Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » SIP: can't set appropriate rules, X-Lite/X-Pro cannot connect
  •  
b.pupkinson

Messages: 1
Karma: 0
Send a private message to this user
There's a domain w/one class network 10.1.1/24, Kerio WinRoute Firewall 6.1.2
Softphone X-Pro that configured to listen 8000 RTP and 5060 SIP ports.
X-Pro's settings seem correct.
On loading it tells the following:
(c)2003 Xten Networks Inc. All rights reserved.
Private build: 1101
License key: BE494CB7D19D4F368CD5A772D3E139D9

Established SIP protocol listen on: 10.1.1.108:5060

SIP: 10.1.1.108:5060
RTP: 10.1.1.108:8000
NAT: XX.XX.XXX.XXX    /* our outgoing IP */

Discovered Symmetric NAT Firewall

Ports opened: 5060-5063, 3478, 8000-8005 TCP/UDP. SIP provider says it's okay and ready to work.

Firewall:
Service = DNS, FTP, HTTP(S), IMAP, PING, POP3, RTP (UDP ports any to 8000-8005, 8000 to 8000), RTSP, SIP (TCP/UDP: src=(Any and tried 5060) dst=5060), SMTP, STUN (UDP 3478)

Nat: almost the same services are opened for now.


A couple of configurations that are being set during attemps to make it work:
OUT:
source = outer_iface
destination = Firewall
servise = sip

IN:
source = inner_iface
destination = SIP provider's addresses
servise = Any
OUT:
Source = 10.1.1.108
Destination = SIP_Provider_Hosts
Service = Any 
Action = Yes 
Logging = Full 
Translation = Dst. NAT (Default Outgoing Interface) 
Protocol Inspector = None

IN:
Source = outer_iface
Destination = Firewall
Service = SIP,RTP,STUN (or just have opened all required ports, I tried this too)
Action = Yes
Protocol Inspector = None
(also I tried unsuccessfully to map it onto destination node's IP)


As well as I tried this, this, this and this.
Can anybody help, please?! Maybe I should share more firewall settings and network topology information?


p.s. Is it possible to export Traffic Policy section rules into a text file?

[Updated on: Thu, 29 March 2007 20:49]

Previous Topic: How to kick user immediately ?
Next Topic: different traffic
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Nov 19 11:38:33 CET 2017

Total time taken to generate the page: 0.00381 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.