brian is out of town today<br>can you ping me on irc and send me to login credential and i can try to have a look.<br><br>again, you understand that we are not doing anything wrong here and what I am trying to do is a hack for your sake right?<br>
<br><br><div class="gmail_quote">On Wed, Nov 19, 2008 at 8:05 AM, David Aldworth <span dir="ltr"><<a href="mailto:daldworth@teliax.com">daldworth@teliax.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div style="">We're still having a problem with this. As you can see from the below the ACK goes to the port in the Contact field of the 200 OK instead of that of the UDP header, which is where their router is expecting to get the call from.<div>
<br></div><div>Help!</div><div><br></div><div>David</div><div><br><div><div>On Nov 6, 2008, at 10:55 AM, David Aldworth wrote:</div><br><blockquote type="cite"><div style="">No love. They set extern ip so the IP comes through correctly, but the acl did not seem to have any affect. We are still sending to the wrong port. Sip trace, acl.conf.xml and sip profile are below:<div>
<br></div><div><div>U 2008/11/06 10:46:01.924795 <a href="http://70.88.65.1:50085" target="_blank">70.88.65.1:50085</a> -> <a href="http://70.42.223.23:5060" target="_blank">70.42.223.23:5060</a></div><div>SIP/2.0 100 Trying.</div>
<div>Via: SIP/2.0/UDP <a href="http://70.42.223.23" target="_blank">70.42.223.23</a>;branch=z9hG4bKU7360cS96r7Sg;received=<a href="http://70.42.223.23" target="_blank">70.42.223.23</a>;rport=5060.</div><div>From: "TELIAX FAX" <<a>sip:303825XXXX@70.42.223.23</a>>;tag=armgX7QeNQ94N.</div>
<div>To: <<a>sip:317376XXXX@70.88.65.1:50085</a>>.</div><div>Call-ID: 9e67419c-26cd-122c-0b81-e9d53e66cb70.</div><div>CSeq: 106878444 INVITE.</div><div>User-Agent: Asterisk PBX.</div><div>Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY.</div>
<div>Contact: <<a>sip:317376XXXX@70.88.65.1</a>>.</div><div>Content-Length: 0.</div><div>.</div><div><br></div><div><div>U 2008/11/06 10:46:01.931791 <a href="http://70.88.65.1:50085" target="_blank">70.88.65.1:50085</a> -> <a href="http://70.42.223.23:5060" target="_blank">70.42.223.23:5060</a></div>
<div>SIP/2.0 180 Ringing.</div><div>Via: SIP/2.0/UDP <a href="http://70.42.223.23" target="_blank">70.42.223.23</a>;branch=z9hG4bKU7360cS96r7Sg;received=<a href="http://70.42.223.23" target="_blank">70.42.223.23</a>;rport=5060.</div>
<div>From: "TELIAX FAX" <<a>sip:303825XXXX@70.42.223.23</a>>;tag=armgX7QeNQ94N.</div><div>To: <<a>sip:317376XXXX@70.88.65.1:50085</a>>;tag=as78a21a0c.</div><div>Call-ID: 9e67419c-26cd-122c-0b81-e9d53e66cb70.</div>
<div>CSeq: 106878444 INVITE.</div><div>User-Agent: Asterisk PBX.</div><div>Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY.</div><div>Contact: <<a>sip:317376XXXX@70.88.65.1</a>>.</div><div>Content-Length: 0.</div>
<div>.</div><div><br></div><div><div>U 2008/11/06 10:46:01.932294 <a href="http://70.88.65.1:50085" target="_blank">70.88.65.1:50085</a> -> <a href="http://70.42.223.23:5060" target="_blank">70.42.223.23:5060</a></div>
<div>SIP/2.0 200 OK.</div><div>Via: SIP/2.0/UDP <a href="http://70.42.223.23" target="_blank">70.42.223.23</a>;branch=z9hG4bKU7360cS96r7Sg;received=<a href="http://70.42.223.23" target="_blank">70.42.223.23</a>;rport=5060.</div>
<div>From: "TELIAX FAX" <<a>sip:303825XXXX@70.42.223.23</a>>;tag=armgX7QeNQ94N.</div><div>To: <<a>sip:317376XXXX@70.88.65.1:50085</a>>;tag=as78a21a0c.</div><div>Call-ID: 9e67419c-26cd-122c-0b81-e9d53e66cb70.</div>
<div>CSeq: 106878444 INVITE.</div><div>User-Agent: Asterisk PBX.</div><div>Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY.</div><div>Contact: <<a>sip:317376XXXX@70.88.65.1</a>>.</div><div>Content-Type: application/sdp.</div>
<div>Content-Length: 257.</div><div>.</div><div>v=0.</div><div>o=root 2901 2901 IN IP4 <a href="http://70.88.65.1" target="_blank">70.88.65.1</a>.</div><div>s=session.</div><div>c=IN IP4 <a href="http://70.88.65.1" target="_blank">70.88.65.1</a>.</div>
<div>t=0 0.</div><div>m=audio 19378 RTP/AVP 0 8 3 101.</div><div>a=rtpmap:0 PCMU/8000.</div><div>a=rtpmap:8 PCMA/8000.</div><div>a=rtpmap:3 GSM/8000.</div><div>a=rtpmap:101 telephone-event/8000.</div><div>a=fmtp:101 0-16.</div>
