[Asterisk-Users] OT: SIP aware firewalls?
Eric "ManxPower" Wieling
eric at fnords.org
Sun Jan 8 08:49:37 MST 2006
Michael Graves wrote:
> Surely there's something more to the truly SIP-aware device, such as
> the Ingate IX66, that merits their use in some specific circumstances?
>
> I know that I can stay with m0n0. The question still stands; are there
> circumstances when something more is required? Would something be
> gained by such a migration.
Back when SIP was a fairly new protocol and NOTHING had any kind of
workaround for running SIP with NAT, then you had to have a SIP aware
firewall/NAT box to do it.
These days with almost all SIP devices and most SIP servers supporting
workarounds for doing it, a SIP aware firewall seldom needed.
Some of the SIP endpoints that connect to my servers are behind SIP
aware routers (Cisco), but I disable that feature. Why? Because I
don't want one configuration for some clients and another configuration
for other clients. I also disable any special SIP/NAT features of the
SIP clients that connect to my servers (except for MAYBE NAT Keepalive)
for the same reasons. VoIP and telecom is complicated enough. I don't
want to make things even more complicated.
More information about the asterisk-users
mailing list