[Freeswitch-users] Bridging between two rfc1918 networks
Serge Yuriev
me at nevian.org
Thu Oct 13 00:51:51 MSD 2016
From perspective of server it is normal route via desired interface.
So VPN somewhere outside and server not aware of it.
--
Wbr, Serge via mobile
12.10.2016, 21:17, "Brian West" <brian at freeswitch.org>:
> How are the two networks connected? VPN?
>
> On Wed, Oct 12, 2016 at 12:01 PM, Serge S. Yuriev <me at nevian.org> wrote:
> Hi,
>
> How I can debug this issue to move it further?
> I feel much more comfortable with FS than Asterisk which works out-of-box :)
>
> Proxy mode doesn't work also because of 3pcc.
> --
> Wbr, Serge via mobile
>
> 11.10.2016, 14:25, "Serge S. Yuriev" <me at nevian.org>:
>
>> Hi
>>
>> Is anyone have had chance to check the logs?
>>
>> I tried to include 172.17.2.3 as local-network on external while excluding it from internal - no joy :(
>>
>> <list name="lan" default="deny">
>> <node type="deny" cidr="172.17.2.3/32"/>
>> <node type="deny" cidr="172.17.2.4/32"/>
>> <node type="allow" cidr="192.168.0.0/16"/>
>> <node type="allow" cidr="10.0.0.0/8"/>
>> <node type="allow" cidr="172.16.0.0/12"/>
>> </list>
>>
>> <list name="wan" default="deny">
>> <node type="allow" cidr="172.17.2.
>> 3/32"/>
>> <node type="allow" cidr="172.17.2.
>> 4/32"/>
>> <node type="allow" cidr="83.y.y.128/25"/>
>> </list>
>>
>> --
>> Wbr, Serge via mobile
>>
>> 09.10.2016, 13:03, "Serge Yuriev":
>>> Bad one
>>> https://pastebin.freeswitch.org/view/5a6b306c
>>>
>>> Good one
>>> https://pastebin.freeswitch.org/view/5b1ca4e3
>>>
>>>> On 8 Oct 2016, at 04:23, Anthony Minessale <anthony.minessale at gmail.com> wrote:
>>>>
>>>> Too terse.
>>>>
>>>> You probably need to produce full traces on pastebin with the full debug to get any idea.
>>>>
>>>>
>>>> On Fri, Oct 7, 2016 at 6:13 PM, Serge Yuriev <me at nevian.org> wrote:
>>>> As mentioned before I tried to play with local-network-acl but no joy. Maybe it’s just not right? On which profile I should tune?
>>>>
>>>> <list name="lan" default="deny">
>>>> <node type="deny" cidr="172.17.2.3/32"/>
>>>> <node type="deny" cidr="172.17.2.4/32"/>
>>>> <node type="allow" cidr="192.168.0.0/16"/>
>>>> <node type="allow" cidr="10.0.0.0/8"/>
>>>> <node type="allow" cidr="172.16.0.0/12"/>
>>>> </list>
>>>>
>>>> On both profiles I have like this
>>>> Int
>>>> <param name="rtp-ip" value="$${inside_bind_ipv4}"/>
>>>> <param name="sip-ip" value="$${inside_bind_ipv4}"/>
>>>> <param name="ext-rtp-ip" value="$${inside_bind_ipv4}"/>
>>>> <param name="ext-sip-ip" value="$${inside_bind_ipv4}"/>
>>>>
>>>> Ext
>>>> <param name="rtp-ip" value="$${outside_bind_ipv4}"/>
>>>> <param name="sip-ip" value="$${outside_bind_ipv4}"/>
>>>> <param name="ext-rtp-ip" value="$${outside_bind_ipv4}"/>
>>>> <param name="ext-sip-ip" value="$${outside_bind_ipv4}"/>
>>>>
>>>>> On 8 Oct 2016, at 00:48, Brian West <brian at freeswitch.org> wrote:
>>>>>
>>>>> you have to fix your local-network-acl in each system probably to do the right thing, do you have the ext-rtp-ip set with the automat: prefix?
