[Asterisk-Users] [new user] VPN or NAT? (and a FAQ)

Steven Critchfield critch at basesys.com
Mon May 26 14:41:46 MST 2003 

Well welcome to the group. Since Tennessee is a wide state, and Texas is
generally huge, it makes it difficult to guess where you are. If you are
close to Nashville, you are welcome to give me a yell and come by my
office where we have been using asterisk for more than a year as our
production pbx. Within a week or so our office will be using IAX to
bring in our phone lines from our colo service(Makes it wonderfull to
think if we move the office, we only need to move a T1 of data service)

Steven

On Mon, 2003-05-26 at 15:18, Rob McGee wrote:
> I live in Tennessee, USA, and work 1000km away in Texas. Thanks to the 
> wonders of broadband I never leave home (well, not for WORK, that is. 
> :) I'm setting up an Asterisk system whereby I'll have an extension in 
> Texas, so clients can reach me at a local telephone number.
> 
> We have a VPN set up already (OpenVPN, which I highly recommend to 
> anyone needing such a thing.) It does encryption. While the throughput 
> is slightly less than a direct route, it's still pretty responsive. (I 
> never did any benchmarking beyond a simple comparison of ping times and 
> a few scp's.) Each side has a dedicated firewall/gateway router (one of 
> which, a 386, is definitely NOT suited for service as a * server) and a 
> separate VPN gateway behind the firewall. I'm thinking that the VPN 
> servers will become the * servers.
> 
> >From reading this list and the * docs, it sounds like NAT could be made 
> to work. But if I use the VPN I don't need to mess with NAT, and the 
> connection security is already assured.
> 
> So, what would you recommend, VPN or NAT?
> 
> Now for the FAQ: minimum CPU requirements:
> 
> Another option would be to decommission my 386 router. I have a P166 
> (128MB RAM) standing by which could assume the role of firewall / 
> gateway. I could put * on both routers, using neither VPN nor NAT.
> 
> Would a P166 be adequate to play the role of * server? Its other tasks 
> aren't very CPU-intensive in general. I might be able to upgrade that 
> one to a P200MMX.
> 
> I want to run 1-2 extensions at the most, with a 1-port TDM400P 
> (TDM10B?) card, on the end with the P166. Bandwidth is supplied by 
> cable modems on both ends, 256KB/s upstream.
> 
> I've been looking through the docs and the list archives (better search 
> features would be nice :) and this question comes up a lot, but no 
> definitive answer is provided, that I have found anyway. I do 
> understand that the answer is relative to the anticipated load. Could 
> this be added to the FAQ, please?
-- 
Steven Critchfield <critch at basesys.com>

More information about the asterisk-users mailing list