[Asterisk-Users] Asterisk , ISA Firewall/VPN , STUN and other issues

Chad Brown chad.brown at identitymine.com
Tue Sep 21 19:18:20 MST 2004


Shawn,

 

I am running ISA 2004. As you know this firewall is not SIP aware. I've
spoken with MS LCS devs and they don't know of any SIP filters on the
horizon. As far as IAX... not sure why you would be having problems.

 

In our environment we have an ISA 2004 firewall at the central office
and several remote offices with a site-to-site VPN nailed up using one
of the Linksys VPN routers. There is an article on isaserver.org for
establishing a site-to-site using IPSEC tunneling a new feature of ISA
2004. This works extremely well!

 

SIP traffic is routed around ISA using a product by INGATE called the
SIPARATOR. This helps us with inbound SIP calls and in/out bound calls
to broadvox.net who provides PSTN gateway functionality.

 

As far as clients....

 

The cisco 7960 is the only way to go in my mind. Once you get the
infrastructure setup to support them they are solid! As far as
softphones...we use XTEN and try to use messenger. Both solutions work
via site-to-site VPN or dial-up VPN using the standard PPTP. The latest
version of XTEN seems to work the best.

 

I would love to jump on the IAX bandwagon but have several partners to
work with. I this case I must choose SIP.

 

Thanks,

 

Chad Brown - IdentityMine

 

________________________________

From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Shawn
Dillon
Sent: Tuesday, September 21, 2004 2:39 PM
To: asterisk-users at lists.digium.com
Subject: [Asterisk-Users] Asterisk , ISA Firewall/VPN , STUN and other
issues

 

I have just finished compiling and installing Asterisk on a test Debian
system. All is working well. We are now attempting to get remote offices
to test the system I have installed both a SIP and an IAX client at a
remote office. Then I connect to our office via Microsoft ISA firewall
and the Windows XP VPN client. Neither of the softphones will connect.
On the IAX softphone I just get a ringtone , on the SIP client nothing.
The Debian machine has two NIC's , one with a static external IP and one
with an internal IP. Our remote offices are behind a mixture of
firewalls.

 

 

I have some questions with regards to our testing and setup.

 

1)       Is there a way to get the SIP/IAX client to work via the VPN?
This would be the easiest way.

2)       If not can I install a STUN server on the same machine as the *
server? Can it use the same internal and external IP's as the * server?

3)       Is there a hardphone that supports VPN that has been tested?

4)       What is the best hardphone to use with Asterisk?

 

 

Thanks for the input

Shawn Dillon

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20040921/69189ec7/attachment.htm


More information about the asterisk-users mailing list