[Asterisk-Users] VOIP security on an IAX connection.
Theodoros Georgiou
tgeorgiou at vc-net.net
Thu Nov 18 10:27:03 MST 2004
Use iptables to secure your * box and allow traffic only from known
servers/hosts. I would say that step one. When you do that then you can
use a VPN to make sniffing more difficult.
What link do you have between the offices? Is it public internet ?
Theo
Gregory Junker wrote:
> IPSec, especially with PFS, should be all you need.
>
> The 2.6 kernel comes with IPSec as part of the kernel, and suites such
> as OpenSWAN make it quite simple to set up secured links between two
> endpoints. Given that OpenSWAN is free, I don't see how it gets much
> more affordable. ;)
>
> Keep in mind that all IPSec does is encrypt the link. It does not do
> routing, it does not provide DHCP address, etc. L2TPD (for Windows
> clients) and other protocols do that through the encrypted tunnel.
>
> Look at the OpenSWAN site for more details:
>
> http://www.openswan.org
>
> Greg
>
> lucas at eyeonsystems.com wrote:
>
>> Gentlemen and ladies of the Asterisk community.
>>
>> I am considering implementing asterisk based IAX solution for a business
>> that handles a lot of sensitive data. Internal security will be no
>> worse than before as they plan on connecting to their current PBX to
>> handle switching. The asterisk boxes will just handle their trunks
>> between the offices. Other than VPN with a few levels of encryption on
>> the VPN any ideas on other good and affordable ways to implement
>> security on the IAX links?
>>
>> Thanks.
>> lucas at eyeonsystems.com
>> _______________________________________________
>> Asterisk-Users mailing list
>> Asterisk-Users at lists.digium.com
>> http://lists.digium.com/mailman/listinfo/asterisk-users
>> To UNSUBSCRIBE or update options visit:
>> http://lists.digium.com/mailman/listinfo/asterisk-users
>>
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
More information about the asterisk-users
mailing list