Oh. And the srv for xmpp if you are supporting remote users or enabling xmpp federation. On Jun 18, 2012 7:17 AM, "Tony Graziano" <[email protected]> wrote:
> Sipxconfig if you need access remotely. Port 5080 if using trunking. Port > 5060 and srv if supporting remote users. So "a" records if using web GUI. > Srv if supporting remote users. Make sure you rate limit port 5060 in the > firewall and consider adding pfblocker package too. > On Jun 17, 2012 7:02 PM, "Kurt Albershardt" <[email protected]> wrote: > >> Thanks - I think we're on the same page here. There's an authoritative >> external NS which for the main (domain.com) zone, but the pfSense box >> handles internal users (split horizon.) >> >> How much of the sipx-managed zone do I want to expose to the outside >> world? >> >> >> On Jun 17, 2012, at 13:10 , Tony Graziano wrote: >> >> (this is also a way of saying pfsense cannot handle the record type sipx >> needs, it needs a real dns server to be authoritative for it, not just an A >> record) >> >> On Sun, Jun 17, 2012 at 3:09 PM, Tony Graziano < >> [email protected]> wrote: >> >>> Not exactly a straight answer... Pfsense can hand out the dhcp options >>> the same as sipx. I would consider DNS forwarding to the sup domain and do >>> this quite regularly. This way sipx is responsible only for its sip domain >>> /DNS. >>> >>> How I do it -- I typically deploy sipx as a subdomain and keep things >>> tidy like that. I point pfsense to sipx for the subdomain and point sipx >>> back to pfsense as it forward server if there are other domains/hosts >>> internally it needs to know about otherwise I just use public forwarders >>> and keep sipx oblivious to the inside stuff. >>> On Jun 17, 2012 12:16 PM, "Kurt Albershardt" <[email protected]> wrote: >>> >>>> About to start testing 4.6 for deployment later this year. It will >>>> live behind a pfSense firewall which currently manages DHCP and local DNS >>>> for all internal hosts. My inclination would be to delegate >>>> sipx.domain.com to the new box and allow it to run DHCP for all >>>> voice-related devices, but continue to manage the other hosts via DHCP and >>>> DNS on pfSense. >>>> >>>> Any reason to make the sipx machine(s) authoritative for the entire >>>> domain, and manage the non-voice parts there as well? >>>> >>>> thanks~ >>>> >>> >> >> _______________________________________________ >> sipx-users mailing list >> [email protected] >> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > -- LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 sip: [email protected] Helpdesk Customers: http://myhelp.myitdepartment.net Blog: http://blog.myitdepartment.net
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
