- November 1, 2018 at 11:56 pm
I stand correct… if you have a firewall before your box, you should open ports 5060 (sip signalling) and the RTP ports for media. Usually asterisk use ports from 10000 to 20000 UDP. If you wanna use video, also open h264. I strongly recommend you use iax2 from users coming from internet because you only have to open the 4569 UDP port. Keep in mind that iax2 doesnt do video, but you save yourself from the NAT headache when you use iax2. You should use fail2ban integrated in vital along with centos firewall too. You´ll have to announce your private networks, othewise your external users wont communicate with your internals.
In case you connect your box direct to an IP public address… go pray to god man, ´cause you are gonna be hacked! In here also use fail2ban along with centos firewall. You can use vital interface (good one) or go right ahead and play with centos iptables (better have good knowledge of them or you might end up locking your box).