[Asterisk-Users] Asterisk , ISA Firewall/VPN , STUN and other

Henry Ngai hngai at cox.net
Tue Sep 21 19:23:57 MST 2004


First, I assume that you will be running NAT at both locations, if that is not the case, then the configuration will change.

When you said VPN, are you using PPTP or IPSEC? Microsoft supports PPTP. In order to connect a PC over VPN to the office, which has a PPTP VPN Server, you will need to runs VPN software. After it is run, the PC obtains a new IP address from your office, If you are using soft phone on a Windows PC, you can communicate without any problem as the IP is now tunnelled via internet to the office from your PC. Please note that PPTP VPN can tunnel through NAT and should be allowed to tunnel through Firewall as well before soft phone can be used.

>From your description, I feel that IPSEC may be a better solution. IPSEC can route/merge two remote subnets together. If you are connecting two sites using IPSEC, you can start any service and a hardware SIP phone should be fine. Just make sure your DNS and gateway setups are correct. And your PC can see across the IPSEC tunnel without loading any VPN software.

Henry

--------------------------------------------------------------------------------------

From: Shawn Dillon [mailto:shawn at crsretailpro.com] 
Sent: Tuesday, September 21, 2004 2:39 PM
To: asterisk-users at lists.digium.com
Subject: [Asterisk-Users] Asterisk , ISA Firewall/VPN , STUN and other
issues



I have just finished compiling and installing Asterisk on a test Debian
system. All is working well. We are now attempting to get remote offices
to test the system I have installed both a SIP and an IAX client at a
remote office. Then I connect to our office via Microsoft ISA firewall
and the Windows XP VPN client. Neither of the softphones will connect.
On the IAX softphone I just get a ringtone , on the SIP client nothing.
The Debian machine has two NIC's , one with a static external IP and one
with an internal IP. Our remote offices are behind a mixture of
firewalls.

 

 

I have some questions with regards to our testing and setup.

 

1)       Is there a way to get the SIP/IAX client to work via the VPN?
This would be the easiest way.

2)       If not can I install a STUN server on the same machine as the *
server? Can it use the same internal and external IP's as the * server?

3)       Is there a hardphone that supports VPN that has been tested?

4)       What is the best hardphone to use with Asterisk?

 

 

Thanks for the input

Shawn Dillon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20040921/63abfeac/attachment.htm


More information about the asterisk-users mailing list