Jump to content

IP Access Control bug?


Pablo
 Share

Recommended Posts

Under the Web Page Control tab, I edited the reg_access.htm page to add the following subnets: 255.255.254.0 & 255.255.252.0. In doing so, I made sure to retain the formatting and, thus, entered:

 

<option value="23">255.255.254.0</option>

<option value="22">255.255.252.0</option>

I wanted to add the 23-bit subnet for my home-office public IP and needed the 22-bit for CallCentric's IP address block. In the routing table (SoHo), I deleted the LAN default gateway and added static entries to my home office & to CallCentric's network. I then created, in the IP Access Control list, a block entry as follows: 0.0.0.0/0.0.0.0 [Everything else].

I've been following the log and it appears as though snom ONE is able to transmit to CallCentric just fine; but no SIP Rx entries are showing up from CallCentric. In addition, despite specifically allowing my home-office's & CallCentric's IP blocks, snom ONE still Blacklisted both--until I added an allow entry of x.x.x.x/32 for my home office. In order to get the PBX to register to CallCentric, again, I had to delete the "block 0.0.0.0/0.0.0.0" entry.

When editing reg_access.htm to add subnets, do I need to do the same somewhere else on the PBX? Or, is this a bug in v4.5.0.1090 (snom ONE mini)--running on a SoHo? Or am I simply missing something, here?

 

Link to comment
Share on other sites

The thing is... We don't have a /22 or /23 mask. Is there such a thing as a /22 and /23 mask?! It is not a big deal adding that, but we need to build a new version for that.

 

I know nothing about the world of masks; I was simply following the instructions on the CallCentric website:

 

 

If you have a secured/restricted network and need to know the ports and IP addresses to allow for Callcentric then please use the information below. NOTE: In general ports 5060-5080 should be allowed in order to properly communicate with the Callcentric servers. Users experiencing audio issues may want to check that RTP audio is not blocked by their firewall configuration:

 

IP addresses/Networks

 

204.11.192.0/22

 

OR

 

204.11.192.0 - 204.11.192.255

 

At my home-office, I get broadband through AT&T U-verse. When I log onto my U-verse router's config page, it reads:

 

Broadband link type: Built-in modem - vDSL

Connection type: Direct IP

IP address: xx.xxx.xxx.6

Subnet mask: 255.255.254.0

Default Gateway: xx.xxx.xxx.1

 

---

 

What do you suggest I do?

Link to comment
Share on other sites

Looks like there is a bug on the callcentric web site! If they have 256 addresses, then the subnet is /24--which would elegantly solve the problem. rolleyes.gif

 

Great catch! And it did... the log shows that the PBX is now receiving packets from CallCentric and, under the Domain/Trunks tab, the registration status is 200 Ok.

 

Thanks!

Link to comment
Share on other sites

Looks like there is a bug on the callcentric web site! If they have 256 addresses, then the subnet is /24--which would elegantly solve the problem. rolleyes.gif

This is not the bug - it's a /22 network block. It means 4 former Class C networks - 204.11.192.0, 204.11.193.0, 204.11.194.0 and 204.11.195.0.

 

The netmask covering a whole network block's range is 255.255.252.0.

 

It's fine for now if you use 255.255.255.0 for simplicity because, as a matter of fact, Callcentric's SIP operations use 204.11.192.0 primarily, but that may change in future to use other networking blocks as needed - Callcentric is an ISP and has many network blocks in usage.

Link to comment
Share on other sites

  • 2 months later...

This is not the bug - it's a /22 network block. It means 4 former Class C networks - 204.11.192.0, 204.11.193.0, 204.11.194.0 and 204.11.195.0.

 

The netmask covering a whole network block's range is 255.255.252.0.

 

It's fine for now if you use 255.255.255.0 for simplicity because, as a matter of fact, Callcentric's SIP operations use 204.11.192.0 primarily, but that may change in future to use other networking blocks as needed - Callcentric is an ISP and has many network blocks in usage.

 

The thing is... We don't have a /22 or /23 mask. Is there such a thing as a /22 and /23 mask?! It is not a big deal adding that, but we need to build a new version for that.

 

Are /22 and /23 masks something that can get added in an upcoming update/version? I've noticed that my AT&T U-verse broadband utilizes a 255.255.254.0 netmask.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...