Google cloud network settings

configuration
Tags: #<Tag:0x00007f4f4310b960>

(Canwelimited) #1

I installed FreePBX with Asterisk at google cloud Linux (ubuntu v20)" - “I can call and listen the extension by IXA, but it is failed on SIP” - “There is no audio when I use chan_pjsip without input any value on option: NAT (External address and Local Network)” - "

I read from web, it advise to enable NAT and IP forwarding" - "Then I use iptables to setup the IP forwarding and input External Address and Local Network which check from Google Cloud, the External Address is the IP address of Web like 34 .92 " - “xx” - “xxx” - “and Local Network: 10” - “172” - “0” - “x / 20” - "Then, it will hang up after connected.

asterisk “ad” inst-pbx:/home/canwelimited$ sudo iptables -L
[sudo] password for asterisk:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all – anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp – anywhere anywhere udp dpt:sip
ACCEPT udp – anywhere anywhere udp dpts:10000:20000
ACCEPT udp – anywhere anywhere udp dpt:sip-tls
ACCEPT udp – anywhere anywhere udp dpt:5161
ACCEPT udp – anywhere anywhere udp dpt:5160
ACCEPT tcp – anywhere anywhere tcp dpt:sip
ACCEPT tcp – anywhere anywhere tcp dpt:sip-tls
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT udp – inst-pbx" - “asia-east2-a” - “c” - “wise-resolver-289905” - “internal anywhere
ACCEPT udp – anywhere inst-pbx” - “asia-east2-a.c” - “wise-resolver-289905” - "internal multiport dports si
p,10000:20000
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
asterisk “ad” inst-pbx:/home/canwelimited$

asterisk “ad” inst-pbx:/home/canwelimited$ sudo ufw status
Status: inactive
Attached pls find the google cloud Computer Engine Firewall settings.


Note: App Engine firewalls are managed here.
Name Type Targets Filters Protocols / ports Action Priority Network Logs Hit count Last hit Insights
dnscodestcpudpoutput53
Egress Apply to all IP ranges: 0" - “0” - “0” - “0/0 tcp:53
udp:53 Allow 1000 default
Off — —
rtpoutput
Egress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:8000-20000
udp:8000-20000 Allow 1000 default
Off — —
siptcpudpoutput5060
Egress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:5060
udp:5060 Allow 1000 default
Off — —
siptcpudpoutput5160
Egress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:5160
udp:5160 Allow 1000 default
Off — —
sipudpoutput5062
Egress Apply to all IP ranges: 0” - “0” - “0” - “0/0 udp:5062 Allow 1000 default
Off — —
stunoutput19302
Egress Apply to all IP ranges: 0” - “0” - “0” - “0/0 udp:19302 Allow 1000 default
Off — —
stunudpoutput3478
Egress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:3478
udp:3478 Allow 1000 default
Off — —
tcpoutput443
Egress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:443 Allow 1000 default
Off — —
tcpoutput80
Egress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:80 Allow 1000 default
Off — —
tlsoutput5349
Egress Apply to all IP ranges: 0” - “0” - “0” - “0/0 udp:5349 Allow 1000 default
Off — —
default-allow-http
Ingress http-server IP ranges: 0” - “0” - “0” - “0/0 tcp:80 Allow 1000 default
Off — —
default-allow-https
Ingress https-server IP ranges: 0” - “0” - “0” - “0/0 tcp:443 Allow 1000 default
Off — —
default-allow-ssh
Ingress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:22 Allow 1000 default
Off — —
dnscodestcpudpinput53
Ingress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:53
udp:53 Allow 1000 default
Off — —
iax
Ingress Apply to all IP ranges: 0” - “0” - “0” - “0/0 udp:4569 Allow 1000 default
Off — —
rtp
Ingress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:8000-20000
udp:8000-20000 Allow 1000 default
Off — —
siptcpudpinput5060
Ingress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:5060
udp:5060 Allow 1000 default
Off — —
siptcpudpinput5160
Ingress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:5160
udp:5160 Allow 1000 default
Off — —
sshcustom
Ingress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:2222 Allow 1000 default
Off — —
stuninput19302
Ingress Apply to all IP ranges: 0” - “0” - “0” - “0/0 udp:19302 Allow 1000 default
Off — —
stunudp
Ingress Apply to all IP ranges: 0” - “0” - “0” - “0/0 udp:5062 Allow 1000 default
Off — —
stunudpinput3478
Ingress Apply to all IP ranges: 0” - “0” - “0” - “0/0 tcp:3478
udp:3478 Allow 1000 default
Off — —
tlsinput5349
Ingress Apply to all IP ranges: 0” - “0” - “0” - “0/0 udp:5349 Allow 1000 default
Off — —
default-allow-icmp
Ingress Apply to all IP ranges: 0” - “0” - “0” - “0/0 icmp Allow 65534 default
Off — —
default-allow-internal
Ingress Apply to all IP ranges: 10” - “128” - “0” - “0/9 tcp:0-65535
udp:0-65535
icmp Allow 65534 default
Off — —
default-allow-rdp
Ingress Apply to all IP ranges: 0” - “0” - “0” - "0/0 tcp:3389 Allow 65534 default
Off — —


I don’t know how to set google cloud NAT, Routing and Ip forwarding, if I set from google cloud, then I can delete the iptables setting.

My question are:
How and what I should set on the IP forwarding or Routing or Firewall settings on Google Cloud Computer Engine, then I will delete or disable any settings on the Linux (ubuntu) ufw and iptables?

Pls help as I try a lot and don’t know how can it set and no one can ask till now" - “Pls ^v^
(canwelimited “ad” gmail”- "com)


#2

I’m not very familiar with the ‘new’ GCP firewall, but please try the following:
In Asterisk SIP Settings, General tab, NAT settings, click Detect Network Settings. External Address should populate with your 34.92.xx.xxx address and Local Networks should fill in your 10.x.x.x LAN address. On the chan_pjsip tab, leave External IP Address and Local network blank. Submit. Restart Asterisk.

From a pjsip extension (assuming it registers ok), make a test call to *43 (echo test). If there is no audio, at the Asterisk command prompt, type
pjsip set logger on
and make another test call.
Paste the Asterisk log for the call (which will now include a SIP trace) at pastebin.freepbx.org and post the link here.


(Canwelimited) #3

Dearest Stewart1
I sudden success! I try ur settings before, but failed. Today I try your testing and I can echo test now. Then I call the extension with audio each other now! Many thanks for your reply!!
I am now trying to develop program to interact with the sip! May you know which language can support asterisk, freepbx and andriod for video conference, messaging and phone call?


(system) closed #4

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.