[asterisk-users] Suggestion for a new asterisk setup.
Colin Anderson
ColinA at landmarkmasterbuilder.com
Fri Jan 12 11:19:47 MST 2007
>I am not sure that the security guy for this network will allow me to put
up the asterisk box dual homed to the public IP and the LAN.
Your security guy needs to go back to school. If eth0 is on the LAN and eth1
is on the WAN, and the WAN connection is properly secured with only the
ports you need, and your SIP passwords arent 1234 or something that can be
guessed, what difference is there between this configuration and port
forwarding? The footprint you are exposing to the public internet is exactly
the same. The only thing that I can think of is for IDS, you may have a
firewall that does this. Optionally, one could run a "soft" firewall on the
WAN side that supports IDS if that is the issue. Otherwise, why not?
More information about the asterisk-users
mailing list