<div>a=silenceSupp:off - - - -.</div><div><br></div><div><div>U 2008/11/06 10:46:01.932694 <a href="http://70.42.223.23:5060" target="_blank">70.42.223.23:5060</a> -> <a href="http://70.88.65.1:5060" target="_blank">70.88.65.1:5060</a></div>
<div>ACK <a>sip:317376XXXX@70.88.65.1</a> SIP/2.0.</div><div>Via: SIP/2.0/UDP <a href="http://70.42.223.23" target="_blank">70.42.223.23</a>;rport;branch=z9hG4bKvgXZ279c41Xcc.</div><div>Max-Forwards: 70.</div><div>From: "TELIAX FAX" <<a>sip:303825XXXX@70.42.223.23</a>>;tag=armgX7QeNQ94N.</div>
<div>To: <<a>sip:317376XXXX@70.88.65.1:50085</a>>;tag=as78a21a0c.</div><div>Call-ID: 9e67419c-26cd-122c-0b81-e9d53e66cb70.</div><div>CSeq: 106878444 ACK.</div><div>Contact: <<a>sip:mod_sofia@70.42.223.23:5060</a>>.</div>
<div>Content-Length: 0.</div><div><br></div><div><br></div><div>Here is the acl:</div><div><br></div><div><div><configuration name="acl.conf" description="Network Lists"></div><div> <network-lists></div>
<div> <list name="dl-candidates" default="allow"></div><div> <node type="deny" cidr="<a href="http://10.0.0.0/8" target="_blank">10.0.0.0/8</a>"/></div><div> <node type="deny" cidr="<a href="http://172.16.0.0/12" target="_blank">172.16.0.0/12</a>"/></div>
<div> <node type="deny" cidr="<a href="http://192.168.0.0/16" target="_blank">192.168.0.0/16</a>"/></div><div> </list></div><div> <list name="rfc1918" default="deny"></div>
<div> <node type="allow" cidr="<a href="http://10.0.0.0/8" target="_blank">10.0.0.0/8</a>"/></div><div> <node type="allow" cidr="<a href="http://172.16.0.0/12" target="_blank">172.16.0.0/12</a>"/></div>
<div> <node type="allow" cidr="<a href="http://192.168.0.0/16" target="_blank">192.168.0.0/16</a>"/></div><div> </list></div><div> <list name="lan" default="allow"></div>
<div> <node type="deny" cidr="<a href="http://192.168.42.0/24" target="_blank">192.168.42.0/24</a>"/></div><div> <node type="allow" cidr="<a href="http://192.168.42.42/32" target="_blank">192.168.42.42/32</a>"/></div>
<div> </list></div><div> <list name="strict" default="deny"></div><div> <node type="allow" cidr="<a href="http://208.102.123.124/32" target="_blank">208.102.123.124/32</a>"/></div>
<div> </list></div><div> <list name="domains" default="deny"></div><div> <node type="allow" domain="$${domain}"/></div><div> </list></div><div>
<list name="nat" default="allow"></div><div> <node type="allow" cidr="<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>"/></div><div> </list></div>
<div> </network-lists></div><div></configuration></div><div><br></div><div><br></div><div>And here is the sip profile:</div><div><br></div><div><div><profile name="external"></div><div><br></div>
<div> <gateways></div><div> <X-PRE-PROCESS cmd="include" data="external/*.xml"/></div><div> </gateways></div><div> </div><div> <domains></div><div> <domain name="$${domain}" parse="true"/></div>
<div> </domains></div><div><br></div><div> <settings></div><div> <param name="debug" value="0"/></div><div> <param name="sip-trace" value="no"/></div>
<div> <param name="rfc2833-pt" value="101"/></div><div> <param name="sip-port" value="5060"/></div><div> <param name="dialplan" value="XML"/></div>
<div> <param name="context" value="public"/></div><div> <param name="dtmf-duration" value="100"/></div><div> <param name="codec-prefs" value="$${outbound_codec_prefs}"/></div>
<div> <param name="hold-music" value="$${hold_music}"/></div><div> <param name="use-rtp-timer" value="true"/></div><div> <param name="rtp-timer-name" value="soft"/></div>
<div> <param name="multiple-registrations" value="true"/></div><div> <param name="manage-presence" value="true"/></div><div> <param name="aggressive-nat-detection" value="true"/></div>
<div> <param name="NDLB-force-rport" value="true"/></div><div> <param name="inbound-codec-negotiation" value="generous"/></div><div> <param name="nonce-ttl" value="60"/></div>
<div> <param name="auth-calls" value="true"/></div><div> <param name="rtp-timeout-sec" value="1800"/></div><div> <param name="rtp-ip" value="$${local_ip_v4}"/></div>
<div> <param name="sip-ip" value="$${local_ip_v4}"/></div><div> <param name="ext-rtp-ip" value="$${external_rtp_ip}"/></div><div> <param name="ext-sip-ip" value="$${external_sip_ip}"/></div>
