Koozali.org: home of the SME Server

Will SME work for this?

Offline markehle

  • ***
  • 125
  • +0/-0
Will SME work for this?
« on: September 01, 2007, 02:57:02 PM »
Folks -

I have been using SME for our network at work , a small public library, for a number of years now,  for DNS and email and a little web serving, and it has performed flawlessly.

The server sits in the DMZ of our firewall, an ancient checkpoint firewall that I would like to toss out. Not that it does not work, but because I know nothing about it (it was always my old boss's baby - now she's gone) and yesterday, I was slapped upside the face with it because we needed to add a route for our new phone system, and found out we didn't know how, and the folks that support this box for us were already on vacation for the weekend.

We have a router that is on our internal network that hooks up to a T1 to our branch library. Before, I had the routers in bridge mode, and I could get to the branch side of things with no trouble. Then yesterday, the phone guys came in and said that their VOIP stuff could not work in a bridged situation, and re-wrote my router configs to route instead of bridge, and then the branch computers have no internet without a route back from the firewall.  Fortunately, we have a separate T1 for the public at the branch, so we were able to put the staff PC's on the that  network and still function, but it is not a long-term solution.

My question to the esteemed members of this forum is: If I replace the checkpoint with the SME box, will I be able to manipulate routing? Would it be as simple as adding a route statement somewhere, or what?

Thanks so much!

Mark in Michigan

Offline mmccarn

  • *
  • 2,626
  • +10/-0
Re: Will SME work for this?
« Reply #1 on: September 01, 2007, 04:58:04 PM »
SME only allows you to have one public IP.

The 'local networks' (in server-manager under security) lets you define multiple local networks along with gateway info on how to reach them.

So yes, SME can be setup to do routing.

Will that solve your problem created by the phone vendor?  Somehow I suspect it will turn out there's more involved...

Offline markehle

  • ***
  • 125
  • +0/-0
Re: Will SME work for this?
« Reply #2 on: September 01, 2007, 05:41:30 PM »
That sounds like what I need. I have used the local network thing before, but thought that it opened up ports to "friendly" networks, not do any routing. I just took a look again at the local networks panel and it does indeed look like that is exactly what I want.

I am sort of P-O'ed :mad: at the phone company. They told me that nothing would change as far as my network was concerned and that they would make everything work. Then, the sales engineer comes to me on the day the installed the thing and said that their router guy wanted to 'talk to me with some suggestions'. The next thing I knew, my folks at the branch were completely cut off from the network, and they said that it was on me to fix the firewall issues to make it work. Sales folk will say anything, I guess.

"Somehow I suspect it will turn out there's more involved..."

Yeah, most likely. We will see.

Thanks!

Mark in Michigan.

PS: Wow - this new forum is great!

Offline del

  • *
  • 765
  • +0/-0
Re: Will SME work for this?
« Reply #3 on: September 02, 2007, 01:17:45 AM »
Get rid of the phone company and install SAIL/Asterisk instead :-P
Del
If at first you don't succeed, then sky-diving is not for you!
"Life is like a coin. You can spend it anyway you wish, but you can only spend it once." --Author Unknown

guest22

Re: Will SME work for this?
« Reply #4 on: September 02, 2007, 11:29:51 AM »
I am sort of P-O'ed :mad: at the phone company. They told me that nothing would change as far as my network was concerned and that they would make everything work.

Any reasonable VoIP integrator knows that the first thing that will 'change' is the network and will offer a 'technical design' of the new situation. This TD will provide an insight of the anticipated changes and prerequisites and will give you an opportunity to carefully plan. Next to this, the TD MUST contain a chapter about required VLAN's, QoS and other 'traffic' shaping / manageability measurements to make sure your voice travels perfectly on/in/through the network(s)

It's called converged networking.

Try to send them back to the drawing board and use the old telephony system until they are properly done and you are completely satisfied.

guest

Offline markehle

  • ***
  • 125
  • +0/-0
Re: Will SME work for this?
« Reply #5 on: September 03, 2007, 01:34:52 AM »
Way too late - we are on the new system and there is no turning back. I did suggest that we use asterisk, but my boss wasn't having it.

I am going to replace our checkpoint firewall with our email server - it's running sme.

Thanks for everybody's input!

Later -

Mark in Michigan