| gabriel rosenkoetter on 16 Jul 2004 22:23:02 -0000 |
|
On Fri, Jul 16, 2004 at 05:03:05PM -0400, Art Clemons wrote: > Unless your firewall setup allows non-standard ports to access the > internet if it comes from the right IP address, I don't know how you can > avoid this problem. Vonage and Packet8 (the two I've played with) both > required either being placed before the firewall or passing incoming > traffic to the requisite port on the IP address assigned to the box > behind a firewall whether discussing a Linux box as a router/firewall or > a hardware firewall/router. Let me reiterate that my Vonage box is behind my firewall and I made no changes to my firewall for it. What's more, no outgoing connection could address it on the port it was expecting (it's in a portmapped many-to-one NAT). I believe that the Vonage box establishes *outgoing* connections, with which I've got no big problem. I haven't bothered to packet sniff it, but I could if you're really curious. The reason Vonage wants to be in front of your firewall is to perform QoS, but if I cared enough (large connections do cause a bit of audio degradation for a few moments, then the stream compensates), I'd do that myself. -- gabriel rosenkoetter gr@eclipsed.net Attachment:
pgpPcf8jSxDBD.pgp
|
|