[Siproxd-users] probs with FW
Status: Beta
Brought to you by:
tries
Menu
▾
▴
[Siproxd-users] probs with FW
|
From: Fabrice c. f. <reg...@fr...> - 2003-03-25 13:20:18
|
Hey all.
Here is my network configuration (2 FW):
+-------------+ +--------------+
! ! eth0 ! !
! IntHost !---------------! Firewall !
! ! 10.25.56.51! linux coyote !
+-------------+ +--------------+
10.25.56.0/24 : eth1 (192.168.99.2)
:
:
:
: eth0 (192.168.99.1)
+--------------+
! Firewall !ppp0 (public IP)
! mail server !----------->> internet
! redhat 7.2 !
+--------------+
This is what i've done:
1) I've installed siproxd on the mail server without any prob
2) Here are the rules i set on the mail server:
ACCEPT udp ----l- anywhere anywhere any -> 5060
ACCEPT udp ------ anywhere anywhere any -> 7070:7080
i set no masquerading rule since all traffic already goes to the second
FW (192.168.99.2).
3) Here are the rules i set on the 2nd FW :
coyote# ipchains -L
Chain input (policy ACCEPT):
Chain forward (policy ACCEPT):
target prot opt source destination ports
MASQ all ------ 10.25.56.0/24 anywhere n/a
Chain output (policy ACCEPT):
I know it is dangerous but it's just for try.
I didn't installed siproxd on the 2nd FW (cuz i can't. It's a floppy
linux distribution).
4)On the LAN, i use a windows client that calls: SCS-Client (from Siemens).
And it doesn't work. I can see in the messages file of the first FW
(mail server) that traffic from the SIP server is accepted.
But i can't see nothing in the message file of the 2nd FW.
My friend uses Kphone and he can see the ring icone ringing and that's
all. I can send him 1 chat message but he can't reply.
Well, i think what is going wrong is the masquerading.
I'm sorry for this very long description. But if anybody can help, i'd
be very glad :)
fabrice
|
