Bij de FreePBX log zie ik alvast dit:
EDPnet 212.71.16.194 Yes Yes 5060 UNREACHABLE
SpeakUp/LOGIN 87.238.166.8 Yes Yes 5060 UNREACHABLE
WeePee/32990900LOGIN 146.148.114.244 Yes Yes 5060 UNREACHABLE
[2018-11-15 21:32:06] NOTICE[2470] chan_sip.c: -- Registration for '[email protected]' timed out, trying again (Attempt #56)
[2018-11-15 21:32:06] NOTICE[2470] chan_sip.c: -- Registration for '[email protected]' timed out, trying again (Attempt #56)
Daar men spreekt over unreachable, heb ik geprobeerd om de hostnames te pingen vanaf de pbx ...
Code: Selecteer alles
[root@voip ~]# ping sip.speakup.be
PING sip.speakup.be (87.238.166.8) 56(84) bytes of data.
64 bytes from berbal1ha.speakup.be (87.238.166.8): icmp_seq=1 ttl=52 time=10.9 ms
64 bytes from berbal1ha.speakup.be (87.238.166.8): icmp_seq=2 ttl=52 time=11.1 ms
64 bytes from berbal1ha.speakup.be (87.238.166.8): icmp_seq=3 ttl=52 time=10.9 ms
64 bytes from berbal1ha.speakup.be (87.238.166.8): icmp_seq=4 ttl=52 time=11.3 ms
^C
--- sip.speakup.be ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3396ms
rtt min/avg/max/mdev = 10.946/11.112/11.338/0.189 ms
[root@voip ~]# ping sip0-d.voice.weepee.io
PING sip0-d.voice.weepee.io (146.148.114.244) 56(84) bytes of data.
64 bytes from 244.114.148.146.bc.googleusercontent.com (146.148.114.244): icmp_seq=1 ttl=55 time=16.1 ms
64 bytes from 244.114.148.146.bc.googleusercontent.com (146.148.114.244): icmp_seq=2 ttl=55 time=14.9 ms
64 bytes from 244.114.148.146.bc.googleusercontent.com (146.148.114.244): icmp_seq=3 ttl=55 time=15.1 ms
64 bytes from 244.114.148.146.bc.googleusercontent.com (146.148.114.244): icmp_seq=4 ttl=55 time=15.3 ms
^C
--- sip0-d.voice.weepee.io ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3380ms
rtt min/avg/max/mdev = 14.924/15.379/16.109/0.473 ms
Code: Selecteer alles
[kris@Wetteren-KrIsa-RB3011] > ping sip.speakup.be
SEQ HOST SIZE TTL TIME STATUS
0 87.238.166.8 56 53 11ms
1 87.238.166.8 56 53 10ms
2 87.238.166.8 56 53 11ms
3 87.238.166.8 56 53 10ms
4 87.238.166.8 56 53 11ms
sent=5 received=5 packet-loss=0% min-rtt=10ms avg-rtt=10ms max-rtt=11ms
Code: Selecteer alles
[kris@Wetteren-KrIsa-RB3011] > ping sip0-d.voice.weepee.io
SEQ HOST SIZE TTL TIME STATUS
0 146.148.114.244 56 56 16ms
1 146.148.114.244 56 56 14ms
2 146.148.114.244 56 56 15ms
3 146.148.114.244 56 56 14ms
4 146.148.114.244 56 56 14ms
sent=5 received=5 packet-loss=0% min-rtt=14ms avg-rtt=14ms max-rtt=16ms
Ook prima dus!
De firewall misschien van de Mikrotik? Maar ook daar zie ik niet meteen iets ...
