Semi-OFF-TOPIC – SIP Iptables And NAT – Same Source, Different Destination
Hi all,
anyone with iptables master power pack knowledge 🙂 ?
Having some problem with NAT!
I have a server that is the LAN gateway (A) with the public IP, and two asterisk boxes behind it.
I’ve configured port forward so port 5070 goes to *1 and 5080 goes to *2. Working fine.
The problem is when some machine outside tries to talk with both asterisks.
As soon as the 1st package gets routed to *1 the subsequent packets will all also get routed to *1, no matter that the destination port is now 5080.
Seams like some “nat cache”, where it will decide to forward all packets to *1 that come from origin “IP:PORT” X (since it was the first one contacted)
anyone with iptables master power pack knowledge 🙂 ?
Att. Gabriel
One thought on - Semi-OFF-TOPIC – SIP Iptables And NAT – Same Source, Different Destination
This is a multipart message in MIME format.
——=_NextPart_000_0006_01D278D8.6C756E30
Content-Type: text/plain;
charset=”UTF-8″
Content-Transfer-Encoding: quoted-printable
Yes its called the state table. This because connection IP:PORT has a relationship with inside IP 192.168.x.x port X.
I guess you have configured the redirect port to be same on both?
Eg 5070 goes to *1:5060 and 5080 goes to *2:5060
What you need to do, is to have different inside ports as well, and also configure the asterisk boxes to listen on a different SIP port.
Från: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] För Gabriel Ortiz Lour Skickat: den 27 januari 2017 19:59
Till: Asterisk Users Mailing List – Non-Commercial Discussion
Ämne: [asterisk-users] semi-OFF-TOPIC – SIP iptables and NAT – same source, different destination
Hi all,
anyone with iptables master power pack knowledge 🙂 ?
Having some problem with NAT!
I have a server that is the LAN gateway (A) with the public IP, and two asterisk boxes behind it.
I’ve configured port forward so port 5070 goes to *1 and 5080 goes to *2. Working fine.
The problem is when some machine outside tries to talk with both asterisks.
As soon as the 1st package gets routed to *1 the subsequent packets will all also get routed to *1, no matter that the destination port is now 5080.
Seams like some “nat cache”, where it will decide to forward all packets to *1 that come from origin “IP:PORT” X (since it was the first one contacted)
anyone with iptables master power pack knowledge 🙂 ?
Att.
Gabriel
——=_NextPart_000_0006_01D278D8.6C756E30
Content-Type: text/html;
charset=”UTF-8″
Content-Transfer-Encoding: quoted-printable