[ previous ] [ next ] [ threads ]
 
 From:  Adrian Basescu <adrianeli at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Fwd: [m0n0wall] DMZ problem with Grandstream VoIP devices
 Date:  Mon, 4 Apr 2005 11:41:01 -0400
I am not mapping any ports to the outside, the devices are just clients,
the WAN connection is PPPoE, so the LAN and DMZ are NATed
automatically behind my single internet  IP.

On Apr 4, 2005 3:38 AM, sai <sonicsai at gmail dot com> wrote:
> you using Server NAT or 1:1 ?
>
> On Apr 3, 2005 8:15 PM, Adrian Basescu <adrianeli at gmail dot com> wrote:
> > Hello,
> > I have the following problem with a m0n0wall DMZ and the effect is the
> > same on all versions I have tried, from 1.1 to 1.2b7.
> >
> > I have m0n0wall with 3 interfaces, WAN, LAN and DMZ(OPT1).
> >
> > I have several Grandstream VoIP devices which I would like to  put all
> > on the DMZ subnet.
> > But I can put ONLY one, since any others do not authenticate to their
> > SIP servers on the internet.
> >
> > If I leave only one VoIP device on the DMZ, it works, but here is
> > another weird problem. It cannot take NTP time from the Internet. Once
> > I have configured it to take NTP time from a server on the LAN subnet,
> > it is fine.
> >
> > If I place the other VoIP devices on the LAN, they work fine and they
> > authenticate OK to their SIP servers.
> >
> > There are no log entries that show access denied to/from port 123
> > (NTP) or to/from 5060 (SIP)
> > or to/from the IP addresses of the VoIP devices.
> > I see no reason why the DMZ subnet does not work the same way as the LAN subnet.
> >
> > Thanks.
> > --
> > Adrian Basescu,
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
>


-- 
Adrian