|
Some phones, such as the SPA921 will have a "keep alive" function or
NAT transversal. This will allow the phone to not disappear from
behind a firewall. So you could take the phone and stick it on any
192.XXX home network/office network and it will connect to a voip
server and not go missing after a short period of time. This function will eliminate the need for port fowarding and firewall rules. The only firewall rules I do use however are sending the SIP phones out over a 2nd WAN connection. I do this via IP address and don't worry about what ports they talk on. It keeps it simple. Thats what I mean by badass. You can keep port forwarding and stuff though if you want, but you know someone is gonna take that phone and put it on some other network and get pissed that it doesnt work ;)
Chris Flugstad
Cascadelink 900 1st ave s, suite 201a seattle, wa 98134 p: 206.774.3660 | f: 206.577.5066 ch...@cascadelink.com Tortise wrote: --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.orgWhat is BADASS and what are you saying here? It seems to be mixed messages and not consistent to me. I'd like to understand what it is that you understand please. Kind regards David----- Original Message ----- From: Chris Flugstad To: support@pfsense.com Sent: Thursday, March 19, 2009 7:43 AM Subject: Re: SV: [pfSense Support] sip nat I use Linksys SPA 921 which do a BADASS job of going over NAT. They have a good "keep alive" function that keeps them nice and cozy behind a nat. We use them for our hosted pbx product and havent had any problems. Chris Flugstad Cascadelink 900 1st ave s, suite 201a seattle, wa 98134 p: 206.774.3660 | f: 206.577.5066 ch...@cascadelink.com and...@fiberby.dk wrote: Hi Chris Thanks for the quick response. I already tested it, and that solved my problem. But your probably also right when you say that it won't fix the actual problem: SIP does not like NAT. Keep up the good work... Kind regards Anders -----Oprindelig meddelelse----- Fra: cbuech...@gmail.com [mailto:cbuech...@gmail.com] På vegne af Chris Buechler Sendt: 18. marts 2009 16:03 Til: support@pfsense.com Emne: Re: [pfSense Support] sip nat Nearly always, rewriting source port on SIP breaks it so it's not done by default. Enable AON and it will be. On Wed, Mar 18, 2009 at 6:11 AM, <and...@fiberby.dk> wrote: Hi I know this issue have been raised before, but I haven't really found a satisfying answer, so here I go again... My problem is related to sip-nat. I'm running a network with approximately 2000 home users. I have choosen pfsense back in the 1.0.1 days, and is still very satisfied with it's performance and stability. At the moment I have four machines running pfsense. One working as router only (disabled the firewall under advanced). - pfsense v. 1.2 Two working as nat-routers for Internet-access. - pfsense v. 1.2 One working as a nat-router for Audiocodes MP124 sip boxes. - pfsense v. 1.0.1 When pfsense 1.2 came out, I upgraded every machine. But quickly I had to roll the "sip-router" back to 1.0.1, since it stopped rewriting the source port for the MP124 boxes. My problem is that many costumers choose to set up there own sip-boxes on the internet-connection, and therefore get connected with one of the routers thats running pfsense 1.2. And it just does not rewrite the source port, and as a result of that only one sip-box per provider gets connected. As soon as I throw them on another vlan, so they get connected to the machine running pfsense 1.0.1, it rewrites the ports just fine, and I can have as many boxes from the same provider behind one single public ip. Does anyone have an explanation to this behavior, or even better, a solution!? Kind regards Anders Dahl --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org |
- [pfSense Support] sip nat anders
- Re: [pfSense Support] sip nat Chris Buechler
- SV: [pfSense Support] sip nat anders
- Re: SV: [pfSense Support] sip nat Chris Flugstad
- Re: SV: [pfSense Support] sip nat Tortise
- Re: SV: [pfSense Support] sip nat Chris Flugstad
- Re: SV: [pfSense Support] sip nat Chris Flugstad
- Re: SV: [pfSense Support] sip... Chris Buechler
- Re: SV: [pfSense Support] sip... Paul Mansfield
- Re: SV: [pfSense Support] sip... Chris Flugstad
- [pfSense Support] OT: pap2t -... Paul Mansfield
