Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Operator » Login by server's fqdn on huge network
  •  
TheMouse

Messages: 10
Karma: 0
Send a private message to this user
Hello again)

So, tonight we tried to run on pre-production server and got few strange issues.

Network :
172.16.x.x/255.240.0.0

Sip server :
172.18.1.80
voip.blabla.local (CNAME in dns)
srv-voip.blabla.local (actual pointer in dns, also set in Operator as hostname)

Now, if we trying to connect from 18x subnet by using voip.blabla.local everything is fine ( hardware and softphones )

But if we try to connect from 17x or 21x networks we got SIP 503 error ( tested on x-lite, hardware phones still cant connect )
If we change server address from fqdn to actual ip ( 172.18.1.80 ) everything working fine.

All subnets have their own dns, everything is working. CNAME resloves. Its actually huge working networks with no issues in dns or routing.

Routing in Operator:
extern ip | 255.255.255.252 | ----- | eth2
172.18.0.0 | 255.255.0.0 | ----- | eth1
172.16.0.0 | 255.240.0.0 | 172.18.1.254 | eth1 <-- manually added route
0.0.0.0 | 0.0.0.0 | extern gate addr | eth2

eth2 goes to provider's trunk.
eth1 goes directly to 18x net.

We added custom route because both adapters got router and eth2 goes first for some reason.

Also, there is no NAT between networks, just routing.
Local DNS servers are set in Operator.
In Operator hostname = A-record in DNS.

Packets from sniffer in attachment.
Only ACK packets, Operator not responding.

Any ideas? Rolling Eyes

  • Attachment: Untitled.jpg
    (Size: 215.80KB, Downloaded 113 times)

[Updated on: Sat, 10 October 2015 19:15]

  •  
Filip Jenicek (Kerio)

Messages: 1094
Karma: 80
Send a private message to this user
Hi,

make sure Operator is configured with only one gateway (default route).

I don't see anything wrong in the screenshot. Only https(tcp/4021) traffic is captured, are you talking about https or SIP?

You wrote, that phones receive a 503 SIP error. Does the error come from Operator? It might help to attach a packet dump from a failed call attempt.

Best
Filip
  •  
TheMouse

Messages: 10
Karma: 0
Send a private message to this user
Hi Filip Smile

Quote:
Only https(tcp/4021) traffic is captured,

Because there is only tcp traffic, also checked by sniffer in local network Sad

Quote:
You wrote, that phones receive a 503 SIP error. Does the error come from Operator?

No, they actually reacts this way in any case server is not responding. If i enter wrong ip/fqdn they also throw 503.

Seems like Operator cant reach other networks (also getting http 906 on update from other networks). But thats strange, because i've added route 172.16.0.0/255.240.0.0.

Ill try to change default route to local network router and make additional route to get to operators sip server.

Is there any way to ping/trace from server, thats could be useful.

[Updated on: Mon, 12 October 2015 12:30]

  •  
Filip Jenicek (Kerio)

Messages: 1094
Karma: 80
Send a private message to this user
If you don't see any incoming SIP packets in the packet on Operator, then Operator didn't receive any. Thus the issue is not in Operator, but instead in your clients or the network in between.
Previous Topic: Kerio Operator Softphone Notifications (iPhone)
Next Topic: Kerio Operator with Grandstream GXW-4008
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Sep 26 20:19:33 CEST 2017

Total time taken to generate the page: 0.00368 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.