Date: Wed, 08 Sep 2004 17:28:27 -0400 From: "Michael C. Cambria" <mcc@fid4.com> To: Forrest Aldrich <forrie@forrie.com> Cc: freebsd-net@freebsd.org Subject: Re: VoIP and IPFW Message-ID: <413F797B.8010009@fid4.com> In-Reply-To: <413F705B.40602@forrie.com> References: <413F6BBE.1050202@forrie.com> <413F704A.9040705@fid4.com> <413F705B.40602@forrie.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Forrest Aldrich wrote: > Just going to use one VoIP phone, and it is a NAT firewall, so the phone > would technically be behind that. I don't use Vonage, but I do use FWD and iptel.org from FreeBSD, RH90 and XP systems behind my FreeBSD 4.10-Stable router running ipfw/natd. So the setup is similar. FWD's "netcheck" claims that my ipfw/natd setup is a port restricted cone NAT, but me thinks its confused. ipfw/natd behaves as symmetric NAT (someone please correct me if I'm wrong.) As a result, I use the 'relay" that FWD provides. Vonage will need to provide a similar device for your use. Inquire about this type of support before signing up. Using the relay helps in one respect. You only need one pair of rules in ipfw to allow RTP traffic to pass. With this rule, everything just worked. You can check out the configuration pages on www.freeworlddialup.com for more information. I suggest you start with FWD first, get that working, then move on to Vonage. Running ipfw/natd "open" initially will help as well. Another solution, if you don't use a relay, would be port forwarding, but this becomes problematic with the more phones you have. I also have started to run SER (see ports) with nathelper + rtpproxy on the ipfw/natd system. I prefer this solution. All my users can talk to each other via the private LAN(s), but still call out to the 'net (including iptel & FWD users) as well as receive calls. I'm still plugging away with this, so I haven't tested things beyond basic calls (e.g. conference) yet. Regards, MikeC
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?413F797B.8010009>