If you think you will ever need failover using CARP, 1:1 NAT with virtual IPs is the way to go. A filtering bridge is nice, and yes, a bit easier, but you can't implement failover with it under pfSense. Either way you go, it's essentially the same procedure with regard to maintaining firewall rules. I can't speak to the Asterisk issue, but maybe someone else can chime in on that.
Ugo Bellavance wrote: > Hi, > > I'm about to have a few servers in the same half-rack in a > datacenter and I'm thinking about the best setup possible for that: > > - Filtering Bridge > - 1-to-1 NAT > - Other??? > > I'm especially affraid of Asterisk (SIP) behind a 1-to-1 NAT. I don't > know exactky what are the pros and cons of each. I guess a filtering > bridge is easier to install, and we configure the hosts behind with > public IP addresses and it is easier to forget a host unprotected... > > Any opinions on this? > > Regards, > > Ugo --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
