[asterisk-users] Best Firewall Suggestions?
Myles Wakeham
myles at techsol.org
Tue Oct 13 22:06:11 CDT 2009
>> My customer has a outdated firewall that is also presenting a NAT
nightmare
> for getting the Asterisk server reachable from the internet.
>
> What firewalls work good with VOIP? I really want to steer away from
any ALG
> supported firewall. I just want a good firewall that works well with
> Asterisk.
We're running IPCop (Linux based, open source, 100% free), and its been
fantastic for us. www.ipcop.org
I spent weeks trialing many others. Even had Astaro send me out a trial
box to use. I think we short-listed this down to pfSense, SmoothWall,
Astaro and IPCop. Its been a while since we did this, so newer versions
might have different test results now, but (if I remember correctly):
1. pfSense - Solid, but was a bit picky on network adapters (we wanted
to use a Quad NIC for this). Also was a bit cryptic for setup, but
that's probably just us being too lazy to RTFM.
2. Shorewall - this worked out of the box, looked easy to setup, etc.
But when it came down to supporting multiple external WAN IP addresses
that we had, it fell short and was dismissed as an option. I believe
that their commercial version did support this, but had a hard time
trying to find who to buy the damn thing from.
3. Astaro - great company to work with. Really helpful, great tech
support, etc. Loving all of that. Not loving the $2K+ price tag for
what we needed. But then we are stingy and cheap. That's just us. If
you have commercial clients, and budget this looked really good.
4. IPCop - its free. Was a dream to install and setup. Support via
their mailing list was awesome. The people there didn't make us feel
like newbs when we had basic questions to ask. Feature set rivaled all
other products, and there is a pretty healthy add-on market for it. QoS
was decent, although there are add-ons for better QoS granularity.
We chose IPCop. Been running it with Asterisk and our other network
apps, servers, etc. for about 4 months straight. Never needed a reboot.
Never crashed. Low footprint, and runs on some old dog hardware we
had lying around.
Like I said, this review is about 6 months old, so things change.
That's our biz. Go figure.
Of course, your mileage may vary.
Myles
--
=======================
Myles Wakeham
Director of Engineering
Tech Solutions USA, Inc.
Scottsdale, Arizona USA
http://www.techsolusa.com
Phone +1-480-451-7440
More information about the asterisk-users
mailing list