<div> <param name="rtp-timeout-sec" value="300"/></div><div> <param name="rtp-hold-timeout-sec" value="1800"/></div><div> <param name="apply-nat-acl" value="nat"/></div>
<div> </settings></div><div></profile></div></div></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div></div></div></div><div><div>On Nov 6, 2008, at 8:37 AM, Anthony Minessale wrote:</div>
<br><blockquote type="cite">doh,<br>I keep doing that sorry.<br><br>apply-nat-acl not apply_nat_acl <br><br><br><br><div class="gmail_quote">On Thu, Nov 6, 2008 at 8:22 AM, David Aldworth <span dir="ltr"><<a href="mailto:daldworth@teliax.com" target="_blank">daldworth@teliax.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div>Yes. Below are settings that have been persistent through recent testing. Is there anything else we can try or should we open a jira?<div>
<br></div><div><div><div></div><div><div> <settings></div><div> <param name="debug" value="0"/></div><div> <param name="sip-trace" value="no"/></div> <div>
<param name="rfc2833-pt" value="101"/></div><div> <param name="sip-port" value="5060"/></div><div> <param name="dialplan" value="XML"/></div>
<div> <param name="context" value="public"/></div><div> <param name="dtmf-duration" value="100"/></div><div> <param name="codec-prefs" value="$${outbound_codec_prefs}"/></div>
<div> <param name="hold-music" value="$${hold_music}"/></div><div> <param name="use-rtp-timer" value="true"/></div><div> <param name="rtp-timer-name" value="soft"/></div>
<div> <param name="multiple-registrations" value="true"/></div><div> <param name="manage-presence" value="true"/></div><div> <param name="aggressive-nat-detection" value="true"/></div>
<div> <param name="NDLB-force-rport" value="true"/></div><div> <param name="inbound-codec-negotiation" value="generous"/></div><div> <param name="nonce-ttl" value="60"/></div>
<div> <param name="auth-calls" value="true"/></div><div> <param name="rtp-timeout-sec" value="1800"/></div><div> <param name="rtp-ip" value="$${local_ip_v4}"/></div>
<div> <param name="sip-ip" value="$${local_ip_v4}"/></div><div> <param name="ext-rtp-ip" value="$${external_rtp_ip}"/></div><div> <param name="ext-sip-ip" value="$${external_sip_ip}"/></div>
<div> <param name="rtp-timeout-sec" value="300"/></div><div> <param name="rtp-hold-timeout-sec" value="1800"/></div></div></div><div><div> <param name="apply_nat_acl" value="nat"/></div>
</div><div> </settings></div><div><div></div><div><div><br></div><div><div>On Nov 6, 2008, at 7:01 AM, Anthony Minessale wrote:</div><br><blockquote type="cite">did you remember to add<br><param name="apply_nat_acl" value="nat"/><br>
to the profile in question and restart?<br><br><div class="gmail_quote">On Wed, Nov 5, 2008 at 10:39 PM, David Aldworth <span dir="ltr"><<a href="mailto:daldworth@teliax.com" target="_blank">daldworth@teliax.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Brian, we updated the acl to:<br> <div><br> <list name="nat" default="allow"><br>
</div> <node type="allow" cidr="<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>"/><br> </list><br> <br> And the ACK is still going to the wrong (right but wrong) ip/port.<br>
<br> Is there any way to get that ACK to go to the ip/port of the UDP header?<br> <font color="#888888"><br> David<br> </font><div><div></div><div><br> On Nov 5, 2008, at 4:21 PM, Brian West wrote:<br> <br> > <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> should match all IP space.<br>
><br> > /b<br> ><br> > On Nov 5, 2008, at 5:16 PM, David Aldworth wrote:<br> ><br> >> Anthony, In hopes of matching all IP's we added a very simple:<br> >><br> >> <list name="nat" default="allow"><br>
>> </list><br> >><br> >> To the acl.conf.xml and we added:<br> >><br> >> <param name="apply_nat_acl" value="nat"/><br> >><br> >> To the sip profile. Unfortunately there was no affect. What would be<br>
>> the correct acl to match all IP's?<br> >><br> >> David<br> ><br> ><br> > _______________________________________________<br> > Freeswitch-users mailing list<br> > <a href="mailto:Freeswitch-users@lists.freeswitch.org" target="_blank">Freeswitch-users@lists.freeswitch.org</a><br>
> <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br> > UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
