Hylafax Mailing List Archives
[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [hylafax-users] Hylafax Client - Server problem

Thomas,

You've confused me there. I hope you're not trying to tell your hylafax client to use 192.168.1.xx when it is on the public internet. That is not going to work. You need to use the public address.

What happens when a client connects is exactly the same as FTP. The client connects - does its login etc then tells the server it would like to send something. The server says ok im going to open this random port for you to send the data on.

The problem is that when the client tries to connect to random port the router doesn't know it should be forwarding the traffic to the hylafax server. Connection tracking captures this open random port message and forwards the port for the duration of the session.

Let me put it this way - you're not going to get around the problem with a $100 router. You need Linux or BSD etc or a very expensive enterprise router.

support wrote:
Hi Kimble Young,

I would like to know your situation. Is your situation same as mime? My
situation is that My Fax Server is using LAN IP. A router with put
before Fax Server. LAN IP is translated to public IP by means of router.
When I try to trace the TCP/IP log message, I find that fax client
cannot find the fax server because it try to find fax server using
192.168.1.xx. Of course, it is impossible for fax client in WAN to
communicate fax server using LAN IP.

Do you mean that If I replace my current web-based rotuer with a linux
router, this problem can be solved? Thank you.


Thomas

On Fri, 2004-11-26 at 09:48, Kimble Young wrote:

Build.

Most likely. Look this feature is pretty obscure and no home/SOHO web based router is going to support it. Possibly a $10,000 router but at that price you may as well just buy a linux box.

I suggest you try Shorewall and a Fedora Core 1/2 basic install. You should have a working router that can be built from an old Pentium I/II/III in around an hour (for a newbie, less for a seasoned warrior).

Regards,

Kimble Young



support wrote:

Hi,


Linux router ... hm ... but my router is web-based only. I cannot telnet
or ssh into the router. Do you mean that I need to build my own router
or buy another one?


Thomas


Thomas

On Fri, 2004-11-26 at 08:02, Kimble Young wrote:


I have to agree here.

To the ftp connection tracking modules hylafax looks identical to an ftp session. You just need to tell it to use port 4559.

I have it working on several machines with no problems.

Regards,

Kimble Young

An Intrepid HylaFax User wrote:


According to previous discussion on fax client and server through FTP
port 4559, no one can answer this firmly.

What I think is that this is a problem due to NAT. This situation occurs
similarly in Voice Over IP (VOIP). For example, in SIP, NAT will only
change the source IP address for LAYER 3 only, but those embedded in IP
message at or above Layer 4 (TCP/UDP layer or above) will not be
translated to the NAT address. A voice channel (UDP) cannot be
established as internal IP address is un-routeable. This can be solved
by installing STUN server or Tunneling techniques.



If you're using Linux as a router, you can configure your ip_nat_ftp module to
do protocol inspection for the hylafax ports as well as ftp.  Linux provides a
a rich set of flexible NAT and conntrack helpers which work with protocols
like FTP and IRC which pass around IP#s around as part of its session
conversations.

These topics are covered at length by various HOWTOs and FAQs.  The Hylafax
protocol looks almost identical to FTP's with respect to its file xfer
commands, so I suspect adding the hylafax ports to the nat/conntrack ftp
helpers will "make it all work" like magic.

=R=




____________________ HylaFAX(tm) Users Mailing List _______________________
To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
*To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*




____________________ HylaFAX(tm) Users Mailing List _______________________
To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
*To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*






____________________ HylaFAX(tm) Users Mailing List _______________________
 To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
 *To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*




____________________ HylaFAX(tm) Users Mailing List _______________________
 To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
 *To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*






____________________ HylaFAX(tm) Users Mailing List _______________________
  To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
 On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
  *To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*




____________________ HylaFAX(tm) Users Mailing List _______________________
 To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
 *To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*

Home
Report any problems to webmaster@hylafax.org

HylaFAX is a trademark of Silicon Graphics Corporation.
Internet connectivity for hylafax.org is provided by:
VirtuALL Private Host Services