Thread Info
  • Locked Locked
  • Replies 4 replies
  • Subscribers 4 subscribers
  • Views 1678 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM VOIP vs 'roll your own'?

dswartz

I've got a stable, working FreePBX server.  I've used it behind several different firewalls, with no issues (once I got everything tweaked.)  It has an optional setting to handle NAT traversal (e.g. rewrites IP addresses in RTP headers and such.)  That all works fine.  So I've migrated to UTM 9, and am looking at the VOIP helper, and am wondering if it makes sense to use it or not.  From what I've read, I can disable automatic firewall rules in the SIP&RTP DNAT rules, since the VOIP helper does that.  It also claims (IIRC) to rewrite SIP headers and such.  I'm already doing that in FreePBX, but had forgotten that until I had been running the VOIP helper for a couple of days, with no issues.  I assume it detects that nothing needs to be rewritten?  Even so, it would seem to be a good idea to disable that in FreePBX, no?  What is the concensus as to whether it makes sense to use the VOIP helper?  I'm using a provider (Callcentric) who proxies their own audio, and uses 2 specific /24 subnets, so I can lock things down solidly, so I would think Strict mode wouldn't be helpful (or harmful for that matter?)  Any thoughts are welcome :)



This thread was automatically locked due to age.

  • Googling site:community.sophos.com/products/unified-threat-management/f "Callcentric" returned 7 threads.  Does any of those help you answer your question?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • in reply to BAlfson

    Hmmm, not really.  People (including me several years ago lol) seemed mostly to be trying to resolve issues where VOIP wasn't working with UTM.  I've gone through a couple of iterations of FreePBX since then, and it seems nice and stable now (with built-in port rewriting and etc).  I was mostly wondering if there was anything (other than minor simplification of config on the firewall and the PBX) to be gained by switching to the VOIP helper.  I'm not getting the impression there is, so I think I'll stick with 'if it is not broken do not fix it!'  Thanks!

     

  • in reply to dswartz

    hi dswatz,

    i currently run a large multi tenant system, and found that running the strict was problematic and caused issues. and do not use the voip helper with any of my systems, i usually spec the DSCP/TOS setting for setting internal LAN QoS. I have had no issues with my setup running a number of phone systems internally (mainly used for training and sandbox purposes only).

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • in reply to Argo

    Argo, thanks.  It looks like I'm better off leaving things as is (e.g. port rewriting in asterisk, and a couple of simple rules in UTM).

Unfiltered HTML