Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick 2700 Configuration run-through: Difference between revisions

FireBrick 2700 Configuration run-through (view source)

Revision as of 16:48, 11 January 2011

312 bytes added ,  11 January 2011
→‎VoIP Rules
If you have VoIP phones on your LAN, then here are some example rules to allow SIP and RTP from the AAISP phone servers:
<syntaxhighlight>
<rule-set name="Incoming Firewall Rules">
<rule name="SIP" source-ip="81.187.30.110-119" target-ip="1.2.3.0/28" target-port="5060-5069"/>
<rule name="RTP" target-ip="1.2.3.0/28" protocol="17" target-port="1025-5059 5070-" set-graph="RTP"/>
</rule-set>
</syntaxhighlight>
Here the rules are defined in a rule-set. rule-sets allow helpful management of rules. Ie you can have a couple of main rule sets for example for Incoming Traffic, Port Maps, Outgoing Traffic etc. Rules and rule-sets are processed in order, top to bottom.
 
This also sets a graph for RTP, you may want to restrict the target to just your VoIP phones, as the above set the target at the whole of the LAN
 
AA-Andrew
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,274

edits

Retrieved from ‘http://support.aa.net.uk/Special:MobileDiff/360