Also forgot to note, that most phones will register on port 5060. This
however behind a NAT wont work if you have more than 1 phone. You will
have to statically configure the port different on each port OR someone
phone will have a "random" port selection OR sometimes you can select
5061 and it will pick a random port. This will make it hard to do port
forwarding, but if your phone doesnt need port forwarding, in the case
of the BADASS SPA921's then your safe :-D
I've setup about 100 of these SPA921's and they work pretty darn good.
Chris Flugstad
Cascadelink
900 1st ave s, suite 201a
seattle, wa 98134
p: 206.774.3660 | f: 206.577.5066
[email protected]
Chris Flugstad wrote:
Some phones, such as the SPA921 will have a "keep alive" function or
NAT transversal. This will allow the phone to not disappear from
behind a firewall. So you could take the phone and stick it on any
192.XXX home network/office network and it will connect to a voip
server and not go missing after a short period of time.
This function will eliminate the need for port fowarding and firewall
rules. The only firewall rules I do use however are sending the SIP
phones out over a 2nd WAN connection. I do this via IP address and
don't worry about what ports they talk on. It keeps it simple.
Thats what I mean by badass. You can keep port forwarding and stuff
though if you want, but you know someone is gonna take that phone and
put it on some other network and get pissed that it doesnt work ;)
Chris Flugstad
Cascadelink
900 1st ave s, suite 201a
seattle, wa 98134
p: 206.774.3660 | f: 206.577.5066
[email protected]
Tortise wrote:
What is BADASS and what are you saying here?
It seems to be mixed messages and not consistent to me.
I'd like to understand what it is that you understand please.
Kind regards
David
----- Original Message -----
From: Chris Flugstad
To: [email protected]
Sent: Thursday, March 19, 2009 7:43 AM
Subject: Re: SV: [pfSense Support] sip nat
I use Linksys SPA 921 which do a BADASS job of going over NAT. They have a good "keep alive" function that keeps them nice and cozy
behind a nat. We use them for our hosted pbx product and havent had any problems.
Chris Flugstad
Cascadelink
900 1st ave s, suite 201a
seattle, wa 98134
p: 206.774.3660 | f: 206.577.5066
[email protected]
[email protected] wrote:
Hi Chris
Thanks for the quick response. I already tested it, and that solved my
problem.
But your probably also right when you say that it won't fix the actual
problem: SIP does not like NAT.
Keep up the good work...
Kind regards Anders
-----Oprindelig meddelelse-----
Fra: [email protected] [mailto:[email protected]] På vegne af Chris
Buechler
Sendt: 18. marts 2009 16:03
Til: [email protected]
Emne: Re: [pfSense Support] sip nat
Nearly always, rewriting source port on SIP breaks it so it's not done
by default. Enable AON and it will be.
On Wed, Mar 18, 2009 at 6:11 AM, <[email protected]> wrote:
Hi
I know this issue have been raised before, but I haven't really found a
satisfying answer, so here I go again...
My problem is related to sip-nat.
I'm running a network with approximately 2000 home users.
I have choosen pfsense back in the 1.0.1 days, and is still very satisfied
with it's performance and stability.
At the moment I have four machines running pfsense.
One working as router only (disabled the firewall under advanced). -
pfsense
v. 1.2
Two working as nat-routers for Internet-access. - pfsense v. 1.2
One working as a nat-router for Audiocodes MP124 sip boxes. - pfsense v.
1.0.1
When pfsense 1.2 came out, I upgraded every machine. But quickly I had to
roll the "sip-router" back to 1.0.1, since it
stopped rewriting the source port for the MP124 boxes.
My problem is that many costumers choose to set up there own sip-boxes on
the internet-connection, and therefore get connected with one of the
routers
thats running pfsense 1.2. And it just does not rewrite the source port,
and
as a result of that only one sip-box per provider gets connected. As soon
as
I throw them on another vlan, so they get connected to the machine running
pfsense 1.0.1, it rewrites the ports just fine, and I can have as many
boxes
from the same provider behind one single public ip.
Does anyone have an explanation to this behavior, or even better, a
solution!?
Kind regards
Anders Dahl
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
--------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For
additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
|
