"And hence the need for a really smart SBC for remote user traversal, because you will not have access to every firewall where they are. "
Any recommendations? "You are assuming that the ITSP's are capable of talking to sipxbridge. This is another VERY good reason to use an independent sbc. " We have been using/testing a SipX 4.1.7 for almost a year now with one ITSP (MyDivert.com) and it is working so far. We have recently started a new 4.2.1 installation we are configuring for production and so far have not had any NAT traversal issues but I do understand we have not tested all the possible scenarios, nor could we possibly ever do that before putting it in production. Though, I'd like to try to cover as many bases as possible. Thanks again! (I noticed that your located in Charlottesvile and I'm Fredericksburg, maybe I could buy you a beer and pick your brain some more???) From: [email protected] [mailto:[email protected]] On Behalf Of Tony Graziano Sent: Thursday, January 20, 2011 2:26 PM To: Discussion list for users of sipXecs software Subject: Re: [sipx-users] OpenSBC On Thu, Jan 20, 2011 at 2:18 PM, Burleigh, Matt <[email protected]> wrote: "When you use an SBC that does smart nat traversal methods (if they have sip alg or Stateful packet inspection on) or if they have a integrated device it might not leave the option to turn onn these functions, how useful will it be to you?" And that's why I thought I would be only using Bria where I can provision "Firewall Traversal" method to be OFF (or Bria Iphone with firewall traversal options off) and let SipXbridge handle the NAT traversal issues. It doesn't work that way. So a smarter SBC, like OpenSBC, would support more NAT traversal scenarios? If this is so, then I need to start learning a lot more about OpenSBC and SipX. Not all SBC's are the same. My user base is pretty small, less than 10 would be globally roaming and need this type of connectivity. And hence the need for a really smart SBC for remote user traversal, because you will not have access to every firewall where they are. No site to site VPNs. Instead we're simply using ITSPs to provide DID's for our customers in other countries and so that it's a "local" call for the customers. You are assuming that the ITSP's are capable of talking to sipxbridge. This is another VERY good reason to use an independent sbc. Thanks again! From: [email protected] [mailto:[email protected]] On Behalf Of Tony Graziano Sent: Thursday, January 20, 2011 1:13 PM To: Discussion list for users of sipXecs software Subject: Re: [sipx-users] OpenSBC You might get more input if you start another thread. I've done this before. Trunks on other continents, site-to-site vpn's with analog gateways on other continents, remote users wherever. It's not a reflection on pfSense, but if you want to support remote "mobile" workers and/or a lot of remote users, you need a different SBC device than sipxbridge. Yes, it will work. Yes it will traverse NAT (to a point). What it wont do is traverse NAT in anything other than a basic way, which means you need to reconfigure the remote firewalls of just about every user, to get it to work for them. When you use an SBC that does smart nat traversal methods (if they have sip alg or Stateful packet inspection on) or if they have a integrated device it might not leave the option to turn onn these functions, how useful will it be to you? On Thu, Jan 20, 2011 at 12:51 PM, Burleigh, Matt <[email protected]> wrote: I am planning a Pfsense/SipX deployment with both roaming/global remote workers(Bria Pro/Bria Iphone) and ITSP (DID's in other countries) connectivity. Sorry to hijack this thread, but I am not sure I understand the need for OpenSBC or any external SBC with SipX. SipXbridge already handles the NAT traversal issue and is an "SBC" of sorts. I guess I don't if it's a complete "SBC" implementation or not... Are there security issues for allowing "port forwared" connections directly to SipXbridge? I think I've read a thread discussing using OpenSBC to modify the SIP messages and not sure why that is needed? Any examples? Thanks! From: [email protected] [mailto:[email protected]] On Behalf Of Michael Picher Sent: Thursday, January 20, 2011 10:07 AM To: [email protected]; Discussion list for users of sipXecs software Subject: Re: [sipx-users] OpenSBC two thumbs up for OpenSBC on pfSense! freeswitch is already available on pfSense, how hard can it be Joegen :-) i'm sure you're not busy doing anything else... hahahaha... On Thu, Jan 13, 2011 at 5:16 PM, [email protected] <[email protected]> wrote: > If you feel that integration would do the sipX project any good, > feel free to voice out your opinion. I'm not high level enough in this to have any input on the topic. I don't know if that would or would not be a good idea in terms of 'integrating'. I personally like to see things in modular form, not all tied into one single bundle but tied together so that they work very well together, as individual, stand alone 'modules'. I loved using OpenSBC but was never able to resolve the glemlins we suffered. I still believe it was because of my lack of understanding Vyatta so had to move to pfsense. What I can tell you is how badly I would love to see OpenSBC on pfsense though :). Or, even as a safe, secure centos/firewall only setup. Mike _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/ -- There are 10 kinds of people in this world, those who understand binary and those who don't. [email protected] blog: http://www.sipxecs.info call: sip:[email protected] <mailto:sip%[email protected]> _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/ -- ====================== Tony Graziano, Manager Telephone: 434.984.8430 sip: [email protected] Fax: 434.326.5325 Email: [email protected] LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 sip: [email protected] Helpdesk Contract Customers: http://support.myitdepartment.net Blog: http://blog.myitdepartment.net Linked-In Profile: http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4 _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/ -- ====================== Tony Graziano, Manager Telephone: 434.984.8430 sip: [email protected] Fax: 434.326.5325 Email: [email protected] LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 sip: [email protected] Helpdesk Contract Customers: http://support.myitdepartment.net Blog: http://blog.myitdepartment.net Linked-In Profile: http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
