Page 1 of 1

local asterisk connect to external asterisk through tunnle Mikrotik pptp client

Posted: Tue Jan 10, 2017 11:53 am
by alaa2003
hello
modem : 192.168.1.1
wan ip : 192.168.1.2
local lan: 192.168.2.1
asterisk ip: 192.168.2.140
wan asterisk ip: 84.200.32.197
Image

1- i have public server wan ip: 84.200.32.197 with asterisk installed
2- i have local asterisk server on my local lan, local ip : 192.168.2.140
my target is: local asterisk (192.168.2.140) register with external asterisk (wan : 84.200.32.197 ) through PPTP tunnel
i installed PPTP linux server on server: 84.200.32.197
A) i tested to connect pptp server using windows pptp client and works good
B) i installed cli pptp client in local asterisk 192.168.2.140 and could connect & route too to external asterisk server 84.200.32.197
Image
as you see data go direct to 172.27.224.1 & every thing works well & sip can register with 172.27.224.1

mytarget:
i need to use mikrotik pptp client (192.168.2.1) to connect to pptp server (84.200.32.197) then route all date to local asterisk 192.168.2.140
i followed this article for PPTP client config
https://support.hidemyass.com/hc/en-us/ ... ient-Setup
C) i could connect to pptp server using my mikrotik 192.168.2.1, and also could route all data using pptp to my asterisk lan 192.168.2.140
my pptp server gives DHCP ip once pptp connected
GW: 172.27.224.1
so once i connect i got new ip : 172.27.224.2
Image

Image
as you see data go to Mikrotik router first 192.168.2.1 then go to 172.27.224.1
but sip can not register with 172.27.224.1 ???!!!!
what i should do to make sip register?

Re: local asterisk connect to external asterisk through tunle Mikrotik pptp client

Posted: Wed Jan 11, 2017 12:31 pm
by alaa2003
here is topology
Image
please help

Re: local asterisk connect to external asterisk through tunnle Mikrotik pptp client

Posted: Wed Jan 11, 2017 5:13 pm
by alaa2003
here is topology which is working , when connect to pptp server using cli pptp client from asterisk local lan 192.168.2.140
but my target is sip register after connect to pptp server using mikrotic pptp client instead on cli pptp client in asterisk lan
Image

Re: local asterisk connect to external asterisk through tunnle Mikrotik pptp client

Posted: Thu Jan 12, 2017 7:36 pm
by alaa2003
 /ip firewall mangle print
Flags: X - disabled, I - invalid, D - dynamic 
 0  D chain=forward action=change-mss new-mss=1360 tcp-flags=syn protocol=tcp out-interface=all-ppp tcp-mss=1361-65535 

 1  D chain=forward action=change-mss new-mss=1360 tcp-flags=syn protocol=tcp in-interface=all-ppp tcp-mss=1361-65535 

 2    chain=prerouting action=mark-routing new-routing-mark=pptp-vitalie passthrough=yes src-address=192.168.2.140 log=no log-prefix=""
/ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic 
 0  D chain=dstnat action=jump jump-target=hotspot hotspot=from-client 

 1  D chain=hotspot action=jump jump-target=pre-hotspot 

 2  D chain=hotspot action=redirect to-ports=64872 protocol=udp 

 3  D chain=hotspot action=redirect to-ports=64872 protocol=tcp 

 4  D chain=hotspot action=redirect to-ports=64873 protocol=tcp hotspot=local-dst 

 5  D chain=hotspot action=redirect to-ports=64875 protocol=tcp hotspot=local-dst 

 6  D chain=hotspot action=jump jump-target=hs-unauth protocol=tcp hotspot=!auth 

 7  D chain=hotspot action=jump jump-target=hs-auth protocol=tcp hotspot=auth 

 8  D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp 

 9  D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp 

10  D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp 

11  D chain=hs-unauth action=redirect to-ports=64875 protocol=tcp 

12  D chain=hs-unauth action=jump jump-target=hs-smtp protocol=tcp 

13  D chain=hs-auth action=redirect to-ports=64874 protocol=tcp hotspot=http 

14  D chain=hs-auth action=jump jump-target=hs-smtp protocol=tcp 

15 XI  ;;; place hotspot rules here
      chain=unused-hs-chain action=passthrough 

16 I  ;;; pptp-vitalie
      ;;; no interface
      chain=srcnat action=masquerade dst-address=84.200.32.197 out-interface=*E log=no log-prefix="" 

17    ;;; masquerade hotspot network
      chain=srcnat action=masquerade src-address=192.168.2.0/2