firewall/router and asteriskNow?

General discussions about AsteriskNOW.

Moderators: Moderator, Support

firewall/router and asteriskNow?

Postby johnea » Tue Nov 15, 2011 2:06 pm

Hello,

I'm in the process of spec'ing a router and soft PBX.

It seems if the same WAN connection will be used for data and SIP voice, that the router and SIP server must both reside in the same WAN facing hardware.

AsteriskNow seems like a good choice for small office web gui based PBX.

SmoothWall, pfsense, or DD-WRT seem like good choices for web gui based router functionality (NAT, port forwarding, QoS)

How can they be run together?

How do others overcome the issue of router web gui and PBX web gui both running in the same machine, sharing the WAN interface?

Thank You!
johnea
Newsterisk
 
Posts: 1
Joined: Tue Nov 15, 2011 1:55 pm

Re: firewall/router and asteriskNow?

Postby dalenoll » Thu Nov 17, 2011 6:17 am

They do not need to be run on the same machine and, in my opinion, probably shouldn't.

Firewalls that support NAT, most likely support two kinds of NAT, Source NAT (SNAT) and Destination NAT (DNAT)

Source NAT is what most people are familiar with when an outbound packet is altered to change the source IP to that of the Internet facing interface. This allow multiple internal users to share a single Internet connection.

Destination NAT works the opposite and changed the destination IP, and possibly port, to that of an address that in inside the firewall. Depending on the firewall vendor, they may calls this something port forwarding or something similar. You can define different ports on the Internet facing interface to forward, via DNAT, to different hosts on the internal network. For instance, packets on port 80 (htpp) go to the web server and packets on port 5060 (SIP) go to the Asterisk server.

I should also say that you probably will want some additional security between the Internet and the Asterisk server. It would not be a bad idea to investigate a Session Border Controller. Remember, a compromised VoIP server can lead to very large telephone bills.
My goal is not to catch you a fish and feed you for a day.
My goal is to teach you how to fish and feed you for a lifetime.
Since I hate fishing and love teaching, that works out pretty well.
dalenoll
Oldsterisk
 
Posts: 261
Joined: Tue Sep 20, 2011 11:12 am
Location: Milwaukee, Wisconsin, USA


Return to AsteriskNOW General

Who is online

Users browsing this forum: No registered users and 1 guest