[asterisk-users] [NAT] SSH vs. OpenVPN?
Arthur Stanfield
aj at dmcip.com
Fri Feb 3 03:39:27 CST 2012
That's very interesting! Thank's for the correction Tzafrir!
-
Regards,
AJ Stanfield
t: 0161-850-4001
e: aj at dmcip.com
w: http://www.dmcip.com
----- Original Message -----
From: "Tzafrir Cohen" <tzafrir.cohen at xorcom.com>
To: asterisk-users at lists.digium.com
Sent: Thursday, 2 February, 2012 9:44:55 PM
Subject: Re: [asterisk-users] [NAT] SSH vs. OpenVPN?
On Tue, Jan 31, 2012 at 12:54:41PM +0000, Arthur Stanfield wrote:
> Hi Gilles,
>
> You can't tunnel UDP through SSH.
For the record: you can. But it's not really a good idea. Two options:
1. ssh -D: "dynamic" port forwarding. Which basically means that it
creates a socks4/socks5 proxy. You can now use e.g. sockify and connect
UDP-based programs over that connection.
2. ssh -w: create a tun device and create a tunnel on top of that (root
access of some sort is required).
That said, the ssh connection is TCP. The basic reasoning in
http://sites.inka.de/sites/bigred/devel/tcp-tcp.html applies to the VoIP
UDP payload as well.
Oh, and for the record, you can tunnel practically on top of anything.
Just in case you're not familiar with it: IP over DNS (which means you
don't even need direct access, and can use proxied DNS queries).
http://code.kryo.se/iodine/ I figure you won't get quality audio with
that, though.
-- Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
More information about the asterisk-users
mailing list