<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>

<head>

  <meta content="text/html; charset=ISO-8859-1"

 http-equiv="Content-Type">

</head>

<body bgcolor="#ffffff" text="#000000">

That all works below.<br>

got one way audio, and no dtmf (and I know why)<br>

media handoff is wrong.<br>

<br>

system is the freewitch 1.2.3 package on pfsense (freebsd, 7.2, i386)<br>

<br>

during the invite, this gets sent:<br>

<br>

<br>

&nbsp;&nbsp;&nbsp;&nbsp; Contact:

<a class="moz-txt-link-rfc2396E" href="sip:gw+secnap.com@204.89.241.135:5060;transport=udp">&lt;sip:gw+secnap.com@204.89.241.135:5060;transport=udp&gt;</a><br>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contact Binding:

<a class="moz-txt-link-rfc2396E" href="sip:gw+secnap.com@204.89.241.135:5060;transport=udp">&lt;sip:gw+secnap.com@204.89.241.135:5060;transport=udp&gt;</a><br>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; URI:

<a class="moz-txt-link-rfc2396E" href="sip:gw+secnap.com@204.89.241.135:5060;transport=udp">&lt;sip:gw+secnap.com@204.89.241.135:5060;transport=udp&gt;</a><br>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SIP contact address:

<a class="moz-txt-link-freetext" href="sip:gw+secnap.com@204.89.241.135:5060">sip:gw+secnap.com@204.89.241.135:5060</a><br>

<br>

NOW, that doesn't look all that bad, except that <br>

1) the public ip address is 204.89.241.151<br>

2) the private ip is 192.168.0.3<br>

<br>

<br>

[pfsense: wan port is 204.89.241.135]<br>

[pfsense lan port is 192.168.0.1]<br>

sipx is at 192.168.0.2&nbsp; see sip_profiles:&nbsp;

./conf/sip_profiles/external/sipx.xml: <br>

&nbsp; &lt;param name="from-domain" value="192.168.0.2"/&gt;<br>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;param name="proxy" value="192.168..0.2:5080"/&gt;&nbsp; &lt;!--

192.168.0.2 listens to 5080 for TRUNKS --&gt;<br>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;param name="expire-seconds" value="600"/&gt;<br>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;param name="register" value="false"/&gt;<br>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;param name="retry-seconds" value="30"/&gt;<br>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;param name="context" value="public"/&gt;<br>

<br>

I edited vars and have <br>

&nbsp; &lt;X-PRE-PROCESS cmd="set" data="domain=secnap.com"/&gt;<br>

&nbsp; &lt;X-PRE-PROCESS cmd="set" data="local_ip_v4=192.168.0.3"/&gt;<br>

<br>

<br>

&nbsp;&nbsp;&nbsp; &lt;list name="localnet.auto" default="allow"&gt;<br>

&nbsp;&nbsp;&nbsp;&nbsp; &lt;node type="allow" cidr="196.168.0.0/16"/&gt;<br>

&nbsp;&nbsp;&nbsp; &lt;/list&gt;<br>

<br>

&nbsp;&nbsp;&nbsp; &lt;list name="lan" default="allow"&gt;<br>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;node type="deny" cidr="192.168.0.0/16"/&gt;<br>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;node type="allow" cidr="192.168..0.3/32"/&gt;<br>

&nbsp;&nbsp;&nbsp; &lt;/list&gt;<br>

<br>

I still see this in ../freeswitch.log (and I can't find that ip

ANYWHERE.&nbsp; yes, its <br>

<br>

o=FreeSWITCH 1282812037 1282812038 IN IP4 204.89.241.135<br>

c=IN IP4 204.89.241.135<br>

o=FreeSWITCH 1282814358 1282814359 IN IP4 204.89.241.135<br>

c=IN IP4 204.89.241.135<br>

2010-08-26 12:03:22.237567 [NOTICE] switch_core.c:915 Adding

204.89.241.135/255.255.255.0 (deny) to list nat.auto<br>

2010-08-26 12:03:22.237607 [NOTICE] switch_core.c:934 Adding

204.89.241.135/255.255.255.0 (allow) to list localnet.auto<br>

<br>

I have verified the OUTBOUND natting works: (im assuming when I set

local_ip_ to 192.168.0.3 that it actually did it.<br>

<br>

<br>

telnet -s 192.168.0.3 <a class="moz-txt-link-abbreviated" href="http://www.whatismyip.org">www.whatismyip.org</a> 80<br>

Trying 98.207.226.113...<br>

Connected to <a class="moz-txt-link-abbreviated" href="http://www.whatismyip.org">www.whatismyip.org</a>.<br>

Escape character is '^]'.<br>

GET / HTTP/1.0<br>

<br>

HTTP/1.0 200 OK<br>

Content-Type: text/plain<br>

<br>

204.89.241.151Connection closed by foreign host.<br>

<br>

<br>

wireshark dumps confirm it:<br>

<br>

&nbsp;Message Header<br>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Via: SIP/2.0/UDP

192.168..0.3;rport=5060;branch=z9hG4bKXQQUvXFZDUymB;received=192.168..0.3<br>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Transport: UDP<br>

<br>

<br>

<div class="moz-signature">-- <br>

Michael Scheidell, CTO<br>

o: 561-999-5000<br>

d: 561-948-2259<br>

ISN: 1259*1300<br>

<font color="#999999">&gt;</font><font color="#cc0000"> <b>| </b></font>SECNAP

Network Security Corporation

<style type="text/css">

<!--

.unnamed1 {

        margin: 1em;

        padding: 1px;

} -->

</style>

<ul class="unnamed1">

  <li>Certified SNORT Integrator</li>

  <li>2008-9 Hot Company Award Winner, World Executive Alliance</li>

  <li>Five-Star Partner Program 2009, VARBusiness</li>

  <li>Best in Email Security,2010: Network Products Guide</li>

  <li>King of Spam Filters, SC Magazine 2008</li>

</ul>

</div>

<br>

<div id="disclaimer.secnap.com"><hr />

<p>This email has been scanned and certified safe by SpammerTrap&reg;.

<br />For Information please see

<a href="http://www.secnap.com/products/spammertrap/">http://www.secnap.com/products/spammertrap/</a></p> <hr /></div>

<br>

</body>

</html>