I have asterisk and freePBX installed on a linux box. Do I just connect this to my router and then IP phones to the router? Or do I need additional hardware to connect the IP phones directly to the linux box?
Also, should I have a firewall or is the asterisk/freePBX/linux box safe on my network without a firewall and connected directly to the cable modem?
I am not familiar with that device (or your cable internet terms and conditions). Does your setup give multiple IP addresses on an internal network? The spec page says it can perform as a NAT gateway, so it should work assuming it is configured in this way. A quick and dirty check would be to see if your office computer has a local ip address 192.xxx.xxx.xxx and it is different from what you get on something like whatismyip.com - if so what you propose should be OK.
My cablemodem only provides me a single IP and only lets me have one computer attached to it. And I have a second internet connection because they are both flaky in my area
-> Firewall/Router -> 48 port switch -> Linux Asterisk
DSL Modem --/ -> 4 phones
-> home computer
-> lots and lots of other crud
Assuming your router is some sort of NAT router that is creating an internal network, then asterisk and the phones can all be connected to this router.
The same NAT router would protect the linux box as long as you only open up specific ports for inbound traffic on the router.
I would never suggest connecting a asterisk box directly to the internet unless you have experience on hardening such a box.
the setup is:
CableModem+Router(1 device - Motorola SBG6580)
| | |
| | |
Linux Box office computer 10-port router
8 IP Phones
Yeah, it performs as a NAT gateway and assigns local IP addresses via DHCP.
Is it safe to have a linux box running asterisk connected this way or should I look into getting a more robust firewall rather than using the cableModem’s built in firewall?
Also, by the way, thanks a ton for the help! I very much appreciate it and you’ve been awesome at answering my questions =)
I would recommend getting a better firewall.
A better firewall would likely be good. But I would start with what you have… then upgrade later once you have a bit more experience. In incorrectly configured good firewall is no better then the built in one.