>>>>>
>>>>> On Fri, Oct 7, 2016 at 1:23 PM, Serge S. Yuriev <me at nevian.org> wrote:
>>>>> Hello,
>>>>>
>>>>> Two SIP profiles:
>>>>> External 83.хх
>>>>> Internal 10.23.154.0/24
>>>>>
>>>>> Via external we are receiving/send calls from/to 172.17.2.0/29
>>>>> For some reason if we call outside FS sends unmodified addresses in SDP.
>>>>> So we have unroutable address in SDP and one-way audio. If call flows
>>>>> ext to int all working correct.
>>>>> Tried local-network-acl on inside (10.хх) with excluded 172.хх,
>>>>> apply-nat-acl with included 172.xx on either int and ext. Nothing helps :(
>>>>>
>>>>> "Bad one" SDP - from internal to external
>>>>> send 960 bytes to udp/[10.23.154.63]:6060 at 18:16:22.226984:
>>>>> ------------------------------------------------------------------------
>>>>> SIP/2.0 200 OK
>>>>> Via: SIP/2.0/UDP 10.23.154.63:6060;branch=z9hG4bKe433fa68b81
>>>>> From: "IT, Юрьев Сергей"
>>>>> <sip:12550 at 10.23.154.63>;tag=195594~27154efa-6325-45a2-9e47-67e5d9302ebc-237816120
>>>>> To: <sip:62987%236546 at 10.23.154.100>;tag=66NUXXHvB6HBp
>>>>> Call-ID: 86c80-7f71bc46-c44e-3f40000a at 10.23.154.63
>>>>> CSeq: 101 INVITE
>>>>> Contact: <sip:mod_sofia at 10.23.154.100:6060>
>>>>> User-Agent:
>>>>> FreeSWITCH-mod_sofia/1.7.0+git~20160707T165535Z~be13536ac9~64bit
>>>>> Accept: application/sdp
>>>>> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE,
>>>>> PRACK, NOTIFY
>>>>> Require: timer
>>>>> Supported: precondition, 100rel, timer, path, replaces
>>>>> Allow-Events: talk, hold, conference, refer
>>>>> Session-Expires: 1800;refresher=uac
>>>>> Content-Type: application/sdp
>>>>> Content-Disposition: session
>>>>> Content-Length: 180
>>>>>
>>>>> v=0
>>>>> o=- 1475853382 2 IN IP4 172.17.2.3
>>>>> s=-
>>>>> >> c=IN IP4 172.17.2.4
>>>>> b=AS:64
>>>>> t=0 0
>>>>> m=audio 3040 RTP/AVP 8 101
>>>>> a=rtpmap:8 PCMA/8000
>>>>> a=rtpmap:101 telephone-event/8000
>>>>> a=ptime:20
>>>>>
>>>>>
>>>>> And a good one - external to internal
>>>>> send 1162 bytes to udp/[10.23.154.65]:5060 at 12:34:15.132027:
>>>>> ------------------------------------------------------------------------
>>>>> INVITE sip:12550 at 10.23.154.65 SIP/2.0
>>>>> Via: SIP/2.0/UDP 10.23.154.100:6060;rport;branch=z9hG4bKUXyFjDmg8rtmB
>>>>> Max-Forwards: 69
>>>>> From: "Абонент"
>>>>> <sip:$(caller_id_number)@10.23.154.100>;tag=1agg8aZ7FUUBK
>>>>> To: <sip:12550 at 10.23.154.65>
>>>>> Call-ID: d8367628-0fc1-4325-998f-3f32f9d3a05b
>>>>> CSeq: 97580363 INVITE
>>>>> Contact: <sip:gw+cucm-65 at 10.23.154.100:6060;transport=udp;gw=cucm-65>
>>>>> User-Agent:
>>>>> FreeSWITCH-mod_sofia/1.7.0+git~20160707T165535Z~be13536ac9~64bit
>>>>> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE,
>>>>> PRACK, NOTIFY
>>>>> Supported: precondition, 100rel, timer, path, replaces
>>>>> Allow-Events: talk, hold, conference, refer
>>>>> Content-Type: application/sdp
>>>>> Content-Disposition: session
>>>>> Content-Length: 268
>>>>> X-FS-Support: update_display,send_info
>>>>> Remote-Party-ID: "Абонент"
>>>>> <sip:$(caller_id_number)@10.23.154.100>;party=calling;screen=yes;privacy=off
>>>>>
>>>>> v=0
>>>>> o=FreeSWITCH 1475804423 1475804424 IN IP4 10.23.154.100
