As for the other little tid bits of sip natting the 5060 and the other necessary ports thats all good to go?
Any QOS work in the works?
Finallyy...(phew...thanks for your patience), how about security?? -open vpn integration or??
The guide discusses port management in some detail, however in broad outline, SIP NAT is not an issue as long as your carrier is running session border control. A remote handset coming in SIP through NAT is still a challenge since we haven't any SBC of our own (although we are looking at it). We
have made inter-node setup and management extremely easy so you can iax trunk off of remote SARK/SAIL instances to help get around the problem. Only other solution is to run an IAXy or an IAX softphone.
We do set the QOS bits as part of SIP generation but we aren't running any chokes, although we might in the future. We've played with various versions of shaper. Problem with QOS is you can only police your own downstream traffic, you have no control once you let the packet go
. Furthermore, our experience with UDP seems to suggest that it may not be necessary for us, at least against TCP congestion. UDP is usually a big enough bully to get through even against heavy traffic. Having said that, there's no issue if you want to fit a shaper to SME yourself.
Tell us what security you would like and why.
Thanks for your interest.
Selintra