Re: SOLVED: Re: how to use OpenBSD firewall (pf) to protect Ooma Telo VOIP phone system

In message I described how I'm using an OpenBSD firewall (pf) to protect a VOIP phone system. A small correction: I wrote: > The firewall > also runs unbound to provide caching DNS service to the VOIP box and the > local computers, and to do

SOLVED: Re: how to use OpenBSD firewall (pf) to protect Ooma Telo VOIP phone system

In message (date 2021-07-05) I wrote: > Has anyone used an OpenBSD firewall (pf) to protect an Ooma Telo VOIP > phone system from internet attacks? If so, how did you do it? More > generally, how do people protect VOIP phone systems

Re: how to use OpenBSD firewall (pf) to protect Ooma Telo VOIP phone system

Hi Stuart, On Tue, Jul 06, 2021 at 08:23:06AM +1000, Stuart Longland wrote: > One thing the OpenBSD host cannot know, is what specific port in that > 1:3 range, is being used at any particular time. I note they > don't ask you to expose port 5060/udp, so presumably the device is > _not_

Re: how to use OpenBSD firewall (pf) to protect Ooma Telo VOIP phone system

If you consider your voip box as a host which could be compromised because it runs old and/or insecure software, packet filtering can (in theory) help you a little bit by reducing the amount of exposed services, but it won't do more than that. Allowing traffic on network ports which corresponds

Re: how to use OpenBSD firewall (pf) to protect Ooma Telo VOIP phone system

On Mon, 5 Jul 2021 17:50:27 -0700 Jonathan Thornburg wrote: > > Better yet, if you can, maybe consider setting up Asterisk or similar > > directly on the OpenBSD router, then configure your ATA to talk to > > that. The Asterisk installation can then "sanitise" the traffic going > > to your ATA,

Re: how to use OpenBSD firewall (pf) to protect Ooma Telo VOIP phone system

On Mon, 5 Jul 2021 10:58:52 -0700 Jonathan Thornburg wrote: > +--+ > (internet) | $ISP DSL | > | modem/router | > +--+ > | > | >

Re: how to use OpenBSD firewall (pf) to protect Ooma Telo VOIP phone system

If you don't trust your voip box you should not install it in your lan zone. You should have a perimeter network; maybe your actual configuration is less dangerous than the one you propose. ‐‐‐ Original Message ‐‐‐ Il lunedì 5 luglio 2021 7:58 PM, Jonathan Thornburg ha scritto: >

Re: how to use OpenBSD firewall (pf) to protect Ooma Telo VOIP phone system

In I asked for advice on using an OpenBSD firewall to protect a VOIP box from network attacks. Several people have suggesting isolating the VOIP box in a separate sublan. This is a good idea. In fact, the network topology I'm planning > >

Re: how to use OpenBSD firewall (pf) to protect Ooma Telo VOIP phone system

For starters use a separate vlan for the phones. On Mon, Jul 5, 2021 at 2:02 PM Jonathan Thornburg wrote: > > Short summary: > > Has anyone used an OpenBSD firewall (pf) to protect an Ooma Telo VOIP > phone system from internet attacks? If so, how did you do it? More > generally, how do people

how to use OpenBSD firewall (pf) to protect Ooma Telo VOIP phone system

Short summary: Has anyone used an OpenBSD firewall (pf) to protect an Ooma Telo VOIP phone system from internet attacks? If so, how did you do it? More generally, how do people protect VOIP phone systems (regardless of brand) from internet attacks? Details: My current home network topology