>>>>> s=FreeSWITCH
>>>>> >> c=IN IP4 10.23.154.100
>>>>> t=0 0
>>>>> m=audio 28432 RTP/AVP 8 18 101 13
>>>>> a=rtpmap:8 PCMA/8000
>>>>> a=rtpmap:18 G729/8000
>>>>> a=rtpmap:101 telephone-event/8000
>>>>> a=fmtp:101 0-16
>>>>> a=rtpmap:13 CN/8000
>>>>> a=ptime:20
>>>>>
>>>>> --
>>>>> Serge S. Yuriev
>>>>> Senior VoIP engineer
>>>>>
>>>>>
>>>>> _________________________________________________________________________
>>>>> Professional FreeSWITCH Consulting Services:
>>>>> consulting at freeswitch.org
>>>>> http://www.freeswitchsolutions.com
>>>>>
>>>>> Official FreeSWITCH Sites
>>>>> http://www.freeswitch.org
>>>>> http://confluence.freeswitch.org
>>>>> http://www.cluecon.com
>>>>>
>>>>> FreeSWITCH-users mailing list
>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>> http://www.freeswitch.org
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Brian West
>>>>> brian at freeswitch.org
>>>>>
>>>>>
>>>>>
>>>>> Twitter: @FreeSWITCH , @briankwest
>>>>> http://www.freeswitchbook.com (50% Discount using code FreeSwitch50)
>>>>> http://www.freeswitchcookbook.com (50% Discount using code FreeSwitch50)
>>>>> https://www.gofundme.com/freeswitch_ubuntu
>>>>>
>>>>> Got Bugs? Report them here! | Reddit: /r/freeswitch
>>>>>
>>>>> T:+19184209001 | F:+19184209002 | M:+1918424WEST (9378)
>>>>> iNUM:+883 5100 1420 9001 | ISN:410*543 | Skype:briankwest
>>>>>
>>>>> _________________________________________________________________________
>>>>> Professional FreeSWITCH Consulting Services:
>>>>> consulting at freeswitch.org
>>>>> http://www.freeswitchsolutions.com
>>>>>
>>>>> Official FreeSWITCH Sites
>>>>> http://www.freeswitch.org
>>>>> http://confluence.freeswitch.org
>>>>> http://www.cluecon.com
>>>>>
>>>>> FreeSWITCH-users mailing list
>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>> http://www.freeswitch.org
>>>>
>>>> --
>>>> Serge S. Yuriev
>>>>
>>>>
>>>>
>>>>
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>>
>>>>
>>>>
>>>> --
>>>> Anthony Minessale II ♬ @anthmfs ♬ @FreeSWITCH ♬
>>>>
>>>> ☞ http://freeswitch.org/ ☞ http://cluecon.com/ ☞ http://twitter.com/FreeSWITCH
>>>> ☞ irc.freenode.net #freeswitch ☞ http://freeswitch.org/g+
>>>>
>>>> ClueCon Weekly Development Call
>>>> ☎ sip:888 at conference.freeswitch.org ☎ +19193869900
>>>>
>>>> https://www.youtube.com/watch?v=9XXgW34t40s
>>>> https://www.youtube.com/watch?v=NLaDpGQuZDA
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>
>>> --
>>> Serge S. Yuriev
>>>
>>>
>>>
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
> --
> Brian West
> brian at freeswitch.org
>
>
>
> Twitter: @FreeSWITCH , @briankwest
> http://www.freeswitchbook.com (50% Discount using code FreeSwitch50)
> http://www.freeswitchcookbook.com (50% Discount using code FreeSwitch50)
> https://www.gofundme.com/freeswitch_ubuntu
>
> Got Bugs? Report them here! | Reddit: /r/freeswitch
>
> T:+19184209001 | F:+19184209002 | M:+1918424WEST (9378)
> iNUM:+883 5100 1420 9001 | ISN:410*543 | Skype:briankwest
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20161012/c0e2a9bd/attachment-0001.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list