Direct port 5060 (SIP Asterisk) to eth1

0

I'm intending to use iptables on CentOS 6.5 for all Freepbx (Asterisk) output via eth1.

I have two network interfaces:

eth0 - > internal network (for connecting PCs with the softphone)
eth1 - > internet (All Voip Out)

The rule: iptables -A PREROUTING -i eth1 -t mangle -p tcp --dport 5060 -j MARK --set-mark 1

I want to direct SIP to eth1 only, but I'm not successful

    
asked by anonymous 08.04.2016 / 22:05

2 answers

1

You need to route beyond the 5060 registry ports, also the RTP ports, otherwise you will only authenticate but will not pass audio.

    
27.07.2016 / 19:48
1

Asterisk uses port UDP by default, so unless you have changed the transport of SIP signaling to TCP, this may be the problem.

In addition, asterisk uses a range of high ports for audio / video traffic: 10,000 to 20,000 UDP, and you need to create rules for this range as well.

    
12.11.2016 / 11:52