Here are the inbound rules required for Vyatta...
rule 40 {
action accept
destination {
port 5060
}
protocol tcp
}
rule 41 {
action accept
destination {
port 5060
}
protocol udp
}
rule 42 {
action accept
destination {
port 10000-20000
}
protocol udp
}
rule 43 {
action accept
destination {
port 5080
}
protocol tcp
}
From: [email protected]
[mailto:[email protected]] On Behalf Of milosz
Sent: Thursday, August 13, 2009 4:54 PM
To: Jonathan Petersen
Cc: [email protected]
Subject: Re: [sipx-users] Call For Examples of firewalls that work
forbothlocal and remote users...
jonathan and carlos: how many users are you guys supporting with the
pfsense setups?
On Thu, Aug 13, 2009 at 1:42 PM, Jonathan Petersen
<[email protected]> wrote:
I am using pfSense with sipXbridge and it works great! The only
"special" thing that was required was enabling manual outbound NAT which
I blurbed about on this list 8/6.
"The solution in pfsense is here:
http://doc.pfsense.org/index.php/Static_Port. Basically you configure
manual outbound NAT and specify the static port option."
On the remote worker side I have tested both m0n0wall and pfSense which
work great.
Jonathan
Ontra LLC
www.ontraonline.com
________________________________
From: [email protected]
[mailto:[email protected]] On Behalf Of Tony
Graziano
Sent: Thursday, August 13, 2009 9:45 AM
To: [email protected]
Subject: [sipx-users] Call For Examples of firewalls that work for
bothlocal and remote users...
I hear Vyatta, pfSense, etc. I see issues with Netgear not allowing you
to turn off SPI which breaks remote workers.
Can we agree to provide some examples of firewalls that work with
sipxecs and sipxbridge in one or two modes? Local (where sipxecs is
installed) and remote (preferably where you have a remote worker or
several and not the need for a full fledged firewall), obviously if this
is a full branch office, a "local" firewall clone would be acceptable.
I've not had "good luck" at all in using sipxbridge, probably due to
firewall compatibility or settings. So I'd like to hear what others are
doing at this point to counter this.
It would be good to compile this and place it on the wiki, of course,
once it is discussed.
Thanks,
Tony
_______________________________________________
sipx-users mailing list [email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-users
Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users
sipXecs IP PBX -- http://www.sipfoundry.org/
_______________________________________________
sipx-users mailing list [email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-users
Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users
sipXecs IP PBX -- http://www.sipfoundry.org/
