[ previous ] [ next ] [ threads ]
 From:  "Chris Bagnall" <m0n0wall at minotaur dot cc>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Asterisk & m0n0wall
 Date:  Wed, 1 Jun 2005 16:26:26 +0100
> > All go right, my PBX is in my LAN and all softphones are in my LAN.
> > Now I want to setup a public ip address and move the PBX outside my 
> > LAN
> > Internet <-> ADSL modem <-+-> m0n0wall <-> LAN
> >                           |
> >                          PBX

Is there a good reason why your PBX needs to be outside your LAN? My
experience (I've done a few Asterisk + m0n0 deployments at clients' sites)
has been that it's best to have the Asterisk + SIP phones on the same
network segment, then port forward or 1:1 NAT (if your ISP has given you
multiple public IPs) to allow SIP/IAX traffic into your Asterisk server.

That way you can avoid any messy NAT traversal on the phones, which gives
you a) less configuration work to do with each phone, b) gives you a wider
range of SIP devices to work with, and c) means you can set up a TFTP server
on the Asterisk server to dish out config files to all your phones
automatically if supported by the phones.

> Unfortunately, just to 
> keep you on your toes, telephone manufacturers differ 
> greately in how you configure them to also be NAT aware. I 
> can personally recommend any phone made by Snom for ease of 
> use. Polycom and Cisco take about 10 hours of set up to get 
> right the first time.

If you really do want phones that'll do NAT traversal, I can add a
recommendation for the Grandstream and Sipura phones here.

In an ideal world, I'd recommend using SIP internally, then IAX externally
to interconnect with other Asterisk servers at different sites, and for
integration with IP->PSTN gateways.


C.M. Bagnall, Director, Minotaur I.T. Limited
Tel: (07010) 710715   Mobile: (07811) 332969   Skype: minotaur-uk
ICQ: 13350579   AIM: MinotaurUK   MSN: msn at minotaur dot cc   Y!: Minotaur_Chris
This email is made from 100% recycled electrons