bruce bruce
2010-Oct-02 18:56 UTC
[asterisk-users] Security - Using Linksys PAP2T from outside with a dynamic IP is there anyway to block all other traffic but those of the PAP2T?
Hi Everyone I think PAP2T supports DynDNS and other Dynamic DNS providers. I have a box that needs to be secured at all times. Currently it's not connected to the internet. If it were connected, I would have iptables block any and all traffic from outside but I want a single device - Linksys PAP2T - to be able to connect back to the server. That is a stand alone device and doesn't support VPN and I don't have the luxury of putting a VPN client on the PAP2T side to connect back to the server. Is there any way I can DynDNS on the PAP2T to somehow notify the Asterisk Server that it's a safe device coming in? I do use fail2ban but that is not what I am looking for at this moment. And since the IP is dynamic on the PAP2T, I can't just use the iptables to let it in as it might change all a sudden. Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20101002/269c2cc9/attachment.htm
jon pounder
2010-Oct-02 18:59 UTC
[asterisk-users] Security - Using Linksys PAP2T from outside with a dynamic IP is there anyway to block all other traffic but those of the PAP2T?
On 10/02/2010 02:56 PM, bruce bruce wrote:> Hi Everyone > > I think PAP2T supports DynDNS and other Dynamic DNS providers. I have > a box that needs to be secured at all times. Currently it's not > connected to the internet. If it were connected, I would have iptables > block any and all traffic from outside but I want a single device - > Linksys PAP2T - to be able to connect back to the server. That is a > stand alone device and doesn't support VPN and I don't have the luxury > of putting a VPN client on the PAP2T side to connect back to the > server. Is there any way I can DynDNS on the PAP2T to somehow notify > the Asterisk Server that it's a safe device coming in? > > I do use fail2ban but that is not what I am looking for at this > moment. And since the IP is dynamic on the PAP2T, I can't just use the > iptables to let it in as it might change all a sudden. > > Thanksdo the dyndns on whatever router is in front of the pap2t or get some other box that supports it. other than that you are looking for some sort of magic bullet
Carlos Chavez
2010-Oct-03 05:36 UTC
[asterisk-users] Security - Using Linksys PAP2T from outside with a dynamic IP is there anyway to block all other traffic but those of the PAP2T?
On Sat, 2 Oct 2010 14:56:11 -0400, bruce bruce wrote> Hi Everyone > > I think PAP2T supports DynDNS and other Dynamic DNS providers. I have a box that needs to be secured at all times. Currently it's not connected to the internet. If it were connected, I would have iptables block any and all traffic from outside but I want a single device - Linksys PAP2T - to be able to connect back to the server. That is a stand alone device and doesn't support VPN and I don't have the luxury of putting a VPN client on the PAP2T side to connect back to the server. Is there any way I can DynDNS on the PAP2T to somehow notify the Asterisk Server that it's a safe device coming in? > > I do use fail2ban but that is not what I am looking for at this moment. And since the IP is dynamic on the PAP2T, I can't just use the iptables to let it in as it might change all a sudden. >The PAP2T does not include DynDns (or any other dynamic DNS client) support.? Mostly because it really does not need to.? Asterisk gets the IP address of the PAP2T when it registers so it does not need anything else to find it.? If you are unwilling or unable to open/expose the necessary ports to the Internet then there is no way for the PAP2T to communicate with your Asterisk server. Maybe you could have a SIP proxy on the outside on a static IP and then allow that Proxy to relay the PAP2T into your network? -- Carlos Chavez Director de Tecnolog?a Telecomunicaciones Abiertas de M?xico S.A. de C.V. Tel: +52-55-91169161 Ext 2001 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20101003/86e2f133/attachment.htm