Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SIP Enabled Firewall 1

Status
Not open for further replies.
Telecomp9434

Telecomp9434

Vendor
Sep 11, 2009
80
US
Hello Does anyone know of easy to use SIP enabled firewall other then MBG? Or do you recommend just going MBG. I am installing Bandwidth.com SIP trunks over a Verizon FIber connection witH MCD 5.0.
I always asssumed that the Mitel could handle SIP trunks directly, i guess iw as wrong.

thanks-

"Voice and Data Solutions
 
Sort by date Sort by votes
It can handle trunks directly. Used it with L3 and SpeakEasy services.
Properly configured firewall and SIP trunks in ICP are required.

I also had success using siproxyd It has a number of nice features like authentication with external provider, so you don't need to deal with it on ICP and packets QoS re-marking if they come from the Internet unmarked or marked incorrectly.
 
Upvote 0 Downvote
Thanks Slapin...so it looks like your telling me if I have everything programmed correctly the 3300 will take a SIP trunk directly? I call Mitel support and they told me I will need a SIP aware firewall....that is why I am asking..

"Voice and Data Solutions
 
Upvote 0 Downvote
The reason they say so is that it is not recommended to expose ICP to the wild Internet.
Due to SIP protocol complexity and the fact that routing information is carried in the packet payload, just a regular firewall which is looking into packet headers only will be hard to configure. Firewalls manufacturers responded to the market demand and started making devices which can detect and understand SIP messages, so proper ports can be opened when needed based on the message content in the packet payload.
Another point is that most likely you are running a private network behind NAT, so the firewall could be acting as NAT as well and possible modify the payload, so remote parties don't need to guess anything, which can lead to unpredictable side effects.

The bottom line. You don't have to have it, but it will make your life much easier and your users happy.
 
Upvote 0 Downvote
We have some carriers in Aus that require a Sip proxy ( MBG) to anchor the sip to a single local IP address ( when managed wans are involved).

Mitel will normally only support what they have tested with the carrier .

If I never did anything I'd never done before , I'd never do anything.....
 
Upvote 0 Downvote
No you were right in the first place. As others ave pointed out, the 3300 can take SIP trunk directly ( MCA, connections to another VoIP PBX, connections to MS Lync or Exchange ). It all comes down to what the carrier uses.

I'd tell you a UDP joke but I'm afraid you won't get it. TCP jokes are the best because you always get them.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

sadic
  • Locked
  • Question
no outgoing via sip trunk
Replies
7
Views
655
sadic
sadic
Tinos
  • Locked
  • Question
MIVB SIP Trunk to Provider 3
Replies
4
Views
773
Tinos
Tinos
W
  • Locked
  • Question
How do you block specific numbers SIP trunk?
Replies
2
Views
445
jerdog101
jerdog101
LuanCarli
  • Locked
  • Question
Mitel SIP-Dect with Cloud-ID 8.0 - Gigaset registration
Replies
0
Views
236
LuanCarli
LuanCarli
MarvinJK
  • Locked
  • Question
Incoming calls via SIP trunk on Auto-Attendant
Replies
11
Views
374
MarvinJK
MarvinJK

Part and Inventory Search

Sponsor

Back
Top