On 10/10/06, Patrick - South Valley Internet <[EMAIL PROTECTED]> wrote:
Hi all,
I have a box I installed OpenBSD 3.9 on. I'm trying to get this box to
function as our office firewall. Here's the catch - we have VOIP phones
that contact an external VOIP server outside of our firewall. I've been
doing some research and found out that VOIP phones don't do NAT very
well, and because of that you need to put them on their own static IPs.
I've tried the sip proxy route, and honestly it was entirely over my
head and I just couldn't understand how to get it to work.
A friend suggested that I should do the following:
1) Get two NICS for the OpenBSD box.
2) Give the first NIC an external routeable IP address, ex.
216.139.44.142 subnet 255.255.255.192
3) Give the second NIC an internal IP address, ex. 10.30.1.1 subnet mask
255.255.255.0
4) Give the second NIC an external IP address as well, ex.
216.139.44.143 subnet mask 255.255.255.192
5) Enable the gateway option in OpenBSD
I can successfully give the first NIC its external IP, and for the
second NIC, I'm having troubles getting it to recognize both IPs on the
2nd NIC. I can get one IP address, or the other, but not both working
at the same time.
Now, after I get the NICs set up, and after I enable the gateway option
in OpenBSD, I'm a little confused as what to do from there.
Am I going about this the right way? Is there an easier way to do what
I am trying to accomplish?
Do you need NAT? Have you considered running your Firewall as a bridge(4)?
Read the NOTES section of the bridge(4) man page though, because
there's a catch when it comes to writing rules.
