<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE id=ridTitle>Blank</TITLE>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<STYLE>BODY {
MARGIN-TOP: 25px; FONT-FAMILY: Arial, Helvetica; COLOR: #000000; MARGIN-LEFT: 25px; FONT-SIZE: 10pt
}
P.msoNormal {
MARGIN-TOP: 0px; FONT-FAMILY: Helvetica, "Times New Roman"; COLOR: #ffffcc; MARGIN-LEFT: 0px; FONT-SIZE: 10pt
}
LI.msoNormal {
MARGIN-TOP: 0px; FONT-FAMILY: Helvetica, "Times New Roman"; COLOR: #ffffcc; MARGIN-LEFT: 0px; FONT-SIZE: 10pt
}
</STYLE>
<META name=GENERATOR content="MSHTML 8.00.6001.18812"></HEAD>
<BODY id=ridBody background=cid:CEFD8FFE42024025BD162D39863D793D@kfife2
bgColor=#ffffff>
<DIV>I think one of the very best options is pfSense. Free Open-source,
but it's BSD based, rather than LINUX based. As such it has a lower risk
of external exploits. The user-interface makes it incredibly simple to set
up and maintain. There is an embedded versions of it available to run on
affordable/reliable solid-state, diskless, fanless Soekris/PCEngines embedded
system boards. </DIV>
<DIV> </DIV>
<DIV>It's incredibly powerful, and It's ROCK SOLID. I find the traffic
shaping engine to work without a hitch. PFSense can do anything you
want including VPN (PPTP, IPSec, OpenVPN), failover (Multi-WAN), IDS/IPS
(snort)</DIV>
<DIV> </DIV>
<DIV>The NEWEST embedded version 1.2.3 rc3 (1.2.3-release is very close) can run
the sipproxd package as well as many other packages that previously required the
FULL version. Goodbye one-way audio! :-)</DIV>
<DIV> </DIV>
<DIV>-Karl </DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV>----- Original Message ----- </DIV>
<BLOCKQUOTE
style="BORDER-LEFT: #000000 2px solid; PADDING-LEFT: 5px; PADDING-RIGHT: 0px; MARGIN-LEFT: 5px; MARGIN-RIGHT: 0px">
<DIV
style="FONT: 10pt arial; BACKGROUND: #e4e4e4; font-color: black"><B>From:</B>
<A title=david@slopecolorado.com href="mailto:david@slopecolorado.com">David
Wathen</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A
title=asterisk-users@lists.digium.com
href="mailto:asterisk-users@lists.digium.com">'Asterisk Users Mailing List -
Non-Commercial Discussion'</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Tuesday, October 13, 2009 11:04
AM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> [asterisk-users] Best Firewall
Suggestions?</DIV>
<DIV><BR></DIV>
<DIV>
<P><SPAN class=356485914-12102009>Hi,</SPAN></P>
<P><SPAN class=356485914-12102009>My customer has a outdated firewall that is
also presenting a NAT nightmare for getting the Asterisk server reachable from
the internet. <BR><BR></SPAN><SPAN class=356485914-12102009>What firewalls
work good with VOIP? I really want to steer away from any ALG supported
firewall. I just want a good firewall that works well with
Asterisk.</SPAN></P>
<P><SPAN class=356485914-12102009>Thanks,</SPAN></P>
<P class=MsoNormal align=left><SPAN><FONT color=#1167bf><FONT
face=Tahoma><SPAN class=578360418-09062009><SPAN><FONT color=#1167bf><FONT
color=#000000>David
Wathen</FONT></FONT></SPAN></SPAN></FONT></FONT></SPAN></P></DIV>
<P></P></BLOCKQUOTE></BODY></HTML>