> <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br> <br> <br> _______________________________________________<br> Freeswitch-users mailing list<br> <a href="mailto:Freeswitch-users@lists.freeswitch.org" target="_blank">Freeswitch-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br> UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br> </div></div></blockquote></div><br><br clear="all"><br>-- <br>Anthony Minessale II<br><br>FreeSWITCH <a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org/</a><br>
ClueCon <a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com/</a><br> <br>AIM: anthm<br><a href="mailto:MSN%3Aanthony_minessale@hotmail.com" target="_blank">MSN:anthony_minessale@hotmail.com</a><br>GTALK/JABBER/<a href="mailto:PAYPAL%3Aanthony.minessale@gmail.com" target="_blank">PAYPAL:anthony.minessale@gmail.com</a><br>
IRC: <a href="http://irc.freenode.net" target="_blank">irc.freenode.net</a> #freeswitch<br><br>FreeSWITCH Developer Conference<br><a href="mailto:sip%3A888@conference.freeswitch.org" target="_blank">sip:888@conference.freeswitch.org</a><br>
<a href="http://iax:guest@conference.freeswitch.org/888" target="_blank">iax:guest@conference.freeswitch.org/888</a><br> <a href="mailto:googletalk%3Aconf%2B888@conference.freeswitch.org" target="_blank">googletalk:conf+888@conference.freeswitch.org</a><br>
pstn:213-799-1400<br> _______________________________________________<br>Freeswitch-users mailing list<br><a href="mailto:Freeswitch-users@lists.freeswitch.org" target="_blank">Freeswitch-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br></div></div></div></div><br>_______________________________________________<br> Freeswitch-users mailing list<br>
<a href="mailto:Freeswitch-users@lists.freeswitch.org" target="_blank">Freeswitch-users@lists.freeswitch.org</a><br> <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br> <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Anthony Minessale II<br><br>FreeSWITCH <a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org/</a><br>ClueCon <a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com/</a><br>
<br>AIM: anthm<br><a href="mailto:MSN%3Aanthony_minessale@hotmail.com" target="_blank">MSN:anthony_minessale@hotmail.com</a><br>GTALK/JABBER/<a href="mailto:PAYPAL%3Aanthony.minessale@gmail.com" target="_blank">PAYPAL:anthony.minessale@gmail.com</a><br>
IRC: <a href="http://irc.freenode.net" target="_blank">irc.freenode.net</a> #freeswitch<br><br>FreeSWITCH Developer Conference<br><a href="mailto:sip%3A888@conference.freeswitch.org" target="_blank">sip:888@conference.freeswitch.org</a><br>
<a href="http://iax:guest@conference.freeswitch.org/888" target="_blank">iax:guest@conference.freeswitch.org/888</a><br> <a href="mailto:googletalk%3Aconf%2B888@conference.freeswitch.org" target="_blank">googletalk:conf+888@conference.freeswitch.org</a><br>
pstn:213-799-1400<br> _______________________________________________<br>Freeswitch-users mailing list<br><a href="mailto:Freeswitch-users@lists.freeswitch.org" target="_blank">Freeswitch-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br></div></div></blockquote></div><br></div></div><br>_______________________________________________<br>
Freeswitch-users mailing list<br>
<a href="mailto:Freeswitch-users@lists.freeswitch.org">Freeswitch-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Anthony Minessale II<br><br>FreeSWITCH <a href="http://www.freeswitch.org/">http://www.freeswitch.org/</a><br>ClueCon <a href="http://www.cluecon.com/">http://www.cluecon.com/</a><br>
<br>AIM: anthm<br><a href="mailto:MSN%3Aanthony_minessale@hotmail.com">MSN:anthony_minessale@hotmail.com</a><br>GTALK/JABBER/<a href="mailto:PAYPAL%3Aanthony.minessale@gmail.com">PAYPAL:anthony.minessale@gmail.com</a><br>
IRC: <a href="http://irc.freenode.net">irc.freenode.net</a> #freeswitch<br><br>FreeSWITCH Developer Conference<br><a href="mailto:sip%3A888@conference.freeswitch.org">sip:888@conference.freeswitch.org</a><br><a href="http://iax:guest@conference.freeswitch.org/888">iax:guest@conference.freeswitch.org/888</a><br>
<a href="mailto:googletalk%3Aconf%2B888@conference.freeswitch.org">googletalk:conf+888@conference.freeswitch.org</a><br>pstn:213-799-1400<br>