[Asterisk-Users] VPN/Asterisk combo
Colin Anderson
ColinA at landmarkmasterbuilder.com
Tue Apr 19 12:05:18 MST 2005
> From the feature list, it looks like it doesn't support dynamic routes
>using OSPF or BGP, which is a big shame. Do you know of any plans to
>support this?
No that tripped me up too I had to put in static routes for my IPSec VPN's.
Brought up the VPN, could ping hosts in the remote LAN's, but anytime I
tried to do anything with TCP and UDP the firewall logs filled up with
"denied" entries. Went crazy adding rules to permit traffic to no effect.
Finally, added a static route and it started working perfectly. When you add
a rule, it seems to only affect traffic to the default outbound WAN
interface or DMZ interface. Because I didn't have a static route, it would
route packets intended for the VPN out the WAN interface, then the deny
rules would kick in. Adding a static route, it seems to shunt traffic out
the VPN bypassing the rules completely.
Otherwise, though, a great little package and with more functionality than
our commercial firewall with the exception of IDS. Haven't tried the WiFi
part of it, mostly because finding Prism based cards these days is really
really hard.
More information about the asterisk-users
mailing list