Oh. And the srv for xmpp if you are supporting remote users or enabling
xmpp federation.
On Jun 18, 2012 7:17 AM, "Tony Graziano" <[email protected]>
wrote:

> Sipxconfig if you need access remotely. Port 5080 if using trunking. Port
> 5060 and srv if supporting remote users. So "a" records if using web GUI.
> Srv if supporting remote users. Make sure you rate limit port 5060 in the
> firewall and consider adding pfblocker package too.
> On Jun 17, 2012 7:02 PM, "Kurt Albershardt" <[email protected]> wrote:
>
>> Thanks - I think we're on the same page here.  There's an authoritative
>> external NS which for the main (domain.com) zone, but the pfSense box
>> handles internal users (split horizon.)
>>
>> How much of the sipx-managed zone do I want to expose to the outside
>> world?
>>
>>
>> On Jun 17, 2012, at 13:10 , Tony Graziano wrote:
>>
>> (this is also a way of saying pfsense cannot handle the record type sipx
>> needs, it needs a real dns server to be authoritative for it, not just an A
>> record)
>>
>> On Sun, Jun 17, 2012 at 3:09 PM, Tony Graziano <
>> [email protected]> wrote:
>>
>>> Not exactly a straight answer... Pfsense can hand out the dhcp options
>>> the same as sipx. I would consider DNS forwarding to the sup domain and do
>>> this quite regularly. This way sipx is responsible only for its sip domain
>>> /DNS.
>>>
>>> How I do it -- I typically deploy sipx as a subdomain and keep things
>>> tidy like that. I point pfsense to sipx for the subdomain and point sipx
>>> back to pfsense as it forward server if there are other domains/hosts
>>> internally it needs to know about otherwise I just use public forwarders
>>> and keep sipx oblivious to the inside stuff.
>>> On Jun 17, 2012 12:16 PM, "Kurt Albershardt" <[email protected]> wrote:
>>>
>>>> About to start testing 4.6 for deployment later this year.  It will
>>>> live behind a pfSense firewall which currently manages DHCP and local DNS
>>>> for all internal hosts.  My inclination would be to delegate
>>>> sipx.domain.com to the new box and allow it to run DHCP for all
>>>> voice-related devices, but continue to manage the other hosts via DHCP and
>>>> DNS on pfSense.
>>>>
>>>> Any reason to make the sipx machine(s) authoritative for the entire
>>>> domain, and manage the non-voice parts there as well?
>>>>
>>>> thanks~
>>>>
>>>
>>
>> _______________________________________________
>> sipx-users mailing list
>> [email protected]
>> List Archive: http://list.sipfoundry.org/archive/sipx-users/
>>
>

-- 
LAN/Telephony/Security and Control Systems Helpdesk:
Telephone: 434.984.8426
sip: [email protected]

Helpdesk Customers: http://myhelp.myitdepartment.net
Blog: http://blog.myitdepartment.net
_______________________________________________
sipx-users mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-users/

Reply via email to