Quote Originally Posted by ctaranto View Post
1. Would putting a PAP2T in a DMZ solve this?
2. Is putting the PAP2T in a DMZ a bad idea? If so, why?

We tend to find that DMZ is a bit ambiguous pending on the manufacture and security implementation.

Theoretically DMZ would act as a demilitarized zone within ones network. Basically a wide open connection or pin hole into one device (server, dns, email, VOIP line, etc, etc) within a network.

More and more often we find that even when placing a device in DMZ network traffic can still be manipulated, misdirected, or blocked by hard-coded security feature or certain functionality by a Firewall / NAT setting in place.

Unless using for testing purposes, DMZ is not recommended to use with our VOIP lines. Functionality differs between router manufactures, and it's not a good practice to open a permanent hole in ones network.

We recommend specifying only the port ranges we utilize and having this forwarded to either a Statically assigned or Reserved IP address for our adapter.

Ports:

5060-5080 (udp/tcp) used for signaling to and from our servers to relay call information

35000-65000 (udp only) used for random assignment of RTP or audio stream


Quote Originally Posted by MisterEd View Post
Does VOIPO really need that wide range of ports or ALL the ports in that range?
Yes and no Ed, it is randomly assigned and differs between each call. So though the entire range is 30,000 ports only one port is actually in use at a time. If you need a port or range of ports within this allotment simply specify the rule again. There's a 1 in 30,000 chance it's an issue