Loading ...
Sorry, an error occurred while loading the content.

Re: [twinklephone] use twinkle with diamondcard.us without opening firewall ports

Expand Messages
  • Christian Jaeger
    That sounds strange, but you don t provide enough information. - are you behind a NAT router or not? - what do you mean with opening port 80 , do you mean
    Message 1 of 5 , Feb 15, 2011
    • 0 Attachment
      That sounds strange, but you don't provide enough information.

      - are you behind a NAT router or not?
      - what do you mean with "opening port 80", do you mean outgoing or
      incoming traffic, on your computer or on your router?
      - I'm assuming you're talking about the TCP port 80 (but could also
      mean UDP port 80)

      I'm using Twinkle with Diamondcard.us and voip.ms, usually sitting
      behind NAT. It's important to enable STUN, and to enable keep alive
      packets every 30 seconds to remain reachable. But I haven't had this
      problem with incoming sound not coming through (anymore, I had some of
      that during experimenting with faulty VPN setups). Not all locations
      with NAT worked for me, though, and for some time I tried to tunnel
      through OpenVPN to my home server but I've given up on that because it
      was too nasty to keep working, now I'm just using 3G networking when
      out of my home (this gives me some privacy, too, and it's a stable
      setup).

      Christian.
    • Antonio Gallo
      Ok, I ve solved by simply changing my firewall. I discovered that with firestarter everything is ok. The problem was the shorewall firewall. Do any of you use
      Message 2 of 5 , Feb 16, 2011
      • 0 Attachment
        Ok, I've solved by simply changing my firewall. I discovered that with firestarter everything is ok. The problem was the shorewall firewall.

        Do any of you use twinkle with shorewall?

        thanks

        PS:

        - are you behind a NAT router or not?

        I use a router that assigns IP by means of DHCP

        - what do you mean with "opening port 80", do you mean outgoing or
        incoming traffic, on your computer or on your router?

        incoming, on my computer

        - I'm assuming you're talking about the TCP port 80 (but could also
        mean UDP port 80)

        I've tested both TCP and UDP


        --- Mer 16/2/11, Christian Jaeger <chrjae@...> ha scritto:

        Da: Christian Jaeger <chrjae@...>
        Oggetto: Re: [twinklephone] use twinkle with diamondcard.us without opening firewall ports
        A: twinklephone@yahoogroups.com
        Data: Mercoledì 16 febbraio 2011, 04:28

         

        That sounds strange, but you don't provide enough information.

        - are you behind a NAT router or not?
        - what do you mean with "opening port 80", do you mean outgoing or
        incoming traffic, on your computer or on your router?
        - I'm assuming you're talking about the TCP port 80 (but could also
        mean UDP port 80)

        I'm using Twinkle with Diamondcard.us and voip.ms, usually sitting
        behind NAT. It's important to enable STUN, and to enable keep alive
        packets every 30 seconds to remain reachable. But I haven't had this
        problem with incoming sound not coming through (anymore, I had some of
        that during experimenting with faulty VPN setups). Not all locations
        with NAT worked for me, though, and for some time I tried to tunnel
        through OpenVPN to my home server but I've given up on that because it
        was too nasty to keep working, now I'm just using 3G networking when
        out of my home (this gives me some privacy, too, and it's a stable
        setup).

        Christian.


      • Christian Jaeger
        2011/2/16 Antonio Gallo ... I m not using shorewall, neither on my computer nor on the router. (I m using iptables directly when needed,
        Message 3 of 5 , Feb 16, 2011
        • 0 Attachment
          2011/2/16 Antonio Gallo <tonicucoz@...>
          > Ok, I've solved by simply changing my firewall. I discovered that with firestarter everything is ok. The problem was the shorewall firewall.
          >
          > Do any of you use twinkle with shorewall?

          I'm not using shorewall, neither on my computer nor on the router.
          (I'm using iptables directly when needed, and I'm still keeping ports
          open by default.)

          >
          > thanks
          >
          > PS:
          >
          > - are you behind a NAT router or not?
          >
          > I use a router that assigns IP by means of DHCP

          (That doesn't determine whether NAT is in use or not except if you're
          also saying that you're *not* owner of a public subnet, in which case
          the subnet has to be private, in which case NAT has to be in use. We
          can conclude that NAT is in use by assumption, based on you not
          sounding like a network professional :).)

          > - what do you mean with "opening port 80", do you mean outgoing or
          > incoming traffic, on your computer or on your router?
          >
          > incoming, on my computer

          (Aha, so I guess you run shorewall on the computer, not on the router.)

          Sounds weird, I don't think Twinkle needs incoming port 80 TCP
          connections to work. As a matter of fact I'm pretty sure since those
          wouldn't make it into my NAT'ed network and this doesn't prevent my
          setup from working. So, not sure what was going on.

          > - I'm assuming you're talking about the TCP port 80 (but could also
          > mean UDP port 80)
          >
          > I've tested both TCP and UDP

          (I'm not going to ask whether you tested *opening* both TCP and UDP
          ports 80, or whether you tested both TCP and UDP as a transport
          setting in Twinkle. You know, I'm nit-picky enough as it is ;~).

          Christian.
        • Christian Jaeger
          PS. I wrote ... and maybe, as I had the possibility, I could just have provided the necessary information to decide whether it was NAT or not more clearly,
          Message 4 of 5 , Feb 16, 2011
          • 0 Attachment
            PS. I wrote

            > based on you not
            > sounding like a network professional

            and maybe, as I had the possibility, I could just have provided the
            necessary information to decide whether it was NAT or not more
            clearly, since not knowing how to determine NAT is not (meant) to be
            an impediment to using Twinkle. (I didn't mean to be rude, just snippy
            :)

            So yes, common end user routers that serve DHCP (meaning, allocate IPs
            to computers in the local network) will always(?) do NAT (by default,
            at least); this is because ISPs often/usually only allow one client to
            get one IP from them, so for the router to be able to serve multiple
            local devices those have to be multiplexed through that one IP (=
            network address), which is exactly what NAT is doing (doing network
            address translation between the IPs that the router allocated on its
            own locally, and the one IP with which it can communicate to the ISP).

            (Possibly some router vendors are avoiding the term "NAT" or "network
            address translation" in their user interfaces in an attempt to help
            their users not to be confused. I can sympathize with both sides.)

            Christian.
          Your message has been successfully submitted and would be delivered to recipients shortly.