Code: Selecteer alles
[kris@Wetteren-KrIsa-RB3011] /ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; =========== Local firewall ===========
chain=dummy action=accept
1 ;;; ICMPv4
chain=input action=accept protocol=icmp
2 ;;; ROS Winbox (address list: Kris_All_Ranges)
chain=input action=accept protocol=tcp src-address-list=Kris_All_Ranges dst-port=8291 log=no log-prefix=""
3 ;;; ROS HTTP (address list: Kris_All_Ranges)
chain=input action=accept protocol=tcp src-address-list=Kris_All_Ranges dst-port=8080 log=no log-prefix="api"
4 ;;; SNMP
chain=input action=accept protocol=udp dst-port=161
5 ;;; VOIP
chain=input action=accept protocol=udp dst-port=5060 log=no log-prefix=""
6 ;;; VOIP
chain=input action=accept protocol=tcp dst-port=5060 log=no log-prefix=""
7 ;;; Established/related
chain=input action=accept connection-state=established,related
8 ;;; Drop everything else
chain=input action=drop src-address=!10.0.0.0/8 log=no log-prefix=""
9 ;;; =========== Forwarding firewall ===========
chain=dummy action=accept
10 ;;; ICMPv4
chain=forward action=accept protocol=icmp dst-address=44.144.126.0/24
11 ;;; HTTP
chain=forward action=accept protocol=tcp dst-address=44.144.126.0/24 dst-port=80
12 ;;; HTTPS
chain=forward action=accept protocol=tcp dst-address=44.144.126.0/24 dst-port=443
13 ;;; VOIP 5060 TCP
chain=forward action=drop protocol=tcp dst-address=44.144.126.0/24 dst-port=5060 log=no log-prefix=""
14 ;;; VOIP 5060 UDP
chain=forward action=drop protocol=udp dst-address=44.144.126.0/24 dst-port=5060 log=no log-prefix=""
15 ;;; port 80 smsbox only 10.
chain=forward action=drop protocol=tcp src-address=!10.0.0.0/8 dst-address=44.144.126.50 dst-port=80 log=no log-prefix=""
16 ;;; port 80 smsbox only 10.
chain=forward action=drop protocol=tcp src-address=!10.0.0.0/8 dst-address=44.144.126.51 dst-port=80 log=no log-prefix=""
17 ;;; port 80 smsbox only 10.
chain=forward action=drop protocol=tcp src-address=!10.0.0.0/8 dst-address=44.144.126.52 dst-port=80 log=no log-prefix=""
18 ;;; port 80 smsbox only 10.
chain=forward action=drop protocol=tcp src-address=!10.0.0.0/8 dst-address=44.144.126.53 dst-port=80 log=no log-prefix=""
19 ;;; poort 5060 smsbox
chain=forward action=reject reject-with=icmp-network-unreachable protocol=tcp dst-address=44.144.126.50 dst-port=5060 log=no log-prefix=""
20 ;;; poort 5060 smsbox
chain=forward action=reject reject-with=icmp-network-unreachable protocol=tcp dst-address=44.144.126.51 dst-port=5060 log=no log-prefix=""
21 ;;; poort 5060 smsbox
chain=forward action=reject reject-with=icmp-network-unreachable protocol=tcp dst-address=44.144.126.52 dst-port=5060 log=no log-prefix=""
22 ;;; poort 5060 smsbox
chain=forward action=reject reject-with=icmp-network-unreachable protocol=tcp dst-address=44.144.126.53 dst-port=5060 log=no log-prefix=""
23 ;;; poort 7777 smsbox
chain=forward action=accept protocol=tcp dst-address=44.144.126.50 dst-port=7777 log=no log-prefix=""
24 ;;; poort 7777 smsbox
chain=forward action=accept protocol=tcp dst-address=44.144.126.51 dst-port=7777 log=no log-prefix=""
25 ;;; poort 7777 smsbox
chain=forward action=accept protocol=tcp dst-address=44.144.126.52 dst-port=7777 log=no log-prefix=""
26 ;;; poort 7777 smsbox
chain=forward action=accept protocol=tcp dst-address=44.144.126.53 dst-port=7777 log=no log-prefix=""
27 ;;; SSH
chain=forward action=accept protocol=tcp dst-address=44.144.126.0/24 dst-port=22
