I really hope that some one can help me here.
I have been struggling for about a week now at a client trying to get thier PBX to use a separate line.
Summary of my problem:
What I have done:
- Setup a firewall list off all ips to be marked to ues ISP2
- Added a mangle rule, prerouting, src = addressList, action is mark route ISP2
- Added NAT masqurade rule for ISP2
- Added route with routing mark ISP2
This is all in addition to the working router with all devices running on ISP1.
Now my problem.
If I add a pc / desktop IP to the address list, all is well. Their internet is routed through ISP2 and all works happily. The same for multiple address. (ie multiple cpcs)
Now the minute I add my pbx ip to the address list, both my two SIP trunks go offline, and they say trying..
Code: Select all
,17:39:33,192.168.1.30,"<13>Jun 3 17:40:15 asterisk:
[20140603 174015.353] NOTIC[06862] chan_sip.c:25898: find a peer device,host is:
"
,17:39:44,192.168.1.30,"<13>Jun 3 17:40:26 asterisk:
[20140603 174026.847] NOTIC[06862] chan_sip.c:15877: -- Registration for '278********@sip.nexus.co.za' timed out, trying again (Attempt #4)
"
,17:39:44,192.168.1.30,"<13>Jun 3 17:40:26 asterisk:
[20140603 174026.950] NOTIC[06862] chan_sip.c:15877: -- Registration for '278********@sip.mweb.net' timed out, trying again (Attempt #4)
"
,17:39:49,192.168.1.30,"<13>Jun 3 17:40:31 asterisk:
[20140603 174031.330] NOTIC[06862] chan_sip.c:25898: find a peer device,host is:
"
,17:39:51,192.168.1.30,"<12>Jun 3 17:40:33 asterisk:
[20140603 174033.247] WARN [06862] chan_sip.c:4585: Retransmission timeout reached on transmission 29808-1662610c7447c5980566ca2a40@pbxgenacc.dyndns.org for seqno 105 (Critical Request) -- See https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions
Packet timed out after 6400ms with no response
So that suggests that I have some where messed up a setting, and I have gone through everything multiple times and I cant find it.
Both the PPPoE Clients are from the same dsl provider, I have the same settings in the pppoe clients (except for credentials)
Are the sip packets somehow not being caught by the src address? ( I have tried identifying by mac address as well and no luck), but it looks as though they are being caught by the mangle, So i really dont know.
I have attached my config export for those who want some deeper info.