MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.
Course Of The Month
3 days, 11 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Juniper 5gt SIP configuration example
Posted on 2013-01-07
My customer bought a 5gt and wants to use it solely for voip. Does anybody have a configuration example of what this needs to look like? I don't have web access to the firewall. It is sitting on a desk with a console cable on it.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
4-
4
9 Comments
Active 1 day ago
The setup will depend on where the VOIP server sits. Is the server and phones going to be behind the firewall? Or is the server going to be outside the firewall and the phones inside?
I'm not sure yet. The customer is getting that info for me. In the meanwhile I have put a config on the firewall to ship it to them. I can continue configuration once it is in place. Would you mind looking at the config and let me know if I'm missing anything? I'm concerned about the default route as I'm used to Cisco cli and this is quite different.
voice-fw-config.docx
voice-fw-config.docx
Active 1 day ago
Since this appears to be at least screenOS 6.x or newer the following statement in your config should be sufficient
set interface ethernet 0/0 gateway 63.x.x.x
But since you said you are sending the device to a client, just to be safe you can (from the webui) add the default route under Network > Routing > Destination, or from the command line using the following command
set route 0.0.0.0/0 interface ethernet0/0 gateway 63.x.x.x
save
set interface ethernet 0/0 gateway 63.x.x.x
But since you said you are sending the device to a client, just to be safe you can (from the webui) add the default route under Network > Routing > Destination, or from the command line using the following command
set route 0.0.0.0/0 interface ethernet0/0 gateway 63.x.x.x
save
Thanks. The phone server is outside of the customer network at a place called Next Level. Does this help?
Active 1 day ago
Yes that is very important. With the VoIP server residing off site, what you want to do is:
A) disable sip ALG
B) enable 'source based NAT' in the advanced properties of the trust to untrust policy. You can get to properties for a policy by clicking on the edit link for the policy in question.
I will look up the correct CLI commands to enter and post them if you only have console access.
A) disable sip ALG
B) enable 'source based NAT' in the advanced properties of the trust to untrust policy. You can get to properties for a policy by clicking on the edit link for the policy in question.
I will look up the correct CLI commands to enter and post them if you only have console access.
Featured Post
Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
- Superb Internet
- Hardware Firewalls
- Security
- Server Hardware
- Server Software
- *firewall management, *firewalls
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses
Course of the Month3 days, 11 hours left to enroll
691 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.