Sangoma Remote Support Access Requirements for PBXAct Through Firewall


(United States) #1

Hello All,

I am trying to determine requirements to configure our Cisco ASA for success with our future PBXAct60 (192.168.115.30) and Sangoma Remote Access / Support. The Sangoma Wiki and other docs are all over the place concerning support access. I would appreciate a sanity review of my current understanding of the internal/external network paths below.

Any constructive comments and references to authorative documents welcomed.

Best Regards,
Bob Confino - Volunteer Tech Team - New Life Bible Fellowship Church

?Sangoma Support access requirements?

*Port forward traffic (NAT) from Sangoma support to the VoIP PBX

Remote console access (ssh) for Sangoma Support
object network on-PBXAct-tcp-22
host 192.168.115.30
nat (inside2,outside) static interface service tcp 22 22

Remote OpenVPN access for Sangoma Support
object network on-PBXAct-udp-1194
host 192.168.115.30
nat (inside2,outside) static interface service udp 1194 1194

Remote OpenVPN access for Sangoma Support
object network on-PBXAct-tcp-1194
host 192.168.115.30
nat (inside2,outside) static interface service tcp 1194 1194

*ACLs for support traffic and SIP Station traffic
<Note:must remove ‘any’ from ACEs with ITSP IP address>
access-list outside_in permit tcp any host 192.168.115.30 eq 22 (enable/disable as needed)
access-list outside_in permit tcp any host 192.168.115.30 eq 1194 (enable/disable as needed)
access-list outside_in permit udp any host 192.168.115.30 eq 1194 (enable/disable as needed)


(system) closed #2

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.