On Tue May 22 2007 15:17:45 Reza - Asterisk Enthusiast wrote: > Hello Mark: > > Personally I do not recommend VOIP through a VPN. Other's might disagree, > but I have my style. The inability of RTP packets not flowing through is > to do strictly with how your VPN is structured. I know of people who > implemented VOIP on a VPN. > > Technically speaking, UDP can flow through a VPN. They are just data > packets. > > Your IAX routing through another Asterisk would merely allow you to easily > manage one port (4569) through which all your signaling and audio is passed > through. It does increase the headache of managing another box though. > However with a 2nd * you would not have to worry about forwarding or > allowing a larger range of ports in your VPN and/or Firewall. > > My motto has always been to keep things simple. A VPN increases complexity > and introduces over engineering (in my humble opinion). It definitely has > benefits, but in an office of 10 or less people -- I see VOIP on VPN, > adding more complexity to debug technical issues. Just my 2 cents. > > Cheers! > Reza. > > ----- Original Message ----- > From: "Mark Borg" <[EMAIL PROTECTED]> > To: "Reza - Asterisk Enthusiast" <[EMAIL PROTECTED]>; <[email protected]> > Sent: Tuesday, May 22, 2007 9:55 AM > Subject: Re: [on-asterisk] rtp working thru vpn.... > > > Hi Reza, would you have a thought as to why rtp doesn't seem to pass thru > > a vpn tunnel? Still with this same config; it registers and I can dial > > the remote, it rings then hangs up immediate. I have reinvite=no and also > > nat=yes so reinvite should be disabled anyways. it looks to me like the > > rtp route is not succeeding - is it a property of vpn not to pass udp? > > some items from the sip debug log - > > "peer audio RTp is at port 192.168.0.226:3000" - so * sees the port... > > "capabilities ...." both have ulaw/alaw avail; > > sip show peers shows monitored status at 135ms - > > > > i see no reason that rtp would not pass transparent thru vpn tunnel. > > > > in your opinion should i stick a second * at the remote site & use iax > > instead of trying to make sip/rtp work? > > thanks for your help. > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED]
yes I was attracted to the single (smoking) port theory... thanks there will be more working on it after-hours.
