Hello,
I am using the Asterisk system on FC6 x86_64. I am trying to use SIP, which uses port 5060. My SIP client can't connect to the Asterisk server to register. I did an Ethereal packet capture and found out why: the server returns an ICMP packet saying "Destination unreachable (Host administratively prohibited)" message in response to the UDP packet to register by SIP. The Asterisk server does not show any SIP activity even with SIP debugging output enabled.

Is SeLinux doing this somehow? Or is it the application that's returning these ICMP messages? I ran /usr/sbin/setup to add port 5060 to the firewall config, but the same thing is happening.

I have attached the Ethereal packet capture file for one of the ICMP packets that the server returns. Please take a look.

Thanks!

Your host firewall (iptables) on your asterisk server is blocking the port. You need to add a rule to iptables unblock it. You can test this theory by briefly dropping your firewall (sudo service iptables stop), then see if you can connect to your server. Don't forget to restart iptables when you're done with the test (sudo service iptables start).

Thanks for your reply. It turned out that when I set it to unblock port 5060, it registered as TCP rather than UDP. Now it works. :)