From owner-freebsd-net@FreeBSD.ORG Wed Sep 8 21:06:46 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6A70416A4CF for ; Wed, 8 Sep 2004 21:06:46 +0000 (GMT) Received: from out002.email.savvis.net (out002.apptix.savvis.net [216.91.32.45]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1DF7543D2D for ; Wed, 8 Sep 2004 21:06:46 +0000 (GMT) (envelope-from Maksim.Yevmenkin@savvis.net) Received: from s228130hz1ew03.apptix-01.savvis.net ([10.146.4.28]) by out002.email.savvis.net with Microsoft SMTPSVC(6.0.3790.0); Wed, 8 Sep 2004 16:06:45 -0500 Received: from [10.254.186.111] ([66.35.239.94]) by s228130hz1ew03.apptix-01.savvis.net with Microsoft SMTPSVC(6.0.3790.0); Wed, 8 Sep 2004 16:06:45 -0500 Message-ID: <413F745F.3020306@savvis.net> Date: Wed, 08 Sep 2004 14:06:39 -0700 From: Maksim Yevmenkin User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20040822 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Forrest Aldrich References: <413F6BBE.1050202@forrie.com> In-Reply-To: <413F6BBE.1050202@forrie.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 08 Sep 2004 21:06:45.0442 (UTC) FILETIME=[BF675220:01C495E7] cc: freebsd-net@freebsd.org Subject: Re: VoIP and IPFW X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Sep 2004 21:06:46 -0000 Hello, > I'm considering testing the Vonage service, with my FreeBSD-4.10 > system (maybe 5 or 6). I wonder if anyone here has a configuration > they can share, or if there are any pages out there that detail the > proper (and secure) setup. i'm using lingo (www.lingo.com) - very similar to vonage. i use freebsd 4.10 as my firewall/nat/wireless access point/etc. the lingo box in behind freebsd box. it gets its ip (local) via dhcp and then talks to the lingo servers (via nat). it seems both providers are using sip, so i did not have to open anything on my nat/firewall, because the lingo box initiates the connection from the inside. if you block outgoing connecions from your lan then you will need to open a few ports. one thing i noticed about the lingo box is that it gets very upset (locks up) when it sees a lot of traffic not destined for it. i used to have hub behind freebsd and i had problems. i replaced hub with switch and now lingo box is very stable. i *do not* recommend to put lingo/vonage box in front of your firewall/router/etc. at least the lingo box is *very* open. i do not know about vonage box, but i suspect its the same class of hardware. i know manual suggests that you'd better put the box in front because it will do quality-of-service thing, but it does not make any difference (imo). i use this mostly for international calls. the quality is very good compare to regular voice. thanks, max