So I’ve setup a FreePBX server in a secure datacentre sat on a 1gb internet connection. So far I’ve blocked all ports on the firewall except for allowing VPN traffic through. I plan to have around 500 phones using VPN to connect to the server from around around 15 sites all with a static external IP
Should i do away with the VPN and use the FreePBX firewall to only allow traffic from those 15 external IP’s or should i continue to get each handset to VPN into the PBX?
I’m guessing using a VPN will increase the bandwidth needed over a simple SIP?
For the few phones that are roaming i would use VPN on these. Which option do you believe could work best?
It will also increase processing load, since the decryption of the packets needs to happen on the server.
With that many phones per site, I would start with the FreePBX firewall whitelisting the sites, especially since you are using static IP addresses. There are plenty of good reasons to use the VPN, but it does increase the complexity of the system, both in management and in troubleshooting.
Your “roaming” phones can use a Dynamic DNS to do “kind of” the same thing, although VPN for roaming phones is probably a better solution, assuming you can get it working.
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.