Hello; I’m trying to setup an IP base PBX (asterisk). My understanding is that there are alot of problems when you have devices after a router using NAT. Would you recommend a sonicwall VPN at each end to avoid this problem?
I will try to describe my setup: Home (asterisk server) --------------Client house with IP phone (5 users; different locations)
Any feedback is appreciated.
VPNs are best if you have the money and expertise.
Sonicwall, Watchguard, and Fortinet are all good devices for site to site VPNs. If you are spending less that $350.00 for each end that is asking for trouble. Quality drops quickly. There are opensource options as well if you are so inclined.
You could look at running OpenVPN on an OpenWRT or DD-WRT firware based router. They give you much of the functionality of a Sonicwall, but you can run them on a garden variety boradcom linux router such as a Linksys WRT54Gl or a Netgear WNR3500L. Make sure you get an L router which supports third party firmware.
VPN is safest, but you may run into issues for TCP based VPNs when you encounter paket loss.
You can also port forward, however, it introduces a whole array of additional security issues with dial plans, account passwords, etc. That you have to get right otherwise, you will get hacked.
Sorry to confuse things, but have a go at the VPN and let us know how you go
I just wanted to add to the above.
Basically, what one looks for on a WiFi router to run an OpenWRT firmware is to make sure the router must have lots of RAM/Flash, i.e. 32/8MB, and to have at least one USB2 port. A Linksys WRT54GL only has 16/4MB RAM/Flash. If you can get it under $10, that is great. Otherwise, stay away from it and spend more $$ to get a better WiFi NAT/Firewall router, i.e. Asus RT-N16, etc. For me, I got me an old and discotinued Netgear WGT634U that comes with 32/8MB RAM/Flash + a USB2 port. it is used to host my Asterisk PBX system.
WRT54GL is 200MHz CPU w 8 ROM & 32 RAM
WNR3500L is 400MHz CPU w 16 ROM & 64 RAM + USB key.
WRT54GL is fine for single VPN enpoint. Definately something with a bit more grunt for the main box
BTW you can solder up an SD card reader to a WRT router if you are keen
Have a look here and it shows a Linksys WRT54GL only has 16/4MB RAM/Flash. OTOH, last week I just upgraded a WRT54GL with an OpenWRT and it ONLY had 16/4MB RAM/Flash.
Hmmmm. OK. Just checked… …I’m on drugs…or I need to be (Maybe hold a users poll to make suggestions which ones I should be on)
I am sure the units I have been deploying were 32Mb units. The ones I have sitting here are 4/16.
Still no complaints…yet.
One OpenVPN connect should be fine on these.