Why don't you put the PBX on its own VLan, you can set the devices on that network to have a different firewall as a default gateway. Also, then your DHCP / DNS are separate from the Windows environment and thus you are not defendant on the Windows services to keep your phone system running...
Mike On Wed, 2009-06-03 at 03:20 -0400, Andreas (Around the Clock Information Systems) wrote: > Dear sipXecs Users, Experts and Developers, > > I stood up my first sipXecs machine a little over a month ago (build > 4.0.0-015321) and after about a week of on and off tinkering, I pretty much > have everything working. This particular server happens to have two NIC's > in it, and before I thoroughly read all the documentation, thought that I'd > point eth0 towards the internal LAN and eth1 towards the public Internet. > My logic was that the internal (LAN facing) NIC would service all the phones > and handle all intranet calls (extension to extension), while the external > (Internet facing) NIC would handle any calls destined to our ITSP and > ultimately the PSTN. After struggling with this configuration for a day or > two, I discovered this tiny little Wiki page titled "Redundant network > interfaces" at the address of > http://sipx-wiki.calivia.com/index.php/Redundant_network_interfaces. > Technically, these are NOT "redundant". They actually serve two different > purposes (in my mind) as described above. Here is the quote from that page > that concerns me: > > "It may or may not be possible to run sipXpbx on a system that has multiple > IP interfaces, but the results may be unpredictable and it is not > recommended." > > Bummer. . . If only I had discovered that sooner, I could have > saved myself three failed install attempts (twice from the sipXecs IP PBX > Single Install CD, and one from scratch). > > So, those of you who made it this far are probably saying to > yourselves "is this guy ever going to get to the point?" or "is there a > question in here somewhere?". Please be patient, I'm almost there. . . > > Here's my situation: In the next 30 days I will be asked to stand up a > production sipXecs server on an otherwise 100% M$ Windows only network which > utilizes Microsoft ISA Server as its firewall. From what I have read so > far, M$ ISA Server does not play nicely with IP based PBX's that need to be > connected to the outside world. My plan was to bypass the ISA Server and > configure the NIC's of this production sipXecs system in a similar fashion > as I described above. In spite of the "results may be unpredictable and it > is not recommended" statement above; I have read on this very list that > there are those among you who have successfully gotten "multiple IP > interfaces" working on their sipXecs servers. That's the background > information. Here are my specific questions: > > 1.) DNS - I have learned the hard way that proper DNS configuration is > critical for proper sipXecs operation. If using DNS (BIND) and DHCP on the > sipXecs server itself, how does a proper DNS configuration on a dual NIC > server differ from a sipXecs server with a single NIC? > > 2.) What are your recommendations with regard to configuration order? I.E. > System, Devices, Users, Features, etc. Would you recommend any specific > deviation in the configuration order as recommend by "The sipXecs IP PBX > Configuration Server" Wiki page at > http://sipx-wiki.calivia.com/index.php/The_sipXecs_IP_PBX_Configuration_Serv > er? > > 3.) Gotchya's? Are there any specific sipXecs services that > absolutely-positively will not work on a multiple IP interface > configuration? > > 4.) Am I dreaming? Wasting my time? Barking up the wrong IP PBX tree? > > To all that have made it this far, thank you for reading, thanks for > your time, and I look forward to your input/suggestions. > > Best wishes, > > Andreas > Systems Engineer > Around the Clock Information Systems > > > _______________________________________________ > sipx-users mailing list > sipx-users@list.sipfoundry.org > List Archive: http://list.sipfoundry.org/archive/sipx-users > Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users _______________________________________________ sipx-users mailing list sipx-users@list.sipfoundry.org List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users