[Asterisk-Users] IAX and Firewall

Piotr A. Sygula psygula at net-shapers.com
Fri Nov 18 14:51:34 MST 2005


Chances are, * is the one registering with the provider, not the other way
around - if that's true, then all it means is that your firewall is letting
your * box out (egress) on the IAX2 port.  You still need to let teliax
connect to you (ingress) on the IAX2 port, so yes you need to open that port
inbound from the internet on your firewall.

Best practice would dictate that you only allow IAX2 traffic from the teliax
servers explicitly.  That would require you to get the ip addresses of their
server(s) and open the port only for said addresses.


**
***
****
Peter A. Sygula
President/Chief Security Officer - NetShapers, Inc.
< http://www.net-shapers.com  >

-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Joseph
Sent: Friday, November 18, 2005 3:46 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: RE: [Asterisk-Users] IAX and Firewall

On Fri, 2005-11-18 at 15:27 -0600, Piotr A. Sygula wrote:
> Unless your firewall is integrated with *, which I sincerely doubt, yes
you
> will need to open the right port on your firewall.  Make sure that you set
> up your NAT and/or pinhole [if applicable] to point to your * box.

No, my firewall is a separate box and asterisk is showing registration
with provider so I don't think I need any ports open.
How to trouble shoot?

-- 
#Joseph
_______________________________________________
--Bandwidth and Colocation sponsored by Easynews.com --

Asterisk-Users mailing list
Asterisk-Users at lists.digium.com
http://lists.digium.com/mailman/listinfo/asterisk-users
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users




More information about the asterisk-users mailing list