Mike, Great idea! I'd be glad to share some screen shots. I'll capture the firewall and NAT rules for a base sipX install behind pfsense, and I'll also provide some captures of a 1:1 NAT on DMZ interface with a separate LAN segment. But look for them tomorrow some time as I'm a little slammed at the moment.
Jonathan Ontra LLC www.ontraonline.com _____ From: Picher, Michael [mailto:[email protected]] Sent: Thursday, August 13, 2009 4:14 PM To: Jonathan Petersen; Tony Graziano; [email protected] Subject: RE: [sipx-users] Call For Examples of firewalls that work forbothlocal and remote users... Jonathan, if you'd like to share some screen shots of the pfsense setup I can make a Wiki page for it. Thanks, Mike From: [email protected] [mailto:[email protected]] On Behalf Of Jonathan Petersen Sent: Thursday, August 13, 2009 1:42 PM To: 'Tony Graziano'; [email protected] Subject: Re: [sipx-users] Call For Examples of firewalls that work forbothlocal and remote users... I am using pfSense with sipXbridge and it works great! The only "special" thing that was required was enabling manual outbound NAT which I blurbed about on this list 8/6. "The solution in pfsense is here: http://doc.pfsense.org/index.php/Static_Port. Basically you configure manual outbound NAT and specify the static port option." On the remote worker side I have tested both m0n0wall and pfSense which work great. Jonathan Ontra LLC www.ontraonline.com _____ From: [email protected] [mailto:[email protected]] On Behalf Of Tony Graziano Sent: Thursday, August 13, 2009 9:45 AM To: [email protected] Subject: [sipx-users] Call For Examples of firewalls that work for bothlocal and remote users... I hear Vyatta, pfSense, etc. I see issues with Netgear not allowing you to turn off SPI which breaks remote workers. Can we agree to provide some examples of firewalls that work with sipxecs and sipxbridge in one or two modes? Local (where sipxecs is installed) and remote (preferably where you have a remote worker or several and not the need for a full fledged firewall), obviously if this is a full branch office, a "local" firewall clone would be acceptable. I've not had "good luck" at all in using sipxbridge, probably due to firewall compatibility or settings. So I'd like to hear what others are doing at this point to counter this. It would be good to compile this and place it on the wiki, of course, once it is discussed. Thanks, Tony
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users sipXecs IP PBX -- http://www.sipfoundry.org/
