|
francois.collerette Posts: 14
7/11/2018
|
Hi I'm hiting kind of a snag.
Blox is trying to get to my PBX throught the wrong interface. (yeah I know, you think I'm nuts)
So here is my setup for the internal LEG:
PBX (192.168.150.35) -> (192.168.150.1) DMZ Internal (172.31.150.1) -> BLOX (eth1 - 172.31.150.35)
Here is my external leg:
BLOX (eth0 - 10.255.150.35) -> (10.255.150.1) DMZ External -> External IP
When I do a PING, I can reach 192.168.150.35 no problem
When I do a TRACEROUTE, I can reach 192.168.150.35 with 172.31.150.1 without any problem.
So looks like my routing tables are OK
When I look into my DMZ Internal firewall I see this :
DENY 10.255.150.50:47016 -> 192.168.150.35:5060 TCP:SIP
So what is going on ? Why is blox trying to use 10.255.150.50 instead of the 172.31.150.35 ?
I did multiple reboots, checked my routing tables again in SSH and through the FreeBox interface.
I'm clueless at the moment.
Thanks for your help
|
|
|
0
link
|
|
bloxsupport1 Posts: 232
7/11/2018
|
Hi Francois,
Have you enabled the NAT setting in Blox? If not please go through the manual/configuration guide to enable the NAT setting.
Regards
Blox Support Team
francois.collerette wrote:
Hi I'm hiting kind of a snag.
Blox is trying to get to my PBX throught the wrong interface. (yeah I know, you think I'm nuts)
So here is my setup for the internal LEG:
PBX (192.168.150.35) -> (192.168.150.1) DMZ Internal (172.31.150.1) -> BLOX (eth1 - 172.31.150.35)
Here is my external leg:
BLOX (eth0 - 10.255.150.35) -> (10.255.150.1) DMZ External -> External IP
When I do a PING, I can reach 192.168.150.35 no problem
When I do a TRACEROUTE, I can reach 192.168.150.35 with 172.31.150.1 without any problem.
So looks like my routing tables are OK
When I look into my DMZ Internal firewall I see this :
DENY 10.255.150.50:47016 -> 192.168.150.35:5060 TCP:SIP
So what is going on ? Why is blox trying to use 10.255.150.50 instead of the 172.31.150.35 ?
I did multiple reboots, checked my routing tables again in SSH and through the FreeBox interface.
I'm clueless at the moment.
Thanks for your help
|
|
|
0
link
|
|
bloxsupport1 Posts: 232
7/12/2018
|
By default packets will be routed via external interface for non matching routes.
Blox will bind the port to internal interface (172.31.150.35)
You can try to add explicitly route entry (use metrics) to forward the packets for network 192.168.150.35 and to use the interface.
NOTE: Blox doesn't support Internal side NAT fully, PBX had to be in the same network of internal network or PBX should be enabled to resolve NAT
share us opensips.logs (/var/log/opensips.log) and packet capture on both interface (email: support@blox.org)
francois.collerette wrote:
Hi I'm hiting kind of a snag.
Blox is trying to get to my PBX throught the wrong interface. (yeah I know, you think I'm nuts)
So here is my setup for the internal LEG:
PBX (192.168.150.35) -> (192.168.150.1) DMZ Internal (172.31.150.1) -> BLOX (eth1 - 172.31.150.35)
Here is my external leg:
BLOX (eth0 - 10.255.150.35) -> (10.255.150.1) DMZ External -> External IP
When I do a PING, I can reach 192.168.150.35 no problem
When I do a TRACEROUTE, I can reach 192.168.150.35 with 172.31.150.1 without any problem.
So looks like my routing tables are OK
When I look into my DMZ Internal firewall I see this :
DENY 10.255.150.50:47016 -> 192.168.150.35:5060 TCP:SIP
So what is going on ? Why is blox trying to use 10.255.150.50 instead of the 172.31.150.35 ?
I did multiple reboots, checked my routing tables again in SSH and through the FreeBox interface.
I'm clueless at the moment.
Thanks for your help
|
|
|
0
link
|
|
francois.collerette Posts: 14
7/12/2018
|
Hi,
NAT is enabled on EXTERNAL interface.
bloxsupport1 wrote:
Hi Francois,
Have you enabled the NAT setting in Blox? If not please go through the manual/configuration guide to enable the NAT setting.
Regards
Blox Support Team
francois.collerette wrote:
Hi I'm hiting kind of a snag.
