<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1106" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>First, I assume that you will be running NAT at
both locations, if that is not the case, then the configuration will
change.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>When you said VPN, are you using PPTP or IPSEC?
Microsoft supports PPTP. In order to connect a PC over VPN to the office, which
has a PPTP VPN Server, you will need to runs VPN software. After it is run, the
PC obtains a new IP address from your office, If you are using soft phone on a
Windows PC, you can communicate without any problem as the IP is now tunnelled
via internet to the office from your PC. Please note that PPTP VPN can tunnel
through NAT and should be allowed to tunnel through Firewall as well before soft
phone can be used.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>From your description, I feel that IPSEC may be a
better solution. IPSEC can route/merge two remote subnets together. If
you are connecting two sites using IPSEC, you can start any service
and a hardware SIP phone should be fine. Just make sure your DNS and gateway
setups are correct. And your PC can see across the IPSEC tunnel without loading
any VPN software.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Henry</FONT></DIV>
<DIV><FONT face=Arial size=2><FONT face=Arial size=2></FONT></FONT> </DIV>
<DIV><FONT face=Arial size=2><FONT face=Arial
size=2>--------------------------------------------------------------------------------------</FONT></FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2><FONT face="Times New Roman" size=3>From: Shawn
Dillon [mailto:shawn@crsretailpro.com] <BR>Sent: Tuesday, September 21, 2004
2:39 PM<BR>To: </FONT><A href="mailto:asterisk-users@lists.digium.com"><FONT
face="Times New Roman"
size=3>asterisk-users@lists.digium.com</FONT></A><BR><FONT
face="Times New Roman" size=3>Subject: [Asterisk-Users] Asterisk , ISA
Firewall/VPN , STUN and other<BR>issues<BR><BR><BR><BR>I have just finished
compiling and installing Asterisk on a test Debian<BR>system. All is working
well. We are now attempting to get remote offices<BR>to test the system I have
installed both a SIP and an IAX client at a<BR>remote office. Then I connect to
our office via Microsoft ISA firewall<BR>and the Windows XP VPN client. Neither
of the softphones will connect.<BR>On the IAX softphone I just get a ringtone ,
on the SIP client nothing.<BR>The Debian machine has two NIC's , one with a
static external IP and one<BR>with an internal IP. Our remote offices are behind
a mixture of<BR>firewalls.<BR><BR> <BR><BR> <BR><BR>I have some
questions with regards to our testing and
setup.<BR><BR> <BR><BR>1) Is there a
way to get the SIP/IAX client to work via the VPN?<BR>This would be the easiest
way.<BR><BR>2) If not can I install a STUN
server on the same machine as the *<BR>server? Can it use the same internal and
external IP's as the * server?<BR><BR>3) Is
there a hardphone that supports VPN that has been
tested?<BR><BR>4) What is the best hardphone
to use with Asterisk?<BR><BR> <BR><BR> <BR><BR>Thanks for the
input<BR><BR>Shawn Dillon</FONT><BR></DIV></FONT></BODY></HTML>