[ previous ] [ next ] [ threads ]
 From:  krt <kkrrtt at gmail dot com>
 To:  Aaron <lists at mycommunitynet dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] M0n0, VPN & VoIP
 Date:  Mon, 18 Dec 2006 09:40:43 -0800
I think that you're on the right track.  For Asterisk, I'd do this
utilizing IAX, as it's -much- easier to classify the traffic.  IAX
uses a single nailed up session on the same port, every time (unless a
custom port is used).  This is opposed to SIP, which uses an expected
port for call establishment, but the actual call happens on a random
UDP port that is exchanged across the control channel.

As for IPSEC, yes, do it.  You don't need to do anything special to
accomodate SIP or IAX with IPSEC - it's just regular TCP and UDP
traffic in IPSEC's eyes.

On 12/18/06, Aaron <lists at mycommunitynet dot net> wrote:
> Hello all.
> I have used m0n0wall in basic setupsfor a few years. Currently I am
> trying to help a non-profit with their move into an office. VoIP is
> an important thing. They will have static IP's at both locations and
> my hope is that I can have an asterisk server at both locations and
> send calls between the "offices".
> At their home office, I setup m0n0 and it's been working fine for a
> year or two. I'd like to setup the same in their new office and have
> an IPsec VPN between the 2 networks so that they could continue to
> use network services at both locations - this includes VoIP. I'm not
> sure how stable and how well this would work for this. I'd assume it
> would work great, but real experiences would be appreciated. I've not
> ever setup an ipsec vpn yet.
> So, if someone would be willing to tell me if I am on the right
> track, Id love to know.
> Thanks!
> Aaron
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch