Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 
18571 posts

Uber Geek
+1 received by user: 736

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 519103 9-Sep-2011 18:42 Send private message

DonGould:
sbiddle:  but should probably spend the time actually fixing the double NAT problem because it's just bad network design.

  


Sure.  Can you quote me for some public ip space?  At $5 an IP it's very expensive.

The real answer is to move to IPv6, but it seems that Cisco don't currently provide v6 firm ware for this stuff.

D



That's no excuse for double NAT - the SPA should just be behind the first NAT firewall and I see very little reason for the SPA to have a public IP, especially with the security risks of exposing it to the internet, particularly if you don't have source IP restrictions in place for SIP traffic.


Have plan, send $NZD50m
3428 posts

Uber Geek
+1 received by user: 63

Subscriber

  Reply # 519109 9-Sep-2011 19:00 Send private message

sbiddle:  particularly if you don't have source IP restrictions in place for SIP traffic.



That's that domain lock down thingo in the ATA config isn't it or do you mean to do it in the BRAS?




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - [email protected]


18571 posts

Uber Geek
+1 received by user: 736

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 519120 9-Sep-2011 19:42 Send private message

DonGould:
sbiddle:  particularly if you don't have source IP restrictions in place for SIP traffic.



That's that domain lock down thingo in the ATA config isn't it or do you mean to do it in the BRAS?


In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.


Have plan, send $NZD50m
3428 posts

Uber Geek
+1 received by user: 63

Subscriber

  Reply # 519124 9-Sep-2011 20:16 Send private message

sbiddle:
In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.



sorry to be thick... but isn't this the reason you have authid so that calls can only come from the 2talk sip server?




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - [email protected]


18571 posts

Uber Geek
+1 received by user: 736

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 519138 9-Sep-2011 21:21 Send private message

DonGould:
sbiddle:
In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.



sorry to be thick... but isn't this the reason you have authid so that calls can only come from the 2talk sip server?


No, AuthID is only for registration. By default most VoIP devices will allow inbound SIP URI traffic from any IP, which is the reason for using Restrict source IP on Linksys/Cisco gear.

2talk don't use AuthID anyway, they're just basic SIP username + SIP password.



295 posts

Ultimate Geek
+1 received by user: 9


  Reply # 519224 10-Sep-2011 10:57 Send private message

sbiddle:
DonGould:
sbiddle:
In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.



sorry to be thick... but isn't this the reason you have authid so that calls can only come from the 2talk sip server?


No, AuthID is only for registration. By default most VoIP devices will allow inbound SIP URI traffic from any IP, which is the reason for using Restrict source IP on Linksys/Cisco gear.

2talk don't use AuthID anyway, they're just basic SIP username + SIP password.




FYI, they do use AuthID on the new 2talk+ platform with TCP, not sure about the restrict source IP  though.
NAT  transversal is a lot better with TCP as well.   




Now on Slingshot Better Network and it's better.

Share Image

295 posts

Ultimate Geek
+1 received by user: 9


  Reply # 519227 10-Sep-2011 11:03 Send private message

sbiddle:
DonGould:
sbiddle:  particularly if you don't have source IP restrictions in place for SIP traffic.



That's that domain lock down thingo in the ATA config isn't it or do you mean to do it in the BRAS?


In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.



Never had one yet, but I have had some random calls with bogus CID's from the PSTN network. 




Now on Slingshot Better Network and it's better.

Share Image

Joel Johnson
823 posts

Ultimate Geek
+1 received by user: 1

Subscriber

  Reply # 519277 10-Sep-2011 14:24 Send private message

sbiddle:
DonGould:
sbiddle:
In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.



sorry to be thick... but isn't this the reason you have authid so that calls can only come from the 2talk sip server?


No, AuthID is only for registration. By default most VoIP devices will allow inbound SIP URI traffic from any IP, which is the reason for using Restrict source IP on Linksys/Cisco gear.

2talk don't use AuthID anyway, they're just basic SIP username + SIP password.




So with Linksys/cisco gear, how do I set it so that it only allows calls via the 2talk server (ie via the PSTN?)

Because what your saying is that anyone can directly ring my ip via the 5060 port without going through 2talk?

18571 posts

Uber Geek
+1 received by user: 736

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 519281 10-Sep-2011 14:29 Send private message

jjnz1:So with Linksys/cisco gear, how do I set it so that it only allows calls via the 2talk server (ie via the PSTN?)

Because what your saying is that anyone can directly ring my ip via the 5060 port without going through 2talk?


You use the restrict source IP option. Without that your device will allow any inbound SIP traffic, even if it's from an IP address that is not the configured SIP proxy. SIP URI calling is one of the coolest features of VoIP, unfortunately it's also not without it's issues.

I have no idea whether it can be configured on 2talk since I don't use 2talk. All I know is that when I enabled it on my Linksys config file I got lots of emails from people complaining it broke their 2talk and italk connections, which presumably have multiple IP's for inbound traffic.

