Re: How to allow all in and out traffic for one internal address
- From: "Jeff Sloan" <jsloan@xxxxxxxxxxxx>
- To: "ISALists" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 18 Feb 2004 21:27:09 -0600
I am told by the phone system vendor that SIP is not used in this
system.
He also told me of someone who configured his PIX to work by mapping
several internal IP's to external IP's, then configuring the ports for
those IP's only.
Here is how the system works.
When a call comes in from an outside IP phone, it communicates with the
call processor, which would be mapped from the public address to the
private.
The processor determines which internal phone the call is for, which at
this point has no IP address, (its MAC based), and then assigns the
internal phone an IP for this call, and says, "phone one, meet phone
two, you two talk, I'm outta here"
So I would need to set up mapping for any internal IP's I would assign
to external IP's we have available.
I can't put the phone system outside the firewall, because we use one
wire to connect the phone to the network, then connect the desktop to
the phone.
The gateways would have to be different.
I need to be able to define my own server publishing protocols, which
does not seem to be possible.
Jeff Sloan
Network Administrator
Cross Oil Refining & Marketing, Inc.
484 E. 6th St.
Smackover, AR 71762
Phone 870-864-8688
Fax 870-864-8689
Cell 870-866-9941
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Wednesday, February 18, 2004 7:01 PM
To: ISALists
Subject: [isalist] Re: How to allow all in and out traffic for one
internal address
http://www.ISAserver.org
Hi Ray,
Bad news for ya. Still no SIP support for ISA 2004 :(
The first third party to create a SIP gateway for ISA 2004 will do very
well for themselves.
HTH,
Tom
-----Original Message-----
From: Ray Dzek [mailto:rdzek@xxxxxxxxxxxxxxx]
Sent: Wednesday, February 18, 2004 5:07 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: How to allow all in and out traffic for one
internal address
http://www.ISAserver.org
It won't work. ISA, like most firewalls, does not play nice with the
SIP protocol. This may have changed in ISA 2004, but you would have to
ask others on the list that have been using 2004 to see if there is any
additional support for SIP yet. Your best bet is to simply hang a NAT
box infront of the ISA box if you only have one IP, or just hang it out
on the internet if you have to.
----- Original Message -----
From: "Jeff Sloan" <jsloan@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, February 18, 2004 2:31 PM
Subject: [isalist] How to allow all in and out traffic for one internal
address
http://www.ISAserver.org
Time to get my phone system working for VOIP across ISA.
It really needs to be like a published server, but I cant get the
protocols ironed out. I cant get an answer on which directions the
protocols/ports need to be configured, send, send/receive, receive/send,
etc. So I thought there would be a way to allow everything going and
coming from the external address to the system itself.
Will it work?
I don't have a DMZ or tri-homed ISA Box.
Jeff Sloan
Network Administrator
Cross Oil Refining & Marketing, Inc.
484 E. 6th St.
Smackover, AR 71762
Phone 870-864-8688
Fax 870-864-8689
Cell 870-866-9941
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
rdzek@xxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jsloan@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
