It's a firewall. If you want to allow SSH or anything else through, you can pre-qualify that to be from a certain network, or not allow it through (like SSH), or create a pptp account on it to do that. I think it's safe enough. I only work with carriers who designate an ip address to use for accounts in sipx for trunking and not use any type of username/password registration, I just prefer it that way. Since all my routing is done via serial connections, it (ip/routing) can't be spoofed.
You have to expose something to get the traffic through you just have to decide whether it is through a firewall or a SBC. If I'm using the built-in SBC with sipXbridge, and I have a firewall I am happy with, I have no need for a separate SBC.It mostly depends on what functions you want it to serve and what else it might do for you (like billing). It's darn good for what it is, which is why I wrote the config sample and now a bandwidth prioritization wizard for sipXecs for it and posted them. On Mon, Nov 9, 2009 at 4:28 PM, [email protected] <[email protected]>wrote: > Ok, so aside from the DNS input I'm hoping for, pfsense seems to work. > > So, the next step would be security right. How safe is it to leave sipx > somewhat exposed > behind the firewall like this? I mean, there is no preliminary > authentication such as vpn > or something else for example. I would prefer that hackers don't have > direct access to the > ports. I also like the sbc idea because from what I understand, it hides > the > infrastructure more than a firewall does. > > I'm not very clear on the above yet since this is really the first time > we've seen this > work consistently so haven't had the chance to move forward. > > Mike > > > > _______________________________________________ > sipx-users mailing list [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users > Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users > sipXecs IP PBX -- http://www.sipfoundry.org/ > -- ====================== Tony Graziano, Manager Telephone: 434.984.8430 Fax: 434.984.8431 Email: [email protected] LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 Fax: 434.984.8427 Helpdesk Contract Customers: http://www.myitdepartment.net/gethelp/
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users sipXecs IP PBX -- http://www.sipfoundry.org/