 




295 posts

Ultimate Geek
+1 received by user: 9


  Reply # 519427 11-Sep-2011 00:38 Send private message

techmeister:
sbiddle:
DonGould:
sbiddle:
In the ATA. But apparently you can't (or at least couldn't) use restrict source IP with iTalk or 2talk which is why a lot of people get random calls with funny CID and no audio when they pick the phone up.



sorry to be thick... but isn't this the reason you have authid so that calls can only come from the 2talk sip server?


No, AuthID is only for registration. By default most VoIP devices will allow inbound SIP URI traffic from any IP, which is the reason for using Restrict source IP on Linksys/Cisco gear.

2talk don't use AuthID anyway, they're just basic SIP username + SIP password.




FYI, they do use AuthID on the new 2talk+ platform with TCP, not sure about the restrict source IP  though.
NAT  transversal is a lot better with TCP as well.   


No, I might have to take that back. I can register without AuthID on.Frown
On a more positive note " restrict source IP " seems to work on the 2talk+ platform.Smile  




Now on Slingshot Better Network and it's better.

Share Image

859 posts

Ultimate Geek
+1 received by user: 7

Trusted
Subscriber

  Reply # 519702 11-Sep-2011 21:44 Send private message

sbiddle:
I have no idea whether it can be configured on 2talk since I don't use 2talk. All I know is that when I enabled it on my Linksys config file I got lots of emails from people complaining it broke their 2talk and italk connections, which presumably have multiple IP's for inbound traffic.

2Talk uses about 8 IP's




Hmmmm

454 posts

Ultimate Geek

Subscriber

  Reply # 525191 23-Sep-2011 21:28 Send private message

Getting back to the OPs original thread just thought  I would mention I did a number port here this week as my lady spends more time at my place than she does her own so with me having 2 phone lines on my plan with 2talk I suggested to her that she save the $25 for Vodafone wireless and port her number over and I must say myself the port went well without a hitch and voicemail and everything else is working good as gold. I am going down to my parents in Nelson at Christmas to get them on voip with 2talk and naked dsl as well.

295 posts

Ultimate Geek
+1 received by user: 9


  Reply # 525408 24-Sep-2011 19:50 Send private message

Thanks for your input.
Glad it all went well.
I think DSL broadband is reliable enough for only VOIP these days.
Did you put her on the 2talk+ platform ?





Now on Slingshot Better Network and it's better.

Share Image

454 posts

Ultimate Geek

Subscriber

  Reply # 525430 24-Sep-2011 21:45 Send private message

techmeister: Thanks for your input.
Glad it all went well.
I think DSL broadband is reliable enough for only VOIP these days.
Did you put her on the 2talk+ platform ?



Yes I quite agree about about the DSL being reliable enough for VOIP these days. I have been on naked DSL and VOIP for the last 4 years now. No I didnt put her on the 2talk+ platform yet but I might try it on my own line first to see how it goes.

25 posts

Geek


  Reply # 536810 23-Oct-2011 22:27 Send private message

Interesting reading on experiences with 2talk service.  I have fiound GENERAL technical support to be OK, with responses usually within 24 hours.  However I do have a porting ticket that has been open since the beginning of June - with no result, and omny one update/reply in this time.  I have also had to lodge multiple requests for investigations for Vodafone network customers being unable to connect to 2talk numbers.

Good, but could be much better.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 
View this topic in a long page with up to 500 replies per page Create new topic








Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when new jobs are posted to our jobs board:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Telecom introduces unlimited broadband data plan
Created by freitasm, last reply by NonprayingMantis on 23-Apr-2014 23:13 (93 replies)
Pages... 5 6 7


Stonedine
Created by Lizard1977, last reply by surfisup1000 on 23-Apr-2014 21:27 (58 replies)
Pages... 2 3 4


Telecom has started metering their TiVo customers' broadband usage (WITHOUT PRENOTIFICATION)
Created by Peteriv, last reply by mxpress on 23-Apr-2014 14:22 (69 replies)
Pages... 3 4 5


Forms of government for New Zealand
Created by charsleysa, last reply by KiwiNZ on 23-Apr-2014 20:57 (169 replies)
Pages... 10 11 12


Parallel imported product
Created by Wills1, last reply by joker97 on 23-Apr-2014 21:01 (53 replies)
Pages... 2 3 4


MH370 - Call for Search & Rescue Help
Created by DS248, last reply by joker97 on 23-Apr-2014 22:37 (737 replies)
Pages... 48 49 50


Labour MP Shane Jones to step down
Created by jeffnz, last reply by jeffnz on 23-Apr-2014 20:41 (32 replies)
Pages... 2 3


Upcoming Freeview Restack AUCKLAND
Created by Brunzy, last reply by richms on 23-Apr-2014 21:05 (13 replies)


Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.