Re: MultiTech VOIP behind ISA

" My initial concern with such a configuration was the crypto latency,
but this has been an 
issue at all."
So it wasn't issue at all? can u give me any number ? was it ~300ms or
no measurable latency at all?

-----Original Message-----
From: Deus, Attonbitus [mailto:Thor@xxxxxxxxxxxxxxx]
Sent: Friday, June 14, 2002 4.19 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: MultiTech VOIP behind ISA


http://www.ISAserver.org



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 06:21 AM 6/14/2002, you wrote:

>We are trying to Move our MultiTech VOIP (MVP200 with proprietary
>protocol) behind our ISA server. Has any one done this?
>
>MultiTech has told me they all UDP Ports (69,900,902,5000,5004-5007).
>Inorder to define a protocol definition I need to set one port as a
>primary (and the rest as secondary?). MultiTech could only tell me that
>all the ports need to be open (I think port 5000 might be the
primary?). I
>have set the IP packet filters to open UDP communication through all
these
>ports. I have then published the voip server with my custom protocol
(with
>port 5000 as primary and the remaining as secondary).
>
>The system is not working. Has anyone done this (or anything close?)

I use NEC VoIP solutions, including direct IP phones, branch-to-gateway 
extensions,  and system-to-system IP trunking.  Rather than opening up
the 
required ports in ISA, I pass all the traffic down a point-to-point ISA
VPN.

Not only does this give you the added security of encrypted VoIP
traffic, 
but you don't open up your system to VoIP based attacks... The last
thing 
you want is for someone to get at your voice traffic.  My initial
concern 
with such a configuration was the crypto latency, but this has been an 
issue at all.

HTH

AD




-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBPQn7PIhsmyD15h5gEQIJVQCgjISxVYDHiIPnkziS/sVFQ6jXIu4An0L3
3cc20QCkmIX49YTyGG28Jjku
=HhyK
-----END PGP SIGNATURE-----


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
davidf@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

****************************************************************
This mail was content checked for malicious code and viruses
by MailSecurity. MailSecurity provides email content checking,
exploit detection and anti-virus for Exchange. Spam, viruses,
dangerous attachments & offensive content are removed
automatically. Key features include: Multiple virus engines;
Email content & attachment checking; Exploit shield - email
intrusion detection & defence; Email threats engine - analyses
& defuses HTML scripts, .exe files & more. 
***************************************************************
        
In addition to MailSecurity, GFI also produces the FAXmaker
fax server & LANguard network security product ranges. For 
more information on our products, please visit http://www.gfi.com

This disclaimer was sent by Mail essentials for Exchange/SMTP.

Other related posts: