One of my user was asking, can he use VPN to access asterisk ? What does it mean ? And its possible ? How ?VPN -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20090207/325c0670/attachment.htm
Hello David, VPN means 'Virtual Private Network'. You can have more information about them here: http://en.wikipedia.org/wiki/Virtual_private_network And about VPN and Asterisk; yes, of course. If the VPN is working, there should be no problems using Asterisk inside it (I have one or two clients using their Asterisk Server inside a VPN). Regards, -- Jose P. Espinal http://www.eSlackware.com IRC: Khratos @ #asterisk / -doc / -bugs David @ULC wrote:> > One of my user was asking, can he use VPN to access asterisk ? > > What does it mean ? > > And its possible ? > > How ?VPN > ------------------------------------------------------------------------ > > _______________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users
> One of my user was asking, can he use VPN to access asterisk ? > What does it mean ? > > And its possible ? > > How ?VPNYes, it's possible. As one example: I have the OpenVPN software installed on my Asterisk server, and on my Nokia N810 wireless Internet tablet. The tablet is configured to use the VPN's server-side IP address as its SIP server. A similar sort of system could be set up with other VPN packages (e.g. CIPE, Cisco's offerings, etc.), This approach has several advantages, compared to the alternative (not using a VPN, and turning on STUN support in the client): - All of the SIP and RTP traffic to/from the tablet is encrypted, and thus relatively resistant to evesdropping. - The tablet and the Asterisk server have IP addresses for each other which are being established by the VPN software, and don't need to be (and aren't) altered or translated by access-point or corporate routers. This pretty much eliminates the common "I can't get audio in one or both directions" problem with using SIP through private IP networks and NAT routers. - Most network firewalls will pass VPN traffic, even if they haven't been configured to pass "raw" SIP and RTP. There are some disadvantages, though: - Some amount of CPU overhead at both ends, and perhaps some increased latency (the latter is minor, I believe). - The RTP traffic must flow through the VPN/Asterisk server... it cannot be "reinvited" into a direct connection between the tablet and the destination, because the tablet is using an IP address for the connection which exists only on the VPN and isn't externally reachable. This sort of VPN setup (where the Asterisk client is on the same system that's running the VPN software) is the one you'd want to use for many "road warrior" setups. VPNs can also be used to set up secure IP tunnels between two different, remotely-located networks. This might be done to tie together (e.g.) two different offices, each having its own Asterisk server.
"David @ULC" <ucoms2001 at gmail.com> wrote> One of my user was asking, can he use VPN to access asterisk ? > What does it mean ? > > And its possible ? > > How ?VPNSometimes what is called a VPN is not a VPN by everyone's definition, so beware. By my definition, a (IP) VPN supports full layer 3 functionality (and sometimes more), as opposed to, say, some type of proxy that relays a limited set of protocols over a particular path with encryption. So you need to be more specific about your question. Example: I've run Asterisk over OpenVPN. In this case, no problem; it's just another networking layer and the only special consideration is increased overhead, and that same consideration applies to any application. There are other VPNs. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3234 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20090207/33a34ed8/attachment.bin