[ previous ] [ next ] [ threads ]
 
 From:  Lonnie Abelbeck <abelbeck at abelbeck dot com>
 To:  m0n0wall List <m0n0wall at lists dot m0n0 dot ch>
 Cc:  Aaron <lists at mycommunitynet dot net>
 Subject:  Re: [m0n0wall] M0n0, VPN & VoIP
 Date:  Mon, 18 Dec 2006 12:01:46 -0600
Aaron,

I have a setup with Soekris net4801's, two at each location, one  
running m0n0wall and the other running AstLinux, at each end.  Works  
great, but I don't use IPSec, just PPTP for setup/config.

I run SIP in AstLinux with SIP IP phones (SPA-942's) and SIP VoIP  
providers.  I put the AstLinux net4801 in the DMZ (opt1) of the  
m0n0wall net4801 with a 1:1 NAT using a second static IP address.   
You should be able to get things working with a single static IP and  
everything in the LAN as well.

I would try to keep the VoIP out of the IPSec if you can, but it  
should work OK of you can't.

I assume you want to share printers and fileservers over the IPsec  
VPN... prepare yourself for possible problems with sharing such  
things on different subnets.  (For example, color laser printers,   
the HP 2600n will not work across subnets, but the HP 2605dn will if  
you configure it correctly.)

Good, luck...

Lonnie


On Dec 18, 2006, at 11:31 AM, Aaron wrote:

> Hello all.
>
> I have used m0n0wall in basic setupsfor a few years. Currently I am  
> trying to help a non-profit with their move into an office. VoIP is  
> an important thing. They will have static IP's at both locations  
> and my hope is that I can have an asterisk server at both locations  
> and send calls between the "offices".
>
> At their home office, I setup m0n0 and it's been working fine for a  
> year or two. I'd like to setup the same in their new office and  
> have an IPsec VPN between the 2 networks so that they could  
> continue to use network services at both locations - this includes  
> VoIP. I'm not sure how stable and how well this would work for  
> this. I'd assume it would work great, but real experiences would be  
> appreciated. I've not ever setup an ipsec vpn yet.
>
> So, if someone would be willing to tell me if I am on the right  
> track, Id love to know.
>
> Thanks!
> Aaron
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>