you could just donwload the sample config from my blog though... On Mon, Jul 12, 2010 at 1:53 PM, Tony Graziano <[email protected] > wrote:
> You simply configure the firewall so it gets out, then you add the NAT > rules. Before you put any nat rules in you make sure > > Firewall: NAT: Outbound > * > * > > Has the default allow any out, you can safely delete any other rules there > it creates by default, then edit the default rule to use STATIC PORT NAT. > Then check... > * > * > *Manual Outbound NAT rule generation (Advanced Outbound NAT (AON))* > > In my case I always create one rule per item (tcp 5060, udp 5060, I never > use "both" and try to skimp by with one rule. Then make sure it shows up on: > > Firewall: Rules:WAN > > You only NEED to create 4 rules for siptrunking, remote users and media. > > TCP 5060 (softphones prefer tcp) > *UDP 5060 (outbound to itsp and remote users)* > *UDP 5080 (trunking, inbound from itp)* > *UDP 30000:31000 (rtp ports)* > * > * > *Others like 80/8443 (sipxconfigui), 12000 (bria provisioning), tftp > (tftp, remote phone provisioning) and 21 (tfp, remote phone provisioning, > all TCP), are optional and depend on your needs.* > > On Mon, Jul 12, 2010 at 1:38 PM, Michael Scheidell > <[email protected]>wrote: > >> On 7/12/10 1:34 PM, Tony Graziano wrote: >> >> No 1:1 is needed. >> >> >> Just use manual AON nat, and translate the ports using NAT and make sure >> it creates the associated outbound rule. Whatever you do, you should "stick" >> to a single public IP address when running one sipx server, >> >> one public ip for the six server, right? >> I can still have public ip's for other things, right? >> >> you don't want to port forward ANY and ALL tcp port 5060 to the one sipx >> box, just use the manual natting rules? >> >> >> >> -- >> Michael Scheidell, CTO >> Phone: 561-999-5000, x 1259 >> > *| *SECNAP Network Security Corporation >> >> - Certified SNORT Integrator >> - 2008-9 Hot Company Award Winner, World Executive Alliance >> - Five-Star Partner Program 2009, VARBusiness >> - Best in Email Security,2010: Network Products Guide >> - King of Spam Filters, SC Magazine 2008 >> >> >> ------------------------------ >> >> This email has been scanned and certified safe by SpammerTrap®. >> For Information please see http://www.secnap.com/products/spammertrap/ >> ------------------------------ >> >> > > > -- > ====================== > Tony Graziano, Manager > Telephone: 434.984.8430 > sip: [email protected] > Fax: 434.984.8431 > > Email: [email protected] > > LAN/Telephony/Security and Control Systems Helpdesk: > Telephone: 434.984.8426 > sip: [email protected] > Fax: 434.984.8427 > > Helpdesk Contract Customers: > http://www.myitdepartment.net/gethelp/ > > Why do mathematicians always confuse Halloween and Christmas? > Because 31 Oct = 25 Dec. > > -- ====================== Tony Graziano, Manager Telephone: 434.984.8430 sip: [email protected] Fax: 434.984.8431 Email: [email protected] LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 sip: [email protected] Fax: 434.984.8427 Helpdesk Contract Customers: http://www.myitdepartment.net/gethelp/ Why do mathematicians always confuse Halloween and Christmas? Because 31 Oct = 25 Dec.
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users sipXecs IP PBX -- http://www.sipfoundry.org/
