[ previous ] [ next ] [ threads ]
 
 From:  sai <sonicsai at gmail dot com>
 To:  Adrian Basescu <adrianeli at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] DMZ problem with Grandstream VoIP devices
 Date:  Mon, 4 Apr 2005 12:38:30 +0500 
you using Server NAT or 1:1 ?

On Apr 3, 2005 8:15 PM, Adrian Basescu <adrianeli at gmail dot com> wrote:
> Hello,
> I have the following problem with a m0n0wall DMZ and the effect is the
> same on all versions I have tried, from 1.1 to 1.2b7.
> 
> I have m0n0wall with 3 interfaces, WAN, LAN and DMZ(OPT1).
> 
> I have several Grandstream VoIP devices which I would like to  put all
> on the DMZ subnet.
> But I can put ONLY one, since any others do not authenticate to their
> SIP servers on the internet.
> 
> If I leave only one VoIP device on the DMZ, it works, but here is
> another weird problem. It cannot take NTP time from the Internet. Once
> I have configured it to take NTP time from a server on the LAN subnet,
> it is fine.
> 
> If I place the other VoIP devices on the LAN, they work fine and they
> authenticate OK to their SIP servers.
> 
> There are no log entries that show access denied to/from port 123
> (NTP) or to/from 5060 (SIP)
> or to/from the IP addresses of the VoIP devices.
> I see no reason why the DMZ subnet does not work the same way as the LAN subnet.
> 
> Thanks.
> --
> Adrian Basescu,
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>