28 ;;; SNMP
chain=forward action=accept protocol=udp dst-address=44.144.126.0/24 dst-port=161
29 ;;; Winbox
chain=forward action=accept protocol=tcp dst-address=44.144.126.0/24 dst-port=8291 log=no log-prefix=""
30 ;;; Winbox API
chain=forward action=accept protocol=tcp dst-address=44.144.126.0/24 dst-port=8728 log=no log-prefix=""
31 ;;; Winbox API SSL
chain=forward action=accept protocol=tcp dst-address=44.144.126.0/24 dst-port=8729 log=no log-prefix=""
32 ;;; Established/related
chain=forward action=accept connection-state=established,related dst-address=44.144.126.0/24
33 ;;; Drop everything else
chain=forward action=drop dst-address=44.144.126.0/24 log=no log-prefix=""
En de NAT ... zegt evenmin iets speciaals
Code: Selecteer alles
[kris@Wetteren-KrIsa-RB3011] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; =========== Source NAT rules ===========
chain=dummy action=accept
1 ;;; NAT Billi PPPoE (alles behalve Billi 44.x)
chain=srcnat action=masquerade src-address=!44.144.147.0 out-interface=PPPoE Billi log=no log-prefix=""
2 ;;; NAT Orange
chain=srcnat action=masquerade out-interface=ether03 - Uplink Orange log=no log-prefix=""
3 ;;; NAT Billi01 Local
chain=srcnat action=masquerade out-interface=ether06 - Local Billi 01 log=no log-prefix=""
4 ;;; NAT Billi02 Local
chain=srcnat action=masquerade out-interface=ether07 - Local Billi 02 log=no log-prefix=""
5 ;;; NAT Orange Local
chain=srcnat action=masquerade out-interface=ether08 - Local Orange log=no log-prefix=""
6 ;;; NAT WirelessBelgie (enkel private ranges)
chain=srcnat action=masquerade to-addresses=10.90.16.10 src-address-list=Kris_NAT_Thuis out-interface=ether04 - Uplink WirelessBelgie log=no log-prefix=""
7 ;;; =========== Dest. NAT rules ===========
chain=dummy action=accept
8 X ;;; Mikrotik 3011 HTTP
chain=dstnat action=dst-nat to-addresses=10.0.0.1 to-ports=8080 protocol=tcp dst-port=8080 log=no log-prefix=""
9 X ;;; Mikrotik 3011 Winbox
chain=dstnat action=dst-nat to-addresses=10.0.0.1 to-ports=8291 protocol=tcp dst-port=8291 log=no log-prefix=""
10 ;;; RPI 112SMS SSH
chain=dstnat action=dst-nat to-addresses=10.0.0.122 to-ports=22 protocol=tcp dst-port=50022 log=no log-prefix=""
11 ;;; RPI PlaySMS SSH
chain=dstnat action=dst-nat to-addresses=10.0.0.102 to-ports=22 protocol=tcp dst-port=50122 log=no log-prefix=""
12 ;;; RPI 112SMS WWW
chain=dstnat action=dst-nat to-addresses=10.0.0.122 to-ports=80 protocol=tcp dst-port=50080 log=no log-prefix=""
13 ;;; RPI PlaySMS WWW
chain=dstnat action=dst-nat to-addresses=10.0.0.102 to-ports=80 protocol=tcp dst-port=50180 log=no log-prefix=""
14 ;;; RPI PlaySMS WWW
chain=dstnat action=dst-nat to-addresses=10.0.0.105 to-ports=80 protocol=tcp dst-port=50081 log=no log-prefix=""
15 ;;; FTP Backup naar Synology
chain=dstnat action=dst-nat to-addresses=10.0.0.114 to-ports=21 protocol=tcp dst-port=2122 log=no log-prefix=""
16 ;;; Backup Dominique
chain=dstnat action=dst-nat to-addresses=10.0.0.114 to-ports=6281 protocol=tcp dst-port=6281 log=no log-prefix=""
17 ;;; Synology Access
chain=dstnat action=dst-nat to-addresses=10.0.0.114 to-ports=5000 protocol=tcp dst-port=5002 log=no log-prefix=""
18 ;;; FTP Backup naar Synology
chain=dstnat action=dst-nat to-addresses=10.0.0.123 to-ports=21 protocol=tcp dst-port=2123 log=no log-prefix=""
19 X ;;; HTTP naar Synology
chain=dstnat action=dst-nat to-addresses=10.0.0.123 to-ports=80 protocol=tcp dst-port=8023 log=no log-prefix=""
