For an Asterisk-environment with no more then 10 SIP-phones, I would open 10 x 4 = 40 UDP ports for RTP/RTCP-traffic ( 4/call). Can you confirm ?! rtp.conf : rtpstart=30500 rtpend=30550
Ok, there's 50 here... a round number right ?! All SIP-communication stays on the LAN. There's a NIC connected on the switch. Another NIC (WAN) is used for IAX-traffic to a VoIP-provider. So, I do not really need to worry about security flaws ?! Except if hackers are able to hack another server on the network, than these ports are open for them... On the firewall there's just port 4569 (IAX) that's forwarded to the WAN-interface of the Asterisk-server. A little second question : by defining a default route via the WAN-interface, traffic that needs to leave the network will be routed to the VoIP-provider ? So all internal communication goes via the LAN-interface. All the traffic that needs to go to the default gateway is defined in my route table to leave the Asterisk-server via the WAN-interface. There are no more options I need to configure in Asterisk ??? Asterisk works on OSI-level 'application', so traffic is not routed by Asterisk. When Asterisk needs to send SIP-messages or RTP-traffic to an IP-adres that is not on the local LAN, OSI-layer 3 (IP network) will route it via the correct interface. Asterisk will translate from SIP to IAX, but routing between interface 1 (LAN) and interface 2 (WAN) will happen much lower on the OSI-model. Am I right ? Or do I need some special settings in Asterisk (sip.conf or iax.conf) to be able to route between internal and exteral NIC. Thanks for the info on RTP-ports and my routing-question. Jonas.
_______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
