Link to home
Create AccountLog in
Avatar of djpriceAtl
djpriceAtl

asked on

Zultys MX with Juniper SSG 140

Does anyone have experience setting up a Zultys MX VOIP system and a Juniper SSG firewall?  We are considering this product but have some security concerns.

This will be used as a VOIP system to connect a corporate office to 12 branch offices.  Network is a MPLS with 50M fiber at corp and 3.0M T1's at the branch.  All internet traffic goes out a 50/10M Comcast connection thru the Juniper SSG at the corporate site.

There will be a need to connect to the Zultys via internet from the outside either with their MXIE or iPhone app.

The firewall doc that Zultys has provided to specify which ports are needed to be open is basically everythng.  So the delima is do I install the MX device on our inside 192.168.0.0 zone and configure a MIP from one of our static outside IP's or do I just install the MX on an outside IP?  Another consideration is to install the MX in a 2nd DMZ zone, then open the necessary ports.

If anyone has experience with these devices who has had success with an installation, any recommendations on configuration would be appreciated.
ASKER CERTIFIED SOLUTION
Avatar of Sanga Collins
Sanga Collins
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of djpriceAtl
djpriceAtl

ASKER

This is very helpful, it's what I was leaning toward.  Thank you.

In reading more on this, NAT may be an issue for me.  Assuming the VOIP server is installed in the outside zone with one of our external IP's.  I am using a DIP with policy based NAT to go from trust->untrust,  the global broadcast IP is basically a throwaway, no equipment is on that IP.  Is this going to be an issue, can I no longer do this?

With the VOIP server installed in the outside zone, are there any ports from untrust->trust or trust->untrust that would need to be opened to allow VOIP phones installed within the inside zone to function properly?
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account