20 ;;; SiHotspot admin access
chain=dstnat action=dst-nat to-addresses=10.0.0.21 to-ports=8221 protocol=tcp dst-port=8221 log=no log-prefix=""
21 ;;; SiHotspot admin access
chain=dstnat action=dst-nat to-addresses=10.0.0.21 to-ports=8161 protocol=tcp dst-port=8161
22 ;;; SiHotspot SNMP
chain=dstnat action=dst-nat to-addresses=10.0.0.21 to-ports=161 protocol=udp dst-port=8161 log=no log-prefix=""
23 X ;;; RPI DHCP Controller SSH
chain=dstnat action=dst-nat to-addresses=10.0.0.250 to-ports=22 protocol=tcp dst-port=2300 log=no log-prefix=""
24 X ;;; RPI DHCP Controller SNMP
chain=dstnat action=dst-nat to-addresses=10.0.0.250 to-ports=161 protocol=udp dst-port=1160 log=no log-prefix=""
25 ;;; RPI DHCP Controller HTTP
chain=dstnat action=dst-nat to-addresses=10.0.0.250 to-ports=80 protocol=tcp dst-port=2400
26 X ;;; RPI Temp 01 SSH
chain=dstnat action=dst-nat to-addresses=10.0.0.251 to-ports=22 protocol=tcp dst-port=2301 log=no log-prefix=""
27 X ;;; RPI Temp01 SNMP
chain=dstnat action=dst-nat to-addresses=10.0.0.251 to-ports=161 protocol=udp dst-port=1161 log=no log-prefix=""
28 ;;; RPI Temp 02 SSH
chain=dstnat action=dst-nat to-addresses=10.0.0.252 to-ports=22 protocol=tcp dst-port=2302
29 X ;;; RPI Temp02 SNMP
chain=dstnat action=dst-nat to-addresses=10.0.0.252 to-ports=161 protocol=udp dst-port=1162 log=no log-prefix=""
30 X ;;; S01 http
chain=dstnat action=dst-nat to-addresses=10.0.0.41 to-ports=80 protocol=tcp dst-port=1081 log=no log-prefix=""
31 X ;;; S02 http
chain=dstnat action=dst-nat to-addresses=10.0.0.42 to-ports=80 protocol=tcp dst-port=1082 log=no log-prefix=""
32 X ;;; S01 ssh
chain=dstnat action=dst-nat to-addresses=10.0.0.41 to-ports=22 protocol=tcp dst-port=1022 log=no log-prefix=""
33 X ;;; S02 ssh
chain=dstnat action=dst-nat to-addresses=10.0.0.42 to-ports=22 protocol=tcp dst-port=1023 log=no log-prefix=""
34 X ;;; NAS01
chain=dstnat action=dst-nat to-addresses=10.0.0.110 to-ports=5000 protocol=tcp src-address=!10.101.0.0/24 dst-port=5000 log=no log-prefix=""
35 ;;; NAS01
chain=dstnat action=dst-nat to-addresses=10.0.0.114 to-ports=443 protocol=tcp dst-port=5581 log=no log-prefix=""
36 X ;;; Server SNMP
chain=dstnat action=dst-nat to-addresses=10.0.0.42 to-ports=161 protocol=udp dst-port=5161 log=no log-prefix=""
37 ;;; VoIP SIP 5060-5074 UDP
chain=dstnat action=dst-nat to-addresses=10.0.0.41 to-ports=5060-5074 protocol=udp dst-port=5060-5074 log=no log-prefix=""
38 ;;; VoIP SIP 5060-5074 TCP
chain=dstnat action=dst-nat to-addresses=10.0.0.41 to-ports=5060-5074 protocol=tcp dst-port=5060-5074 log=no log-prefix=""
39 ;;; VOIP RTP 5004-5020
chain=dstnat action=dst-nat to-addresses=10.0.0.41 to-ports=5004-5020 protocol=udp dst-port=5004-5020 log=no log-prefix=""
40 ;;; VOIP RTP 10000-30000
chain=dstnat action=dst-nat to-addresses=10.0.0.41 protocol=udp dst-port=10000-30000 log=no log-prefix=""
41 ;;; VoIP HTTP 5080
chain=dstnat action=dst-nat to-addresses=10.0.0.41 to-ports=80 protocol=tcp dst-port=5080 log=no log-prefix=""
42 ;;; VOIP SSH 5022
chain=dstnat action=dst-nat to-addresses=10.0.0.41 to-ports=22 protocol=tcp dst-port=5022 log=no log-prefix=""
43 ;;; RD PF BY NMO
chain=dstnat action=dst-nat to-addresses=10.0.0.100 to-ports=3389 protocol=tcp dst-port=3389 log=no log-prefix=""
Voor alle duidelijkheid : de SIP helper is uitgeschakeld op mijn Mikrotik (IP > Firewall > Service Ports)