[asterisk-users] Which internet phone protocol best to, choose
Bill Michaelson
bill at cosi.com
Sat Sep 13 06:58:50 CDT 2008
From: Tzafrir Cohen <tzafrir.cohen at xorcom.com>
> Subject: Re: [asterisk-users] Which internet phone protocol best to
> choose
>
> On Fri, Sep 12, 2008 at 09:14:40PM -0400, Steve Totaro wrote:
>
> > I think the most notably missing solution is OpenVPN and SIP.
> >
> > One port for the tunnel, encrypted traffic, benefits of IAX as far as
> > firewalls and hostile governments (BTW, IAX2 is not as obscure as it
> > once was, therefore, the hostile government argument is not as
> > anywhere as strong as a VPN).
> >
> > Since you will be running SIP over the VPN, you get the
> > interoperability that SIP provides.
> >
> > I am sure you could pretty quickly find someone to offer you the
> > gateway side of the VPN for a small charge, or a virtual hosted server
> > should do fine. I have not looked but there may be some VoIP
> > providers that offer or would accommodate OpenVPN tunnels.
>
> How does Asterisk live with the extra network interface used for the
> tunnel?
> (Specifically with SIP)
>
Tzafrir - I'm not exactly sure what you are asking - I have had issues
with how SIP calls are presented on different subnets which were a side
effect of using multiple ethernets (for example, on an asterisk box with
a wireless card running in AP mode providing SIP access).
But in my experience, openvpn presents no issues per se. Most of my
asterisk boxes have multiple ethernets, and in the case of openvpn, the
additional tap (I tunnel layer 2) interface(s) are simply that many
more. In fact, I typically run two instances of openvpn for each
virtual subnet server so that clients have a choice of connecting via
UDP and TCP. But they are usually bridged with a physical interface and
share the IP, so maybe that simplifies matters.
Steve implied that his configuration might separate the openvpn onto a
separate box, but I have run client side on the same box as asterisk and
SIP'ed in with Polycom phones via a subnet that was running the openvpn
client on one node. I have another box that runs openvpn in server mode
alongside asterisk, and it currently provides connections to two
Polycom's on a subnet that is bridged (brctl) via a separate box running
openvpn client. I have also run openvpn client on Windows XP over
Verizon EVDO and bridged it to the physical ethernet on the notebook,
then attached it via crossover ethernet cable to a Polycom phone. No
SIP problems - it just works.
I like the combination, and I think Steve has suggested a very workable
and versatile alternative in this Coke vs. Pepsi thread. And the
encryption is gravy.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3234 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20080913/80cad45f/attachment.bin
More information about the asterisk-users
mailing list