Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1499
  • Last Modified:

Asterisk 1.6 and VLAN configuration

Hello,

I have an issue with an Asterisk 1.6 box.  I am trying to run multiple companies off of this one asterisk box and am trying to figure out the best method of accomplishing this.

The goal is to have 3 different companies be protected for security reasons.

If I were to create multiple VLANs for each company, how would I configure Asterisk to use separate VLAN for each company?  Would it work if the Asterisk box had several NICs in it each corresponding to the separate VLAN?  Is this even possible in Asterisk 1.6?  

If separate VLANs are not possible, would putting them in their own context be adequate in terms of security?

Thanks for your help.
0
RCOtech
Asked:
RCOtech
  • 3
  • 3
1 Solution
 
perfectpcCommented:
Why would you need to use a vlan?  We have hundereds of users on asterisk boxes all with different contexts fine. Remember it's up to you where any call from an extension goes through the dial plan.
0
 
RCOtechAuthor Commented:
Perfectpc,  thanks for the quick response.  I was just exploring options to see if there was anything better.
0
 
Ron MalmsteadInformation Services ManagerCommented:
You don't have to have vlans to keep them seperate as perfectpc pointed out.
But, that is more for functionality rather than security though.

From a security standpoint you could use vlans to segregate traffic.
Or,
You could also literally use seperate networks/NIC's on the Asterisk server so that each companies traffic never converges on the same link/switch.

Depending on how this is all interconnected, determines the best answer for keeping it secure and seperate between companies.

If you could provide more details...for example... is all this traffic coming in over a public IP address ??  Same building same network ?  Same building seperate networks ?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
RCOtechAuthor Commented:
Hi xuserx2000,

We have a PRI coming into the asterisk box.  From there, we have 3 separate companies that I would like to segment.  All are connected to the same backbone switch and we have VLAN for the voice network.

I would like to ensure that nothing can come across from one voice network to another.  I was thinking along the lines of multiple NICs with each NIC being associated with a separate VLAN.  Then those NICs will be plugged into one backbone switch.  If they are connected to the same backbone switch but on different VLANs, would this defeat the purpose of the VLAN separation?

If you know of a better way, I would appreciate your input.
0
 
Ron MalmsteadInformation Services ManagerCommented:
""  I was thinking along the lines of multiple NICs with each NIC being associated with a separate VLAN. ""

I was thinking the same thing.

""If they are connected to the same backbone switch but on different VLANs, would this defeat the purpose of the VLAN separation?""

No, it wouldn't because it accomplishes keeping them segregated so that traffic cannot traverse accross in any way.

What you are proposing is exactly what I would do.

Just make sure you dialplan contexts do not mix and that there are no dialing routes from one company exten's to the next.
0
 
Ron MalmsteadInformation Services ManagerCommented:
""We have a PRI ""

It's not really relevant to the question, but is that enough lines for 3 companies ?
0
 
RCOtechAuthor Commented:
xuserx2000,

Thanks for the information.  We actually have 3 PRIs coming in but just generalized it.

Thanks again.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now