09-14-2020 06:17 PM
Has anyone tried the above setup? So basically what we are trying to do is to get the cube router(SIP Trunk) to connect to firewall first then PABX. My concern is that the signalling i.p. on the cube is the pabx i.p. and if we will route the cube to go through the firewall first, the cube will not be able to see it because the interface of the FW has a different i.p. Any thoughts?
09-14-2020 10:37 PM - edited 09-15-2020 08:49 AM
As long as you have communication on IP level it would work. It’s after all SIP is a layer 3 protocol, so what you have on layers 1 and 2 is not of direct importance. Obviously you need to allow the traffic to pass through your FW.
09-14-2020 11:38 PM
you need to do some sort of nating if you terminate on the firewall.
09-15-2020 08:46 AM
I would argue that you should if possible avoid NAT if you don’t have to use it as it complicates things so much for SIP traffic.
09-15-2020 08:08 AM
The key point is whether your firewall will be doing any NAT. If not then it should be quite easy, make sure the routes are in place and make sure that firewall rules permit the required traffic. Are you looking to do anything fancy like only open the firewall for the RTP ports actually in use on a given call, or are you OK with permitting anything between the relevant host addresses?
Another point of concern would be if your PBX routes media directly to the extensions. If that's the case then your firewall will need to permit traffic between CUBE and the extensions, not just to the PBX.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide