Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 
19225 posts

Uber Geek
+1 received by user: 1100

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 519103 9-Sep-2011 18:42 Send private message

DonGould:
sbiddle:  but should probably spend the time actually fixing the double NAT problem because it's just bad network design.

  


Sure.  Can you quote me for some public ip space?  At $5 an IP it's very expensive.

The real answer is to move to IPv6, but it seems that Cisco don't currently provide v6 firm ware for this stuff.

D



That's no excuse for double NAT - the SPA should just be behind the first NAT firewall and I see very little reason for the SPA to have a public IP, especially with the security risks of exposing it to the internet, particularly if you don't have source IP restrictions in place for SIP traffic.


Have plan, send $NZD50m
3440 posts

Uber Geek
+1 received by user: 67

Subscriber

  Reply # 519109 9-Sep-2011 19:00 Send private message

sbiddle:  particularly if you don't have source IP restrictions in place for SIP traffic.



That's that domain lock down thingo in the ATA config isn't it or do you mean to do it in the BRAS?




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - [email protected]


19225 posts

Uber Geek
+1 received by user: 1100

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 519120 9-Sep-2011 19:42 Send private message

DonGould:
sbiddle:  particularly if you don't have source IP restrictions in place for SIP traffic.



That's that domain lock down thingo in the ATA config isn't it or do you mean to do it in the BRAS?


In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.


Have plan, send $NZD50m
3440 posts

Uber Geek
+1 received by user: 67

Subscriber

  Reply # 519124 9-Sep-2011 20:16 Send private message

sbiddle:
In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.



sorry to be thick... but isn't this the reason you have authid so that calls can only come from the 2talk sip server?




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - [email protected]


19225 posts

Uber Geek
+1 received by user: 1100

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 519138 9-Sep-2011 21:21 Send private message

DonGould:
sbiddle:
In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.



sorry to be thick... but isn't this the reason you have authid so that calls can only come from the 2talk sip server?


No, AuthID is only for registration. By default most VoIP devices will allow inbound SIP URI traffic from any IP, which is the reason for using Restrict source IP on Linksys/Cisco gear.

2talk don't use AuthID anyway, they're just basic SIP username + SIP password.



296 posts

Ultimate Geek
+1 received by user: 9


  Reply # 519224 10-Sep-2011 10:57 Send private message

sbiddle:
DonGould:
sbiddle:
In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.



sorry to be thick... but isn't this the reason you have authid so that calls can only come from the 2talk sip server?


No, AuthID is only for registration. By default most VoIP devices will allow inbound SIP URI traffic from any IP, which is the reason for using Restrict source IP on Linksys/Cisco gear.

2talk don't use AuthID anyway, they're just basic SIP username + SIP password.




FYI, they do use AuthID on the new 2talk+ platform with TCP, not sure about the restrict source IP  though.
NAT  transversal is a lot better with TCP as well.   




Now on Slingshot Better Network and it's better.

Share Image

296 posts

Ultimate Geek
+1 received by user: 9


  Reply # 519227 10-Sep-2011 11:03 Send private message

sbiddle:
DonGould:
sbiddle:  particularly if you don't have source IP restrictions in place for SIP traffic.



That's that domain lock down thingo in the ATA config isn't it or do you mean to do it in the BRAS?


In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.



Never had one yet, but I have had some random calls with bogus CID's from the PSTN network. 




Now on Slingshot Better Network and it's better.

Share Image

Joel Johnson
858 posts

Ultimate Geek
+1 received by user: 7

Subscriber

  Reply # 519277 10-Sep-2011 14:24 Send private message

sbiddle:
DonGould:
sbiddle:
In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.



sorry to be thick... but isn't this the reason you have authid so that calls can only come from the 2talk sip server?


No, AuthID is only for registration. By default most VoIP devices will allow inbound SIP URI traffic from any IP, which is the reason for using Restrict source IP on Linksys/Cisco gear.

2talk don't use AuthID anyway, they're just basic SIP username + SIP password.




So with Linksys/cisco gear, how do I set it so that it only allows calls via the 2talk server (ie via the PSTN?)

Because what your saying is that anyone can directly ring my ip via the 5060 port without going through 2talk?

19225 posts

Uber Geek
+1 received by user: 1100

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 519281 10-Sep-2011 14:29 Send private message

jjnz1:So with Linksys/cisco gear, how do I set it so that it only allows calls via the 2talk server (ie via the PSTN?)

Because what your saying is that anyone can directly ring my ip via the 5060 port without going through 2talk?


You use the restrict source IP option. Without that your device will allow any inbound SIP traffic, even if it's from an IP address that is not the configured SIP proxy. SIP URI calling is one of the coolest features of VoIP, unfortunately it's also not without it's issues.

I have no idea whether it can be configured on 2talk since I don't use 2talk. All I know is that when I enabled it on my Linksys config file I got lots of emails from people complaining it broke their 2talk and italk connections, which presumably have multiple IP's for inbound traffic.

 




296 posts

Ultimate Geek
+1 received by user: 9


  Reply # 519427 11-Sep-2011 00:38 Send private message

techmeister:
sbiddle:
DonGould:
sbiddle:
In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.



sorry to be thick... but isn't this the reason you have authid so that calls can only come from the 2talk sip server?


No, AuthID is only for registration. By default most VoIP devices will allow inbound SIP URI traffic from any IP, which is the reason for using Restrict source IP on Linksys/Cisco gear.

2talk don't use AuthID anyway, they're just basic SIP username + SIP password.




FYI, they do use AuthID on the new 2talk+ platform with TCP, not sure about the restrict source IP  though.
NAT  transversal is a lot better with TCP as well.   


No, I might have to take that back. I can register without AuthID on.Frown
On a more positive note " restrict source IP " seems to work on the 2talk+ platform.Smile  




Now on Slingshot Better Network and it's better.

Share Image

860 posts

Ultimate Geek
+1 received by user: 7

Trusted
Subscriber

  Reply # 519702 11-Sep-2011 21:44 Send private message

sbiddle:
I have no idea whether it can be configured on 2talk since I don't use 2talk. All I know is that when I enabled it on my Linksys config file I got lots of emails from people complaining it broke their 2talk and italk connections, which presumably have multiple IP's for inbound traffic.

2Talk uses about 8 IP's




Hmmmm

459 posts

Ultimate Geek
+1 received by user: 2

Subscriber

  Reply # 525191 23-Sep-2011 21:28 Send private message

Getting back to the OPs original thread just thought  I would mention I did a number port here this week as my lady spends more time at my place than she does her own so with me having 2 phone lines on my plan with 2talk I suggested to her that she save the $25 for Vodafone wireless and port her number over and I must say myself the port went well without a hitch and voicemail and everything else is working good as gold. I am going down to my parents in Nelson at Christmas to get them on voip with 2talk and naked dsl as well.

296 posts

Ultimate Geek
+1 received by user: 9


  Reply # 525408 24-Sep-2011 19:50 Send private message

Thanks for your input.
Glad it all went well.
I think DSL broadband is reliable enough for only VOIP these days.
Did you put her on the 2talk+ platform ?





Now on Slingshot Better Network and it's better.

Share Image

459 posts

Ultimate Geek
+1 received by user: 2

Subscriber

  Reply # 525430 24-Sep-2011 21:45 Send private message

techmeister: Thanks for your input.
Glad it all went well.
I think DSL broadband is reliable enough for only VOIP these days.
Did you put her on the 2talk+ platform ?



Yes I quite agree about about the DSL being reliable enough for VOIP these days. I have been on naked DSL and VOIP for the last 4 years now. No I didnt put her on the 2talk+ platform yet but I might try it on my own line first to see how it goes.

25 posts

Geek


  Reply # 536810 23-Oct-2011 22:27 Send private message

Interesting reading on experiences with 2talk service.  I have fiound GENERAL technical support to be OK, with responses usually within 24 hours.  However I do have a porting ticket that has been open since the beginning of June - with no result, and omny one update/reply in this time.  I have also had to lodge multiple requests for investigations for Vodafone network customers being unable to connect to 2talk numbers.

Good, but could be much better.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 
View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Geekzone giveaway: Thecus N2310 NAS
Created by freitasm, last reply by engty on 24-Jul-2014 20:18 (76 replies)
Pages... 4 5 6


Is chorus going to deliberately slow adsl internet down
Created by rugrat, last reply by NonprayingMantis on 24-Jul-2014 18:44 (38 replies)
Pages... 2 3


MH 17 "shot down" all dead
Created by joker97, last reply by tdgeek on 24-Jul-2014 14:34 (202 replies)
Pages... 12 13 14


Sickening floral smell in car, What next?
Created by TimA, last reply by hio77 on 24-Jul-2014 20:28 (21 replies)
Pages... 2


PB Computers experiences
Created by KiwiNZ, last reply by jlittle on 24-Jul-2014 16:59 (40 replies)
Pages... 2 3


Huge Fuss, didn't even make it a year.
Created by networkn, last reply by Glassboy on 22-Jul-2014 19:50 (121 replies)
Pages... 7 8 9


Is working in IT making you less manly?
Created by dotnetdev, last reply by Dynamic on 24-Jul-2014 16:02 (38 replies)
Pages... 2 3


Skinny's new aggressive ad campaign
Created by Yabanize, last reply by Yabanize on 22-Jul-2014 23:35 (52 replies)
Pages... 2 3 4



Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.