Freeswitch server getting INVITE request in ngrep but nothing in fs_cli - sip

I am trying to route the call from opensips server to freeswitch server. My freeswitch server is actually a container which i have created using 'lxc/lxd' and it is running CentOS.
When I route the call from opensips server to freeswitch server container i got the INVITE requests sip log in 'ngrep' but getting nothing in Freeswitch log as in nothing in fs_cli and my call is failing with the disposition 'SIP 408 - Request Timeout'
I have tried with routing the call from opensips server to other freeswitch server which is actually having a physical ip and not the container server and when I tried that, i am able to get the logs in freeswitch as in fs_cli.
Sip profile parameters auth-calls, auth-all-packets, aggressive-nat-detection set to true, there is no firewall or iptable rule between opensips and freeswitch servers. i can access the osips server from freeswitch server and vice versa.
So, what am i missing here. please suggest me something.

In fs_cli, sofia status will show you on which IP address the SIP profile is bound. Probably it's not the address you're sending invites to.

Your freeswitch server is not listening on the port with interface on
which you are sending. Just check out freeswitch profile on which
port and interface they are listening.

Related

Connecting from webserver to SFTP server / firewall issues

I am trying to connect to a remote SFTP server via Phpleagues Flysystem.
The remote SFTP server's firewall only allows the IP address of our webserver.
In my understanding, when a client accesses our website an API request from the client is sent to our backend webserver. This webserver in turn is sending a request to the remote SFTP server. However, this does not seem to work and I assume that the request being sent from our webserver is sent with the client's IP address (instead of the one from our webserver).
Is there an option to sent the internal request from webserver to SFTP server with the IP address from our webserver in order to pass the firewall?
(It does work when I am sending a request from our company network, whose IP address is also registered in the firewall of the remote SFT server. As soon as I try from another network, the same request fails.)

CentOS iptables and port configuration for using external SMTP server

I have a web server running CentOS and a separate mail server running Microsoft Exchange. I have the web server connecting to the mail server via SMTP on port 587 to send emails.
Sometimes the connection to the mail server refuses, but it's rare. Could an intermittent failure be related to port settings? I would have thought it's all or nothing.
For the CentOS web server, what rules should I be looking to configure in the iptables if any? Do I need to add an entry for port 587 on this server? Or do I just need to allow incoming connections on the mail server for 587?
Thanks in advance.
You don't need to set up any iptables rules on your webserver, since outgoing connections are allowed by default. Your occasional drops won't have anything to do with the webserver's firewall, so you'll want to look at tuning your Exchange server, if the error is impactful enough to worry about it.

Connect to C++ REST sdk SERVER on Windows from LAN

I have a server written on C++ REST SDK.
There's http_listener which listens to "http://localhost:34568".
When I try to send a request in browser or from the client to localhost it works fine and I get the responses from my server. But the point is to use the application in network. And here where the problem comes.
When I try to request the server from the other PC using IP(192.168.1.103:34568) I get "HTTP Error 400. The request hostname is invalid."
I'm aware that that could be some firewall issues but it's turned off. Also I tried to set port rules in brandmauer and it didn't help.
And even more! I got XAMPP running Apache server and when I do the same thing but with (192.168.1.103:80) I do get the response from Apache and have an access.
Anybody had something similar or somebody knows what the problem is about?
Listen to local ip address or to your network name (dns):
"http://xxx.xxx.xxx.xxx:34568" or
"http://your_network_name:34568"
So, if you have multiple network adapters, you can choose which one.

Block unknown SIP request in pfsense

I have installed freeswitch on a machine which is kept in the LAN behind the firewall named PFSense.I was looking in the freeswitch logs and I found that there are some unknown sip request coming from the unknown IP from outside of the network.
I have not done any setting or port forwarding in the pfsense.But don't know why this is happening.Please tell me how can I block those requests.
Thanks
it's most probably just typical port scanners. They scan for port 5060 and then try to send some INVITE or REGISTER requests there. It's quite harmless if your PBX is secure enough.

Connection failed in QuteCom SIP client

I have chosen QuteCom SIP client for windows to chat.I have installed and configured the account with my public server. My SIP server is kamailio.The connection to the server is not established. The application is connecting to the server for a long time.
Any help is appreciated.
If looks like keep connecting, then I guess the SIP messages don't get to the server.
You can install Wireshark to monitor traffic on windows host on port 5060 (the SIP port) in order to see if SIP messages are sent to the server.
On server, you can install ngrep for the purpose of seeing if traffic from the phone comes there. The command would be like:
ngrep -d any -qt -W byline port 5060
If you don't see traffic coming to the SIP server, then might be a firewall or an ALG between the client and the server, or, a firewall even on client host or server itself.
If it is something in between (not on client host or server), then you should try to use TCP or better TLS.
Note that if you have the firewall on the server, you will see the SIP packets coming on the network, but they will be dropped by the kernel before getting to application layer. Typically on Linux you can see the firewall rules with:
iptables -L
If the SIP packets come to the server, then set debug=3 in kamailio.cfg, restart kamailio and watch the syslog file (e.g., /var/log/syslog or /var/log/messgaes) for kamailio-specific debug messages -- you should get hints of what happens during processing.