pls let me know.
Alex
On Tue, 11 Jan 2011 10:34:33 -0600
Rupa Schomaker <rupa at rupa.com> wrote:
> Well, there is no "the RTP port" -- there is a range which is quite
> large by default.
>
> I mean setup a rule to block the port, not point it somewhere else.
> Though I guess you could point it to a black hole (IP that is never
> assigned).
>
> Why/how * works, I dunno. Maybe someone else can answer that
> question. I don't see how to handle RTP data properly through a
> firewall without support for portmapping initiated by FS (using upnp
> or nat-pmp) or having a SIP ALG running on the firewall.
>
> On Tue, Jan 11, 2011 at 10:26 AM, Alex Wang <hadyn_whx at hotmail.com> wrote:
> > Hi Rupa
> >
> > Do you mean create a port map on the router to map to other ip instead
> > of FS?
> >
> > update: That seems working. But do you think I can just turn off the
> > auto-nat and map the rtp port out to get it working? Which way is the
> > best? In the asterisk, I don't even need turn on upnp and don't need to
> > map the port and it works fine behind the router, even those ATAs,
> > normally you don't need to map any port on the router and they just
> > register from isp and works fine with router(non UPNP & UPNP), why FS
> > need do those extra step? I try to find the answer in the WiKi but cant
> > find the explaination for that.
> >
> > Thanks
> >
> > Alex
> >
> >
> > On Tue, 11 Jan 2011 09:09:46 -0600
> > Rupa Schomaker <rupa at rupa.com> wrote:
> >
> >> Hmmm... ?I didn't put anything in the nat_map code to allow some parts
> >> of the sofia profile to participate in the nat mapping while others do
> >> not.
> >>
> >> Brian, do you have any ideas?
> >>
> >> Alex, I'd suggest just blocking ports 5060-5080 on the firewall. ?The
> >> port blocking *should* take precedence over the upnp maps.
> >>
> >> On Mon, Jan 10, 2011 at 10:17 PM, Alex Wang <hadyn_whx at hotmail.com> wrote:
> >> > Hi All
> >> >
> >> > Just don't want to open these port to the public, all my extensions are
> >> > in my LAN. If I disable upnp, the outside sip register is not working, I
> >> > mean no sound.
> >> > How to disable the auto-nat publish 5060-5080 on the internet?
> >> >
> >> >
> >> > Thanks
> >> >
> >> > Alex
> >> >
> >> >
> >> >
> >> > _______________________________________________
> >> > FreeSWITCH-users mailing list
> >> > FreeSWITCH-users at lists.freeswitch.org
> >> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> >> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> >> > http://www.freeswitch.org
> >> >
> >>
> >>
> >>
> >> --
> >> -Rupa
> >>
> >> _______________________________________________
> >> FreeSWITCH-users mailing list
> >> FreeSWITCH-users at lists.freeswitch.org
> >> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> >> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> >> http://www.freeswitch.org
> >
> >
> >
> >
> > _______________________________________________
> > FreeSWITCH-users mailing list
> > FreeSWITCH-users at lists.freeswitch.org
> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> > http://www.freeswitch.org
> >
>
>
>
> --
> -Rupa
>
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
More information about the FreeSWITCH-users
mailing list