On Sun, 2009-09-13 at 04:49 -0400, Picher, Michael wrote: > From a security standpoint, why would an organization that strictly > controls its firewall allow you to have a system straddle their > demarcation with your server? If they don't control the security of > it, > you've just bypassed their firewall and allowed a back door route into > the network that's probably a lot easier to compromise than a real > firewall. How can they be assured that it is indeed protected / > patched > / etc? So one system gets compromised and it's off to the races. > > All that is required here is that you allow 5060 udp (for remote > workers), 5080 udp (for SIP trunks) and 30000-31000 udp (for > RTP/voice) > to be NAT translated from an outside IP address to your internal IP > address.
Or, request an outside address and put another PC that has two interfaces there loaded with an IPcop or other free firewall program on it, program the ports above to go to your PBX. _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users sipXecs IP PBX -- http://www.sipfoundry.org/
