Newb help please

mamut0o1 · July 29, 2010, 8:05pm

Hello; I’m trying to setup an IP base PBX (asterisk). My understanding is that there are alot of problems when you have devices after a router using NAT. Would you recommend a sonicwall VPN at each end to avoid this problem?
I will try to describe my setup: Home (asterisk server) --------------Client house with IP phone (5 users; different locations)
Any feedback is appreciated.

thank you
Mm

ffenton01 · July 30, 2010, 4:06am

VPNs are best if you have the money and expertise.

Sonicwall, Watchguard, and Fortinet are all good devices for site to site VPNs. If you are spending less that $350.00 for each end that is asking for trouble. Quality drops quickly. There are opensource options as well if you are so inclined.

MrFidget · August 1, 2010, 8:50pm

You could look at running OpenVPN on an OpenWRT or DD-WRT firware based router. They give you much of the functionality of a Sonicwall, but you can run them on a garden variety boradcom linux router such as a Linksys WRT54Gl or a Netgear WNR3500L. Make sure you get an L router which supports third party firmware.

VPN is safest, but you may run into issues for TCP based VPNs when you encounter paket loss.

You can also port forward, however, it introduces a whole array of additional security issues with dial plans, account passwords, etc. That you have to get right otherwise, you will get hacked.

Sorry to confuse things, but have a go at the VPN and let us know how you go
Chris

mazilo · August 1, 2010, 11:04pm

I just wanted to add to the above.

Basically, what one looks for on a WiFi router to run an OpenWRT firmware is to make sure the router must have lots of RAM/Flash, i.e. 32/8MB, and to have at least one USB2 port. A Linksys WRT54GL only has 16/4MB RAM/Flash. If you can get it under $10, that is great. Otherwise, stay away from it and spend more $$ to get a better WiFi NAT/Firewall router, i.e. Asus RT-N16, etc. For me, I got me an old and discotinued Netgear WGT634U that comes with 32/8MB RAM/Flash + a USB2 port. it is used to host my Asterisk PBX system.

MrFidget · August 2, 2010, 1:50am

WRT54GL is 200MHz CPU w 8 ROM & 32 RAM
WNR3500L is 400MHz CPU w 16 ROM & 64 RAM + USB key.

WRT54GL is fine for single VPN enpoint. Definately something with a bit more grunt for the main box

BTW you can solder up an SD card reader to a WRT router if you are keen
Cheers
Chris

mazilo · August 2, 2010, 2:28am

Have a look here and it shows a Linksys WRT54GL only has 16/4MB RAM/Flash. OTOH, last week I just upgraded a WRT54GL with an OpenWRT and it ONLY had 16/4MB RAM/Flash.

MrFidget · August 2, 2010, 11:13pm

Hmmmm. OK. Just checked… …I’m on drugs…or I need to be (Maybe hold a users poll to make suggestions which ones I should be on)

I am sure the units I have been deploying were 32Mb units. The ones I have sitting here are 4/16.

Still no complaints…yet.
One OpenVPN connect should be fine on these.

Cheers
Chris