Network Firewall Configuration
From Taridium
Line 1: | Line 1: | ||
It is always recommended to use a [[wikipedia:Firewall_(networking)|network firewall]] to protect your PBX from unwanted access. Please consult with your router/firewall vendor for further details. | It is always recommended to use a [[wikipedia:Firewall_(networking)|network firewall]] to protect your PBX from unwanted access. Please consult with your router/firewall vendor for further details. | ||
- | The ipbx web interface uses standard port [[wikipedia:Transmission_Control_Protocol|TCP]] 80 or TCP 443 (secure). If you are planning to use a [[wikipedia:Session_Initiation_Protocol|SIP]] trunk | + | The ipbx web interface uses standard port [[wikipedia:Transmission_Control_Protocol|TCP]] 80 or TCP 443 (secure). |
+ | |||
+ | === SIP Protocol === | ||
+ | |||
+ | If you are planning to use a [[wikipedia:Session_Initiation_Protocol|SIP]] trunk | ||
configure the following ports to be forwarded directly to the server: | configure the following ports to be forwarded directly to the server: | ||
+ | |||
+ | ==== Default Ports ==== | ||
[[wikipedia:Session_Initiation_Protocol|SIP Protocol]] [[wikipedia:User_Datagram_Protocol|UDP]] 5060 | [[wikipedia:Session_Initiation_Protocol|SIP Protocol]] [[wikipedia:User_Datagram_Protocol|UDP]] 5060 | ||
Line 10: | Line 16: | ||
It is highly recommended to have a public IP address available for your server if using SIP trunking or if you intend to connect SIP phones over the public internet. | It is highly recommended to have a public IP address available for your server if using SIP trunking or if you intend to connect SIP phones over the public internet. | ||
- | + | ||
+ | === IAX2 Protocol === | ||
+ | |||
+ | IAX2 uses a single UDP data stream to communicate between endpoints, both for signaling and data. The voice traffic is transmitted in-band, making IAX2 easier to firewall and more likely to work behind far-end NAT scenarios. | ||
+ | |||
+ | ==== Default Port ==== | ||
+ | |||
[[wikipedia:IAX2|IAX2 Protocol]] [[wikipedia:User_Datagram_Protocol|UDP]] 4569 | [[wikipedia:IAX2|IAX2 Protocol]] [[wikipedia:User_Datagram_Protocol|UDP]] 4569 |
Revision as of 17:27, 30 December 2008
It is always recommended to use a network firewall to protect your PBX from unwanted access. Please consult with your router/firewall vendor for further details.
The ipbx web interface uses standard port TCP 80 or TCP 443 (secure).
Contents |
SIP Protocol
If you are planning to use a SIP trunk configure the following ports to be forwarded directly to the server:
Default Ports
SIP Protocol UDP 5060 RTP Protocol UDP 18000-20000 (default range as set in RTP configuration)
Do not use SIP transformations or any other NAT traversal solutions on your network firewall unless you completely understand the implications of doing so. Ipbx is capable of handling far-end NAT traversal by setting the peer option to NAT in the channels configuration.
It is highly recommended to have a public IP address available for your server if using SIP trunking or if you intend to connect SIP phones over the public internet.
IAX2 Protocol
IAX2 uses a single UDP data stream to communicate between endpoints, both for signaling and data. The voice traffic is transmitted in-band, making IAX2 easier to firewall and more likely to work behind far-end NAT scenarios.
Default Port
IAX2 Protocol UDP 4569