Hi Myles, Thanks to you and everyone else that has responded. I've really learned a lot. pFSense and IPCop sounds let best so far for LINUX based firewalls.
I'm also wondering if anyone has any suggestions for a standalone firewall appliance like my Linksys WRT54G except one better suited for a small business and that NAT works well with VOIP. Thanks again! David Wathen > -----Original Message----- > From: asterisk-users-boun...@lists.digium.com > [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of > Myles Wakeham > Sent: Tuesday, October 13, 2009 9:06 PM > To: asterisk-users@lists.digium.com > Subject: Re: [asterisk-users] Best Firewall Suggestions? > > >> My customer has a outdated firewall that is also > presenting a NAT nightmare > for getting the Asterisk server > reachable from the internet. > > > > What firewalls work good with VOIP? I really want to steer > away from any ALG > supported firewall. I just want a good > firewall that works well with > Asterisk. > > We're running IPCop (Linux based, open source, 100% free), > and its been fantastic for us. www.ipcop.org > > I spent weeks trialing many others. Even had Astaro send me > out a trial box to use. I think we short-listed this down to > pfSense, SmoothWall, Astaro and IPCop. Its been a while > since we did this, so newer versions might have different > test results now, but (if I remember correctly): > > 1. pfSense - Solid, but was a bit picky on network adapters > (we wanted to use a Quad NIC for this). Also was a bit > cryptic for setup, but that's probably just us being too lazy to RTFM. > > 2. Shorewall - this worked out of the box, looked easy to setup, etc. > But when it came down to supporting multiple external WAN IP > addresses that we had, it fell short and was dismissed as an > option. I believe that their commercial version did support > this, but had a hard time trying to find who to buy the damn > thing from. > > 3. Astaro - great company to work with. Really helpful, > great tech support, etc. Loving all of that. Not loving the > $2K+ price tag for what we needed. But then we are stingy > and cheap. That's just us. If you have commercial clients, > and budget this looked really good. > > 4. IPCop - its free. Was a dream to install and setup. > Support via their mailing list was awesome. The people there > didn't make us feel like newbs when we had basic questions to > ask. Feature set rivaled all other products, and there is a > pretty healthy add-on market for it. QoS was decent, > although there are add-ons for better QoS granularity. > > We chose IPCop. Been running it with Asterisk and our other > network apps, servers, etc. for about 4 months straight. > Never needed a reboot. > Never crashed. Low footprint, and runs on some old dog > hardware we had lying around. > > Like I said, this review is about 6 months old, so things change. > That's our biz. Go figure. > > Of course, your mileage may vary. > > Myles > -- > ======================= > Myles Wakeham > Director of Engineering > Tech Solutions USA, Inc. > Scottsdale, Arizona USA > http://www.techsolusa.com > Phone +1-480-451-7440 > > > _______________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > AstriCon 2009 - October 13 - 15 Phoenix, Arizona > Register Now: http://www.astricon.net > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > _______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- AstriCon 2009 - October 13 - 15 Phoenix, Arizona Register Now: http://www.astricon.net asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users