Solved

Asterisk: best method to config routing for asterisk VOIP network to main network

Posted on 2006-06-12
5
1,001 Views
Last Modified: 2008-02-01
I'm currently deploying my asterisk server on my main network.  My concern is, I'm setting up the Asterisk server on a vlan.  However, i need the asterisk server to be able to connect to the main gateway to access the internet to send vmails to the configured addresses.  Or, is there's an alternate way to route directly from the asterisk server to network where the exchange server sits without needing access to the internet?

current config:

main network address:  10.0.0.x/255.255.255.0
Exchange Server: 10.0.0.5
DNS Server: 10.0.0.6  
pix 501 firewall: 10.0.0.1/255.255.255.0

VOIP VLAN Network:
Asterisk Server (CentOS 3.0): 10.0.10.10/255.255.255.0
Linksys SP941 Phones: 10.0.10.20-10.0.10.32/255.255.255.0

Main Switch:  DLink DES-3550 48 ports:  Ports 20-34 is setup for VLAN for VOIP, 10.0.10.x/255.255.255.0 and the rest of the ports are configured for 10.0.0.x/255.255.255.0

what's my best config to route?

on the top my head, i assume i need something like a cisco 2600 router with 2 ethernet ports, is that correct?

thanks in advance.





0
Comment
Question by:jetli87
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 1

Author Comment

by:jetli87
ID: 16887890
i forgot to mention i also have a cisco 1600 series router sitting around wit 1 ethernet port doing nothing.
0
 
LVL 36

Expert Comment

by:grblades
ID: 16892752
You have a few options :-

1) Install a 2nd network card in the Asterisk box on the 10.0.0.0 network.

2) Configure the port the Asterisk box connects to for 802.1q trunking and add the 10.0.0.x VLAN to the trunk. You can then add a subinterface on the asterisk box for this network. This is not the best approach and personally I would not recommend it.

3) Get a router with two ethernet ports and connect each interface to each network. Setup the route on the asterisk box.

4) Configure a port on the d-link port for 802.1q trunking. Then get a cisco router with a single 100Mbps port (the 1600 is 10mbps only so not suitable) and configure it to route between the two subinterfaces.

I dont think the 1600 router will be of use. It is not 100mbps so does not support trunking and you cannot add a second ethernet interface.
I think one of the 1800 series routers would be the best bet for you and specifically the 1841 which has two 100mbps ethernet ports (option 1 above).
0
 
LVL 1

Author Comment

by:jetli87
ID: 16897117
Hey grblades, as always, thanks for the response.

I actually already tried installing a 2nd network card on the asterisk box and got things to work, mainly allowing the second vlan connect to the main gate on the first vlan.

however, i too do like this approach.  I will go the router approach and get back to this posting in a few days...thanks again.
0
 
LVL 36

Accepted Solution

by:
grblades earned 500 total points
ID: 16897885
If you can fit a second network card then there is nothing wrong with doing that. You can use iptables etc... to stop anyone from being able to connect to the machine from that interface so it will only be used for sending mail. It wont add any additional load on the machine which is the important thing. Its only really using option 2 that I would not recomend.
0
 
LVL 1

Author Comment

by:jetli87
ID: 16898323
I actually have another question that's posted regarding echo on my ip phone...hopefully you can help.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question