Blox is trying to get to my PBX throught the wrong interface. (yeah I know, you think I'm nuts)
So here is my setup for the internal LEG:
PBX (192.168.150.35) -> (192.168.150.1) DMZ Internal (172.31.150.1) -> BLOX (eth1 - 172.31.150.35)
Here is my external leg:
BLOX (eth0 - 10.255.150.35) -> (10.255.150.1) DMZ External -> External IP
When I do a PING, I can reach 192.168.150.35 no problem
When I do a TRACEROUTE, I can reach 192.168.150.35 with 172.31.150.1 without any problem.
So looks like my routing tables are OK
When I look into my DMZ Internal firewall I see this :
DENY 10.255.150.50:47016 -> 192.168.150.35:5060 TCP:SIP
So what is going on ? Why is blox trying to use 10.255.150.50 instead of the 172.31.150.35 ?
I did multiple reboots, checked my routing tables again in SSH and through the FreeBox interface.
I'm clueless at the moment.
Thanks for your help
|
|
|
0
link
|
|
francois.collerette Posts: 14
7/12/2018
|
Hi,
I'm not NAT on the INTERNAL interface.
It's simply routed.
Only the EXTERNAL interface is NATed.
I will try playing with the metrics of the default gateway.
Any clues how I should proceed ?
bloxsupport1 wrote:
By default packets will be routed via external interface for non matching routes.
Blox will bind the port to internal interface (172.31.150.35)
You can try to add explicitly route entry (use metrics) to forward the packets for network 192.168.150.35 and to use the interface.
NOTE: Blox doesn't support Internal side NAT fully, PBX had to be in the same network of internal network or PBX should be enabled to resolve NAT
share us opensips.logs (/var/log/opensips.log) and packet capture on both interface (email: support@blox.org)
francois.collerette wrote:
Hi I'm hiting kind of a snag.
Blox is trying to get to my PBX throught the wrong interface. (yeah I know, you think I'm nuts)
So here is my setup for the internal LEG:
PBX (192.168.150.35) -> (192.168.150.1) DMZ Internal (172.31.150.1) -> BLOX (eth1 - 172.31.150.35)
Here is my external leg:
BLOX (eth0 - 10.255.150.35) -> (10.255.150.1) DMZ External -> External IP
When I do a PING, I can reach 192.168.150.35 no problem
When I do a TRACEROUTE, I can reach 192.168.150.35 with 172.31.150.1 without any problem.
So looks like my routing tables are OK
When I look into my DMZ Internal firewall I see this :
DENY 10.255.150.50:47016 -> 192.168.150.35:5060 TCP:SIP
So what is going on ? Why is blox trying to use 10.255.150.50 instead of the 172.31.150.35 ?
I did multiple reboots, checked my routing tables again in SSH and through the FreeBox interface.
I'm clueless at the moment.
Thanks for your help
|
|
|
0
link
|
|
bloxsupport1 Posts: 232
7/13/2018
|
Can you share the log /var/log/opensips.log and packet capture to support@blox.org
edited by bloxsupport1 on 7/13/2018
|
|
|
0
link
|
|
francois.collerette Posts: 14
7/13/2018
|
I've fixed this.
I went in ifcfg-eth0 and modified :
NM_Enabled=no
METRIC=10
And this did the trick :-)
bloxsupport1 wrote:
Can you share the log /var/log/opensips.log and packet capture to support@blox.org
edited by bloxsupport1 on 7/13/2018
|
|
|
0
link
|
|
francois.collerette Posts: 14
7/13/2018
|
Well seems I didn't.
It works OK in SSH now, but Blox is still trying to use the wrong interface.
Back to the drawing board I suppose.
Any help is appreciated.
francois.collerette wrote:
I've fixed this.
I went in ifcfg-eth0 and modified :
NM_Enabled=no
METRIC=10
And this did the trick :-)
bloxsupport1 wrote:
Can you share the log /var/log/opensips.log and packet capture to support@blox.org
edited by bloxsupport1 on 7/13/2018
|
|
|
0
link
|
|
bloxsupport1 Posts: 232
7/17/2018
|
Hi,
Can you please send your deployment scenario with config backup to support@blox.org
Regards
Blox Support Team
francois.collerette wrote:
Well seems I didn't.
It works OK in SSH now, but Blox is still trying to use the wrong interface.
Back to the drawing board I suppose.
Any help is appreciated.
francois.collerette wrote:
I've fixed this.
I went in ifcfg-eth0 and modified :
NM_Enabled=no
METRIC=10
And this did the trick :-)
bloxsupport1 wrote:
Can you share the log /var/log/opensips.log and packet capture to support@blox.org
edited by bloxsupport1 on 7/13/2018
|
|
|
0
link
|