using x-lite in the internet how to regiter

Discussion in 'General' started by javajavaclone, Jul 23, 2009.

  1. javajavaclone

    Joined:
    Jul 20, 2009
    Messages:
    3
    Likes Received:
    0
    dear all
    using x-lite softphone in the internet how to register to elastix server in intranet,but intranet can not be exposed to elastix server on the internet,How do i .....
    thanks.
     
  2. danardf

    Joined:
    Dec 3, 2007
    Messages:
    8,069
    Likes Received:
    12
    And you, what do you think?

    Basically, the answer is : no!

    If Elastix can not have an internet access, you can't have remote extension.

    But, but .... In your case, maybe one solution. If you add another ethernet device with an internet access directly on the Elastix server, maybe yes!
     
  3. viti

    Joined:
    Jun 30, 2009
    Messages:
    9
    Likes Received:
    0
    if you don't want to expose your elastix to the internet, think of use a VPN system. if you just don't want to expose your intranet to the internet... just put your Elastix out of your intranet, in a DMZ zone, keeping your intranet behind a firewall...

    regards,
     
  4. danardf

    Joined:
    Dec 3, 2007
    Messages:
    8,069
    Likes Received:
    12
    A DMZ, I think that a bad solution.
    With a VPN, you have a link to internet, so ...

    I don't see where the problem come if you make only some maps as 5060 and 10000-20000 UDP, it's not a security's problem.


    For example:

    WAN ]-------> [Router & firewall ] ------> [eth1] -- [Elastix] ---[eth0]----[LAN

    With the VPN solution, I could have some bandwidth problems and more if you use an encryption (a VPN is never secure at 100%).

    What do you think about that?
     
  5. viti

    Joined:
    Jun 30, 2009
    Messages:
    9
    Likes Received:
    0
    in case you want to forward all those ports, it's much secure to put your elastix in a DMZ. In an enterprise environment, ports shouldn't be forwarded to any PC not placed in the DMZ. if someone breaks in your elastix and it is in your intranet, the intruder can access any PC in your intranet, getting access probably to confidential info. The same situation but with your elastix in the DMZ could cause damage in your servers on the DMZ, probably not so severe as the intranet intrusion.

    VPN, if you've got enough uplink bandwith (as danarf mentioned) is a good solution, providing also communications privacy and enhanced access security.

    i think it's a common topic... more suggestions will be welcome!
     

Share This Page