I was wondering if anybody has had any experience in getting around
remote locations (home offices) that have routers with ALG on. We have
a install that will have many home/remote offices and road warriors.
The ALG stuff is everywhere. In some case there is no way to turn off
the alg like
I would imagine there would be no real difference between port 5060
and 5061 on most alg's...
On Thu, Jan 12, 2012 at 10:42 AM, Gerald Drouillard
gerryl...@drouillard.ca wrote:
On 1/12/2012 10:13 AM, Tony Graziano wrote:
VPN is really the best way short of using an SBC that will handle the
ALG
I thought with tls the sip messages would be encrypted and therefore an
alg would not be able to mess it up.
Paul
Tony Graziano tgrazi...@myitdepartment.net wrote on 12-01-2012 16:46:56:
I would imagine there would be no real difference between port 5060
and 5061 on most alg's...
On Thu,
That is, when the certificates are exchanged, so if that part works...
I thought with tls the sip messages would be encrypted and therefore
an alg would not be able to mess it up.
Paul
Tony Graziano tgrazi...@myitdepartment.net wrote on 12-01-2012
16:46:56:
I would imagine there
Tls is currently broken afaik
On Jan 12, 2012 10:44 AM, Gerald Drouillard gerryl...@drouillard.ca
wrote:
On 1/12/2012 10:13 AM, Tony Graziano wrote:
VPN is really the best way short of using an SBC that will handle the
ALG on the sipx side of things. A nice option would be to try the
On 1/12/2012 4:43 PM, Michael Picher wrote:
Tls is currently broken afaik
That is what I thought. Thanks. It would be nice to get it working
if it allows the client to sneak around their ALG routers.
--
Regards
--
Gerald Drouillard
Technology
This is not entirely true. TLS works for phones that correctly send
the sipX certificate. It doesn't work for Polycoms because recent
firmwares seems to no longer support what the documentations says about
enabling custom certs. If we continue to simply brush this away and not
use it
On 01/12/2012 11:42 PM, Gerald Drouillard wrote:
On 1/12/2012 10:13 AM, Tony Graziano wrote:
VPN is really the best way short of using an SBC that will handle the
ALG on the sipx side of things. A nice option would be to try the snom
openvpn client using one of the vpn compaitble phones too.
I would strongly suggest an ingate with the far-end Nat traversal
option... tends to work very well at far end Nat.
On Jan 12, 2012 5:11 PM, Gerald Drouillard gerryl...@drouillard.ca
wrote:
On 1/12/2012 4:43 PM, Michael Picher wrote:
Tls is currently broken afaik
That is what I