Yea, you don't want to do the entire VLan... just the IP of the server. Mike
On Wed, Feb 29, 2012 at 8:43 AM, Steve <[email protected]> wrote: > Agreed.. I'm puzzled by this as well. > > I followed the sample config provided by Tony.. I believe the manual > outbound NAT rule as part of that configuration has an outbound manual NAT > rule for entire network. I'll have to validate this later. My phones and > sipx are on their own vlan. > > Thanks, > Steve > Appraisal Host Software > 781-214-6250 > > On 2/29/2012 8:35 AM, Michael Picher wrote: > > and you've specifically enabled static outbound NAT for the IP address of > the server only (don't do it for the entire phone network / computer > network)? > > I can't see how this would work with a checkpoint but not pfSense. > > Mike > > On Wed, Feb 29, 2012 at 7:35 AM, Steve <[email protected]> wrote: > >> Thanks.. I have no issue spending money or time figuring this out >> however, I've yet to find anyone that's gotten this to work with a pfsense >> firewall and broadvox. I'm open to using another open source fw as well. >> >> So, if there is anyone on the list that has gotten this to work (sipx, >> pfsense fw and broadvox) I'd like to hear from you. Specifically, my issue >> is inbound calling. Outbound works fine. >> >> Steve >> >> >> >> On 02/29/2012 07:22 AM, Michael Picher wrote: >> >> Server can only have one NIC so this is a fail... >> >> What you're trying to do here really isn't that hard... >> >> If you can't make it work, I'd suggest spending more time to learn >> about this stuff and make sure you have the proper hardware. Or seek help >> from somebody who can just set it up for you and make it work. >> >> Both of which may involve some $... But, there are only 2 ways to do >> things. >> >> Mike >> >> >> On Wed, Feb 29, 2012 at 7:01 AM, Steve <[email protected]> wrote: >> >>> This probably isn't specifically a sipx architecture question.. >>> >>> I've been having some issues with NAT, I've been able to get it to work >>> with one firewall (that's underpowered) but not pfsense. I've even gone >>> so far as to start from scratch going to v1x of pfsense and following >>> Tony's postings and importing pieces of Tony's sample config with no >>> success. I've even tried IPCOP with same results. >>> >>> So, I've decided to abandon the whole NAT thing and just move the server >>> to the DMZ. So my question is this, as I have 2 NIC's in my sipx server >>> can I just add the second IP to the server (for the DMZ public address) >>> and then also have the server plugged into the existing phone (non >>> routable) network? >>> >>> Essentially, my phones (all IP) would be completely segregated with no >>> access to the Internet or other networks. The sipx server would have a >>> connection on that network as they would obviously need to communicate >>> with the sipx server. >>> >>> Are there any issues with this config? Do the phones need any other >>> connectivity other than the sipx server, NTP for example? >>> >>> Thanks, >>> Steve >>> >>> _______________________________________________ >>> sipx-users mailing list >>> [email protected] >>> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >>> >> >> >> >> -- >> Michael Picher, Director of Technical Services >> eZuce, Inc. >> >> 300 Brickstone Square >> >> Suite 201 >> >> Andover, MA. 01810 >> O.978-296-1005 X2015 <978-296-1005%20X2015> >> M.207-956-0262 >> @mpicher <http://twitter.com/mpicher> >> www.ezuce.com >> >> >> ------------------------------------------------------------------------------------------------------------ >> Hope to see you at the sipX CoLab! http://www.sipfoundry.org/sipx-colab >> A gathering for - open source users, eZuce customers & eZuce partners >> Get the inside track on 4.6 and a glimpse at the future of sipXecs! >> >> >> >> _______________________________________________ >> sipx-users mailing [email protected] >> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> >> >> _______________________________________________ >> sipx-users mailing list >> [email protected] >> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > > > > -- > Michael Picher, Director of Technical Services > eZuce, Inc. > > 300 Brickstone Square > > Suite 201 > > Andover, MA. 01810 > O.978-296-1005 X2015 > M.207-956-0262 > @mpicher <http://twitter.com/mpicher> > www.ezuce.com > > > ------------------------------------------------------------------------------------------------------------ > Hope to see you at the sipX CoLab! http://www.sipfoundry.org/sipx-colab > A gathering for - open source users, eZuce customers & eZuce partners > Get the inside track on 4.6 and a glimpse at the future of sipXecs! > > > > _______________________________________________ > sipx-users mailing [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > -- Michael Picher, Director of Technical Services eZuce, Inc. 300 Brickstone Square**** Suite 201**** Andover, MA. 01810 O.978-296-1005 X2015 M.207-956-0262 @mpicher <http://twitter.com/mpicher> www.ezuce.com ------------------------------------------------------------------------------------------------------------ Hope to see you at the sipX CoLab! http://www.sipfoundry.org/sipx-colab A gathering for - open source users, eZuce customers & eZuce partners Get the inside track on 4.6 and a glimpse at the future of sipXecs!
<<logosmallwhite.jpg>>
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
