> All there is are *workarounds*, otherwise known as bad and > rather dangerous hacks. Whether it works or not is highly dependent on > external factors that you don't usually control. It also depends on > the type of NAT/PAT your router is using, ie the router's particular > NAT/PAT implementation.
So be it! From a practical standpoint, if you want to have NAT routers on both sides and you accept all this scary stuff, port forwarding will do the job. On a concrete level, it depends on exactly what you need to protect.. If this is an asterisk box that you are watching daily and it is otherwise secured (lthings like sendmail not accepting ANY mail from the outside, minimal accounts and running services, etc) and you really need to do this, it works beyond the shadow of a doubt - may have been doing it for many months. On the client side, I'm not sure what the risk is to say a SIP phone that has 5060 and some rtp ports forwarded to it. Maybe someone can come in and list the threats to both ends of a double NAT setup? I'm sure hundreds of us would be very interested in this! _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
