Implement a VoIP outside of our LAN

We have an Asterisk 1.6 configured and working. SIP as the authentication, and no major modification… Our users use Aastra 6757i phones as phone hardware. There is firewall setup in our network and NATted.

We are interested in implementing a VoIP for our external employees (remote). How can I go about this? I research and we can either do HTTP or VPN (any other)? Since we are using SIP, can we use IAX2 for remote users, or using both will not work?

What’s the best way of going about connecting our remote users? If possible, we want to be able to shipp the remote users our Aastra 6757i, and with a simple authentication (username and password)… they will be able to make internal and external using our VoIP. I know it offers a lot of security risk… but I did find a lot of websites on how to tie down our Asterisk for SIP. However, any help would be very helpful to me.

Thanks,
K

I think that the best way is to use a VPN. So every remote user would have to have a secure VPN connection through which it would access your IP PBX server.

The second way would be to open the SIP and RTP ports on your NAT router that is in front of your Asterisk server. This is a much less secure option - if you want to go down that road, take your time and maximize your server security.

Thank you dejanst!

My company has VPN, SonicWall, installed. I’m researching now, if there is a way for SonicWall to create a VPN for SIP and UDP for Asterisk.

SIP normally uses UDP.

Any good VPN should be invisible to its users.